Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-h5rBwFC8MYM21lZ7qsdJmuqPaY.roa
File: 1-h5rBwFC8MYM21lZ7qsdJmuqPaY.roa (raw, json)
Hash identifier: uwNpZKAvxBnWQpBIVLxDkXhhNg7Xl2HuXt4gLDrsbzo=
Subject key identifier: FA:1E:6B:07:01:42:F0:C6:0C:DB:59:59:EE:AB:1D:26:6B:AA:3D:A6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192242270B3A59C7B1C905D43E799D67D52
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-h5rBwFC8MYM21lZ7qsdJmuqPaY.roa
Signing time: Tue 24 Sep 2024 13:04:49 +0000
ROA not before: Tue 24 Sep 2024 13:04:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:22:70:b3:a5:9c:7b:1c:90:5d:43:e7:99:d6:7d:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 24 13:04:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa1e6b070142f0c60cdb5959eeab1d266baa3da6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:27:aa:ea:b7:61:df:f9:49:68:f1:a4:54:09:
4e:2c:93:f7:6d:88:33:1f:27:7c:99:eb:97:01:d9:
5a:6c:e7:1a:8c:15:b6:c7:ca:d9:be:61:56:a8:df:
81:74:fa:13:13:a3:89:5f:47:a1:c5:45:f3:bb:8b:
dc:95:90:94:22:d8:df:37:50:68:0e:1a:c8:f8:b1:
81:de:7d:fb:cd:9a:30:8b:6d:0d:e7:79:39:10:7b:
87:4b:c6:30:03:9b:78:9b:e0:87:a6:85:31:ac:9b:
4c:16:72:ab:13:73:4e:16:30:aa:12:4b:b6:4e:6c:
54:c6:b3:29:00:91:fe:e2:0e:89:dc:ff:e9:2e:19:
6d:bd:9b:63:3c:52:e0:82:db:6c:e5:c1:ca:05:0d:
d6:91:37:3e:82:c7:02:2c:fd:3e:7e:2f:05:9e:e1:
b8:51:e7:ff:c2:b1:f4:6b:9c:64:7d:38:d9:3e:99:
9d:76:a5:81:90:fc:28:a4:97:45:e9:18:a0:82:c3:
37:09:0d:e5:67:d2:ac:c7:b9:4b:e6:9c:a0:f9:f1:
8b:2b:52:b4:b5:95:eb:c4:f5:e5:5a:d4:b8:4f:a8:
7b:ca:46:73:b9:01:d1:a3:c2:04:02:a4:52:6c:f3:
75:fd:76:0c:b3:70:f8:0e:a1:41:bd:77:90:94:89:
ed:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:1E:6B:07:01:42:F0:C6:0C:DB:59:59:EE:AB:1D:26:6B:AA:3D:A6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-h5rBwFC8MYM21lZ7qsdJmuqPaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.66.228.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.103.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.37.41.0/24
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
87:88:9a:48:61:3d:18:66:02:02:c3:dc:a6:ba:ea:e5:3c:98:
20:fe:73:d4:7c:bc:f9:40:24:c0:ae:b2:f2:3d:1e:d7:2d:72:
bb:8d:05:a1:07:4b:ec:a9:e1:e1:96:d8:e7:62:83:cf:98:93:
69:2a:5f:db:11:86:ad:db:b3:17:c0:b1:28:63:0e:ad:96:14:
ba:e4:12:7d:c6:ef:e8:b2:12:98:fc:59:6d:3e:99:7a:ab:77:
6e:0b:54:df:23:44:1c:1f:9e:09:72:34:85:ab:91:5b:fd:35:
c2:69:85:e8:4e:82:82:53:2a:a4:f2:6a:dc:1c:95:5c:65:55:
63:cd:be:a3:d8:72:e7:64:df:d9:df:19:19:bb:e0:6c:c4:d4:
bc:e1:ca:e1:b4:52:0a:4a:1f:2a:94:41:8b:97:d3:be:dc:50:
da:59:09:93:89:c7:08:df:13:f9:b8:5b:48:75:1e:45:dc:e9:
8a:0b:42:5b:1e:2d:56:d0:40:41:fb:79:f2:1d:c1:2f:e5:cc:
dc:2a:a2:ea:fd:9c:4f:8d:60:c8:2a:ea:85:ad:9a:6a:8c:b4:
ec:38:ad:56:07:7c:d0:a6:80:b6:82:4a:54:69:3c:8b:5c:c5:
8f:77:08:fd:40:13:48:92:6f:98:cd:de:02:84:e0:30:43:f7:
17:b5:0b:e7
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZIkInCzpZx7HJBdQ+eZ1n1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI0MTMwNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTFlNmIwNzAxNDJmMGM2MGNkYjU5NTllZWFiMWQyNjZiYWEzZGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yeq6rdh3/lJaPGkVAlOLJP3bYgz
Hyd8meuXAdlabOcajBW2x8rZvmFWqN+BdPoTE6OJX0ehxUXzu4vclZCUItjfN1Bo
DhrI+LGB3n37zZowi20N53k5EHuHS8YwA5t4m+CHpoUxrJtMFnKrE3NOFjCqEku2
TmxUxrMpAJH+4g6J3P/pLhltvZtjPFLggtts5cHKBQ3WkTc+gscCLP0+fi8FnuG4
Uef/wrH0a5xkfTjZPpmddqWBkPwopJdF6RiggsM3CQ3lZ9Ksx7lL5pyg+fGLK1K0
tZXrxPXlWtS4T6h7ykZzuQHRo8IEAqRSbPN1/XYMs3D4DqFBvXeQlIntQQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFPoeawcBQvDGDNtZWe6rHSZrqj2mMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1oNXJCd0ZDOE1ZTTIxbFo3cXNkSm11cVBhWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkwYIKwYBBQUHAQcBAf8EgYMwgYAwfgQCAAEweAMEAC0J
nAMEAC1C5AMEAC2XWQMEAC2XWwMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4XQMEAFd5
LQMEAVx3xAMEAl6aoAMEAF6cCwMEAI1iAQMEAJNOZwMEAqsWSAMEArnYVAMEArna
VAMEALn23wMEAMElKQMEAMHeYDANBgkqhkiG9w0BAQsFAAOCAQEAh4iaSGE9GGYC
AsPcprrq5TyYIP5z1Hy8+UAkwK6y8j0e1y1yu40FoQdL7Knh4ZbY52KDz5iTaSpf
2xGGrduzF8CxKGMOrZYUuuQSfcbv6LISmPxZbT6Zeqt3bgtU3yNEHB+eCXI0hauR
W/01wmmF6E6CglMqpPJq3ByVXGVVY82+o9hy52Tf2d8ZGbvgbMTUvOHK4bRSCkof
KpRBi5fTvtxQ2lkJk4nHCN8T+bhbSHUeRdzpigtCWx4tVtBAQft58h3BL+XM3Cqi
6v2cT41gyCrqha2aaoy07DitVgd80KaAtoJKVGk8i1zFj3cI/UATSJJvmM3eAoTg
MEP3F7UL5w==
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:35 2024 by rpki-client on console-fra.rpki-client.org