Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/7AHseidK5hzfxkkakEoA1lEQscQ.roa
File: 7AHseidK5hzfxkkakEoA1lEQscQ.roa (raw, json)
Hash identifier: 7f5RYA/0N4TouVmzulomuQdTIvQwY8NpGxoofXchv40=
Subject key identifier: EC:01:EC:7A:27:4A:E6:1C:DF:C6:49:1A:90:4A:00:D6:51:10:B1:C4
Certificate issuer: /CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Certificate serial: 018CC4938CB78D625A2B17B4B8E7BFD946DF
Authority key identifier: 91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/7AHseidK5hzfxkkakEoA1lEQscQ.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209835
IP address blocks: 2.59.232.0/24 maxlen: 24
2.59.232.0/22 maxlen: 22
2.59.233.0/24 maxlen: 24
2.59.234.0/24 maxlen: 24
2.59.235.0/24 maxlen: 24
2a09:fc40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 12 Sep 2024 10:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8c:b7:8d:62:5a:2b:17:b4:b8:e7:bf:d9:46:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91b3f5d6f43e83071fa77e6d3ebbb79352f961b5
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec01ec7a274ae61cdfc6491a904a00d65110b1c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:25:ae:27:68:90:7f:76:ef:6d:27:6a:77:
db:9e:4e:fc:25:01:29:c2:dd:65:f3:79:3f:ba:a9:
fe:d9:66:46:03:7d:c9:26:5b:cc:94:79:5c:cc:3a:
b9:a3:74:07:40:0b:36:4f:ef:d3:bd:18:b1:7c:d9:
81:75:b6:41:84:9b:3b:c2:97:b7:8a:e6:4a:fe:e3:
2e:24:86:12:17:85:ee:ed:fb:e2:90:2c:db:8a:98:
8f:dc:d3:fc:de:a8:d5:ae:17:f3:ff:24:fc:ae:d8:
60:23:42:4c:95:1b:91:56:bb:ed:4e:71:4b:d2:74:
07:2b:5e:9f:df:72:92:20:25:1f:d6:73:1e:a4:82:
10:16:ce:15:22:52:6a:a0:38:f4:d8:e3:e7:34:96:
53:2d:d8:aa:76:18:ea:c1:6d:73:c3:62:12:0a:83:
4f:e0:16:35:9c:d9:0c:73:de:38:13:a2:49:72:09:
19:7f:5f:d1:df:83:41:e3:62:10:d4:11:36:7b:d5:
1f:13:89:d8:d7:30:ac:e6:80:1f:54:c1:e7:7c:29:
02:2d:d7:c5:f7:78:71:4b:b4:e6:b1:73:88:a0:c6:
c4:55:96:3c:25:ac:6e:4a:c2:9d:bb:d2:7d:26:49:
ae:06:a8:3c:ca:0e:b9:08:15:2f:9a:8d:57:aa:7a:
e7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:01:EC:7A:27:4A:E6:1C:DF:C6:49:1A:90:4A:00:D6:51:10:B1:C4
X509v3 Authority Key Identifier:
keyid:91:B3:F5:D6:F4:3E:83:07:1F:A7:7E:6D:3E:BB:B7:93:52:F9:61:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kbP11vQ-gwcfp35tPru3k1L5YbU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/7AHseidK5hzfxkkakEoA1lEQscQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/87a863-da6f-4981-9378-b2cd4e58100e/1/kbP11vQ-gwcfp35tPru3k1L5YbU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.232.0/22
