Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-iknFOg38L2QsimVVKosry0unn4.roa
File: 1-iknFOg38L2QsimVVKosry0unn4.roa (raw, json)
Hash identifier: ilzv+PX18rqTduBNcJUMtyExAt1Z0hmgacVb8bwPLH4=
Subject key identifier: FA:29:27:14:E8:37:F0:BD:90:B2:29:95:54:AA:2C:AF:2D:2E:9E:7E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81E9D97F23152C82F58625C0607D40
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-iknFOg38L2QsimVVKosry0unn4.roa
Signing time: Sun 01 Jan 2023 13:25:08 +0000
ROA not before: Sun 01 Jan 2023 13:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43548
IP address blocks: 94.156.4.0/23 maxlen: 23
93.123.65.0/24 maxlen: 24
31.13.212.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.120.205.0/24 maxlen: 24
85.217.164.0/22 maxlen: 22
87.120.108.0/24 maxlen: 24
91.92.168.0/22 maxlen: 22
87.121.108.0/23 maxlen: 23
87.120.99.0/24 maxlen: 24
87.120.216.0/24 maxlen: 24
85.217.176.0/21 maxlen: 21
87.120.222.0/24 maxlen: 24
31.13.247.0/24 maxlen: 24
94.156.80.0/21 maxlen: 21
87.120.246.0/24 maxlen: 24
94.156.97.0/24 maxlen: 24
2a00:1728:2d::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 09 Aug 2023 07:28:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:e9:d9:7f:23:15:2c:82:f5:86:25:c0:60:7d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa292714e837f0bd90b2299554aa2caf2d2e9e7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9d:74:91:1e:0d:75:50:da:bd:72:a8:c1:2d:
1f:46:67:c1:9b:e6:2d:25:13:dd:48:7a:5d:02:55:
07:50:1c:2c:a7:f9:69:0d:e5:d4:58:66:ed:6d:9a:
94:74:a2:49:45:86:49:4f:36:cf:87:2c:e1:d5:70:
bf:d3:1e:f1:a1:9a:6a:64:a0:25:67:0b:ab:a5:7e:
e1:87:2c:71:9e:9e:33:4e:cb:d8:44:21:b7:f7:ae:
d1:48:1d:59:1e:b3:f7:77:ce:07:f7:08:f5:db:be:
94:ec:34:08:34:3a:8f:94:d9:72:62:17:14:1e:f9:
ff:c4:f3:23:5a:e2:62:48:bd:9c:49:4f:2a:cc:2c:
90:d2:b9:dd:a9:d9:57:52:b7:1a:72:d1:64:3f:54:
3f:c6:4f:71:75:06:b8:fd:48:de:d9:cf:43:96:d0:
10:76:6f:f9:e6:b4:3f:42:17:3f:e9:0e:d6:61:8f:
4a:7e:98:88:89:9c:8c:ef:34:9e:fc:45:bd:33:e8:
3f:7a:6f:af:79:09:da:36:2d:1f:bd:81:ac:cd:b1:
2b:17:e9:6b:f5:06:10:68:93:ee:73:47:c7:37:6f:
75:c6:84:c0:86:58:66:88:f9:c0:d7:0f:8d:63:a0:
22:1f:a5:61:1d:a8:84:fa:83:13:b9:a0:81:04:f5:
2d:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:29:27:14:E8:37:F0:BD:90:B2:29:95:54:AA:2C:AF:2D:2E:9E:7E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-iknFOg38L2QsimVVKosry0unn4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.212.0/24
31.13.247.0/24
85.217.164.0/22
85.217.176.0/21
87.120.99.0/24
87.120.108.0/24
