Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2Sdladdc5IuBilTQqfz1rWzmCjI.roa
File: 2Sdladdc5IuBilTQqfz1rWzmCjI.roa (raw, json)
Hash identifier: Z2S7sljvrLacVZsmIKZN93+a5UHRFMz3SXbL3PkPink=
Subject key identifier: D9:27:65:69:D7:5C:E4:8B:81:8A:54:D0:A9:FC:F5:AD:6C:E6:0A:32
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F169DBE9E21F19A1A109CB40F7BB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2Sdladdc5IuBilTQqfz1rWzmCjI.roa
Signing time: Tue 02 Jan 2024 02:31:25 +0000
ROA not before: Tue 02 Jan 2024 02:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49769
IP address blocks: 193.235.1.0/24 maxlen: 24
193.235.2.0/23 maxlen: 23
192.165.152.0/22 maxlen: 22
192.165.158.0/23 maxlen: 23
192.165.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 13:24:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f1:69:db:e9:e2:1f:19:a1:a1:09:cb:40:f7:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9276569d75ce48b818a54d0a9fcf5ad6ce60a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4f:e5:b4:a0:a6:dd:3a:3b:e7:2d:08:82:e2:
70:b5:ee:e3:d6:54:79:ff:56:9c:df:da:da:ad:93:
70:5e:41:c7:e5:f1:77:81:eb:46:b6:3a:f4:6f:42:
3a:c0:08:43:ed:f0:9c:cf:15:9c:1e:68:3f:e3:e8:
31:58:b5:f3:7b:15:c8:e5:cc:fb:a0:c3:8b:79:8f:
4a:ed:09:cf:a8:59:b0:79:be:68:b7:2b:73:15:e3:
a8:6a:48:dc:fd:42:d8:5e:a7:b9:48:71:1a:39:d0:
82:07:8b:f8:f2:61:5e:d2:ac:21:82:39:d7:56:d7:
5c:8e:ff:6c:df:f4:88:4e:0f:31:58:65:2a:ad:61:
54:94:21:c5:ba:ee:64:9c:f8:df:33:c7:d5:10:a6:
14:1e:5e:8c:1f:6c:5f:52:53:5a:68:20:93:df:4a:
4e:1a:65:9f:91:83:62:46:9d:d4:4a:73:6f:52:cf:
4b:9d:3f:f5:70:42:ba:dd:15:76:d1:db:9c:98:5a:
b0:03:13:83:37:46:ce:5e:6b:2b:0c:7f:cb:0f:74:
a3:69:d1:c0:9c:27:c0:9b:0a:13:4b:4b:bd:1a:d6:
e0:fe:57:51:ae:3b:3f:95:fa:7e:de:25:f8:a4:f6:
cc:6b:28:8e:e9:01:29:58:21:4f:6a:ea:c0:2e:ce:
a0:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:27:65:69:D7:5C:E4:8B:81:8A:54:D0:A9:FC:F5:AD:6C:E6:0A:32
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/2Sdladdc5IuBilTQqfz1rWzmCjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.152.0-192.165.156.255
192.165.158.0/23
193.235.1.0-193.235.3.255
Signature Algorithm: sha256WithRSAEncryption
92:59:eb:c6:c6:75:f5:af:67:4c:6f:90:56:28:a3:ec:bb:47:
e3:be:cb:d3:db:8d:b3:cc:be:da:81:54:d5:0f:e3:ea:5a:1f:
93:a6:6f:63:c0:69:c9:f6:36:05:49:b4:5e:75:b6:03:7f:30:
81:c9:f9:91:53:b7:a2:a4:87:50:ea:eb:7f:f2:d3:8f:b0:2b:
f2:4e:3b:24:83:a9:46:8d:39:96:b2:26:7f:02:d8:26:c4:cd:
6a:3f:79:40:44:0e:47:0b:f4:e4:22:fd:ac:d7:79:09:85:c8:
39:79:5d:ba:7b:fa:2a:15:9a:4e:5d:e9:70:0e:f5:6a:7c:ec:
54:c8:4e:d4:44:f6:9a:41:a3:11:d1:99:e7:a8:31:a7:50:80:
2b:c9:f8:8d:a7:98:1a:45:01:b8:bd:97:f7:a7:d9:b0:14:9f:
0c:ad:1a:73:7c:14:e5:15:3e:19:ff:40:a0:c5:fd:5a:95:ec:
f0:72:a8:14:fc:e4:5b:47:12:68:36:f3:e3:40:8f:59:f2:7b:
aa:7b:98:56:40:12:1c:ad:0e:70:0d:40:72:4b:a1:e9:5c:44:
7e:7e:24:9d:a5:8c:c4:42:b4:93:a1:cb:44:78:11:a0:e5:d3:
41:c4:ff:1f:67:f4:53:05:48:25:ed:50:ed:d4:7c:6b:82:91:
3d:22:3b:a6
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzIAvFp2+niHxmhoQnLQPe7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI3NjU2OWQ3NWNlNDhiODE4YTU0ZDBhOWZjZjVhZDZjZTYwYTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk/ltKCm3To75y0IguJwte7j1lR5
/1ac39rarZNwXkHH5fF3getGtjr0b0I6wAhD7fCczxWcHmg/4+gxWLXzexXI5cz7
oMOLeY9K7QnPqFmweb5otytzFeOoakjc/ULYXqe5SHEaOdCCB4v48mFe0qwhgjnX
Vtdcjv9s3/SITg8xWGUqrWFUlCHFuu5knPjfM8fVEKYUHl6MH2xfUlNaaCCT30pO
GmWfkYNiRp3USnNvUs9LnT/1cEK63RV20ducmFqwAxODN0bOXmsrDH/LD3SjadHA
nCfAmwoTS0u9Gtbg/ldRrjs/lfp+3iX4pPbMayiO6QEpWCFPaurALs6g5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFNknZWnXXOSLgYpU0Kn89a1s5goyMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMlNkbGFkZGM1SXVCaWxUUXFmejFyV3ptQ2pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAPApZgD
BADApZwDBAHApZ4wDAMEAMHrAQMEAsHrADANBgkqhkiG9w0BAQsFAAOCAQEAklnr
xsZ19a9nTG+QViij7LtH477L09uNs8y+2oFU1Q/j6lofk6ZvY8BpyfY2BUm0XnW2
A38wgcn5kVO3oqSHUOrrf/LTj7Ar8k47JIOpRo05lrImfwLYJsTNaj95QEQORwv0
5CL9rNd5CYXIOXldunv6KhWaTl3pcA71anzsVMhO1ET2mkGjEdGZ56gxp1CAK8n4
jaeYGkUBuL2X96fZsBSfDK0ac3wU5RU+Gf9AoMX9WpXs8HKoFPzkW0cSaDbz40CP
WfJ7qnuYVkASHK0OcA1Ackuh6VxEfn4knaWMxEK0k6HLRHgRoOXTQcT/H2f0UwVI
Je1Q7dR8a4KRPSI7pg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:09:24 2025 by rpki-client