Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5OJJlOlfx9P9cJep6D6jLQsDSlg.roa
File: 5OJJlOlfx9P9cJep6D6jLQsDSlg.roa (raw, json)
Hash identifier: lliKrzhDR/sJKHpEl1E6Jvg4l/Dk5TLB8yl5TZ3B/eU=
Subject key identifier: E4:E2:49:94:E9:5F:C7:D3:FD:70:97:A9:E8:3E:A3:2D:0B:03:4A:58
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CEED917BC5046CD4F56F18857E9A82ED2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5OJJlOlfx9P9cJep6D6jLQsDSlg.roa
Signing time: Tue 09 Jan 2024 15:30:53 +0000
ROA not before: Tue 09 Jan 2024 15:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400377
IP address blocks: 185.216.69.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
109.206.237.0/24 maxlen: 24
95.214.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 11:16:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ee:d9:17:bc:50:46:cd:4f:56:f1:88:57:e9:a8:2e:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 9 15:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e4e24994e95fc7d3fd7097a9e83ea32d0b034a58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:10:ac:a1:6c:0b:e3:d8:1a:1f:00:a8:10:8c:
27:5a:f2:c5:20:58:d0:e4:29:e6:07:c9:84:89:c3:
46:41:93:b9:e7:ad:0b:fa:48:6d:51:70:d0:8e:53:
8f:2c:b2:71:e0:71:c1:e2:ec:50:c3:6a:2e:87:84:
6c:b5:29:c9:40:08:ea:c9:d6:36:21:07:20:ec:ab:
f0:83:b1:b8:95:11:9f:7e:78:50:30:16:77:0d:c0:
8b:f8:1b:27:32:d8:0f:06:ff:ac:46:18:03:fa:07:
b8:0f:70:f9:ec:db:ed:7b:cc:16:5a:ca:36:52:38:
fe:41:ca:cc:f1:fa:b2:52:44:a8:79:79:c0:80:43:
c3:7f:c1:92:02:7f:61:49:66:17:63:54:b4:15:9c:
0d:b5:e8:93:9a:80:84:79:07:39:34:67:47:f6:bc:
8e:ed:b1:48:af:e6:5c:26:d5:76:02:63:fa:c0:25:
cc:bb:23:99:2b:1b:71:5b:a4:ff:fe:0e:d7:f0:51:
e2:86:1e:f9:dd:1d:00:42:3d:01:8f:19:a6:e6:c7:
05:06:5d:b3:10:c8:ea:34:f1:26:0c:30:e5:bf:99:
00:07:51:96:6c:24:e8:9b:df:96:4f:b8:1d:d5:3e:
07:41:7c:24:76:50:74:53:7b:ca:ed:f5:15:dd:41:
71:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:E2:49:94:E9:5F:C7:D3:FD:70:97:A9:E8:3E:A3:2D:0B:03:4A:58
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5OJJlOlfx9P9cJep6D6jLQsDSlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.84.0/24
95.214.24.0/24
109.206.237.0/24
185.216.69.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e5:e8:14:9e:75:9f:fe:d8:98:73:c6:2c:92:f8:33:02:3f:
ae:85:5a:59:0d:bb:62:1c:23:ac:2c:74:69:79:3a:86:90:90:
15:1b:18:64:de:cd:03:ff:d8:b4:ed:82:7c:f5:4b:66:18:2f:
da:ee:2d:58:0c:ec:fc:f9:b5:12:43:d1:2c:19:e0:3e:ba:3e:
b7:61:cb:d8:f1:72:79:fb:3b:2a:82:5c:22:9a:fd:31:8a:4b:
f8:c0:c3:42:1e:d4:77:6d:00:cd:aa:24:95:23:f5:4a:63:53:
a0:b5:0e:79:19:3a:84:ac:d5:fa:48:f7:c7:22:de:e7:ec:ee:
1a:21:5b:6c:3e:71:69:9e:e1:f3:6b:cb:c6:75:92:33:d3:c5:
5b:db:59:f3:b6:92:2c:32:3d:c5:83:39:df:6e:c3:14:78:27:
a5:1a:54:69:7f:2e:66:4b:13:27:26:9d:02:b9:bc:f5:e8:9b:
94:f6:89:cb:62:f3:af:45:0e:be:e9:3e:38:90:47:86:7c:a2:
ff:7d:c4:98:b2:46:18:2a:c3:0b:f3:21:00:5d:0f:88:b0:47:
06:e2:cd:a5:8a:84:c6:a4:be:ab:2c:bc:0c:07:dc:35:cd:92:
67:fb:10:d8:4a:f1:7c:0b:01:39:49:94:dc:8d:65:97:f6:d4:
ce:cb:0d:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzu2Re8UEbNT1bxiFfpqC7SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTA5MTUzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGUyNDk5NGU5NWZjN2QzZmQ3MDk3YTllODNlYTMyZDBiMDM0YTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkRCsoWwL49gaHwCoEIwnWvLFIFjQ
5CnmB8mEicNGQZO5560L+khtUXDQjlOPLLJx4HHB4uxQw2ouh4RstSnJQAjqydY2
IQcg7Kvwg7G4lRGffnhQMBZ3DcCL+BsnMtgPBv+sRhgD+ge4D3D57Nvte8wWWso2
Ujj+QcrM8fqyUkSoeXnAgEPDf8GSAn9hSWYXY1S0FZwNteiTmoCEeQc5NGdH9ryO
7bFIr+ZcJtV2AmP6wCXMuyOZKxtxW6T//g7X8FHihh753R0AQj0Bjxmm5scFBl2z
EMjqNPEmDDDlv5kAB1GWbCTom9+WT7gd1T4HQXwkdlB0U3vK7fUV3UFxPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOTiSZTpX8fT/XCXqeg+oy0LA0pYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNU9KSmxPbGZ4OVA5Y0plcDZENmpMUXNEU2xnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAXXtUAwQA
X9YYAwQAbc7tAwQAudhFMA0GCSqGSIb3DQEBCwUAA4IBAQCO5egUnnWf/tiYc8Ys
kvgzAj+uhVpZDbtiHCOsLHRpeTqGkJAVGxhk3s0D/9i07YJ89UtmGC/a7i1YDOz8
+bUSQ9EsGeA+uj63YcvY8XJ5+zsqglwimv0xikv4wMNCHtR3bQDNqiSVI/VKY1Og
tQ55GTqErNX6SPfHIt7n7O4aIVtsPnFpnuHza8vGdZIz08Vb21nztpIsMj3Fgznf
bsMUeCelGlRpfy5mSxMnJp0Cubz16JuU9onLYvOvRQ6+6T44kEeGfKL/fcSYskYY
KsML8yEAXQ+IsEcG4s2lioTGpL6rLLwMB9w1zZJn+xDYSvF8CwE5SZTcjWWX9tTO
yw3O
-----END CERTIFICATE-----
Generated at Thu Jan 18 15:15:05 2024 by rpki-client on console-ams.rpki-client.org