Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/04MYx6fx6XIG7xflKx24URL7DiU.roa
File: 04MYx6fx6XIG7xflKx24URL7DiU.roa (raw, json)
Hash identifier: bUPdw7pf1TL+GG01rOJONlqKOboLxu3ikKk0Otck3gE=
Subject key identifier: D3:83:18:C7:A7:F1:E9:72:06:EF:17:E5:2B:1D:B8:51:12:FB:0E:25
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E42963A2B13FA1A7DADCC1420D9FAF81D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/04MYx6fx6XIG7xflKx24URL7DiU.roa
Signing time: Fri 15 Mar 2024 14:48:45 +0000
ROA not before: Fri 15 Mar 2024 14:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.65.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 16 Mar 2024 20:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:42:96:3a:2b:13:fa:1a:7d:ad:cc:14:20:d9:fa:f8:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 15 14:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d38318c7a7f1e97206ef17e52b1db85112fb0e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:ab:75:cd:6b:e5:e1:d2:26:94:00:db:27:29:
ad:26:11:fa:2f:9a:4f:dd:06:47:2d:b8:7e:04:c8:
c9:9c:1f:44:c3:0d:c5:cf:62:6c:90:cd:2a:ce:0f:
ea:d4:f8:60:dd:fd:36:c7:73:91:e1:0a:d4:8f:00:
b9:97:a9:9d:b0:e4:8a:f0:37:6d:64:7a:b7:cb:c1:
f7:97:3e:b0:a5:ab:51:73:f7:bc:08:64:f5:21:5a:
2a:16:4b:cd:cf:02:14:0d:ef:be:91:89:d6:c1:10:
0e:dc:48:2a:3b:f0:f8:9c:a0:e4:75:5d:dc:92:01:
a7:dc:c5:92:b1:d4:81:75:5e:e5:3b:9a:5c:0a:3a:
a1:62:5c:bc:8a:06:7c:75:5b:1a:e0:fc:f6:e1:c5:
f6:7a:bc:57:47:46:e2:d8:c1:b7:80:16:f6:2f:83:
8e:35:09:3d:ed:c1:3b:bb:53:23:25:f5:3e:07:85:
8c:32:e4:a2:a9:b5:88:5a:2b:74:38:9a:b3:f7:7e:
6d:72:c9:fe:88:36:d9:59:f5:e5:70:97:3e:d6:78:
ae:9f:3b:b7:31:8e:8d:73:f9:bd:17:4b:90:f2:ac:
e6:13:53:61:e4:34:a7:1c:26:e0:a2:3a:ff:0e:8f:
d7:13:52:09:85:ca:44:19:b2:74:81:c2:11:94:99:
68:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:83:18:C7:A7:F1:E9:72:06:EF:17:E5:2B:1D:B8:51:12:FB:0E:25
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/04MYx6fx6XIG7xflKx24URL7DiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
45.8.94.0/24
87.120.68.0/23
87.121.61.0-87.121.63.255
87.121.114.0/23
91.92.26.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:e9:b3:37:c0:c3:69:50:c8:7f:20:58:79:57:2d:9c:6e:72:
45:c0:74:2c:03:04:31:0b:ae:92:fa:a5:a4:c5:94:ac:a0:40:
97:9b:da:86:59:33:62:89:66:b0:ed:52:b8:31:99:0c:b4:46:
65:89:5d:fa:82:40:db:fc:27:7f:b6:c9:87:81:21:33:e5:5a:
b8:64:4c:7e:83:47:04:92:fb:bb:09:b2:66:a3:9a:2c:0f:21:
46:a1:97:54:ee:fc:12:7b:61:0c:3e:f7:32:52:28:e6:cf:e1:
7d:59:de:b5:76:11:35:51:12:77:47:1e:72:17:0c:93:9e:7d:
23:20:e4:1f:93:c8:1c:96:e2:a1:4b:71:45:48:ad:df:6b:71:
63:58:4c:4e:b7:e2:06:8d:2a:4d:d2:8f:a5:3b:b2:08:2f:b1:
33:dd:67:49:a4:49:bd:16:7a:28:f0:05:7c:d8:9c:24:41:d2:
cb:70:8d:f4:71:19:e4:43:3e:79:74:cf:e0:61:f9:41:2c:d1:
76:81:08:ba:c3:55:62:6f:47:79:28:d8:c9:fd:a7:9b:ae:58:
c6:25:4a:7c:61:a9:b8:87:91:87:84:d3:e1:e8:a5:c5:f0:d9:
d4:37:f9:c0:43:9e:8c:4d:b7:02:70:ae:ad:be:e8:3f:12:58:
80:a2:55:24
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY5CljorE/oafa3MFCDZ+vgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE1MTQ0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzgzMThjN2E3ZjFlOTcyMDZlZjE3ZTUyYjFkYjg1MTEyZmIwZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Kt1zWvl4dImlADbJymtJhH6L5pP
3QZHLbh+BMjJnB9Eww3Fz2JskM0qzg/q1Phg3f02x3OR4QrUjwC5l6mdsOSK8Ddt
ZHq3y8H3lz6wpatRc/e8CGT1IVoqFkvNzwIUDe++kYnWwRAO3EgqO/D4nKDkdV3c
kgGn3MWSsdSBdV7lO5pcCjqhYly8igZ8dVsa4Pz24cX2erxXR0bi2MG3gBb2L4OO
NQk97cE7u1MjJfU+B4WMMuSiqbWIWit0OJqz935tcsn+iDbZWfXlcJc+1niunzu3
MY6Nc/m9F0uQ8qzmE1Nh5DSnHCbgojr/Do/XE1IJhcpEGbJ0gcIRlJloLQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNODGMen8elyBu8X5SsduFES+w4lMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMDRNWXg2Zng2WElHN3hmbEt4MjRVUkw3RGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABf1BAwQA
LQheAwQBV3hEMAwDBABXeT0DBAZXeQADBAFXeXIDBABbXBoDBAFde0oDBAG5/KAw
DQYJKoZIhvcNAQELBQADggEBAGzpszfAw2lQyH8gWHlXLZxuckXAdCwDBDELrpL6
paTFlKygQJeb2oZZM2KJZrDtUrgxmQy0RmWJXfqCQNv8J3+2yYeBITPlWrhkTH6D
RwSS+7sJsmajmiwPIUahl1Tu/BJ7YQw+9zJSKObP4X1Z3rV2ETVREndHHnIXDJOe
fSMg5B+TyByW4qFLcUVIrd9rcWNYTE634gaNKk3Sj6U7sggvsTPdZ0mkSb0Weijw
BXzYnCRB0stwjfRxGeRDPnl0z+Bh+UEs0XaBCLrDVWJvR3ko2Mn9p5uuWMYlSnxh
qbiHkYeE0+HopcXw2dQ3+cBDnoxNtwJwrq2+6D8SWICiVSQ=
-----END CERTIFICATE-----
Generated at Sat Mar 16 21:25:33 2024 by rpki-client on console-ams.rpki-client.org