Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2x599aELTsBIzPHWoJVz-oBDcLg.roa
File: 2x599aELTsBIzPHWoJVz-oBDcLg.roa (raw, json)
Hash identifier: 3JS65ZamAxybZ2LIQPDCAtIKTfCDA6A58jYWjQ2Vmz0=
Subject key identifier: DB:1E:7D:F5:A1:0B:4E:C0:48:CC:F1:D6:A0:95:73:FA:80:43:70:B8
Certificate issuer: /CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Certificate serial: 0191704E90A00E207CCDB628391035D2590F
Authority key identifier: A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2x599aELTsBIzPHWoJVz-oBDcLg.roa
Signing time: Tue 20 Aug 2024 15:01:22 +0000
ROA not before: Tue 20 Aug 2024 15:01:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216134
IP address blocks: 149.238.0.0/16 maxlen: 24
149.238.0.0/19 maxlen: 24
149.238.32.0/19 maxlen: 24
149.238.64.0/19 maxlen: 24
149.238.96.0/19 maxlen: 24
149.238.128.0/19 maxlen: 24
149.238.159.0/24 maxlen: 24
149.238.160.0/19 maxlen: 24
149.238.192.0/19 maxlen: 24
149.238.224.0/19 maxlen: 24
170.205.192.0/18 maxlen: 24
192.77.114.0/23 maxlen: 24
192.112.208.0/24 maxlen: 24
193.33.52.0/23 maxlen: 24
2a13:cb40::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 21 Aug 2024 11:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:70:4e:90:a0:0e:20:7c:cd:b6:28:39:10:35:d2:59:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4327c56e941171ea3beba26ebb9e23f4df5bcf3
Validity
Not Before: Aug 20 15:01:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db1e7df5a10b4ec048ccf1d6a09573fa804370b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:92:7a:d8:4c:56:bf:e1:1e:23:c4:1d:be:4f:
58:42:c2:11:cc:e5:d9:b4:e1:16:87:98:24:5e:32:
06:dd:7d:f0:ab:bf:fe:99:2f:ea:36:fe:00:df:5b:
68:be:df:86:9d:93:a9:52:db:27:ea:d1:e7:74:16:
00:10:27:9c:50:68:71:89:4b:3a:2f:34:08:ce:04:
0d:43:98:1a:a2:65:ef:01:d0:c2:67:c5:b7:64:b3:
0f:17:6c:07:56:55:ef:29:74:33:c0:d6:ab:d2:03:
3f:cd:46:c3:37:a1:7a:bd:d5:56:ec:e8:c2:c4:62:
aa:bc:1f:82:89:2a:df:b9:e6:be:e4:db:cd:41:32:
b6:fa:2e:fd:fe:99:6c:f3:5e:31:b1:34:2d:75:19:
78:27:43:34:8c:71:d6:92:be:ca:18:1f:22:47:63:
8c:7f:4f:17:b7:35:eb:ab:7f:63:4f:40:df:e8:92:
a6:b1:f1:a4:2c:cc:90:ba:fb:ad:18:29:6b:24:04:
81:6e:4e:c2:8e:d3:cc:b8:87:3b:ab:67:48:af:10:
d4:81:52:83:ff:bf:e1:ab:15:20:ef:64:9e:30:59:
30:d8:02:ed:7e:f9:af:0c:d9:4c:65:cf:ba:97:78:
a0:01:4f:97:10:3e:0e:00:68:09:2c:c7:ed:90:6b:
d2:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1E:7D:F5:A1:0B:4E:C0:48:CC:F1:D6:A0:95:73:FA:80:43:70:B8
X509v3 Authority Key Identifier:
keyid:A4:32:7C:56:E9:41:17:1E:A3:BE:BA:26:EB:B9:E2:3F:4D:F5:BC:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDJ8VulBFx6jvrom67niP031vPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/2x599aELTsBIzPHWoJVz-oBDcLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/9a4833-6da4-4dda-b7ab-28c343ce9d5d/1/pDJ8VulBFx6jvrom67niP031vPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.238.0.0/16
