Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/sXknkzIXVnbTJJfjdDlkmz06HZk.roa
File: sXknkzIXVnbTJJfjdDlkmz06HZk.roa (raw, json)
Hash identifier: L2SCeQRx7XSk+uHfnPIUnHoaqq37fdd8tKrwDzFuvjU=
Subject key identifier: B1:79:27:93:32:17:56:76:D3:24:97:E3:74:39:64:9B:3D:3A:1D:99
Certificate issuer: /CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Certificate serial: 018CC26D378D3200D622EBE0D941790BCB91
Authority key identifier: 97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/sXknkzIXVnbTJJfjdDlkmz06HZk.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 2.59.203.0/24 maxlen: 24
2.59.202.0/24 maxlen: 24
88.218.151.0/24 maxlen: 24
88.218.150.0/24 maxlen: 24
85.209.4.0/24 maxlen: 24
85.209.7.0/24 maxlen: 24
85.209.6.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:37:8d:32:00:d6:22:eb:e0:d9:41:79:0b:cb:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=973bec33ae738c98958819c6c13bb335ee34ab4c
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b179279332175676d32497e37439649b3d3a1d99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:04:4e:47:b2:6e:67:bc:a8:68:b2:22:57:a8:
de:22:10:83:e5:2b:04:0f:3e:00:f6:82:11:a7:a2:
dd:23:17:b7:a2:ff:72:31:14:48:9c:5b:a8:de:86:
38:d8:f5:96:88:28:bf:86:b9:ec:57:47:51:a1:91:
ac:29:6b:39:63:bb:b2:82:af:eb:fc:be:0a:e4:da:
ef:83:dd:2c:bd:46:ab:a6:5f:db:ce:b3:43:6a:ba:
d2:99:4d:d1:dc:f3:79:b9:c8:40:ff:38:7d:43:04:
e2:7e:e3:13:33:75:5f:c1:68:2f:12:71:05:75:0f:
44:3a:cc:0e:c6:4d:ce:b2:22:dd:18:47:ab:86:5b:
8b:77:1a:83:c1:18:3f:94:00:df:a1:d5:7b:0f:f4:
44:99:74:84:ff:5f:98:9c:99:e2:9d:20:94:bb:8f:
b4:7f:46:6d:4a:8e:47:5d:bd:97:0d:23:65:de:95:
57:a0:90:09:70:d7:5f:00:88:24:4b:ac:c7:d7:36:
cd:fa:d6:4b:bf:fb:1c:3d:f2:1f:b3:2c:02:fe:36:
3f:fe:47:f7:22:cc:3e:11:5f:f0:01:13:63:4f:d9:
ee:97:22:65:de:96:d4:a3:ca:dc:ae:2c:50:01:a1:
58:0a:b0:c0:c5:7e:10:8a:a3:fc:25:16:a1:5e:f7:
1a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:79:27:93:32:17:56:76:D3:24:97:E3:74:39:64:9B:3D:3A:1D:99
X509v3 Authority Key Identifier:
keyid:97:3B:EC:33:AE:73:8C:98:95:88:19:C6:C1:3B:B3:35:EE:34:AB:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lzvsM65zjJiViBnGwTuzNe40q0w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/sXknkzIXVnbTJJfjdDlkmz06HZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/2f4605-356a-4af6-b15d-c42f9abf1477/1/lzvsM65zjJiViBnGwTuzNe40q0w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.202.0/23
85.209.4.0/24
85.209.6.0/23
