Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IU9a2Q4TrrlTkzO6rqTH7QLKOPs.roa
File: IU9a2Q4TrrlTkzO6rqTH7QLKOPs.roa (raw, json)
Hash identifier: yDAIFXALhMSy7uasmx+PK+tWbbQEPzr37UfzQ8iDYNw=
Subject key identifier: 21:4F:5A:D9:0E:13:AE:B9:53:93:33:BA:AE:A4:C7:ED:02:CA:38:FB
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 018964895BF1FE05DF89B9B139CA66FBF476
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IU9a2Q4TrrlTkzO6rqTH7QLKOPs.roa
Signing time: Mon 17 Jul 2023 15:47:50 +0000
ROA not before: Mon 17 Jul 2023 15:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 2.57.148.0/24 maxlen: 24
5.133.110.0/24 maxlen: 24
45.143.140.0/24 maxlen: 24
192.144.16.0/24 maxlen: 24
194.59.12.0/24 maxlen: 24
45.88.83.0/24 maxlen: 24
45.88.82.0/24 maxlen: 24
45.138.145.0/24 maxlen: 24
109.94.217.0/24 maxlen: 24
109.94.216.0/24 maxlen: 24
109.94.219.0/24 maxlen: 24
109.94.218.0/24 maxlen: 24
45.136.248.0/24 maxlen: 24
45.147.244.0/24 maxlen: 24
45.147.245.0/24 maxlen: 24
45.132.207.0/24 maxlen: 24
45.147.247.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 16:05:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:64:89:5b:f1:fe:05:df:89:b9:b1:39:ca:66:fb:f4:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Jul 17 15:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=214f5ad90e13aeb9539333baaea4c7ed02ca38fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:65:af:ba:43:db:59:9d:7d:b7:9d:4e:eb:25:
0d:0f:98:5c:ff:00:13:30:5c:bd:d7:05:7e:8e:de:
ca:36:ee:60:d7:52:5b:42:b9:64:49:96:83:15:61:
a4:31:b8:b8:cc:46:dc:b8:e6:e0:a2:f3:a2:4f:a6:
f2:c4:17:66:a7:76:80:e0:89:c7:5f:c5:7f:42:ea:
fd:ed:79:18:25:75:ce:3c:65:c1:71:2d:85:d2:ce:
39:1b:4f:d8:bc:ba:4b:39:ae:df:4a:86:13:ca:4d:
53:74:9c:f8:84:40:e5:fa:40:df:51:2d:8f:2a:2f:
75:25:0e:dc:ee:00:00:13:7c:22:c7:8f:bd:d6:f5:
22:80:f8:dc:51:70:15:6a:2f:26:f3:27:7d:f2:25:
b0:cc:55:87:51:00:3f:11:a8:62:fa:b3:65:9e:74:
5e:b9:55:58:4c:e0:6a:92:e7:b8:44:a5:04:39:9b:
0d:aa:59:c7:63:28:4e:af:75:c1:62:02:a1:82:14:
20:49:f4:0f:20:98:51:ed:6a:58:a2:e2:1c:86:df:
3d:6b:89:4a:3e:44:4f:e5:1b:05:d7:bd:60:10:2f:
6e:8d:9c:97:93:ff:0c:15:03:b3:a9:3c:c2:04:90:
f9:70:39:36:49:b8:ea:e0:ce:26:98:4b:86:74:f2:
63:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:4F:5A:D9:0E:13:AE:B9:53:93:33:BA:AE:A4:C7:ED:02:CA:38:FB
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/IU9a2Q4TrrlTkzO6rqTH7QLKOPs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.148.0/24
