Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/ri2afnCLIdN4vdJo779LitVBimA.roa
File: ri2afnCLIdN4vdJo779LitVBimA.roa (raw, json)
Hash identifier: qi8DhP9HRoViJMxi7YOxisAelBEzeIx5C76knBf0hXM=
Subject key identifier: AE:2D:9A:7E:70:8B:21:D3:78:BD:D2:68:EF:BF:4B:8A:D5:41:8A:60
Certificate issuer: /CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Certificate serial: 019008CB870457AB82CA17E51252221612E0
Authority key identifier: B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/ri2afnCLIdN4vdJo779LitVBimA.roa
Signing time: Tue 11 Jun 2024 19:34:34 +0000
ROA not before: Tue 11 Jun 2024 19:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29119
IP address blocks: 2.59.244.0/22 maxlen: 22
89.38.216.0/21 maxlen: 21
103.95.124.0/22 maxlen: 22
103.115.182.0/23 maxlen: 23
103.132.4.0/22 maxlen: 22
103.204.220.0/23 maxlen: 23
185.124.100.0/22 maxlen: 22
185.250.76.0/22 maxlen: 22
192.140.228.0/22 maxlen: 22
193.36.96.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 16 Oct 2024 11:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:cb:87:04:57:ab:82:ca:17:e5:12:52:22:16:12:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b78678bd654ca6b10a5c773bc269754dc234cfd5
Validity
Not Before: Jun 11 19:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae2d9a7e708b21d378bdd268efbf4b8ad5418a60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d0:d5:91:9d:f5:c6:a5:7c:8d:a6:9b:e9:9b:
64:d0:a0:18:6a:64:63:80:56:d9:9a:fd:59:fc:90:
90:a9:60:c4:cf:af:f8:dd:5d:e4:1c:e5:13:c5:cd:
8a:20:2f:0b:9d:48:3a:25:b5:cf:a4:f5:d2:d0:2c:
9d:c0:b1:e8:c8:d6:3f:4f:2c:24:ba:2e:71:67:2f:
a3:c4:5a:81:bb:6c:05:5c:f6:61:de:4d:11:e8:ad:
f6:d3:a2:9b:9d:69:6f:da:e9:d9:12:3c:9d:c4:c3:
ea:e7:de:62:d1:56:5d:d4:9c:ce:c4:91:6c:b5:89:
99:09:47:66:f1:96:6d:92:68:1a:97:4a:a7:f4:7e:
ad:67:12:62:28:bf:82:66:b6:f8:ab:ad:19:fb:87:
5b:0b:34:ed:ff:54:16:f7:ea:72:4d:33:3a:4b:d7:
6a:e9:d5:55:4f:54:cc:7d:7b:0a:af:2a:ae:f3:6b:
6d:78:2d:a1:8d:bd:4a:46:b9:5b:b4:1d:d2:90:aa:
27:81:c4:1a:e9:d2:01:8e:a4:fc:e8:6a:e4:9e:99:
e4:04:59:4f:21:78:8d:8e:69:a1:18:35:ad:96:29:
17:73:57:15:c2:51:6f:6a:a7:33:c1:df:fc:ce:c0:
96:47:9d:36:c3:57:a9:5e:04:61:85:06:f1:3b:db:
80:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:2D:9A:7E:70:8B:21:D3:78:BD:D2:68:EF:BF:4B:8A:D5:41:8A:60
X509v3 Authority Key Identifier:
keyid:B7:86:78:BD:65:4C:A6:B1:0A:5C:77:3B:C2:69:75:4D:C2:34:CF:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t4Z4vWVMprEKXHc7wml1TcI0z9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/ri2afnCLIdN4vdJo779LitVBimA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/480f4a-a937-4149-aee8-e32924ac7b63/1/t4Z4vWVMprEKXHc7wml1TcI0z9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.244.0/22