87.120.196.0/24
87.120.205.0/24
87.120.216.0/24
87.120.222.0/24
87.120.246.0/24
87.121.108.0/23
91.92.168.0/22
93.123.65.0/24
94.156.4.0/23
94.156.80.0/21
94.156.97.0/24
IPv6:
2a00:1728:2d::/48
Signature Algorithm: sha256WithRSAEncryption
15:ef:8c:1e:5c:e4:be:e3:b3:ce:0d:ac:11:fe:3f:b6:a5:2f:
8a:48:95:5c:e9:04:8c:a3:40:67:ad:22:5f:30:5e:b2:aa:2c:
5c:41:66:ad:16:6a:22:17:d4:60:c9:b6:d3:17:7a:9a:d7:c4:
66:4f:24:50:dd:ff:61:b1:54:2c:f0:b0:27:5e:71:5f:fc:1b:
f4:2b:05:9c:ab:51:18:eb:2d:d4:5e:d2:33:b6:81:7d:61:72:
d5:29:92:ad:66:65:63:bd:e1:61:c6:01:d6:80:99:14:3a:6e:
9b:4c:80:12:cb:91:c3:51:24:1b:23:7a:4a:a1:79:77:16:ce:
58:c4:41:67:86:31:ba:53:1e:44:59:46:bc:1b:4d:83:6b:e4:
a8:ac:b2:e1:49:7c:52:0c:bc:0e:52:df:98:d9:dd:7a:93:8c:
09:d5:77:d4:1e:24:85:23:ab:d7:08:f4:4f:44:84:77:6d:d2:
a6:3e:e6:14:ef:de:7e:2b:8d:19:38:14:0d:c8:ce:71:f6:15:
53:df:4d:6c:00:9a:b6:7f:27:a1:5c:78:7a:70:0d:c9:aa:11:
bf:f5:3c:bc:c5:0f:d3:0b:eb:a4:83:f8:45:ba:6b:dc:c8:8d:
1f:9e:59:8f:5a:77:a9:92:43:0e:06:97:a1:ea:c9:01:fc:6e:
59:a5:fb:a7
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAYVtgenZfyMVLIL1hiXAYH1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTI5MjcxNGU4MzdmMGJkOTBiMjI5OTU1NGFhMmNhZjJkMmU5ZTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ10kR4NdVDavXKowS0fRmfBm+Yt
JRPdSHpdAlUHUBwsp/lpDeXUWGbtbZqUdKJJRYZJTzbPhyzh1XC/0x7xoZpqZKAl
ZwurpX7hhyxxnp4zTsvYRCG3967RSB1ZHrP3d84H9wj1276U7DQINDqPlNlyYhcU
Hvn/xPMjWuJiSL2cSU8qzCyQ0rndqdlXUrcactFkP1Q/xk9xdQa4/Uje2c9DltAQ
dm/55rQ/Qhc/6Q7WYY9KfpiIiZyM7zSe/EW9M+g/em+veQnaNi0fvYGszbErF+lr
9QYQaJPuc0fHN291xoTAhlhmiPnA1w+NY6AiH6VhHaiE+oMTuaCBBPUtZQIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFPopJxToN/C9kLIplVSqLK8tLp5+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1pa25GT2czOEwyUXNpbVZWS29zcnkwdW5uNC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBkQYIKwYBBQUHAQcBAf8EgYEwfzBsBAIAATBmAwQAHw3U
AwQAHw33AwQCVdmkAwQDVdmwAwQAV3hjAwQAV3hsAwQAV3jEAwQAV3jNAwQAV3jY
AwQAV3jeAwQAV3j2AwQBV3lsAwQCW1yoAwQAXXtBAwQBXpwEAwQDXpxQAwQAXpxh
MA8EAgACMAkDBwAqABcoAC0wDQYJKoZIhvcNAQELBQADggEBABXvjB5c5L7js84N
rBH+P7alL4pIlVzpBIyjQGetIl8wXrKqLFxBZq0WaiIX1GDJttMXeprXxGZPJFDd
/2GxVCzwsCdecV/8G/QrBZyrURjrLdRe0jO2gX1hctUpkq1mZWO94WHGAdaAmRQ6
bptMgBLLkcNRJBsjekqheXcWzljEQWeGMbpTHkRZRrwbTYNr5KissuFJfFIMvA5S
35jZ3XqTjAnVd9QeJIUjq9cI9E9EhHdt0qY+5hTv3n4rjRk4FA3IznH2FVPfTWwA
mrZ/J6FceHpwDcmqEb/1PLzFD9ML66SD+EW6a9zIjR+eWY9ad6mSQw4Gl6HqyQH8
blml+6c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:22 2024 by rpki-client on console-ams.rpki-client.org