Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/ARQuIslzVwVlgA8mkhgi9-w9fWI.roa
File: ARQuIslzVwVlgA8mkhgi9-w9fWI.roa (raw, json)
Hash identifier: kPRJOyvl6xUG08YxGCxltcLSXxV56JMlUpAU6yiJ0/Q=
Subject key identifier: 01:14:2E:22:C9:73:57:05:65:80:0F:26:92:18:22:F7:EC:3D:7D:62
Certificate issuer: /CN=441d4b92dd150364c65b7d21299028678b0a5296
Certificate serial: 019354139625F8FFC5095014E30B606C5714
Authority key identifier: 44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/ARQuIslzVwVlgA8mkhgi9-w9fWI.roa
Signing time: Fri 22 Nov 2024 13:33:09 +0000
ROA not before: Fri 22 Nov 2024 13:33:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3303
IP address blocks: 144.2.64.0/18 maxlen: 20
178.238.160.0/20 maxlen: 22
185.119.176.0/22 maxlen: 24
2a02:21b0::/29 maxlen: 34
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:54:13:96:25:f8:ff:c5:09:50:14:e3:0b:60:6c:57:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=441d4b92dd150364c65b7d21299028678b0a5296
Validity
Not Before: Nov 22 13:33:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=01142e22c973570565800f26921822f7ec3d7d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9d:78:a2:b2:4c:e2:81:5a:61:2f:db:f9:84:
8f:74:9c:bf:ec:13:f0:3b:98:ec:32:b1:98:1d:f7:
b0:57:ad:39:a5:9a:8a:59:5d:42:3d:c3:eb:f9:9f:
7b:31:30:1e:b1:d2:14:f8:22:17:dd:a1:a7:2e:d2:
35:c3:b3:7c:80:0c:45:12:d3:94:27:f8:d0:4c:b4:
a7:ea:4e:fd:bc:93:84:8c:0e:f3:7e:fe:c3:32:0a:
64:5c:41:68:86:82:86:5d:d8:12:24:1f:5d:dc:93:
76:7f:36:04:9b:95:94:86:17:d4:57:cf:67:21:70:
e3:bc:e5:9b:8c:de:c2:9e:a9:f0:1f:c1:34:a7:88:
21:22:08:da:60:58:a5:65:d1:0b:f2:c5:dc:54:5a:
ec:6a:97:33:56:37:7e:f0:16:cb:ab:78:a0:54:87:
e6:51:02:df:d7:58:53:6e:43:8d:94:24:00:54:1f:
58:af:49:0f:f0:b3:73:42:40:ad:c4:77:ac:a1:41:
21:e5:68:a9:ff:8f:70:af:4e:e5:e7:cb:10:ee:94:
ba:24:0d:02:66:a3:ef:dc:0b:5e:60:d2:e0:7d:74:
5d:39:57:80:18:17:9f:a4:d2:13:9d:0c:bb:84:4a:
57:d7:a9:63:51:ae:8d:2e:c7:d3:70:43:bc:a0:09:
10:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:14:2E:22:C9:73:57:05:65:80:0F:26:92:18:22:F7:EC:3D:7D:62
X509v3 Authority Key Identifier:
keyid:44:1D:4B:92:DD:15:03:64:C6:5B:7D:21:29:90:28:67:8B:0A:52:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/ARQuIslzVwVlgA8mkhgi9-w9fWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5d454b-9d1d-4e7d-ae73-7f5f4d604731/1/RB1Lkt0VA2TGW30hKZAoZ4sKUpY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.2.64.0/18
178.238.160.0/20
185.119.176.0/22
IPv6:
