Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dz5mlSqlccVVue2DGkc9ae4PVvA.roa
File: dz5mlSqlccVVue2DGkc9ae4PVvA.roa (raw, json)
Hash identifier: rAg9jg1K6KPnrQrpdAXtQuJAdd4zGYNSjDEmw2qM21U=
Subject key identifier: 77:3E:66:95:2A:A5:71:C5:55:B9:ED:83:1A:47:3D:69:EE:0F:56:F0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F159899A03EB3D390AA85C2667C61E87D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dz5mlSqlccVVue2DGkc9ae4PVvA.roa
Signing time: Thu 25 Apr 2024 14:11:13 +0000
ROA not before: Thu 25 Apr 2024 14:11:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 45.66.229.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 08:19:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:98:99:a0:3e:b3:d3:90:aa:85:c2:66:7c:61:e8:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 25 14:11:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=773e66952aa571c555b9ed831a473d69ee0f56f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e0:13:5a:a6:7b:7c:ff:74:61:45:b1:83:be:
24:50:b7:19:19:25:12:c1:50:5c:19:a4:6f:6f:a0:
1f:75:57:bf:01:a8:34:63:26:c4:b8:83:b7:62:11:
02:16:de:c2:68:f0:07:f5:87:52:40:f0:54:8d:f5:
e3:89:e7:eb:d2:db:a2:94:f3:90:1b:7d:6a:ea:ea:
24:33:fc:ed:1c:b4:11:7f:29:b2:9a:ee:26:d3:64:
07:63:03:c9:16:21:10:95:86:38:f7:8c:d5:4d:36:
ec:14:de:51:df:a4:58:1e:ee:d5:40:e7:3f:07:27:
39:ac:58:c6:ce:de:ee:77:8f:21:0c:1f:10:f7:d5:
57:0b:d8:82:c7:40:15:94:51:b8:21:9d:9b:a5:23:
07:9a:97:5d:ee:b7:9a:e0:64:02:a4:53:c2:b6:8e:
5c:19:e8:d8:1f:c1:83:ca:8b:0b:ed:b3:a6:72:15:
d5:58:8f:c0:11:cb:73:bb:8f:74:0e:a7:e5:f7:57:
ee:60:3b:6e:78:38:b9:aa:16:85:bf:b8:8b:3b:9d:
46:43:1f:18:b0:4b:c1:37:04:4c:1d:33:e0:0f:8b:
11:a5:86:fa:5b:c0:f5:3d:56:13:81:7d:cf:29:95:
f4:48:a6:3f:40:33:2e:8f:06:28:75:7a:23:49:95:
35:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:3E:66:95:2A:A5:71:C5:55:B9:ED:83:1A:47:3D:69:EE:0F:56:F0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dz5mlSqlccVVue2DGkc9ae4PVvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
94.103.126.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
79:d2:db:ab:31:61:07:fe:5e:76:09:51:17:9e:44:c0:d9:79:
a6:19:55:98:c3:87:14:7f:ec:b3:e7:5a:1a:c4:e8:92:ff:7a:
e2:e4:e9:b3:b1:bb:fd:74:05:fe:9f:17:0d:c1:89:fc:87:42:
80:5e:dd:4a:86:06:68:d6:f7:e2:aa:f5:86:38:30:40:55:57:
2c:07:6c:ff:fa:f1:05:5f:ca:60:92:d5:44:8a:75:e8:07:a7:
75:b6:98:f5:e3:b6:71:69:7f:97:9f:19:60:12:bd:51:64:20:
84:38:ea:f3:8b:07:5e:16:a5:44:07:b1:79:f7:7f:54:da:01:
3f:aa:38:85:cb:2a:1f:9b:15:0c:05:37:f1:18:9d:5c:68:27:
67:19:4d:98:f9:ab:0a:6b:25:aa:b2:fd:5d:94:bb:eb:c7:26:
8f:ab:3f:3d:16:52:62:aa:98:ba:3f:0a:d7:71:8c:97:f0:80:
2e:12:af:5e:fc:b8:57:34:03:83:3e:ca:75:dc:c7:92:2e:4c:
b0:85:db:d5:08:0b:8d:14:89:5e:6e:17:36:7c:f1:48:8f:8e:
5f:ed:f2:24:3e:28:2a:1f:f9:98:dc:41:f9:ee:3a:d9:65:0f:
2e:aa:d3:57:14:6d:d0:62:40:5f:9d:8e:10:59:21:3a:b0:ff:
8b:4c:53:73
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAY8VmJmgPrPTkKqFwmZ8Yeh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDI1MTQxMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzNlNjY5NTJhYTU3MWM1NTViOWVkODMxYTQ3M2Q2OWVlMGY1NmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuATWqZ7fP90YUWxg74kULcZGSUS
wVBcGaRvb6AfdVe/Aag0YybEuIO3YhECFt7CaPAH9YdSQPBUjfXjiefr0tuilPOQ
G31q6uokM/ztHLQRfymymu4m02QHYwPJFiEQlYY494zVTTbsFN5R36RYHu7VQOc/
Byc5rFjGzt7ud48hDB8Q99VXC9iCx0AVlFG4IZ2bpSMHmpdd7rea4GQCpFPCto5c
GejYH8GDyosL7bOmchXVWI/AEctzu490Dqfl91fuYDtueDi5qhaFv7iLO51GQx8Y
sEvBNwRMHTPgD4sRpYb6W8D1PVYTgX3PKZX0SKY/QDMujwYodXojSZU1fQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFHc+ZpUqpXHFVbntgxpHPWnuD1bwMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZHo1bWxTcWxjY1ZWdWUyREdrYzlhZTRQVnZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALULlAwQA
VBWtAwQAV3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQBV3k4AwQBV3lkAwQA
Xmd+AwQAXpxOMAwDBABf1hkDBABf1hoDBADCOx4DBADCqa4wDQYJKoZIhvcNAQEL
BQADggEBAHnS26sxYQf+XnYJUReeRMDZeaYZVZjDhxR/7LPnWhrE6JL/euLk6bOx
u/10Bf6fFw3BifyHQoBe3UqGBmjW9+Kq9YY4MEBVVywHbP/68QVfymCS1USKdegH
p3W2mPXjtnFpf5efGWASvVFkIIQ46vOLB14WpUQHsXn3f1TaAT+qOIXLKh+bFQwF
N/EYnVxoJ2cZTZj5qwprJaqy/V2Uu+vHJo+rPz0WUmKqmLo/CtdxjJfwgC4Sr178
uFc0A4M+ynXcx5IuTLCF29UIC40UiV5uFzZ88UiPjl/t8iQ+KCof+ZjcQfnuOtll
Dy6q01cUbdBiQF+djhBZITqw/4tMU3M=
-----END CERTIFICATE-----
Generated at Thu May 9 12:21:33 2024 by rpki-client on console-fra.rpki-client.org