Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/p426CTQDfy3I3seN1A4S03ilMzA.roa
File: p426CTQDfy3I3seN1A4S03ilMzA.roa (raw, json)
Hash identifier: UcYRxUnSJ9nAFs+uIz2Io5faPt2ngr1NdmKsCVnDjvk=
Subject key identifier: A7:8D:BA:09:34:03:7F:2D:C8:DE:C7:8D:D4:0E:12:D3:78:A5:33:30
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193397CA51BC0DC3E5448A5CCB1F90C802E
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/p426CTQDfy3I3seN1A4S03ilMzA.roa
Signing time: Sun 17 Nov 2024 09:38:10 +0000
ROA not before: Sun 17 Nov 2024 09:38:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.241.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
185.141.216.0/24 maxlen: 24
185.198.235.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Nov 2024 08:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:39:7c:a5:1b:c0:dc:3e:54:48:a5:cc:b1:f9:0c:80:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Nov 17 09:38:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a78dba0934037f2dc8dec78dd40e12d378a53330
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:34:1b:03:89:3d:07:45:46:4f:8c:84:d0:5e:
55:e6:da:6a:62:d2:79:f9:c0:d3:fc:d8:4b:09:91:
c2:ee:f3:bf:51:c9:c8:fe:89:3d:9f:2b:c7:3c:c6:
0b:17:f9:a9:c9:3f:3f:e0:b1:4e:4b:3d:8c:56:07:
fa:8e:4f:ad:ec:0c:55:aa:26:e2:81:0e:70:b2:95:
d0:95:5e:47:b4:cc:a3:b5:ac:76:24:61:8b:75:e0:
38:b5:be:91:91:d3:ed:99:c9:30:2d:be:fb:8b:2c:
7b:91:51:f1:20:5b:7c:6c:3e:48:c8:82:3a:f3:dc:
73:5d:68:9d:90:5d:4b:f5:02:d4:ae:c8:3b:3c:49:
5e:f0:20:bb:c1:2b:39:d5:99:66:e4:56:f3:02:fa:
52:38:ce:8d:c3:8e:df:c9:ed:ce:59:ba:d7:ad:42:
87:aa:15:28:b0:06:18:75:69:93:39:b9:f5:0c:6b:
20:01:3b:4f:47:f7:43:49:81:00:3b:ea:e4:e0:0f:
80:33:2c:30:85:1a:ea:bf:8a:ca:28:a4:3f:88:eb:
e0:af:6b:78:05:1b:df:12:e7:59:c4:9b:25:82:f4:
d2:1d:f8:95:20:d4:8f:1f:27:cd:23:27:19:b1:59:
08:b5:74:45:6d:e0:81:c0:55:c9:08:3e:f9:0a:60:
53:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:8D:BA:09:34:03:7F:2D:C8:DE:C7:8D:D4:0E:12:D3:78:A5:33:30
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/p426CTQDfy3I3seN1A4S03ilMzA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.241.0/24
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
185.141.216.0/24
185.198.235.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
52:8c:7d:71:a3:f1:6f:44:c2:03:ba:dc:c1:ba:a5:1f:9b:12:
91:5a:67:1f:36:fe:96:50:e3:e3:35:ad:14:99:cd:29:73:18:
dc:a1:95:0d:02:3f:4d:7f:0b:86:15:00:15:02:cb:90:ed:cd:
b9:d0:bb:48:ee:2b:aa:a9:b7:02:a0:47:7a:e6:9f:9f:71:b5:
ee:c1:80:11:2b:78:99:b6:3f:9a:81:87:6e:39:0a:2c:14:6a:
60:18:c2:c8:27:78:50:dc:47:bb:34:e4:72:34:8e:e8:61:cd:
be:98:e1:db:3a:eb:0d:7c:ab:16:80:bc:e6:8f:6f:6b:e6:ad:
68:cd:8b:94:db:f5:b5:64:d7:b4:ff:6d:b9:87:bf:e4:58:ab:
38:c9:f5:70:d4:c0:e8:e3:c3:c0:26:8b:a9:25:45:70:93:ab:
83:72:84:fd:fe:3e:71:a5:74:77:d3:df:d8:7d:aa:d0:52:ff:
f6:0a:f4:8c:95:ba:ba:d4:ce:db:ed:60:e5:0a:3b:8c:23:20:
b2:3a:42:eb:41:5c:cb:89:ef:e9:77:3a:b6:3e:57:9a:b2:f8:
0e:22:ae:48:5a:08:b2:19:a3:92:7f:2d:84:73:f0:84:e1:24:
37:df:27:7e:e3:28:72:ae:1d:d8:fc:5f:2d:2a:5d:c2:67:62:
b7:c3:68:29
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZM5fKUbwNw+VEilzLH5DIAuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMTE3MDkzODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzhkYmEwOTM0MDM3ZjJkYzhkZWM3OGRkNDBlMTJkMzc4YTUzMzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjQbA4k9B0VGT4yE0F5V5tpqYtJ5
+cDT/NhLCZHC7vO/UcnI/ok9nyvHPMYLF/mpyT8/4LFOSz2MVgf6jk+t7AxVqibi
gQ5wspXQlV5HtMyjtax2JGGLdeA4tb6RkdPtmckwLb77iyx7kVHxIFt8bD5IyII6
89xzXWidkF1L9QLUrsg7PEle8CC7wSs51Zlm5FbzAvpSOM6Nw47fye3OWbrXrUKH
qhUosAYYdWmTObn1DGsgATtPR/dDSYEAO+rk4A+AMywwhRrqv4rKKKQ/iOvgr2t4
BRvfEudZxJslgvTSHfiVINSPHyfNIycZsVkItXRFbeCBwFXJCD75CmBTZQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKeNugk0A38tyN7HjdQOEtN4pTMwMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvcDQyNkNUUURmeTNJM3NlTjFBNFMwM2lsTXpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjnxAwQB
LYe2AwQAWSJqAwQAXXK3AwQAuY3YAwQAucbrAwQAvECOMA0GCSqGSIb3DQEBCwUA
A4IBAQBSjH1xo/FvRMIDutzBuqUfmxKRWmcfNv6WUOPjNa0Umc0pcxjcoZUNAj9N
fwuGFQAVAsuQ7c250LtI7iuqqbcCoEd65p+fcbXuwYARK3iZtj+agYduOQosFGpg
GMLIJ3hQ3Ee7NORyNI7oYc2+mOHbOusNfKsWgLzmj29r5q1ozYuU2/W1ZNe0/225
h7/kWKs4yfVw1MDo48PAJoupJUVwk6uDcoT9/j5xpXR309/YfarQUv/2CvSMlbq6
1M7b7WDlCjuMIyCyOkLrQVzLie/pdzq2PleasvgOIq5IWgiyGaOSfy2Ec/CE4SQ3
3yd+4yhyrh3Y/F8tKl3CZ2K3w2gp
-----END CERTIFICATE-----
Generated at Mon Nov 18 11:03:26 2024 by rpki-client on console-ams.rpki-client.org