Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YdJTTrull7HkyJg2ss-LEmxmW8.roa
File: 1YdJTTrull7HkyJg2ss-LEmxmW8.roa (raw, json)
Hash identifier: LjKSKztODZlEMXFjI5iT7fgzp8n5rDFR3HX3o7ICZ/k=
Subject key identifier: D5:87:49:4D:3A:EE:96:5E:C7:93:22:60:DA:CB:3E:2C:49:B1:99:6F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DCE2CF348ECFD51246A047E78AA05AF8A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YdJTTrull7HkyJg2ss-LEmxmW8.roa
Signing time: Thu 22 Feb 2024 00:17:48 +0000
ROA not before: Thu 22 Feb 2024 00:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 10:54:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ce:2c:f3:48:ec:fd:51:24:6a:04:7e:78:aa:05:af:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 22 00:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d587494d3aee965ec7932260dacb3e2c49b1996f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b1:de:d4:50:c7:b8:85:8d:34:0c:65:9c:08:
75:ac:ee:b3:5e:14:7a:1c:0a:e7:5a:75:a5:01:60:
f9:4a:f5:eb:2f:c3:7c:b3:ad:2a:d4:a6:64:4d:72:
df:c9:b8:78:59:4c:34:f7:c5:05:b6:85:03:f6:ab:
ba:fc:46:75:ae:e8:dc:bc:02:a1:33:52:4b:ff:db:
a4:b1:6b:90:4f:ec:b0:af:f1:0a:28:4f:51:80:35:
81:08:4e:9c:29:52:46:dc:9b:ae:cc:02:7b:fd:0d:
85:15:5d:56:eb:f5:ef:0a:08:e2:91:c5:5b:ab:7c:
3b:ae:73:77:62:16:7a:9f:8b:e7:46:a1:9c:33:62:
bd:97:83:00:66:de:de:26:11:f4:c2:06:f6:fb:82:
c6:8c:da:30:72:25:bd:a0:cf:df:41:c3:1a:47:c0:
b6:f2:84:72:67:78:84:2d:4f:6d:57:72:d2:32:9f:
34:9b:e2:ba:e4:de:5d:7d:7c:45:f5:aa:9e:ba:5d:
d1:a1:1a:c4:ef:48:cc:04:b2:30:73:1e:ee:0d:b7:
84:93:6a:7d:c4:db:13:82:f6:93:8f:85:e9:66:29:
d8:e1:78:bd:7b:e3:f6:c1:06:c5:9f:d6:f5:c9:2e:
04:24:39:3f:74:0f:66:a7:55:16:32:1f:a3:2b:ce:
b1:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:87:49:4D:3A:EE:96:5E:C7:93:22:60:DA:CB:3E:2C:49:B1:99:6F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YdJTTrull7HkyJg2ss-LEmxmW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
87.121.60.0/23
91.92.26.0/24
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
48:07:f0:79:fa:b8:49:af:c2:9e:36:82:74:6d:ed:54:f1:46:
cc:1e:66:62:3c:96:97:66:d1:ba:ba:f1:f4:60:87:a5:b7:65:
23:7b:6a:a0:5e:fc:c3:a9:2b:9f:33:6e:dd:20:d3:2f:a5:51:
2c:96:8a:54:26:c3:c8:7a:94:47:4f:bb:97:5b:28:dc:44:79:
5b:3a:6e:37:65:99:a5:b1:bd:bd:3f:83:ec:29:44:06:cc:5c:
1d:8c:f1:65:45:47:66:15:da:c9:e1:98:5a:7a:6b:f0:46:be:
1b:77:c7:14:16:41:d4:5e:ef:f9:72:d5:41:7f:30:51:18:42:
e8:aa:b9:7a:1a:c0:5e:a8:19:d7:3a:23:ec:f7:f0:0d:c8:67:
54:12:7c:23:37:4a:13:ae:9c:dd:26:ac:7f:a6:08:e7:0d:3d:
a1:62:a7:31:a6:20:f9:3f:2c:d0:3e:0c:8a:6f:55:b9:fa:3e:
7c:03:e4:37:ab:ca:2c:6f:a2:65:b1:aa:83:17:c2:21:20:34:
d1:69:ea:b0:27:d4:81:3e:6a:d7:08:6f:53:af:a5:5f:ae:ca:
ca:99:49:0b:8a:a7:59:73:f5:2f:e7:99:3d:c9:fa:af:a5:5f:
c8:e7:6a:67:b7:a3:de:2d:a5:3d:3f:f4:61:53:1e:22:51:9a:
fc:03:c5:67
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY3OLPNI7P1RJGoEfniqBa+KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIyMDAxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg3NDk0ZDNhZWU5NjVlYzc5MzIyNjBkYWNiM2UyYzQ5YjE5OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs7He1FDHuIWNNAxlnAh1rO6zXhR6
HArnWnWlAWD5SvXrL8N8s60q1KZkTXLfybh4WUw098UFtoUD9qu6/EZ1rujcvAKh
M1JL/9uksWuQT+ywr/EKKE9RgDWBCE6cKVJG3JuuzAJ7/Q2FFV1W6/XvCgjikcVb
q3w7rnN3YhZ6n4vnRqGcM2K9l4MAZt7eJhH0wgb2+4LGjNowciW9oM/fQcMaR8C2
8oRyZ3iELU9tV3LSMp80m+K65N5dfXxF9aqeul3RoRrE70jMBLIwcx7uDbeEk2p9
xNsTgvaTj4XpZinY4Xi9e+P2wQbFn9b1yS4EJDk/dA9mp1UWMh+jK86xjQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNWHSU067pZex5MiYNrLPixJsZlvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMVlkSlRUcnVsbDdIa3lKZzJzcy1MRW14bVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQheAwQB
V3hEAwQBV3k8AwQAW1waAwQBXXtKAwQAXXtQAwQBufygMA0GCSqGSIb3DQEBCwUA
A4IBAQBIB/B5+rhJr8KeNoJ0be1U8UbMHmZiPJaXZtG6uvH0YIelt2Uje2qgXvzD
qSufM27dINMvpVEslopUJsPIepRHT7uXWyjcRHlbOm43ZZmlsb29P4PsKUQGzFwd
jPFlRUdmFdrJ4ZhaemvwRr4bd8cUFkHUXu/5ctVBfzBRGELoqrl6GsBeqBnXOiPs
9/ANyGdUEnwjN0oTrpzdJqx/pgjnDT2hYqcxpiD5PyzQPgyKb1W5+j58A+Q3q8os
b6JlsaqDF8IhIDTRaeqwJ9SBPmrXCG9Tr6VfrsrKmUkLiqdZc/Uv55k9yfqvpV/I
52pnt6PeLaU9P/RhUx4iUZr8A8Vn
-----END CERTIFICATE-----
Generated at Sat Feb 24 13:43:56 2024 by rpki-client on console-ams.rpki-client.org