Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/59x46C--Il8DxqktZGslW7DlXAA.roa
File: 59x46C--Il8DxqktZGslW7DlXAA.roa (raw, json)
Hash identifier: 0hwLbjPcUuRvYFfOwpn3XN0KQVYBHwnVVlDFHqrh8ts=
Subject key identifier: E7:DC:78:E8:2F:BE:22:5F:03:C6:A9:2D:64:6B:25:5B:B0:E5:5C:00
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019305FDD675B0046D22133394AFB40B6CDE
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/59x46C--Il8DxqktZGslW7DlXAA.roa
Signing time: Thu 07 Nov 2024 09:39:01 +0000
ROA not before: Thu 07 Nov 2024 09:39:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.241.0/24 maxlen: 24
45.135.181.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 16:06:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:05:fd:d6:75:b0:04:6d:22:13:33:94:af:b4:0b:6c:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 7 09:39:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7dc78e82fbe225f03c6a92d646b255bb0e55c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b0:54:74:02:6c:bc:9c:5c:8d:ee:9b:b8:4b:
8d:df:83:29:08:64:19:7a:4e:f7:8d:22:68:73:76:
7e:54:a0:99:da:68:a9:ce:64:03:23:89:f0:14:5e:
28:63:77:5f:17:67:c3:0b:0e:e9:b5:4c:9b:0a:0f:
92:8f:86:47:b3:a2:ff:6d:cf:45:4c:75:12:8b:93:
e5:f7:eb:b6:de:b1:db:17:85:fb:29:1c:23:f6:c8:
3d:35:be:97:16:70:d4:5d:18:67:c6:e1:c3:4d:22:
b0:ee:97:d3:3f:51:14:bd:ff:82:bb:22:42:21:47:
24:ad:78:43:33:e4:2a:ed:97:78:fc:e2:f7:76:f6:
a4:d1:e0:9e:82:08:16:5b:ef:85:06:e0:dd:c5:da:
21:89:fe:32:f5:6a:bb:43:4e:ac:07:ac:c7:b8:3a:
9f:32:f2:db:3c:2f:b4:41:fa:f3:0a:77:d0:01:53:
1c:21:1c:b0:af:ff:ce:73:38:92:c1:12:d4:fa:30:
27:79:0a:48:99:79:82:81:81:33:6e:8a:fa:6d:7e:
53:4a:bc:a3:e2:2f:23:fa:57:d7:5b:7e:41:e3:17:
b1:db:b2:93:c8:d7:2b:46:88:a3:84:58:9c:f5:0e:
de:9d:ed:e1:74:db:52:e7:b9:ad:9c:99:8c:23:45:
3e:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:DC:78:E8:2F:BE:22:5F:03:C6:A9:2D:64:6B:25:5B:B0:E5:5C:00
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/59x46C--Il8DxqktZGslW7DlXAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.241.0/24
45.135.181.0-45.135.183.255
89.34.106.0/24
93.114.183.0/24
185.141.216.0/24
188.64.142.0/24
188.208.103.0/24
Signature Algorithm: sha256WithRSAEncryption
42:7b:1c:4a:90:7b:66:e0:ae:c5:d2:39:31:33:a8:13:48:68:
2f:df:66:f0:fb:f2:8a:00:b6:61:81:43:85:da:bf:b1:16:dd:
01:c8:dd:36:d7:7d:6e:ad:56:a4:99:ce:9c:e4:eb:3b:6d:16:
a8:55:2e:c3:c7:16:f8:46:97:ff:a4:34:19:16:f2:74:e4:ee:
14:11:03:6f:36:fc:6a:fc:90:2e:da:13:c3:07:29:05:1c:65:
c7:13:df:b4:cf:fe:30:e1:50:67:33:07:8b:91:b2:76:01:07:
58:52:0d:20:e8:98:65:65:5b:d1:35:83:e8:b8:ce:7b:58:4a:
92:fc:ca:91:12:b6:2e:d1:40:45:a5:3d:00:e7:5d:cc:34:97:
47:36:53:91:1d:e5:a1:c6:8f:8b:c2:d7:40:d3:65:f6:f2:23:
83:4c:34:88:e0:e9:16:d1:e8:97:b8:29:9c:09:d8:af:e0:c2:
7d:01:68:31:39:1b:26:ae:64:4f:73:48:df:40:b5:0c:f5:13:
e1:84:6e:0e:d1:11:1d:87:b2:be:74:e6:75:78:9a:47:cd:3b:
95:35:4f:bc:82:75:2a:fc:eb:be:75:c1:5f:8a:b5:62:7a:68:
0f:7c:e4:86:6e:6a:27:20:8d:a1:48:ad:d9:27:fe:df:96:d0:
c8:a1:43:85
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZMF/dZ1sARtIhMzlK+0C2zeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTA3MDkzOTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2RjNzhlODJmYmUyMjVmMDNjNmE5MmQ2NDZiMjU1YmIwZTU1YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA37BUdAJsvJxcje6buEuN34MpCGQZ
ek73jSJoc3Z+VKCZ2mipzmQDI4nwFF4oY3dfF2fDCw7ptUybCg+Sj4ZHs6L/bc9F
THUSi5Pl9+u23rHbF4X7KRwj9sg9Nb6XFnDUXRhnxuHDTSKw7pfTP1EUvf+CuyJC
IUckrXhDM+Qq7Zd4/OL3dvak0eCegggWW++FBuDdxdohif4y9Wq7Q06sB6zHuDqf
MvLbPC+0QfrzCnfQAVMcIRywr//OcziSwRLU+jAneQpImXmCgYEzbor6bX5TSryj
4i8j+lfXW35B4xex27KTyNcrRoijhFic9Q7ene3hdNtS57mtnJmMI0U+wwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOfceOgvviJfA8apLWRrJVuw5VwAMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNTl4NDZDLS1JbDhEeHFrdFpHc2xXN0RsWEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAAjnxMAwD
BAAth7UDBAMth7ADBABZImoDBABdcrcDBAC5jdgDBAC8QI4DBAC80GcwDQYJKoZI
hvcNAQELBQADggEBAEJ7HEqQe2bgrsXSOTEzqBNIaC/fZvD78ooAtmGBQ4Xav7EW
3QHI3TbXfW6tVqSZzpzk6zttFqhVLsPHFvhGl/+kNBkW8nTk7hQRA282/Gr8kC7a
E8MHKQUcZccT37TP/jDhUGczB4uRsnYBB1hSDSDomGVlW9E1g+i4zntYSpL8ypES
ti7RQEWlPQDnXcw0l0c2U5Ed5aHGj4vC10DTZfbyI4NMNIjg6RbR6Je4KZwJ2K/g
wn0BaDE5GyauZE9zSN9AtQz1E+GEbg7RER2Hsr505nV4mkfNO5U1T7yCdSr86751
wV+KtWJ6aA985IZuaicgjaFIrdkn/t+W0MihQ4U=
-----END CERTIFICATE-----
Generated at Thu Nov 7 19:59:58 2024 by rpki-client on console-ams.rpki-client.org