170.205.192.0/18
192.77.114.0/23
192.112.208.0/24
193.33.52.0/23
IPv6:
2a13:cb40::/29
Signature Algorithm: sha256WithRSAEncryption
1c:01:87:25:a3:09:a1:cd:82:1e:59:09:1b:3d:90:36:d0:e4:
10:1d:24:ae:05:9d:b1:b5:f8:45:f5:b7:f6:e1:0a:f8:aa:f2:
8d:02:7f:53:ef:77:d2:a3:7b:9f:66:b5:71:04:04:2c:c7:ab:
d6:db:6d:10:d8:f1:76:77:54:52:ad:b7:ac:28:f2:c8:90:2f:
0a:9f:0f:83:a8:f8:e2:2c:41:77:ea:e5:79:e9:0c:9f:1c:62:
f1:d0:75:e5:79:d2:e2:fd:7d:26:dd:40:c3:c9:35:85:c0:18:
8e:52:d0:bf:17:67:f8:55:0c:77:28:b8:eb:d9:7e:91:93:97:
db:fa:3f:a3:f4:84:ee:4a:83:9d:6b:c4:05:ef:84:b9:66:d4:
34:03:b6:e3:cb:db:90:9c:57:47:fa:2a:d2:83:b1:be:66:5e:
67:cd:31:e8:63:96:fd:e3:d7:58:f2:70:ce:ae:46:a3:7d:c4:
c5:d7:6d:35:07:a1:83:34:36:c5:bc:70:ea:7f:eb:b7:d1:5f:
9a:06:e4:22:7e:b9:5a:fe:87:c3:2c:83:84:4c:45:59:44:be:
e3:38:47:43:b3:75:d0:80:1a:fe:f0:e3:de:3c:46:ae:81:ce:
95:8b:1f:b4:91:8a:35:0c:2c:c2:ec:dc:2f:14:b9:3f:3a:7a:
05:0b:be:c8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZFwTpCgDiB8zbYoORA10lkPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MzI3YzU2ZTk0MTE3MWVhM2JlYmEyNmViYjllMjNmNGRm
NWJjZjMwHhcNMjQwODIwMTUwMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFlN2RmNWExMGI0ZWMwNDhjY2YxZDZhMDk1NzNmYTgwNDM3MGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ZJ62ExWv+EeI8Qdvk9YQsIRzOXZ
tOEWh5gkXjIG3X3wq7/+mS/qNv4A31tovt+GnZOpUtsn6tHndBYAECecUGhxiUs6
LzQIzgQNQ5gaomXvAdDCZ8W3ZLMPF2wHVlXvKXQzwNar0gM/zUbDN6F6vdVW7OjC
xGKqvB+CiSrfuea+5NvNQTK2+i79/pls814xsTQtdRl4J0M0jHHWkr7KGB8iR2OM
f08XtzXrq39jT0Df6JKmsfGkLMyQuvutGClrJASBbk7CjtPMuIc7q2dIrxDUgVKD
/7/hqxUg72SeMFkw2ALtfvmvDNlMZc+6l3igAU+XED4OAGgJLMftkGvSmwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNseffWhC07ASMzx1qCVc/qAQ3C4MB8GA1UdIwQY
MBaAFKQyfFbpQRceo766Juu54j9N9bzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWIt
MjhjMzQzY2U5ZDVkLzEvMng1OTlhRUxUc0JJelBIV29KVnotb0JEY0xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS85YTQ4MzMtNmRhNC00ZGRhLWI3YWItMjhjMzQzY2U5ZDVk
LzEvcERKOFZ1bEJGeDZqdnJvbTY3bmlQMDMxdlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAle4DBAaq
zcADBAHATXIDBADAcNADBAHBITQwDQQCAAIwBwMFAyoTy0AwDQYJKoZIhvcNAQEL
BQADggEBABwBhyWjCaHNgh5ZCRs9kDbQ5BAdJK4FnbG1+EX1t/bhCviq8o0Cf1Pv
d9Kje59mtXEEBCzHq9bbbRDY8XZ3VFKtt6wo8siQLwqfD4Oo+OIsQXfq5XnpDJ8c
YvHQdeV50uL9fSbdQMPJNYXAGI5S0L8XZ/hVDHcouOvZfpGTl9v6P6P0hO5Kg51r
xAXvhLlm1DQDtuPL25CcV0f6KtKDsb5mXmfNMehjlv3j11jycM6uRqN9xMXXbTUH
oYM0NsW8cOp/67fRX5oG5CJ+uVr+h8Msg4RMRVlEvuM4R0OzddCAGv7w4948Rq6B
zpWLH7SRijUMLMLs3C8UuT86egULvsg=
-----END CERTIFICATE-----
Generated at Wed Aug 21 16:34:19 2024 by rpki-client on console-fra.rpki-client.org