Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DyMPvfLutUoj14CJzADg1gZ9bM.roa
File: 5DyMPvfLutUoj14CJzADg1gZ9bM.roa (raw, json)
Hash identifier: 5aXM8jo6jefUQWsXnoNatzmeawrRnFqn1CJpQfKm4sA=
Subject key identifier: E4:3C:8C:3E:F7:CB:BA:D5:28:8F:5E:02:27:30:03:83:58:19:F5:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189F29BECC267C43E249100A12BBC5305BA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DyMPvfLutUoj14CJzADg1gZ9bM.roa
Signing time: Mon 14 Aug 2023 05:54:12 +0000
ROA not before: Mon 14 Aug 2023 05:54:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Aug 2023 07:45:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f2:9b:ec:c2:67:c4:3e:24:91:00:a1:2b:bc:53:05:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 14 05:54:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e43c8c3ef7cbbad5288f5e02273003835819f5b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:15:d7:ec:4d:35:1d:c5:cb:72:90:5e:38:95:
2b:0c:6f:26:b4:a7:74:ee:33:66:6f:71:2c:e2:48:
cf:98:b4:11:f2:73:45:4c:a9:0b:be:e0:d8:fc:73:
7a:d7:49:08:7e:d3:1c:40:06:90:f2:8a:94:18:79:
f7:55:52:03:62:24:f1:d5:e2:35:20:cb:f9:fb:a3:
e9:2f:76:53:e5:18:ec:f8:c1:5e:41:58:14:36:b2:
02:48:d4:72:60:02:17:25:72:b2:21:70:03:9c:a1:
25:ae:22:e8:44:dc:27:44:08:6a:5a:cb:e9:ee:f9:
a1:09:10:3c:33:8d:7b:25:39:ff:94:5b:54:7d:76:
c7:5b:ce:47:c6:09:43:8f:92:4b:89:a6:39:98:00:
26:aa:ee:54:1c:ce:58:3b:e3:89:03:fc:7b:89:51:
50:13:59:11:26:ab:1b:77:2b:76:51:37:99:f7:fd:
e3:c9:20:65:5f:a1:94:2d:3b:31:fb:70:ac:4c:85:
df:85:24:6a:3b:65:44:01:98:fb:c4:35:ac:f3:9d:
ea:cd:eb:ee:72:7a:75:5f:7f:35:62:f2:b6:cd:75:
47:46:b5:81:e1:1c:ff:fc:fe:68:4c:6c:2f:5a:dc:
34:82:ed:80:f8:cd:e5:67:a4:3f:6f:58:05:c4:42:
19:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:3C:8C:3E:F7:CB:BA:D5:28:8F:5E:02:27:30:03:83:58:19:F5:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5DyMPvfLutUoj14CJzADg1gZ9bM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
94.103.124.0/24
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
78:e8:87:e0:a3:12:29:42:95:cb:69:a7:ab:3c:a6:9b:56:d8:
55:7f:e5:ce:7f:b7:cf:e1:3a:5c:49:ba:aa:1a:a0:60:73:fc:
e9:61:b1:a7:a5:4b:21:15:49:49:11:11:f9:ee:14:a1:ab:eb:
16:df:51:83:1f:5f:d9:c7:a5:f0:ce:85:d7:ea:f3:41:bd:b3:
17:aa:63:f6:85:2e:5e:c7:eb:ce:94:a8:4d:cd:59:46:6a:16:
8d:a2:d6:ce:60:a5:2e:af:60:e6:4e:6d:95:df:d6:3e:5d:0a:
82:c6:bf:c6:43:05:6a:70:78:56:28:30:71:49:3b:39:3e:d4:
37:8d:bb:6f:f8:bb:c6:a2:ae:77:69:d3:4d:5b:92:f0:56:b6:
88:10:d4:94:67:09:06:dc:76:f7:00:6e:0a:c5:c1:fd:eb:60:
52:ce:18:21:65:e3:14:1c:7e:3c:51:df:e2:15:5e:dd:91:5c:
bb:f9:d1:54:5f:39:e4:91:a2:d0:e3:6b:f0:14:80:06:58:32:
f8:f6:8a:a9:25:3a:b2:6c:02:9c:ca:7b:8e:d1:a1:23:42:d6:
2c:38:41:46:63:98:c5:05:ba:31:de:84:61:ca:92:c4:9e:f2:
82:1e:65:e6:d6:00:4b:ce:38:21:70:cc:f1:20:74:c2:11:da:
d5:64:2b:8c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYnym+zCZ8Q+JJEAoSu8UwW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODE0MDU1NDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDNjOGMzZWY3Y2JiYWQ1Mjg4ZjVlMDIyNzMwMDM4MzU4MTlmNWIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxXX7E01HcXLcpBeOJUrDG8mtKd0
7jNmb3Es4kjPmLQR8nNFTKkLvuDY/HN610kIftMcQAaQ8oqUGHn3VVIDYiTx1eI1
IMv5+6PpL3ZT5Rjs+MFeQVgUNrICSNRyYAIXJXKyIXADnKElriLoRNwnRAhqWsvp
7vmhCRA8M417JTn/lFtUfXbHW85HxglDj5JLiaY5mAAmqu5UHM5YO+OJA/x7iVFQ
E1kRJqsbdyt2UTeZ9/3jySBlX6GULTsx+3CsTIXfhSRqO2VEAZj7xDWs853qzevu
cnp1X381YvK2zXVHRrWB4Rz//P5oTGwvWtw0gu2A+M3lZ6Q/b1gFxEIZ+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOQ8jD73y7rVKI9eAicwA4NYGfWzMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNUR5TVB2Zkx1dFVvajE0Q0p6QURnMWdaOWJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAHw3TAwQA
LYDoAwQAVDYzAwQAXmd8AwQAjWIEAwQAk05mAwQAwSMSMA0GCSqGSIb3DQEBCwUA
A4IBAQB46IfgoxIpQpXLaaerPKabVthVf+XOf7fP4TpcSbqqGqBgc/zpYbGnpUsh
FUlJERH57hShq+sW31GDH1/Zx6XwzoXX6vNBvbMXqmP2hS5ex+vOlKhNzVlGahaN
otbOYKUur2DmTm2V39Y+XQqCxr/GQwVqcHhWKDBxSTs5PtQ3jbtv+LvGoq53adNN
W5LwVraIENSUZwkG3Hb3AG4KxcH962BSzhghZeMUHH48Ud/iFV7dkVy7+dFUXznk
kaLQ42vwFIAGWDL49oqpJTqybAKcynuO0aEjQtYsOEFGY5jFBbox3oRhypLEnvKC
HmXm1gBLzjghcMzxIHTCEdrVZCuM
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:24 2024 by rpki-client on console-ams.rpki-client.org