Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4B0wuZZ_B3RCiypgcDfMW2GbKIE.roa
File: 4B0wuZZ_B3RCiypgcDfMW2GbKIE.roa (raw, json)
Hash identifier: USPj83ikTrK6muxxMHZY6zW/vIuLj5/4zxqpd1SFoEc=
Subject key identifier: E0:1D:30:B9:96:7F:07:74:42:8B:2A:60:70:37:CC:5B:61:9B:28:81
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E2DEFF8E2D6C4EAC57783CF7925641AFC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4B0wuZZ_B3RCiypgcDfMW2GbKIE.roa
Signing time: Mon 11 Mar 2024 14:34:45 +0000
ROA not before: Mon 11 Mar 2024 14:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
45.129.86.0/23 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.10.0/24 maxlen: 24
94.156.72.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 10:09:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:ef:f8:e2:d6:c4:ea:c5:77:83:cf:79:25:64:1a:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 11 14:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e01d30b9967f0774428b2a607037cc5b619b2881
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7c:d0:eb:d8:94:50:81:48:d6:50:c7:df:a1:
3a:b9:06:70:67:b1:f6:a7:9d:88:ce:2b:3c:a8:2a:
1a:63:56:1d:05:03:55:6b:60:6d:73:c7:4f:31:48:
0a:e1:c9:92:bc:b4:c2:ab:8c:4e:de:2e:8e:a5:a8:
81:87:07:10:7d:79:8f:2d:d9:4d:5d:33:4f:16:3f:
ea:b4:e6:50:b7:f6:3c:d0:00:8e:6f:b3:85:0c:ef:
9f:a1:d1:4d:f9:ca:b3:56:39:e8:c7:9e:8f:18:1f:
89:36:9f:cd:93:ad:ca:d9:ef:d4:6d:47:ec:02:49:
9d:70:61:d7:d0:42:74:ef:14:55:4c:dc:94:da:75:
82:28:45:11:dd:30:52:5e:fa:59:49:f3:fd:1d:01:
7e:cc:91:12:68:e2:79:8f:c2:71:c7:07:76:be:32:
05:e2:f2:61:e0:69:e3:f2:28:f1:df:b5:b0:c5:9e:
94:99:24:fa:f1:9d:24:19:75:c9:19:8b:40:7a:93:
a4:19:d7:5f:82:cc:80:13:46:74:1a:8c:4f:d4:43:
66:26:63:ca:b5:5b:9e:3c:cd:20:8a:03:7d:16:af:
a5:e6:b3:ee:de:34:b1:3c:8c:b7:33:4e:b6:82:28:
0c:e5:ef:07:b7:78:e0:09:ab:03:51:3e:dc:1c:85:
bb:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1D:30:B9:96:7F:07:74:42:8B:2A:60:70:37:CC:5B:61:9B:28:81
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4B0wuZZ_B3RCiypgcDfMW2GbKIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.129.86.0/23
45.151.89.0/24
87.120.87.0/24
87.121.44.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.10.0/24
94.156.72.0/23
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
185.254.37.0/24
193.37.41.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
27:03:31:79:0d:2c:91:34:1a:08:34:40:63:14:a1:97:b9:a6:
c4:43:d3:77:c2:5e:90:fc:2a:18:c3:2c:b0:97:30:64:88:f6:
2d:e2:cd:9f:da:f0:59:85:69:63:b2:10:57:0b:bd:35:90:e5:
e1:9a:d5:fb:8d:46:a9:61:54:6b:d1:2a:26:6d:68:3c:9f:64:
08:6b:cb:29:77:a9:63:0b:74:56:4e:c4:f1:e8:a9:f8:49:a3:
b1:df:c2:11:4d:c1:83:16:37:9e:e3:f6:46:8b:c4:51:41:5f:
53:bd:8c:27:c6:1c:64:c6:89:9d:3d:26:58:bd:ea:33:5e:a3:
c7:ed:df:42:fe:ec:f4:13:ad:a1:e4:2a:26:a6:9f:be:77:eb:
e8:ad:45:e6:a9:79:b8:b2:b4:65:9b:12:bf:59:23:cf:4a:f9:
63:6f:c5:68:80:3f:0d:b4:bb:8c:42:1b:4a:ec:c2:ab:27:7f:
bc:66:49:fb:0e:27:73:0d:d7:2f:82:05:56:f9:fc:b2:07:9a:
0b:bd:53:e9:2d:2d:b0:36:d8:54:94:7b:3f:f2:dc:ad:ea:29:
b7:76:78:0c:81:b3:b0:b2:a8:ed:4e:50:c3:e2:22:03:ff:6a:
f3:43:0c:6f:57:83:41:2c:ff:aa:88:97:24:24:f4:38:b5:9e:
46:e8:04:9c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY4t7/ji1sTqxXeDz3klZBr8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzExMTQzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDFkMzBiOTk2N2YwNzc0NDI4YjJhNjA3MDM3Y2M1YjYxOWIyODgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinzQ69iUUIFI1lDH36E6uQZwZ7H2
p52Izis8qCoaY1YdBQNVa2Btc8dPMUgK4cmSvLTCq4xO3i6OpaiBhwcQfXmPLdlN
XTNPFj/qtOZQt/Y80ACOb7OFDO+fodFN+cqzVjnox56PGB+JNp/Nk63K2e/UbUfs
AkmdcGHX0EJ07xRVTNyU2nWCKEUR3TBSXvpZSfP9HQF+zJESaOJ5j8Jxxwd2vjIF
4vJh4Gnj8ijx37WwxZ6UmST68Z0kGXXJGYtAepOkGddfgsyAE0Z0GoxP1ENmJmPK
tVuePM0gigN9Fq+l5rPu3jSxPIy3M062gigM5e8Ht3jgCasDUT7cHIW7JQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFOAdMLmWfwd0QosqYHA3zFthmyiBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNEIwd3VaWl9CM1JDaXlwZ2NEZk1XMkdiS0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAI7
/wMEAS2BVgMEAC2XWQMEAFd4VwMEAVd5LAMEAFd53QMEAVx3xAMEAl6aoAMEAF6c
CgMEAV6cSAMEAF6c7wMEAJNOZgMEAqsWSAMEALLX4AMEALLX7AMEArnYVAMEArna
VAMEALn8sAMEALn+JQMEAMElKQMEAMI34DANBgkqhkiG9w0BAQsFAAOCAQEAJwMx
eQ0skTQaCDRAYxShl7mmxEPTd8JekPwqGMMssJcwZIj2LeLNn9rwWYVpY7IQVwu9
NZDl4ZrV+41GqWFUa9EqJm1oPJ9kCGvLKXepYwt0Vk7E8eip+Emjsd/CEU3BgxY3
nuP2RovEUUFfU72MJ8YcZMaJnT0mWL3qM16jx+3fQv7s9BOtoeQqJqafvnfr6K1F
5ql5uLK0ZZsSv1kjz0r5Y2/FaIA/DbS7jEIbSuzCqyd/vGZJ+w4ncw3XL4IFVvn8
sgeaC71T6S0tsDbYVJR7P/Lcreopt3Z4DIGzsLKo7U5Qw+IiA/9q80MMb1eDQSz/
qoiXJCT0OLWeRugEnA==
-----END CERTIFICATE-----
Generated at Tue Mar 12 14:28:06 2024 by rpki-client on console-ams.rpki-client.org