Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-4F5tAbSoCZV4nVvez2bV4C9AB8.roa
File: 1-4F5tAbSoCZV4nVvez2bV4C9AB8.roa (raw, json)
Hash identifier: ESsSSygquIxeNbhM0NxIKdrNHsmkcKyibXQ51vCgzj0=
Subject key identifier: FB:81:79:B4:06:D2:A0:26:55:E2:75:6F:7B:3D:9B:57:80:BD:00:1F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C34D79E3375353D3338E74625A1E43F46
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-4F5tAbSoCZV4nVvez2bV4C9AB8.roa
Signing time: Mon 04 Dec 2023 12:39:54 +0000
ROA not before: Mon 04 Dec 2023 12:39:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 194.31.204.0/24 maxlen: 24
45.90.88.0/23 maxlen: 24
5.252.132.0/22 maxlen: 24
193.58.120.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
94.156.72.0/22 maxlen: 24
193.25.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:34:d7:9e:33:75:35:3d:33:38:e7:46:25:a1:e4:3f:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 4 12:39:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fb8179b406d2a02655e2756f7b3d9b5780bd001f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:93:9c:e1:a8:32:b7:d7:8e:4b:40:c9:f3:c7:
18:ba:65:be:40:c4:92:09:72:37:d5:7a:20:b2:fe:
17:9a:21:e3:6a:ac:a5:bf:79:e2:e5:55:39:14:9e:
9d:5f:bb:b3:31:12:97:49:fc:11:e1:30:4b:e2:06:
f5:42:02:35:f7:d8:50:56:eb:42:ee:e9:c4:a0:43:
b3:b0:15:0d:8f:07:64:7a:3a:a5:b5:3e:28:85:96:
ee:c2:40:5e:3d:9a:25:5c:d2:53:e5:93:58:78:28:
c0:7e:a5:c7:a1:29:43:45:44:0f:5c:f9:a9:aa:82:
c2:a9:9c:4f:c1:e5:3a:57:b0:f4:8d:da:80:9f:c8:
82:68:60:03:a9:d6:07:47:24:52:cf:e6:da:73:b5:
55:69:b3:cf:f4:05:c8:b5:1e:50:f4:69:1e:c2:23:
4d:64:7d:16:51:cf:c4:c2:59:e4:cc:8a:08:83:64:
c0:8b:8e:d6:df:ea:f5:71:44:82:5d:9a:c1:bd:e4:
d3:06:91:f3:3b:56:68:71:e6:ef:15:64:a2:5a:63:
f8:0d:7b:e6:75:c0:7a:80:9a:f3:64:5c:7b:bf:69:
48:0f:9f:2f:2b:2f:16:a5:78:48:6f:69:25:43:ed:
21:d6:ec:17:6d:14:ae:de:69:4c:89:60:b5:20:1a:
3d:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:81:79:B4:06:D2:A0:26:55:E2:75:6F:7B:3D:9B:57:80:BD:00:1F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-4F5tAbSoCZV4nVvez2bV4C9AB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
45.90.88.0/23
45.149.241.0/24
94.156.72.0/22
193.25.218.0/24
193.58.120.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
42:c2:4a:a4:77:ee:82:86:f7:63:02:e1:f9:83:22:89:96:f4:
9b:94:6b:bf:2e:85:a1:ba:2a:2b:5c:c4:b1:4b:10:5d:d4:9a:
fb:24:43:5e:21:e6:18:d2:82:df:67:55:fb:bb:9a:29:f4:ad:
3b:0a:0f:57:cd:8d:82:c8:9d:3f:73:cc:73:6e:f2:f2:f8:5e:
d4:b1:7e:9e:39:ed:2b:ea:31:0a:95:52:d4:1d:91:ad:8b:9b:
ef:b6:25:25:b9:29:53:27:d5:30:01:cb:aa:35:6e:ff:61:9b:
88:37:08:bb:eb:91:d1:e9:62:56:e9:0c:e4:fe:83:e0:0f:53:
45:c0:2a:37:a8:0f:71:7b:48:1c:0f:86:20:0e:d1:cb:0b:11:
48:67:90:b9:78:57:02:1f:a9:39:63:2d:2d:a1:9e:16:f6:e0:
de:3d:1b:bf:ab:92:56:95:f4:74:cf:f8:1a:bd:ae:78:ca:99:
e7:d1:7f:53:de:88:d1:5d:78:16:ba:40:1f:3d:03:c4:99:f2:
0f:7f:8c:8a:ee:7f:c4:56:cd:11:a1:e0:87:82:24:b8:f5:b1:
ab:71:9f:77:2c:ae:7e:46:9f:9b:19:40:86:25:2f:d1:3d:5b:
8b:6f:15:15:11:d4:af:03:fb:0c:88:51:98:8b:6a:78:ae:82:
f8:e0:56:2f
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYw0154zdTU9MzjnRiWh5D9GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjA0MTIzOTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjgxNzliNDA2ZDJhMDI2NTVlMjc1NmY3YjNkOWI1NzgwYmQwMDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtJOc4agyt9eOS0DJ88cYumW+QMSS
CXI31Xogsv4XmiHjaqylv3ni5VU5FJ6dX7uzMRKXSfwR4TBL4gb1QgI199hQVutC
7unEoEOzsBUNjwdkejqltT4ohZbuwkBePZolXNJT5ZNYeCjAfqXHoSlDRUQPXPmp
qoLCqZxPweU6V7D0jdqAn8iCaGADqdYHRyRSz+bac7VVabPP9AXItR5Q9GkewiNN
ZH0WUc/EwlnkzIoIg2TAi47W3+r1cUSCXZrBveTTBpHzO1ZocebvFWSiWmP4DXvm
dcB6gJrzZFx7v2lID58vKy8WpXhIb2klQ+0h1uwXbRSu3mlMiWC1IBo9fwIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFPuBebQG0qAmVeJ1b3s9m1eAvQAfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS00RjV0QWJTb0NaVjRuVnZlejJiVjRDOUFCOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBDBggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAgX8hAME
AS1aWAMEAC2V8QMEAl6cSAMEAMEZ2gMEAME6eAMEAMIfzDANBgkqhkiG9w0BAQsF
AAOCAQEAQsJKpHfugob3YwLh+YMiiZb0m5Rrvy6FoboqK1zEsUsQXdSa+yRDXiHm
GNKC32dV+7uaKfStOwoPV82NgsidP3PMc27y8vhe1LF+njntK+oxCpVS1B2RrYub
77YlJbkpUyfVMAHLqjVu/2GbiDcIu+uR0eliVukM5P6D4A9TRcAqN6gPcXtIHA+G
IA7RywsRSGeQuXhXAh+pOWMtLaGeFvbg3j0bv6uSVpX0dM/4Gr2ueMqZ59F/U96I
0V14FrpAHz0DxJnyD3+Miu5/xFbNEaHgh4IkuPWxq3GfdyyufkafmxlAhiUv0T1b
i28VFRHUrwP7DIhRmItqeK6C+OBWLw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:08 2024 by rpki-client on console-ams.rpki-client.org