Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DLeIWxTCHMi2uvMgMdi41SzwtJw.roa
File: DLeIWxTCHMi2uvMgMdi41SzwtJw.roa (raw, json)
Hash identifier: SfHHMD9PvGTM5RIISRL/CHO6jO9Ywr25poiSHeGSea8=
Subject key identifier: 0C:B7:88:5B:14:C2:1C:C8:B6:BA:F3:20:31:D8:B8:D5:2C:F0:B4:9C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193CE57D9E869B1FC0FE631F7D0F6A2D82B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DLeIWxTCHMi2uvMgMdi41SzwtJw.roa
Signing time: Mon 16 Dec 2024 07:21:24 +0000
ROA not before: Mon 16 Dec 2024 07:21:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207279
IP address blocks: 2.59.253.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
94.154.162.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
193.37.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ce:57:d9:e8:69:b1:fc:0f:e6:31:f7:d0:f6:a2:d8:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 16 07:21:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0cb7885b14c21cc8b6baf32031d8b8d52cf0b49c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:84:f8:f8:dd:d8:0b:51:ad:7d:d7:08:6e:0e:
31:23:23:9d:63:09:18:ce:cb:d7:d2:b4:d3:12:10:
f5:1d:d1:2b:46:2c:67:e6:d7:9d:01:9e:d8:30:d0:
0c:8d:84:5a:0c:bb:be:a2:41:31:21:cf:37:41:5b:
87:1b:28:0d:96:8b:7b:d0:a6:88:1d:ef:88:85:df:
a3:0c:cf:a1:de:31:ca:a5:51:a6:f8:94:b8:cf:12:
73:d0:e3:5b:3f:a4:f0:3b:18:cd:92:f3:96:c7:c0:
72:d6:aa:93:83:c7:0b:70:33:4a:72:b9:89:ae:05:
90:75:de:75:46:fd:b8:bf:de:5c:8c:b8:ef:05:83:
9c:22:a0:ba:75:64:b5:31:ae:f3:fd:04:d6:37:b7:
87:42:da:0d:d2:e6:6b:b3:2e:d7:cb:c2:1b:0f:ec:
f4:85:06:6e:98:f2:26:11:23:2c:47:eb:d8:1b:b7:
e4:d9:f0:4d:0f:6d:cd:c5:6b:44:37:01:0f:cd:b8:
88:8c:b1:7a:61:66:f6:67:53:0b:b8:48:ca:58:2f:
e2:d0:6f:47:d6:68:1e:37:fd:50:69:9f:fc:9a:6a:
18:2d:2b:9a:10:cf:d3:6f:07:14:38:6d:3d:3e:1a:
f1:9f:66:4a:80:84:26:4f:40:5e:3a:85:ef:47:26:
b1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B7:88:5B:14:C2:1C:C8:B6:BA:F3:20:31:D8:B8:D5:2C:F0:B4:9C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DLeIWxTCHMi2uvMgMdi41SzwtJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
79.110.51.0/24
94.154.162.0/24
109.206.239.0/24
193.37.40.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:05:90:9a:38:70:d6:8f:72:47:ad:2e:65:7e:d0:7d:a1:b1:
a2:0b:4e:12:ea:7c:d6:99:71:cb:f4:1f:d6:ca:ab:29:eb:97:
d7:63:66:d4:8b:e0:46:57:16:8d:33:c2:6a:d4:f8:5e:25:83:
72:92:4d:47:a8:fb:92:c3:3d:bc:99:9e:ff:79:9d:6f:26:79:
bd:64:e9:cd:99:d7:e3:d2:bb:74:e6:45:b2:4a:b2:73:8e:9c:
31:37:f0:a3:49:2f:a4:81:61:2b:0f:89:76:82:e5:a3:ef:d3:
0b:3d:08:d2:44:d3:1f:21:42:d6:56:16:be:a1:93:d6:ca:ca:
81:b4:60:31:53:26:1e:fd:10:7d:16:3a:87:e2:9a:6c:3f:c0:
0b:c2:87:58:bb:28:31:a7:f8:fb:0c:6c:7e:72:8e:4b:82:38:
82:11:aa:17:0e:0e:98:75:48:92:ad:db:61:36:ad:41:a4:8a:
1d:e2:e1:17:f1:4d:17:73:53:2f:3c:1c:34:27:f0:b2:e3:af:
b4:49:d8:97:a6:da:dd:69:d0:0e:8f:a2:96:1c:93:01:11:4f:
25:9e:d1:3e:be:e6:de:1b:78:d7:30:12:7c:e1:6e:0c:1c:bc:
c8:42:c4:8c:a4:60:37:0e:f4:6b:23:43:89:18:2c:11:d4:b8:
c2:1c:0b:dd
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPOV9noabH8D+Yx99D2otgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE2MDcyMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I3ODg1YjE0YzIxY2M4YjZiYWYzMjAzMWQ4YjhkNTJjZjBiNDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4T4+N3YC1GtfdcIbg4xIyOdYwkY
zsvX0rTTEhD1HdErRixn5tedAZ7YMNAMjYRaDLu+okExIc83QVuHGygNlot70KaI
He+Ihd+jDM+h3jHKpVGm+JS4zxJz0ONbP6TwOxjNkvOWx8By1qqTg8cLcDNKcrmJ
rgWQdd51Rv24v95cjLjvBYOcIqC6dWS1Ma7z/QTWN7eHQtoN0uZrsy7Xy8IbD+z0
hQZumPImESMsR+vYG7fk2fBND23NxWtENwEPzbiIjLF6YWb2Z1MLuEjKWC/i0G9H
1mgeN/1QaZ/8mmoYLSuaEM/TbwcUOG09Phrxn2ZKgIQmT0BeOoXvRyaxRwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAy3iFsUwhzItrrzIDHYuNUs8LScMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRExlSVd4VENITWkydXZNZ01kaTQxU3p3dEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjv9AwQA
T24zAwQAXpqiAwQAbc7vAwQAwSUoMA0GCSqGSIb3DQEBCwUAA4IBAQA9BZCaOHDW
j3JHrS5lftB9obGiC04S6nzWmXHL9B/Wyqsp65fXY2bUi+BGVxaNM8Jq1PheJYNy
kk1HqPuSwz28mZ7/eZ1vJnm9ZOnNmdfj0rt05kWySrJzjpwxN/CjSS+kgWErD4l2
guWj79MLPQjSRNMfIULWVha+oZPWysqBtGAxUyYe/RB9FjqH4ppsP8ALwodYuygx
p/j7DGx+co5LgjiCEaoXDg6YdUiSrdthNq1BpIod4uEX8U0Xc1MvPBw0J/Cy46+0
SdiXptrdadAOj6KWHJMBEU8lntE+vubeG3jXMBJ84W4MHLzIQsSMpGA3DvRrI0OJ
GCwR1LjCHAvd
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:39:25 2025 by rpki-client