88.218.150.0/23
Signature Algorithm: sha256WithRSAEncryption
48:db:bb:59:de:98:f6:9a:41:4b:fb:ff:b9:63:f2:ab:b3:41:
c8:e6:45:bc:ba:8f:ba:8c:05:86:c6:51:2c:55:e7:ba:bf:db:
e0:89:0f:d0:5d:6f:4c:1a:2c:62:92:b4:65:fd:66:59:b2:ca:
45:8e:e3:86:72:cc:e0:fa:a8:25:cd:d9:f0:63:29:48:e4:f2:
e5:f0:0c:f7:35:7a:03:c5:fd:6b:9e:9c:c6:ee:7b:e0:15:0f:
ca:99:6a:57:63:9e:eb:a1:1d:9b:4a:a5:c6:b8:54:b2:d0:91:
19:22:ef:09:46:ea:60:ad:75:7f:b3:32:2c:e5:a1:db:89:81:
10:d4:9d:05:8f:90:5f:36:f2:c3:12:be:1e:28:d8:4d:05:07:
a5:b8:2b:61:a3:a1:9f:3e:b2:db:f5:0f:e6:68:fc:42:2b:22:
0a:20:50:9c:d0:36:b6:e4:c3:17:d9:fa:1b:0c:57:cf:7a:cf:
10:cb:0c:7e:51:45:7f:18:cd:46:43:05:74:35:f7:02:a5:fd:
56:cc:13:05:bd:fa:06:21:b2:48:8f:b9:5e:53:93:84:f7:e4:
32:c3:36:0e:56:7f:f7:14:2d:51:de:15:da:88:5d:9c:50:a8:
57:83:70:04:fb:80:15:b6:99:da:4b:71:20:c4:9f:1a:7d:81:
a5:ab:a4:8a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbTeNMgDWIuvg2UF5C8uRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3M2JlYzMzYWU3MzhjOTg5NTg4MTljNmMxM2JiMzM1ZWUz
NGFiNGMwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTc5Mjc5MzMyMTc1Njc2ZDMyNDk3ZTM3NDM5NjQ5YjNkM2ExZDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwROR7JuZ7yoaLIiV6jeIhCD5SsE
Dz4A9oIRp6LdIxe3ov9yMRRInFuo3oY42PWWiCi/hrnsV0dRoZGsKWs5Y7uygq/r
/L4K5Nrvg90svUarpl/bzrNDarrSmU3R3PN5uchA/zh9QwTifuMTM3VfwWgvEnEF
dQ9EOswOxk3OsiLdGEerhluLdxqDwRg/lADfodV7D/REmXSE/1+YnJninSCUu4+0
f0ZtSo5HXb2XDSNl3pVXoJAJcNdfAIgkS6zH1zbN+tZLv/scPfIfsywC/jY//kf3
Isw+EV/wARNjT9nulyJl3pbUo8rcrixQAaFYCrDAxX4QiqP8JRahXvcalQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLF5J5MyF1Z20ySX43Q5ZJs9Oh2ZMB8GA1UdIwQY
MBaAFJc77DOuc4yYlYgZxsE7szXuNKtMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQt
YzQyZjlhYmYxNDc3LzEvc1hrbmt6SVhWbmJUSkpmamREbGttejA2SFprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8yZjQ2MDUtMzU2YS00YWY2LWIxNWQtYzQyZjlhYmYxNDc3
LzEvbHp2c002NXpqSmlWaUJuR3dUdXpOZTQwcTB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBAjvKAwQA
VdEEAwQBVdEGAwQBWNqWMA0GCSqGSIb3DQEBCwUAA4IBAQBI27tZ3pj2mkFL+/+5
Y/Krs0HI5kW8uo+6jAWGxlEsVee6v9vgiQ/QXW9MGixikrRl/WZZsspFjuOGcszg
+qglzdnwYylI5PLl8Az3NXoDxf1rnpzG7nvgFQ/KmWpXY57roR2bSqXGuFSy0JEZ
Iu8JRupgrXV/szIs5aHbiYEQ1J0Fj5BfNvLDEr4eKNhNBQeluCtho6GfPrLb9Q/m
aPxCKyIKIFCc0Da25MMX2fobDFfPes8Qywx+UUV/GM1GQwV0NfcCpf1WzBMFvfoG
IbJIj7leU5OE9+QywzYOVn/3FC1R3hXaiF2cUKhXg3AE+4AVtpnaS3EgxJ8afYGl
q6SK
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:57:20 2025 by rpki-client