IPv6:
2a09:fc40::/29
Signature Algorithm: sha256WithRSAEncryption
a0:10:25:75:1e:56:a2:bf:ca:46:3d:3f:51:e8:58:28:77:32:
1c:83:4e:bf:ed:5e:bc:28:59:57:9e:1d:ff:8d:61:6b:36:b4:
8b:a9:23:6c:d6:0f:6b:2f:59:f1:a9:c8:88:e4:03:0b:d2:fe:
68:74:85:70:a6:88:a4:db:51:21:56:a9:89:84:8e:51:cf:b0:
8e:e3:b6:7c:23:0d:62:e5:7c:11:bb:54:15:24:51:ce:4a:4d:
b4:4a:0a:34:7a:2d:f9:4f:c1:7b:b6:a7:22:44:0b:8a:6a:2e:
fa:e2:28:bc:10:b8:c6:5c:23:26:04:1b:8a:3e:91:4a:de:9f:
9e:60:82:15:f6:bd:3f:21:68:f0:9b:bb:7a:ee:ea:7f:1c:59:
9a:a8:11:e8:ec:35:dc:e5:4b:c2:65:4d:1b:ff:4e:ff:07:8c:
10:82:07:f7:9f:46:d2:0a:01:d5:64:ef:cb:0e:fd:26:79:f1:
6a:26:31:1b:ac:14:3f:5d:a6:51:24:70:0b:c3:88:8e:0b:61:
15:48:00:d2:07:ae:33:ce:fe:49:74:66:99:4c:cf:da:fa:88:
0e:63:03:d3:26:1b:d0:6e:60:e1:cc:c2:10:5b:0b:d2:b8:19:
04:39:e5:89:be:20:3a:a1:5f:be:43:e4:82:c0:a2:b8:10:9e:
55:d6:00:b2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk4y3jWJaKxe0uOe/2UbfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxYjNmNWQ2ZjQzZTgzMDcxZmE3N2U2ZDNlYmJiNzkzNTJm
OTYxYjUwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzAxZWM3YTI3NGFlNjFjZGZjNjQ5MWE5MDRhMDBkNjUxMTBiMWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNslridokH92720nanfbnk78JQEp
wt1l83k/uqn+2WZGA33JJlvMlHlczDq5o3QHQAs2T+/TvRixfNmBdbZBhJs7wpe3
iuZK/uMuJIYSF4Xu7fvikCzbipiP3NP83qjVrhfz/yT8rthgI0JMlRuRVrvtTnFL
0nQHK16f33KSICUf1nMepIIQFs4VIlJqoDj02OPnNJZTLdiqdhjqwW1zw2ISCoNP
4BY1nNkMc944E6JJcgkZf1/R34NB42IQ1BE2e9UfE4nY1zCs5oAfVMHnfCkCLdfF
93hxS7TmsXOIoMbEVZY8JaxuSsKdu9J9JkmuBqg8yg65CBUvmo1Xqnrn6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFOwB7HonSuYc38ZJGpBKANZRELHEMB8GA1UdIwQY
MBaAFJGz9db0PoMHH6d+bT67t5NS+WG1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgt
YjJjZDRlNTgxMDBlLzEvN0FIc2VpZEs1aHpmeGtrYWtFb0ExbEVRc2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS84N2E4NjMtZGE2Zi00OTgxLTkzNzgtYjJjZDRlNTgxMDBl
LzEva2JQMTF2US1nd2NmcDM1dFBydTNrMUw1WWJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCAjvoMA0E
AgACMAcDBQMqCfxAMA0GCSqGSIb3DQEBCwUAA4IBAQCgECV1Hlaiv8pGPT9R6Fgo
dzIcg06/7V68KFlXnh3/jWFrNrSLqSNs1g9rL1nxqciI5AML0v5odIVwpoik21Eh
VqmJhI5Rz7CO47Z8Iw1i5XwRu1QVJFHOSk20Sgo0ei35T8F7tqciRAuKai764ii8
ELjGXCMmBBuKPpFK3p+eYIIV9r0/IWjwm7t67up/HFmaqBHo7DXc5UvCZU0b/07/
B4wQggf3n0bSCgHVZO/LDv0mefFqJjEbrBQ/XaZRJHALw4iOC2EVSADSB64zzv5J
dGaZTM/a+ogOYwPTJhvQbmDhzMIQWwvSuBkEOeWJviA6oV++Q+SCwKK4EJ5V1gCy
-----END CERTIFICATE-----
Generated at Thu Sep 12 12:52:46 2024 by rpki-client on console-fra.rpki-client.org