Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/71kvaCIWxK9SXBP2TRf6U8_WzpI.roa
File: 71kvaCIWxK9SXBP2TRf6U8_WzpI.roa (raw, json)
Hash identifier: vEDKan/4TSxrWynHIs3boDN6NsTwuPN8MjMNFEynfHs=
Subject key identifier: EF:59:2F:68:22:16:C4:AF:52:5C:13:F6:4D:17:FA:53:CF:D6:CE:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192243114995CA0F5649739626397BC5855
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/71kvaCIWxK9SXBP2TRf6U8_WzpI.roa
Signing time: Tue 24 Sep 2024 13:20:49 +0000
ROA not before: Tue 24 Sep 2024 13:20:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.37.41.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Sep 2024 06:18:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:24:31:14:99:5c:a0:f5:64:97:39:62:63:97:bc:58:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 24 13:20:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef592f682216c4af525c13f64d17fa53cfd6ce92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:89:ad:29:6a:b3:77:a0:6b:94:16:f9:1a:f2:
6a:c2:d7:22:60:4c:36:35:8c:1c:fc:76:01:07:e4:
1e:1a:6d:33:96:79:1c:15:03:b7:29:6b:56:54:b9:
b7:dc:39:e6:6e:24:19:79:5e:51:98:94:6f:2c:51:
b8:1e:04:91:8f:3b:bf:b3:6e:ae:43:16:e8:52:e4:
b8:65:1c:2d:1f:a0:21:51:ee:b5:67:4b:71:ee:11:
29:1a:16:d0:af:1f:d5:ac:d4:c3:b6:c5:94:f8:c0:
e3:ec:d1:3c:01:eb:c6:db:5b:26:24:81:c5:fa:f3:
04:0c:0a:d4:25:a8:6a:d5:d4:ee:f2:61:c4:32:05:
10:6b:21:be:84:39:ed:18:51:f5:83:b4:53:51:3b:
47:f1:8b:b2:cd:ac:ae:7a:ec:49:9d:dc:fa:6a:1e:
6f:54:7f:c8:9f:b7:5e:57:a6:eb:35:d9:1b:e4:64:
fc:d7:44:bf:50:3f:68:a8:66:ed:04:ef:b0:45:aa:
e1:ce:65:c1:79:b4:ec:7e:e3:df:14:3a:3d:63:35:
c1:f9:63:c9:81:df:4b:62:61:7b:bb:5d:c1:2c:34:
bd:a8:8c:e6:de:26:90:f3:64:4a:5c:78:bd:78:49:
38:e1:8d:d5:7a:8b:ab:fb:e6:e5:b3:f9:46:d5:31:
81:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:59:2F:68:22:16:C4:AF:52:5C:13:F6:4D:17:FA:53:CF:D6:CE:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/71kvaCIWxK9SXBP2TRf6U8_WzpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.66.228.0/24
45.133.251.0/24
45.139.106.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.33.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.103.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.37.41.0/24
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:cc:5d:69:5a:0b:71:7b:24:4f:b4:00:c7:09:4d:28:9a:98:
7d:0a:38:0c:24:2c:72:d8:37:5a:09:47:35:88:10:0b:51:79:
c5:c9:02:b6:6f:e6:3c:30:c3:d9:c3:86:76:c5:bf:c2:6f:29:
4f:b7:fa:00:12:cb:92:78:1c:ad:06:88:c5:7c:c0:4b:44:9d:
91:90:d7:fb:0a:93:39:ff:60:96:e9:d3:6b:be:41:dd:2a:41:
cf:06:bf:b9:45:eb:b1:a7:4e:0b:0d:87:f2:32:ef:8c:99:14:
0f:fd:21:e2:1d:94:b9:2c:38:67:96:09:34:92:03:b4:06:3d:
b1:a4:41:54:96:05:95:d6:d4:b9:fb:23:b9:8d:15:d5:d2:f7:
b6:8b:f8:08:5d:00:8d:a4:12:6a:8e:5e:74:54:78:2a:05:ae:
e5:8b:c1:64:5b:a8:ab:02:f0:e4:a9:98:53:ab:e9:9a:0b:b3:
50:63:5f:8f:35:0d:aa:bb:70:61:3b:85:c4:e5:0e:13:28:8f:
fe:d8:f5:9e:62:c7:e3:8c:6b:64:ed:7d:68:22:cf:e8:28:4a:
51:a7:a0:d6:39:43:ec:4c:9f:8e:6e:4f:2b:da:37:78:dc:47:
f3:a3:40:ab:62:67:32:42:8d:53:93:3d:7e:36:ef:bc:b1:30:
dd:fd:4a:0a
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZIkMRSZXKD1ZJc5YmOXvFhVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI0MTMyMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjU5MmY2ODIyMTZjNGFmNTI1YzEzZjY0ZDE3ZmE1M2NmZDZjZTkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyomtKWqzd6BrlBb5GvJqwtciYEw2
NYwc/HYBB+QeGm0zlnkcFQO3KWtWVLm33DnmbiQZeV5RmJRvLFG4HgSRjzu/s26u
QxboUuS4ZRwtH6AhUe61Z0tx7hEpGhbQrx/VrNTDtsWU+MDj7NE8AevG21smJIHF
+vMEDArUJahq1dTu8mHEMgUQayG+hDntGFH1g7RTUTtH8YuyzayueuxJndz6ah5v
VH/In7deV6brNdkb5GT810S/UD9oqGbtBO+wRarhzmXBebTsfuPfFDo9YzXB+WPJ
gd9LYmF7u13BLDS9qIzm3iaQ82RKXHi9eEk44Y3Veour++bls/lG1TGB4QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFO9ZL2giFsSvUlwT9k0X+lPP1s6SMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNzFrdmFDSVd4SzlTWEJQMlRSZjZVOF9XenBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt
CZwDBAAtQuQDBAAthfsDBAAti2oDBAAtl1kDBAAtl1sDBABT22EDBABUNjADBABX
eCEDBABXeFcDBABXeF0DBABXeS0DBAFcd8QDBAJemqADBABenAsDBACNYgEDBACT
TmcDBAKrFkgDBAK52FQDBAK52lQDBAC59t8DBADBJSkDBADB3mAwDQYJKoZIhvcN
AQELBQADggEBAH3MXWlaC3F7JE+0AMcJTSiamH0KOAwkLHLYN1oJRzWIEAtRecXJ
ArZv5jwww9nDhnbFv8JvKU+3+gASy5J4HK0GiMV8wEtEnZGQ1/sKkzn/YJbp02u+
Qd0qQc8Gv7lF67GnTgsNh/Iy74yZFA/9IeIdlLksOGeWCTSSA7QGPbGkQVSWBZXW
1Ln7I7mNFdXS97aL+AhdAI2kEmqOXnRUeCoFruWLwWRbqKsC8OSpmFOr6ZoLs1Bj
X481Daq7cGE7hcTlDhMoj/7Y9Z5ix+OMa2TtfWgiz+goSlGnoNY5Q+xMn45uTyva
N3jcR/OjQKtiZzJCjVOTPX4277yxMN39Sgo=
-----END CERTIFICATE-----
Generated at Wed Sep 25 08:29:27 2024 by rpki-client on console-ams.rpki-client.org