Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YmJYbtAuHDnBxmqTs0424objk0.roa
File: 1YmJYbtAuHDnBxmqTs0424objk0.roa (raw, json)
Hash identifier: ZKlce/NA9wWbUEDStMFOAPstsguF0fJvCLcaTVwXH6U=
Subject key identifier: D5:89:89:61:BB:40:B8:70:E7:07:19:AA:4E:CD:38:DB:8A:1B:8E:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF431EBED2296389AFCD5F95D783B1F2C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YmJYbtAuHDnBxmqTs0424objk0.roa
Signing time: Thu 29 Feb 2024 09:28:48 +0000
ROA not before: Thu 29 Feb 2024 09:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206003
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
171.22.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 15:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:31:eb:ed:22:96:38:9a:fc:d5:f9:5d:78:3b:1f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 29 09:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d5898961bb40b870e70719aa4ecd38db8a1b8e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8c:42:73:af:81:66:f2:bf:29:cd:bf:af:d9:
56:9f:0f:9a:04:cd:1d:af:98:d2:79:65:7c:09:9b:
27:6a:09:1c:50:82:36:e5:99:b4:5e:eb:2c:c7:1d:
c2:9e:15:05:ca:c6:f9:29:86:cf:5a:1c:39:39:94:
d5:72:33:dd:4e:46:99:50:58:29:35:94:da:15:e0:
72:74:a5:23:8f:8e:ea:02:ba:5d:82:9b:8b:c4:cf:
ea:53:7d:3f:ae:94:77:c0:75:1f:be:ba:81:e4:f7:
8c:f0:22:1c:b3:00:eb:c6:9a:01:08:65:2b:20:42:
5a:2b:99:71:fa:d3:18:1e:b3:94:ef:1f:63:83:ae:
53:55:44:53:78:60:26:fa:1b:2c:46:a4:51:76:48:
d0:93:68:5e:ef:bb:b6:d6:41:71:a4:87:f4:a6:40:
ca:66:95:82:bc:10:63:c7:65:0d:57:87:62:9e:a8:
55:db:a5:38:3d:5f:30:6d:83:f6:d7:98:b5:82:30:
a5:60:64:f2:46:56:ec:df:fb:e1:51:59:76:fe:67:
4d:9e:4f:a0:34:3f:71:9b:9d:8e:42:06:1f:be:55:
8c:71:76:74:5e:05:8e:e5:7f:a5:8a:da:11:24:33:
bb:c8:f0:3a:bd:8b:88:3e:8a:d2:35:dc:b7:00:0d:
95:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:89:89:61:BB:40:B8:70:E7:07:19:AA:4E:CD:38:DB:8A:1B:8E:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1YmJYbtAuHDnBxmqTs0424objk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
171.22.17.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:28:da:6c:34:fb:1d:4f:14:ce:3d:13:26:0a:f7:c6:23:0c:
2d:0a:40:d3:54:b4:a3:67:72:42:13:7d:41:ff:77:33:fd:2c:
88:02:8d:a6:78:8f:23:68:70:4c:e8:02:b2:c7:61:7a:8d:30:
11:67:6f:77:b9:1e:f5:71:fe:ce:77:13:b3:13:db:83:ad:7f:
d3:60:44:ad:46:19:7b:da:ee:7a:08:74:05:77:c9:82:4a:90:
6d:4f:17:92:b0:e2:16:71:90:98:35:82:41:2a:2d:5d:37:0a:
4f:fd:15:ab:41:7b:59:a0:a0:08:95:55:cb:a5:a1:62:23:32:
da:5e:66:46:df:6c:bd:36:58:d2:92:90:27:3c:04:9c:1a:a8:
10:01:24:15:82:1a:dd:c7:8f:26:e4:3b:8b:58:34:8a:fa:f7:
72:de:19:6c:4f:d9:23:89:c6:07:68:eb:77:ec:8d:fe:8a:6a:
ac:e7:b2:31:83:6d:48:41:f7:49:9c:83:a7:7e:4b:28:4e:c8:
e3:d3:3e:a9:2c:43:0b:a4:5b:78:02:fb:16:c9:72:af:2e:2a:
37:cd:7f:87:9b:47:51:b4:ca:14:8d:c4:d6:f1:b7:f3:e2:37:
ac:a8:1d:0d:7b:64:c8:17:2b:71:13:71:15:d2:f2:c2:ac:66:
21:9b:a4:c9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY30MevtIpY4mvzV+V14Ox8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI5MDkyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTg5ODk2MWJiNDBiODcwZTcwNzE5YWE0ZWNkMzhkYjhhMWI4ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYxCc6+BZvK/Kc2/r9lWnw+aBM0d
r5jSeWV8CZsnagkcUII25Zm0Xussxx3CnhUFysb5KYbPWhw5OZTVcjPdTkaZUFgp
NZTaFeBydKUjj47qArpdgpuLxM/qU30/rpR3wHUfvrqB5PeM8CIcswDrxpoBCGUr
IEJaK5lx+tMYHrOU7x9jg65TVURTeGAm+hssRqRRdkjQk2he77u21kFxpIf0pkDK
ZpWCvBBjx2UNV4dinqhV26U4PV8wbYP215i1gjClYGTyRlbs3/vhUVl2/mdNnk+g
ND9xm52OQgYfvlWMcXZ0XgWO5X+litoRJDO7yPA6vYuIPorSNdy3AA2VcQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNWJiWG7QLhw5wcZqk7NONuKG45NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMVltSllidEF1SERuQnhtcVRzMDQyNG9iamswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY2eAwQB
V3l8AwQAV3miAwQCW8jAAwQAqxYRMA0GCSqGSIb3DQEBCwUAA4IBAQArKNpsNPsd
TxTOPRMmCvfGIwwtCkDTVLSjZ3JCE31B/3cz/SyIAo2meI8jaHBM6AKyx2F6jTAR
Z293uR71cf7OdxOzE9uDrX/TYEStRhl72u56CHQFd8mCSpBtTxeSsOIWcZCYNYJB
Ki1dNwpP/RWrQXtZoKAIlVXLpaFiIzLaXmZG32y9NljSkpAnPAScGqgQASQVghrd
x48m5DuLWDSK+vdy3hlsT9kjicYHaOt37I3+imqs57Ixg21IQfdJnIOnfksoTsjj
0z6pLEMLpFt4AvsWyXKvLio3zX+Hm0dRtMoUjcTW8bfz4jesqB0Ne2TIFytxE3EV
0vLCrGYhm6TJ
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:07:31 2024 by rpki-client on console-ams.rpki-client.org