2a02:21b0::/29
Signature Algorithm: sha256WithRSAEncryption
6a:e3:34:df:ed:60:ff:c7:e4:24:68:c5:0e:28:fd:2e:39:ed:
3d:29:b5:c8:7e:25:a2:51:a6:83:b2:b4:3d:e2:12:02:a4:12:
0a:a6:38:17:b7:49:da:2d:7a:ef:38:31:af:e0:99:03:af:39:
4a:b8:78:b0:b5:b3:d9:83:57:79:5e:22:f9:ad:0c:a2:1d:c6:
f9:b4:3c:a7:67:72:d9:c2:34:b8:16:f3:ad:fd:bf:c7:f2:bd:
76:e9:79:1d:c5:df:d5:04:94:de:a0:6b:50:87:8b:03:3c:01:
0c:e7:30:49:bd:a8:39:e7:91:24:af:de:06:40:06:f7:f5:5e:
d7:8b:b3:9b:9e:6f:77:19:18:be:08:99:23:9e:1b:68:37:6e:
84:0f:8e:b3:39:0e:bf:36:94:86:ba:16:36:40:94:02:b1:b3:
79:35:c9:ed:c7:7b:66:44:b4:11:fa:b1:90:28:d7:66:eb:cb:
f0:0d:7e:a5:e2:bb:7f:34:84:44:0c:d6:35:39:68:4f:15:d8:
f4:8f:86:34:0d:0b:84:d3:1c:39:97:db:27:10:aa:37:95:34:
e3:3a:dc:cf:d8:55:79:fb:fc:e8:de:4e:ee:2f:c6:68:f2:1c:
02:c9:e8:da:44:2f:4c:f5:f4:bc:f1:91:92:0f:b0:a8:ad:b5:
79:34:8e:4e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZNUE5Yl+P/FCVAU4wtgbFcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0MWQ0YjkyZGQxNTAzNjRjNjViN2QyMTI5OTAyODY3OGIw
YTUyOTYwHhcNMjQxMTIyMTMzMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTE0MmUyMmM5NzM1NzA1NjU4MDBmMjY5MjE4MjJmN2VjM2Q3ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp14orJM4oFaYS/b+YSPdJy/7BPw
O5jsMrGYHfewV605pZqKWV1CPcPr+Z97MTAesdIU+CIX3aGnLtI1w7N8gAxFEtOU
J/jQTLSn6k79vJOEjA7zfv7DMgpkXEFohoKGXdgSJB9d3JN2fzYEm5WUhhfUV89n
IXDjvOWbjN7CnqnwH8E0p4ghIgjaYFilZdEL8sXcVFrsapczVjd+8BbLq3igVIfm
UQLf11hTbkONlCQAVB9Yr0kP8LNzQkCtxHesoUEh5Wip/49wr07l58sQ7pS6JA0C
ZqPv3AteYNLgfXRdOVeAGBefpNITnQy7hEpX16ljUa6NLsfTcEO8oAkQ1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAEULiLJc1cFZYAPJpIYIvfsPX1iMB8GA1UdIwQY
MBaAFEQdS5LdFQNkxlt9ISmQKGeLClKWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMt
N2Y1ZjRkNjA0NzMxLzEvQVJRdUlzbHpWd1ZsZ0E4bWtoZ2k5LXc5ZldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81ZDQ1NGItOWQxZC00ZTdkLWFlNzMtN2Y1ZjRkNjA0NzMx
LzEvUkIxTGt0MFZBMlRHVzMwaEtaQW9aNHNLVXBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGkAJAAwQE
su6gAwQCuXewMA0EAgACMAcDBQMqAiGwMA0GCSqGSIb3DQEBCwUAA4IBAQBq4zTf
7WD/x+QkaMUOKP0uOe09KbXIfiWiUaaDsrQ94hICpBIKpjgXt0naLXrvODGv4JkD
rzlKuHiwtbPZg1d5XiL5rQyiHcb5tDynZ3LZwjS4FvOt/b/H8r126Xkdxd/VBJTe
oGtQh4sDPAEM5zBJvag555Ekr94GQAb39V7Xi7Obnm93GRi+CJkjnhtoN26ED46z
OQ6/NpSGuhY2QJQCsbN5Ncntx3tmRLQR+rGQKNdm68vwDX6l4rt/NIREDNY1OWhP
Fdj0j4Y0DQuE0xw5l9snEKo3lTTjOtzP2FV5+/zo3k7uL8Zo8hwCyejaRC9M9fS8
8ZGSD7CorbV5NI5O
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:46 2025 by rpki-client