89.38.216.0/21
103.95.124.0/22
103.115.182.0/23
103.132.4.0/22
103.204.220.0/23
185.124.100.0/22
185.250.76.0/22
192.140.228.0/22
193.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
53:6e:09:2c:f1:d3:98:04:0e:f5:e9:21:b2:7a:be:3c:1f:0f:
c3:d1:9a:54:7d:35:81:5d:ae:47:b9:eb:c2:2f:b4:80:65:65:
56:6d:01:2a:20:83:3c:fe:c4:1b:6f:1a:f6:21:2c:b8:80:34:
d4:6e:57:4d:ad:06:f7:bc:3b:b9:c1:2a:4b:b8:79:2e:8e:89:
a7:b9:31:9a:26:bb:b7:b8:04:2a:17:49:c1:5c:6a:76:2c:a5:
2d:5b:89:42:ef:a4:15:65:a9:0a:da:99:e3:51:40:74:ef:da:
44:c4:ed:bc:6b:11:5f:47:19:b5:01:44:c7:f1:48:10:c2:a6:
c9:ec:12:52:0b:68:79:a1:96:9e:62:a0:ac:0b:aa:70:14:2a:
1c:80:69:45:a1:45:7a:b0:4a:4d:63:e1:98:82:de:6e:0c:95:
b7:e9:08:ea:d7:6f:75:76:e1:f6:28:c3:9d:db:a7:df:0f:6e:
4f:ab:6f:72:78:33:2c:98:9b:a6:86:20:a5:53:36:5d:fe:b4:
45:37:3f:c3:15:39:98:fc:41:14:d4:50:3d:c4:ee:0f:52:2d:
35:33:e5:88:70:e3:8b:ef:81:47:ec:cf:6a:e5:19:a3:31:86:
2d:40:73:6e:89:fa:3d:d9:a8:34:2a:aa:d7:94:11:8d:c1:99:
e2:4b:67:79
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZAIy4cEV6uCyhflElIiFhLgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ODY3OGJkNjU0Y2E2YjEwYTVjNzczYmMyNjk3NTRkYzIz
NGNmZDUwHhcNMjQwNjExMTkzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTJkOWE3ZTcwOGIyMWQzNzhiZGQyNjhlZmJmNGI4YWQ1NDE4YTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtDVkZ31xqV8jaab6Ztk0KAYamRj
gFbZmv1Z/JCQqWDEz6/43V3kHOUTxc2KIC8LnUg6JbXPpPXS0CydwLHoyNY/Tywk
ui5xZy+jxFqBu2wFXPZh3k0R6K3206KbnWlv2unZEjydxMPq595i0VZd1JzOxJFs
tYmZCUdm8ZZtkmgal0qn9H6tZxJiKL+CZrb4q60Z+4dbCzTt/1QW9+pyTTM6S9dq
6dVVT1TMfXsKryqu82tteC2hjb1KRrlbtB3SkKongcQa6dIBjqT86GrknpnkBFlP
IXiNjmmhGDWtlikXc1cVwlFvaqczwd/8zsCWR502w1epXgRhhQbxO9uA/wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK4tmn5wiyHTeL3SaO+/S4rVQYpgMB8GA1UdIwQY
MBaAFLeGeL1lTKaxClx3O8JpdU3CNM/VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgt
ZTMyOTI0YWM3YjYzLzEvcmkyYWZuQ0xJZE40dmRKbzc3OUxpdFZCaW1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS80ODBmNGEtYTkzNy00MTQ5LWFlZTgtZTMyOTI0YWM3YjYz
LzEvdDRaNHZXVk1wckVLWEhjN3dtbDFUY0kwejlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCAjv0AwQD
WSbYAwQCZ198AwQBZ3O2AwQCZ4QEAwQBZ8zcAwQCuXxkAwQCufpMAwQCwIzkAwQC
wSRgMA0GCSqGSIb3DQEBCwUAA4IBAQBTbgks8dOYBA716SGyer48Hw/D0ZpUfTWB
Xa5HuevCL7SAZWVWbQEqIIM8/sQbbxr2ISy4gDTUbldNrQb3vDu5wSpLuHkujomn
uTGaJru3uAQqF0nBXGp2LKUtW4lC76QVZakK2pnjUUB079pExO28axFfRxm1AUTH
8UgQwqbJ7BJSC2h5oZaeYqCsC6pwFCocgGlFoUV6sEpNY+GYgt5uDJW36Qjq1291
duH2KMOd26ffD25Pq29yeDMsmJumhiClUzZd/rRFNz/DFTmY/EEU1FA9xO4PUi01
M+WIcOOL74FH7M9q5RmjMYYtQHNuifo92ag0KqrXlBGNwZniS2d5
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:14 2025 by rpki-client