5.133.110.0/24
45.88.82.0/23
45.132.207.0/24
45.136.248.0/24
45.138.145.0/24
45.143.140.0/24
45.147.244.0/23
45.147.247.0/24
109.94.216.0/22
192.144.16.0/24
194.59.12.0/24
Signature Algorithm: sha256WithRSAEncryption
48:3b:b5:c6:87:ac:80:b0:d7:81:72:18:de:f0:bb:c3:83:df:
a0:6a:56:b4:2f:58:26:fd:59:28:5e:92:e7:54:1f:8f:09:63:
8f:32:65:a7:4a:ac:ab:1a:46:ed:9c:55:6e:fa:d2:79:a1:26:
c4:e3:74:6b:32:96:d1:39:1f:3a:6d:1a:7a:cf:f0:ac:7e:b1:
01:7b:81:49:bf:2f:e3:d4:d0:aa:de:5a:af:89:c5:d8:ee:36:
99:a3:5d:21:f2:9a:7b:79:cc:30:9b:c2:19:68:58:14:80:5b:
2f:0f:5c:53:99:a6:52:65:d7:1b:44:6c:ca:8b:c1:2b:60:85:
12:46:4e:39:a7:dc:10:02:35:3e:5a:c6:40:1a:01:a4:19:8c:
07:1d:3a:e6:1b:6e:5f:3d:fe:12:15:7f:f6:e6:69:b5:03:b5:
9e:aa:4d:75:b7:a1:7c:dc:08:de:b9:a0:26:3f:b0:b6:62:d0:
f7:04:bf:97:98:f5:50:5c:6a:d0:0f:e3:f5:e8:01:68:77:83:
f3:2e:87:e1:7a:4a:49:0f:b4:e6:03:9b:04:6c:aa:56:fb:e1:
ae:d8:6f:b9:48:d7:c3:48:5c:01:30:81:b6:16:da:d3:48:6b:
4b:67:72:af:93:69:37:da:ab:79:78:db:be:96:32:0c:44:20:
01:41:7c:22
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYlkiVvx/gXfibmxOcpm+/R2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjMwNzE3MTU0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTRmNWFkOTBlMTNhZWI5NTM5MzMzYmFhZWE0YzdlZDAyY2EzOGZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2WvukPbWZ19t51O6yUND5hc/wAT
MFy91wV+jt7KNu5g11JbQrlkSZaDFWGkMbi4zEbcuObgovOiT6byxBdmp3aA4InH
X8V/Qur97XkYJXXOPGXBcS2F0s45G0/YvLpLOa7fSoYTyk1TdJz4hEDl+kDfUS2P
Ki91JQ7c7gAAE3wix4+91vUigPjcUXAVai8m8yd98iWwzFWHUQA/Eahi+rNlnnRe
uVVYTOBqkue4RKUEOZsNqlnHYyhOr3XBYgKhghQgSfQPIJhR7WpYouIcht89a4lK
PkRP5RsF171gEC9ujZyXk/8MFQOzqTzCBJD5cDk2Sbjq4M4mmEuGdPJjOwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCFPWtkOE665U5Mzuq6kx+0Cyjj7MB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvSVU5YTJRNFRycmxUa3pPNnJxVEg3UUxLT1BzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAAjmUAwQA
BYVuAwQBLVhSAwQALYTPAwQALYj4AwQALYqRAwQALY+MAwQBLZP0AwQALZP3AwQC
bV7YAwQAwJAQAwQAwjsMMA0GCSqGSIb3DQEBCwUAA4IBAQBIO7XGh6yAsNeBchje
8LvDg9+gala0L1gm/VkoXpLnVB+PCWOPMmWnSqyrGkbtnFVu+tJ5oSbE43RrMpbR
OR86bRp6z/CsfrEBe4FJvy/j1NCq3lqvicXY7jaZo10h8pp7ecwwm8IZaFgUgFsv
D1xTmaZSZdcbRGzKi8ErYIUSRk45p9wQAjU+WsZAGgGkGYwHHTrmG25fPf4SFX/2
5mm1A7Weqk11t6F83AjeuaAmP7C2YtD3BL+XmPVQXGrQD+P16AFod4PzLofhekpJ
D7TmA5sEbKpW++Gu2G+5SNfDSFwBMIG2FtrTSGtLZ3Kvk2k32qt5eNu+ljIMRCAB
QXwi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:38 2024 by rpki-client on console-ams.rpki-client.org