Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1wyCejcAeG9DYw3_jf88uLtweOY.roa
File: 1wyCejcAeG9DYw3_jf88uLtweOY.roa (raw, json)
Hash identifier: 0KHQb7synnhrLupQRljQv1S8Q9m8YOJzDiLrRaarfRo=
Subject key identifier: D7:0C:82:7A:37:00:78:6F:43:63:0D:FF:8D:FF:3C:B8:BB:70:78:E6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EA93658E4465DA52F2E4A3F0FF9BA1841
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1wyCejcAeG9DYw3_jf88uLtweOY.roa
Signing time: Thu 04 Apr 2024 13:04:54 +0000
ROA not before: Thu 04 Apr 2024 13:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 45.66.229.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
87.121.56.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Apr 2024 14:11:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:36:58:e4:46:5d:a5:2f:2e:4a:3f:0f:f9:ba:18:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 4 13:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d70c827a3700786f43630dff8dff3cb8bb7078e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:75:27:f0:e2:01:32:38:e3:2d:c2:36:9b:fc:
87:38:1f:3c:8d:33:9c:43:1b:a0:db:c6:61:a9:d6:
31:91:1e:d4:f7:a1:27:3a:8d:b9:10:80:f8:3b:e0:
fd:3a:81:5b:c9:0d:85:47:dd:12:c7:f3:47:2e:81:
c8:95:ff:cc:e9:fb:ed:20:23:fc:52:c0:36:fe:7c:
29:fc:2a:5f:a3:f5:ca:21:a1:bb:2a:4d:30:a6:df:
11:0d:a4:84:ac:74:a4:6b:a4:f9:f6:0d:be:cf:32:
05:f1:5f:06:57:0c:57:03:6d:76:04:6e:58:6f:e4:
49:cc:27:1a:fc:40:06:61:79:91:d8:43:0c:1f:70:
ca:e5:8c:0d:4c:9f:52:74:1a:10:85:77:48:8d:68:
95:91:e6:d1:11:3b:38:ab:f9:9e:3c:12:18:c6:de:
c7:d6:80:2e:48:ed:04:6f:ae:e5:0b:f9:cc:63:9f:
df:0f:53:c9:31:e5:6f:b0:8c:bb:3d:56:41:a7:37:
df:a4:7b:5c:3b:6f:fa:ea:08:d0:68:c1:0b:1e:6d:
6b:4f:23:83:bf:73:4e:be:74:22:38:68:b2:4b:90:
c3:50:1c:a9:18:90:84:84:bb:fe:29:07:20:cc:97:
15:28:6d:e0:9c:80:9e:05:66:ab:18:34:cd:16:9e:
54:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:0C:82:7A:37:00:78:6F:43:63:0D:FF:8D:FF:3C:B8:BB:70:78:E6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1wyCejcAeG9DYw3_jf88uLtweOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
88.218.76.0/22
94.103.126.0/24
94.156.78.0/24
95.214.25.0-95.214.26.255
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
59:cb:db:42:62:d7:ab:65:56:6f:0b:ce:b6:48:27:9d:57:b5:
d8:59:c1:25:a7:e7:c7:92:35:62:27:4c:f2:13:c8:c4:98:d3:
a1:a8:19:b5:3b:34:83:14:fc:a1:ac:25:91:8a:f1:11:98:10:
ef:cb:1b:1f:87:07:56:f3:92:8f:13:5f:59:40:3f:d8:79:1e:
d9:8f:f3:05:55:a9:81:3d:f9:fa:72:48:6d:c6:5e:33:32:5c:
d3:b4:c8:62:5e:83:91:84:e8:4d:03:e2:c3:c3:b4:13:79:85:
74:cd:c9:0f:a3:6b:a0:fc:2d:ff:26:56:38:64:2a:71:33:0c:
e1:3c:4c:f6:f9:04:73:e1:87:02:3e:c5:34:bc:10:ab:16:1e:
24:00:c8:5e:df:f7:ca:94:cc:58:b5:e7:29:13:92:4a:b6:69:
a1:d0:cc:f8:70:6f:54:d2:94:94:07:8e:a8:1b:91:ec:39:e2:
e1:5a:be:00:2e:87:de:08:f7:93:2c:04:3c:05:84:01:b3:bf:
2c:ad:c3:ba:8c:7a:12:c6:62:fd:cd:0a:53:30:25:65:c9:86:
9d:c8:aa:20:a9:8c:19:e9:da:3a:bd:0a:53:e8:31:af:bd:d6:
19:51:11:d5:e3:9c:86:09:aa:83:a9:45:4e:97:0a:97:10:e6:
74:62:f3:8d
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAY6pNljkRl2lLy5KPw/5uhhBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA0MTMwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzBjODI3YTM3MDA3ODZmNDM2MzBkZmY4ZGZmM2NiOGJiNzA3OGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Un8OIBMjjjLcI2m/yHOB88jTOc
Qxug28ZhqdYxkR7U96EnOo25EID4O+D9OoFbyQ2FR90Sx/NHLoHIlf/M6fvtICP8
UsA2/nwp/Cpfo/XKIaG7Kk0wpt8RDaSErHSka6T59g2+zzIF8V8GVwxXA212BG5Y
b+RJzCca/EAGYXmR2EMMH3DK5YwNTJ9SdBoQhXdIjWiVkebRETs4q/mePBIYxt7H
1oAuSO0Eb67lC/nMY5/fD1PJMeVvsIy7PVZBpzffpHtcO2/66gjQaMELHm1rTyOD
v3NOvnQiOGiyS5DDUBypGJCEhLv+KQcgzJcVKG3gnICeBWarGDTNFp5UwQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFNcMgno3AHhvQ2MN/43/PLi7cHjmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMXd5Q2VqY0FlRzlEWXczX2pmODh1THR3ZU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQALULlAwQA
VBWtAwQAV3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQBV3k4AwQBV3lkAwQC
WNpMAwQAXmd+AwQAXpxOMAwDBABf1hkDBABf1hoDBADCOx4DBADCqa4wDQYJKoZI
hvcNAQELBQADggEBAFnL20Ji16tlVm8LzrZIJ51XtdhZwSWn58eSNWInTPITyMSY
06GoGbU7NIMU/KGsJZGK8RGYEO/LGx+HB1bzko8TX1lAP9h5HtmP8wVVqYE9+fpy
SG3GXjMyXNO0yGJeg5GE6E0D4sPDtBN5hXTNyQ+ja6D8Lf8mVjhkKnEzDOE8TPb5
BHPhhwI+xTS8EKsWHiQAyF7f98qUzFi15ykTkkq2aaHQzPhwb1TSlJQHjqgbkew5
4uFavgAuh94I95MsBDwFhAGzvyytw7qMehLGYv3NClMwJWXJhp3IqiCpjBnp2jq9
ClPoMa+91hlREdXjnIYJqoOpRU6XCpcQ5nRi840=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:23 2024 by rpki-client on console-ams.rpki-client.org