Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7VjKoliIWxm5jr_wQnPzJaxMF7M.roa
File: 7VjKoliIWxm5jr_wQnPzJaxMF7M.roa (raw, json)
Hash identifier: uS9ZOY5sa6BUJvD9HObsfHH8JMb0UYzOPDxUPzmb6eo=
Subject key identifier: ED:58:CA:A2:58:88:5B:19:B9:8E:BF:F0:42:73:F3:25:AC:4C:17:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E20BB5082748F32ABA3B2A36CE9654D43
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7VjKoliIWxm5jr_wQnPzJaxMF7M.roa
Signing time: Sat 09 Mar 2024 01:02:10 +0000
ROA not before: Sat 09 Mar 2024 01:02:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.65.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
45.14.166.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.74.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:05:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:20:bb:50:82:74:8f:32:ab:a3:b2:a3:6c:e9:65:4d:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 9 01:02:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed58caa258885b19b98ebff04273f325ac4c17b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ef:79:a1:e9:da:34:25:58:d8:18:99:71:ef:
a5:44:c2:d2:17:ea:26:ad:eb:fe:c5:70:9a:da:12:
5e:97:f0:b6:9c:b8:87:b8:3b:65:98:09:53:18:4a:
f1:fc:11:a1:0a:0c:eb:09:f3:45:f1:9b:1b:33:9c:
71:8f:a7:16:95:9c:a5:b9:ed:a1:af:5f:3f:a0:ad:
e7:1f:cf:e8:42:63:b5:b2:e8:4f:09:61:d6:e7:49:
98:0e:22:3b:25:67:6b:d5:30:86:25:6e:53:3f:bf:
d7:b1:74:46:cb:50:4b:b2:0b:f3:39:c5:96:56:94:
36:5a:c9:0d:be:15:fd:eb:61:ae:ae:59:0d:e7:2b:
c0:d7:f1:00:e3:bc:7b:e7:3a:a4:49:da:e7:5e:17:
8d:2b:73:49:07:bb:07:4b:ac:9f:bd:d8:47:59:ae:
37:0e:11:6e:d3:74:57:b1:7b:aa:ba:52:57:42:9d:
db:96:5f:b8:3f:32:7a:69:eb:c9:d7:15:06:e3:0d:
9e:f0:6f:35:46:ac:c2:06:c4:15:dc:64:ca:0d:8f:
1e:de:1e:ad:67:70:79:0e:37:89:8d:cf:da:cd:68:
4d:1e:19:5d:42:fd:7c:4b:58:f2:d9:02:fb:73:bc:
3b:3e:15:48:60:87:76:5d:dd:44:4b:15:fe:a8:04:
65:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:58:CA:A2:58:88:5B:19:B9:8E:BF:F0:42:73:F3:25:AC:4C:17:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7VjKoliIWxm5jr_wQnPzJaxMF7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
45.8.94.0/24
45.14.166.0/24
87.120.68.0/23
87.121.61.0-87.121.63.255
87.121.114.0/23
91.92.26.0/24
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:bf:e7:74:20:cb:c9:80:b3:4f:d0:ca:6e:56:62:0b:c6:d7:
17:33:71:37:92:c9:35:03:4c:a5:79:64:d8:f5:19:03:53:0e:
e3:8f:a5:e9:e0:c6:c8:dd:fe:c9:82:30:51:1b:f3:3d:54:51:
09:c5:71:a8:24:1d:ff:45:30:31:75:aa:eb:c5:63:b9:61:ce:
7a:72:96:be:88:52:0b:e4:59:22:af:c1:b1:3d:33:97:65:b9:
e8:1a:43:6c:78:5c:48:55:4a:f5:11:8a:34:b1:55:a5:a5:34:
34:54:27:16:4b:02:64:9f:e6:22:ed:74:55:01:72:3e:e3:56:
3f:1e:f7:87:1b:75:a1:9e:50:50:9d:37:91:6c:a9:1e:b4:f5:
21:ab:92:f3:87:77:fa:ea:b2:e4:8e:1c:5f:ec:25:e4:5b:13:
22:51:2b:48:82:70:e4:53:bc:95:e2:a6:1a:ab:62:36:84:2e:
a4:80:f5:4a:e9:cb:20:37:93:e1:65:67:7d:98:63:ef:02:48:
7f:3d:1f:4f:dd:5a:e5:12:cb:e7:d7:06:39:94:b7:6c:81:88:
03:6e:85:e0:0c:3d:48:ec:fe:c4:45:c6:c1:61:c4:2a:99:58:
9a:f3:0e:b9:56:4e:f1:f9:9f:79:e3:b6:1e:7a:be:34:d3:01:
a7:b2:45:52
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAY4gu1CCdI8yq6Oyo2zpZU1DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzA5MDEwMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDU4Y2FhMjU4ODg1YjE5Yjk4ZWJmZjA0MjczZjMyNWFjNGMxN2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke95oenaNCVY2BiZce+lRMLSF+om
rev+xXCa2hJel/C2nLiHuDtlmAlTGErx/BGhCgzrCfNF8ZsbM5xxj6cWlZylue2h
r18/oK3nH8/oQmO1suhPCWHW50mYDiI7JWdr1TCGJW5TP7/XsXRGy1BLsgvzOcWW
VpQ2WskNvhX962GurlkN5yvA1/EA47x75zqkSdrnXheNK3NJB7sHS6yfvdhHWa43
DhFu03RXsXuqulJXQp3bll+4PzJ6aevJ1xUG4w2e8G81RqzCBsQV3GTKDY8e3h6t
Z3B5DjeJjc/azWhNHhldQv18S1jy2QL7c7w7PhVIYId2Xd1ESxX+qARlqwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFO1YyqJYiFsZuY6/8EJz8yWsTBezMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN1ZqS29saUlXeG01anJfd1FuUHpKYXhNRjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABf1BAwQA
LQheAwQALQ6mAwQBV3hEMAwDBABXeT0DBAZXeQADBAFXeXIDBABbXBoDBAFde0oD
BABde1ADBAG5/KAwDQYJKoZIhvcNAQELBQADggEBAKK/53Qgy8mAs0/Qym5WYgvG
1xczcTeSyTUDTKV5ZNj1GQNTDuOPpengxsjd/smCMFEb8z1UUQnFcagkHf9FMDF1
quvFY7lhznpylr6IUgvkWSKvwbE9M5dluegaQ2x4XEhVSvURijSxVaWlNDRUJxZL
AmSf5iLtdFUBcj7jVj8e94cbdaGeUFCdN5FsqR609SGrkvOHd/rqsuSOHF/sJeRb
EyJRK0iCcORTvJXiphqrYjaELqSA9UrpyyA3k+FlZ32YY+8CSH89H0/dWuUSy+fX
BjmUt2yBiANuheAMPUjs/sRFxsFhxCqZWJrzDrlWTvH5n3njth56vjTTAaeyRVI=
-----END CERTIFICATE-----
Generated at Tue Mar 12 11:27:52 2024 by rpki-client on console-ams.rpki-client.org