Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2l-pl4VI2rZul-l88FEysPtd1mM.roa
File: 2l-pl4VI2rZul-l88FEysPtd1mM.roa (raw, json)
Hash identifier: g2SYL4x9/H6FiMn1r3AbQanjllarj0d5mILAbxYWrQg=
Subject key identifier: DA:5F:A9:97:85:48:DA:B6:6E:97:E9:7C:F0:51:32:B0:FB:5D:D6:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188D6D39984455E7715B3C80134D80D6A0E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2l-pl4VI2rZul-l88FEysPtd1mM.roa
Signing time: Tue 20 Jun 2023 03:22:51 +0000
ROA not before: Tue 20 Jun 2023 03:22:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.14.166.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Jun 2023 16:19:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d6:d3:99:84:45:5e:77:15:b3:c8:01:34:d8:0d:6a:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 20 03:22:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=da5fa9978548dab66e97e97cf05132b0fb5dd663
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:4c:67:57:ce:fc:e4:2d:6d:4e:8d:4d:50:e7:
e3:f6:98:b1:17:ed:ea:45:d2:eb:dc:c5:f2:9d:5c:
ae:69:04:57:ed:8f:86:86:c6:1f:1f:f3:a5:d2:70:
3b:70:33:fd:ff:bc:68:ba:2e:f6:83:4f:5c:45:00:
36:c2:b9:cb:55:f9:37:d1:f0:77:28:07:41:4b:13:
17:af:18:04:cc:39:93:66:5a:96:97:84:b1:21:aa:
1b:1c:06:d1:4b:49:be:c0:8a:e7:d6:17:e8:9c:55:
0d:79:cd:2e:f4:fe:7d:85:e8:a7:02:a2:8f:5f:4f:
3e:09:27:5f:f4:7b:d9:f6:87:3e:6c:e8:d7:1e:7a:
3c:c1:37:f5:03:d1:f8:a3:b1:20:7e:7d:2d:fd:a9:
2b:fa:4f:3c:42:31:44:63:21:e1:6e:fe:ba:39:fb:
2c:9f:66:10:b5:72:3c:8e:f5:aa:fc:03:84:3c:b3:
3c:c9:3e:dd:92:fe:20:91:0f:c3:08:c2:36:0a:82:
c6:22:f6:84:66:ba:38:73:26:30:f5:a0:c4:d7:02:
d4:0d:15:4c:a9:24:22:ee:ec:31:9f:59:66:fe:10:
93:75:98:ab:8d:36:b7:a7:89:43:ef:e2:c1:67:1d:
ce:9a:86:7c:ce:d4:36:79:fc:83:0c:6a:8c:60:a5:
d7:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5F:A9:97:85:48:DA:B6:6E:97:E9:7C:F0:51:32:B0:FB:5D:D6:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2l-pl4VI2rZul-l88FEysPtd1mM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
83.219.96.0/24
83.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:e6:e7:2b:82:6e:82:df:a1:23:b1:95:c4:37:80:40:5d:95:
79:2d:63:6f:92:3c:2d:01:4f:4a:5a:db:9e:4e:bb:4f:af:04:
44:54:6e:25:d1:63:70:ad:cc:bc:ad:27:63:2c:f3:46:12:b0:
ae:94:78:45:44:aa:81:20:cd:7b:f9:e5:af:9e:27:cb:2f:e9:
d4:ba:40:6f:f2:4f:d1:dd:e9:dc:d4:5e:86:6b:7a:16:56:f6:
1f:12:82:41:c8:84:fb:f3:b9:63:3a:6c:f1:3a:4a:c3:b6:1d:
29:d5:de:f1:a1:0c:b9:3a:53:76:2b:a8:f6:3b:a9:99:e6:aa:
ef:c9:6a:a6:a4:f7:e9:5a:cc:40:8b:f7:07:90:b8:c6:01:d9:
07:78:59:d3:08:86:c6:a4:6f:19:6b:72:2d:09:ba:61:5b:0b:
dc:14:8c:34:17:60:f4:fe:b4:09:3f:80:86:01:0a:b0:5f:e8:
cf:c2:41:5a:fc:10:68:c3:81:4c:12:45:a3:02:63:d6:56:8e:
33:6c:5b:90:0c:a6:e3:75:55:e8:64:6a:31:a4:5f:d3:7a:9e:
3e:8c:3d:2c:4a:27:db:36:9c:45:ba:5c:7d:a5:58:e1:9c:fd:
89:70:bc:f6:21:90:9f:78:0e:8a:df:f5:38:eb:45:4c:2c:fa:
6e:4d:f2:d8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYjW05mERV53FbPIATTYDWoOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjIwMDMyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTVmYTk5Nzg1NDhkYWI2NmU5N2U5N2NmMDUxMzJiMGZiNWRkNjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUxnV8785C1tTo1NUOfj9pixF+3q
RdLr3MXynVyuaQRX7Y+GhsYfH/Ol0nA7cDP9/7xoui72g09cRQA2wrnLVfk30fB3
KAdBSxMXrxgEzDmTZlqWl4SxIaobHAbRS0m+wIrn1hfonFUNec0u9P59heinAqKP
X08+CSdf9HvZ9oc+bOjXHno8wTf1A9H4o7Egfn0t/akr+k88QjFEYyHhbv66Ofss
n2YQtXI8jvWq/AOEPLM8yT7dkv4gkQ/DCMI2CoLGIvaEZro4cyYw9aDE1wLUDRVM
qSQi7uwxn1lm/hCTdZirjTa3p4lD7+LBZx3OmoZ8ztQ2efyDDGqMYKXXVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNpfqZeFSNq2bpfpfPBRMrD7XdZjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMmwtcGw0Vkkyclp1bC1sODhGRXlzUHRkMW1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQ6mAwQA
U9tgAwQAU9tjMA0GCSqGSIb3DQEBCwUAA4IBAQBa5ucrgm6C36EjsZXEN4BAXZV5
LWNvkjwtAU9KWtueTrtPrwREVG4l0WNwrcy8rSdjLPNGErCulHhFRKqBIM17+eWv
nifLL+nUukBv8k/R3enc1F6Ga3oWVvYfEoJByIT787ljOmzxOkrDth0p1d7xoQy5
OlN2K6j2O6mZ5qrvyWqmpPfpWsxAi/cHkLjGAdkHeFnTCIbGpG8Za3ItCbphWwvc
FIw0F2D0/rQJP4CGAQqwX+jPwkFa/BBow4FMEkWjAmPWVo4zbFuQDKbjdVXoZGox
pF/Tep4+jD0sSifbNpxFulx9pVjhnP2JcLz2IZCfeA6K3/U460VMLPpuTfLY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:57 2024 by rpki-client on console-fra.rpki-client.org