Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0sh27KLa5xPNkqVWi9JUP7BLY-4.roa
File: 0sh27KLa5xPNkqVWi9JUP7BLY-4.roa (raw, json)
Hash identifier: BGW7w3yEJ1GeXG+d9SdMFX26yJOX+7NGwTGKErEq8NY=
Subject key identifier: D2:C8:76:EC:A2:DA:E7:13:CD:92:A5:56:8B:D2:54:3F:B0:4B:63:EE
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019111B20461DA28D6987C6120398502DD2C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0sh27KLa5xPNkqVWi9JUP7BLY-4.roa
Signing time: Fri 02 Aug 2024 06:06:04 +0000
ROA not before: Fri 02 Aug 2024 06:06:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5065
IP address blocks: 2.58.168.0/24 maxlen: 24
2.58.169.0/24 maxlen: 24
2.58.170.0/24 maxlen: 24
77.242.156.0/24 maxlen: 24
77.242.158.0/24 maxlen: 24
83.137.159.0/24 maxlen: 24
88.151.57.0/24 maxlen: 24
88.151.58.0/24 maxlen: 24
88.209.217.0/24 maxlen: 24
88.209.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 12:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:11:b2:04:61:da:28:d6:98:7c:61:20:39:85:02:dd:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 2 06:06:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2c876eca2dae713cd92a5568bd2543fb04b63ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b6:b1:77:07:c5:1f:29:31:0c:28:4a:8e:af:
fe:7d:be:a0:23:83:08:e2:81:d6:05:33:6d:b4:3f:
b6:31:48:70:2e:ad:76:34:9d:e0:c9:a3:45:bf:74:
93:58:19:2a:ef:82:c8:fb:c3:97:a9:7d:15:60:e6:
50:04:a6:6a:cd:f5:2a:f1:ff:af:35:83:ac:a9:0f:
8c:6b:7f:12:61:31:71:77:c7:7d:eb:81:28:6c:5f:
de:65:a7:90:f6:ae:f7:4d:bd:ac:7e:14:cd:77:a9:
c1:96:75:85:d1:be:2c:92:ee:46:3a:7f:38:df:33:
35:52:ac:41:f5:f4:54:54:02:d4:96:8f:73:6a:56:
d7:95:11:ed:2c:5f:64:9f:dd:bc:f6:ec:d6:5a:d5:
0d:3f:e8:53:df:60:77:c2:2e:35:b9:dd:0f:87:0a:
05:25:60:97:cc:7b:2f:0c:83:82:26:3a:12:93:dc:
f1:16:10:75:a1:50:e9:99:d6:d3:b6:ad:33:f7:73:
60:fe:4e:6e:89:37:0c:44:f2:72:75:c5:89:fd:0c:
59:f5:57:1f:51:4a:a7:ab:a0:09:bc:36:9a:01:79:
62:28:e7:c7:1c:95:26:af:bf:16:20:7d:61:45:8e:
18:76:52:58:04:15:ce:22:18:b1:64:0b:ee:59:37:
22:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:C8:76:EC:A2:DA:E7:13:CD:92:A5:56:8B:D2:54:3F:B0:4B:63:EE
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/0sh27KLa5xPNkqVWi9JUP7BLY-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.168.0-2.58.170.255
77.242.156.0/24
77.242.158.0/24
83.137.159.0/24
88.151.57.0-88.151.58.255
88.209.217.0/24
88.209.226.0/24
Signature Algorithm: sha256WithRSAEncryption
66:f0:4f:2a:05:c4:67:bb:06:4b:ae:1f:d7:57:35:72:ee:02:
b5:14:b7:8e:28:a7:97:97:a9:9b:14:c2:f1:0c:ac:a6:8c:2a:
3b:cc:0b:42:12:13:cc:d8:88:dc:08:c0:3c:7b:1e:bb:d2:f6:
82:d5:3b:74:bf:f7:25:76:0e:01:7f:4f:62:db:99:e5:c5:2c:
f0:5f:cb:87:5c:b4:ad:4c:41:92:9e:72:4c:2e:85:7b:fc:a1:
d7:75:0b:de:06:30:be:2e:8b:5d:8a:2c:41:7b:54:d6:9b:2c:
10:2f:6b:f7:8b:48:43:d7:3f:49:da:f1:70:a1:2c:7f:dd:10:
8e:d8:1c:8b:eb:7d:ee:23:bc:33:8c:75:6f:43:0c:11:d0:f1:
03:e5:75:d8:61:09:08:c6:bc:44:b3:d8:50:8d:16:b7:1a:f2:
43:02:f3:ed:3e:71:45:16:3a:de:92:94:ce:77:39:95:e0:2b:
e8:76:bf:f6:14:27:3a:43:4b:bd:2b:35:bd:22:68:9c:16:94:
d3:66:fb:ff:9c:65:cd:0a:f8:56:50:f9:89:38:4f:ea:0c:db:
bc:60:bc:c8:f3:8f:ca:69:42:3d:bf:e4:c7:9f:35:61:1a:60:
f3:e0:f0:6b:b6:37:ec:13:db:17:13:ba:d6:05:6b:2b:d9:96:
da:43:3c:bf
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZERsgRh2ijWmHxhIDmFAt0sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwODAyMDYwNjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmM4NzZlY2EyZGFlNzEzY2Q5MmE1NTY4YmQyNTQzZmIwNGI2M2VlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7axdwfFHykxDChKjq/+fb6gI4MI
4oHWBTNttD+2MUhwLq12NJ3gyaNFv3STWBkq74LI+8OXqX0VYOZQBKZqzfUq8f+v
NYOsqQ+Ma38SYTFxd8d964EobF/eZaeQ9q73Tb2sfhTNd6nBlnWF0b4sku5GOn84
3zM1UqxB9fRUVALUlo9zalbXlRHtLF9kn9289uzWWtUNP+hT32B3wi41ud0PhwoF
JWCXzHsvDIOCJjoSk9zxFhB1oVDpmdbTtq0z93Ng/k5uiTcMRPJydcWJ/QxZ9Vcf
UUqnq6AJvDaaAXliKOfHHJUmr78WIH1hRY4YdlJYBBXOIhixZAvuWTciXQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFNLIduyi2ucTzZKlVovSVD+wS2PuMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvMHNoMjdLTGE1eFBOa3FWV2k5SlVQN0JMWS00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAMCOqgD
BAACOqoDBABN8pwDBABN8p4DBABTiZ8wDAMEAFiXOQMEAFiXOgMEAFjR2QMEAFjR
4jANBgkqhkiG9w0BAQsFAAOCAQEAZvBPKgXEZ7sGS64f11c1cu4CtRS3jiinl5ep
mxTC8QyspowqO8wLQhITzNiI3AjAPHseu9L2gtU7dL/3JXYOAX9PYtuZ5cUs8F/L
h1y0rUxBkp5yTC6Fe/yh13UL3gYwvi6LXYosQXtU1pssEC9r94tIQ9c/SdrxcKEs
f90Qjtgci+t97iO8M4x1b0MMEdDxA+V12GEJCMa8RLPYUI0WtxryQwLz7T5xRRY6
3pKUznc5leAr6Ha/9hQnOkNLvSs1vSJonBaU02b7/5xlzQr4VlD5iThP6gzbvGC8
yPOPymlCPb/kx581YRpg8+Dwa7Y37BPbFxO61gVrK9mW2kM8vw==
-----END CERTIFICATE-----
Generated at Tue Oct 29 14:33:55 2024 by rpki-client on console-ams.rpki-client.org