Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aSzFJALOntNGHEz7W2Hs4M8jbTg.roa
File: aSzFJALOntNGHEz7W2Hs4M8jbTg.roa (raw, json)
Hash identifier: 9YmEApuoNYdo1KIKJibryNihE2js6z4GnkEC5i7/eyU=
Subject key identifier: 69:2C:C5:24:02:CE:9E:D3:46:1C:4C:FB:5B:61:EC:E0:CF:23:6D:38
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018E391C148B23670ACBDE1397E15F064CEB
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aSzFJALOntNGHEz7W2Hs4M8jbTg.roa
Signing time: Wed 13 Mar 2024 18:38:45 +0000
ROA not before: Wed 13 Mar 2024 18:38:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212042
IP address blocks: 2.57.242.0/24 maxlen: 24
45.87.121.0/24 maxlen: 24
89.34.219.0/24 maxlen: 24
89.35.130.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 10:09:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:39:1c:14:8b:23:67:0a:cb:de:13:97:e1:5f:06:4c:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 13 18:38:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=692cc52402ce9ed3461c4cfb5b61ece0cf236d38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7c:fa:ad:d3:90:e0:08:cb:00:9a:8a:ac:8f:
21:d4:51:c1:e1:82:8c:01:a9:38:4d:36:56:f7:35:
88:44:46:41:43:29:38:8d:b9:5c:c1:d2:5d:bd:36:
f8:39:04:62:d5:14:f5:61:55:98:0d:f1:f6:4f:25:
ad:11:e4:ab:0a:d7:6f:04:cd:af:74:9b:36:44:dc:
05:5e:77:13:9f:bd:a6:26:57:66:aa:61:64:b7:36:
e5:ca:db:2d:95:0f:08:8e:41:24:53:e4:95:ff:3e:
99:b1:4f:fe:43:68:3b:06:96:1a:2d:19:65:88:99:
4f:83:cc:62:47:a3:e4:22:b8:d8:e6:7e:e8:56:90:
bb:e2:e4:fa:31:0a:54:35:bd:8e:7a:00:94:4c:18:
9d:00:0f:8a:d6:6e:56:52:99:f8:a3:3a:66:03:64:
fe:b9:c3:54:52:bc:5d:b9:77:e5:7c:f6:75:a0:90:
9c:ab:08:20:dc:a0:8d:f1:8f:8d:97:15:63:10:91:
73:0a:fc:86:b5:f2:45:c9:72:c2:6e:a1:13:71:97:
97:c6:ca:e8:2f:c5:a5:34:6b:5a:1f:77:83:b8:8e:
7e:b5:a2:c2:5f:0c:72:e2:c5:e5:a8:c8:3d:bc:8a:
aa:db:9e:4d:00:98:c8:66:7f:23:09:e3:c6:4f:28:
96:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:2C:C5:24:02:CE:9E:D3:46:1C:4C:FB:5B:61:EC:E0:CF:23:6D:38
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/aSzFJALOntNGHEz7W2Hs4M8jbTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.87.121.0/24
89.34.219.0/24
89.35.130.0/24
185.198.235.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:11:49:86:33:c1:db:3b:63:bc:13:8e:4a:14:50:eb:1d:0d:
5d:fd:0d:e5:ca:22:a5:0d:84:a8:81:62:77:f0:bd:7c:ea:31:
c8:c4:6d:45:f0:c3:a8:1c:ee:55:26:83:39:b3:05:d1:bb:cb:
8d:7b:5e:e3:6f:d2:31:f4:f2:4f:fc:90:c9:ff:6d:9e:9f:97:
68:33:95:97:8f:d4:0e:88:a5:c6:8f:15:40:ce:d6:fe:17:9b:
17:53:27:80:e4:3d:c5:00:96:67:55:b9:da:9a:d9:ce:9f:42:
0c:4b:ac:91:18:f2:6e:13:43:b5:29:d6:58:f8:6d:cf:5f:bf:
22:c6:48:b9:d3:3a:41:96:c1:48:2c:24:7d:80:92:6c:8f:6a:
86:0e:eb:cd:3a:50:3e:2b:8f:95:56:55:8d:c2:cb:85:38:0f:
0b:35:a9:59:1c:c1:92:6e:d2:6f:af:6d:fd:71:8c:25:e3:58:
8c:19:f1:7b:9e:83:bf:b2:d2:de:77:ab:61:be:56:4c:63:b6:
57:6c:07:42:49:69:90:57:16:d1:e5:7d:c6:39:2a:e3:9a:16:
7c:55:ee:59:fa:e7:ba:b5:5c:23:1f:fe:f3:32:72:66:99:e6:
6a:88:28:b1:6f:9e:c2:ba:ca:89:64:2e:8f:30:7a:17:b2:fe:
d6:4f:22:f7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY45HBSLI2cKy94Tl+FfBkzrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwMzEzMTgzODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTJjYzUyNDAyY2U5ZWQzNDYxYzRjZmI1YjYxZWNlMGNmMjM2ZDM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Hz6rdOQ4AjLAJqKrI8h1FHB4YKM
Aak4TTZW9zWIREZBQyk4jblcwdJdvTb4OQRi1RT1YVWYDfH2TyWtEeSrCtdvBM2v
dJs2RNwFXncTn72mJldmqmFktzblytstlQ8IjkEkU+SV/z6ZsU/+Q2g7BpYaLRll
iJlPg8xiR6PkIrjY5n7oVpC74uT6MQpUNb2OegCUTBidAA+K1m5WUpn4ozpmA2T+
ucNUUrxduXflfPZ1oJCcqwgg3KCN8Y+NlxVjEJFzCvyGtfJFyXLCbqETcZeXxsro
L8WlNGtaH3eDuI5+taLCXwxy4sXlqMg9vIqq255NAJjIZn8jCePGTyiWXwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGksxSQCzp7TRhxM+1th7ODPI204MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvYVN6RkpBTE9udE5HSEV6N1cySHM0TThqYlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjnyAwQA
LVd5AwQAWSLbAwQAWSOCAwQAucbrMA0GCSqGSIb3DQEBCwUAA4IBAQBeEUmGM8Hb
O2O8E45KFFDrHQ1d/Q3lyiKlDYSogWJ38L186jHIxG1F8MOoHO5VJoM5swXRu8uN
e17jb9Ix9PJP/JDJ/22en5doM5WXj9QOiKXGjxVAztb+F5sXUyeA5D3FAJZnVbna
mtnOn0IMS6yRGPJuE0O1KdZY+G3PX78ixki50zpBlsFILCR9gJJsj2qGDuvNOlA+
K4+VVlWNwsuFOA8LNalZHMGSbtJvr239cYwl41iMGfF7noO/stLed6thvlZMY7ZX
bAdCSWmQVxbR5X3GOSrjmhZ8Ve5Z+ue6tVwjH/7zMnJmmeZqiCixb57CusqJZC6P
MHoXsv7WTyL3
-----END CERTIFICATE-----
Generated at Mon Jun 24 16:22:18 2024 by rpki-client on console-ams.rpki-client.org