Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa
File: 7yxC8pqeDmTQlfJbN4M362d5p0A.roa (raw, json)
Hash identifier: MMPsqFiugKNu9cMB0qRK+/IM/o4XSv40G9bjyb7fATY=
Subject key identifier: EF:2C:42:F2:9A:9E:0E:64:D0:95:F2:5B:37:83:37:EB:67:79:A7:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DE2E842A4A0051FA6D92B0011AA864A0D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa
Signing time: Mon 26 Feb 2024 00:54:48 +0000
ROA not before: Mon 26 Feb 2024 00:54:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.65.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
45.14.166.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
87.121.61.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.80.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
212.87.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Feb 2024 18:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e2:e8:42:a4:a0:05:1f:a6:d9:2b:00:11:aa:86:4a:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 26 00:54:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef2c42f29a9e0e64d095f25b378337eb6779a740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d9:00:81:be:12:d4:bc:e1:12:f4:25:b9:98:
04:cb:a4:07:1b:55:c8:fb:7f:d7:68:67:03:05:5e:
75:7e:44:c5:59:13:e8:5f:9c:50:d5:c1:29:a6:b2:
35:e6:a0:ef:83:4e:a1:76:46:37:a2:2e:5f:ca:8a:
83:1e:2b:e2:a9:de:6c:06:0a:d4:95:59:a1:e5:5f:
a9:c9:3e:44:3a:fe:ec:be:de:36:ac:0b:84:27:2f:
3b:1a:96:cb:a4:4c:88:ab:f9:9b:b0:5d:dc:52:9d:
1f:ef:15:5b:71:e6:cc:be:2a:a4:ca:ed:b9:81:18:
1b:a7:92:31:b2:f9:06:98:d9:40:05:c1:6c:88:cb:
c9:5e:05:3b:1c:78:77:af:dc:fb:63:7e:ff:32:7a:
a8:8a:40:89:40:d9:88:83:50:d1:a8:ba:9a:ce:e6:
c2:1b:fd:76:1b:34:20:bd:12:d2:d8:1a:d1:3e:a3:
22:47:51:8e:59:ad:45:44:d1:77:35:52:4c:4e:a0:
24:07:76:b1:1c:06:27:30:13:f8:af:0c:76:98:d3:
a6:cd:0b:2f:ce:6a:39:d9:f8:8c:0a:28:6c:69:30:
e5:b2:90:9f:ca:5b:a1:44:30:58:0d:c0:cd:20:19:
90:0e:c7:22:a7:c3:57:53:8b:e0:e1:d3:11:51:a5:
09:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:2C:42:F2:9A:9E:0E:64:D0:95:F2:5B:37:83:37:EB:67:79:A7:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/7yxC8pqeDmTQlfJbN4M362d5p0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.65.0/24
45.8.94.0/24
45.14.166.0/24
87.120.68.0/23
87.121.60.0/23
91.92.26.0/24
93.123.74.0/23
93.123.80.0/24
185.252.160.0/23
212.87.204.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:38:f7:c4:8b:00:b8:3d:8c:bc:d0:a6:6f:05:ab:3b:ae:a6:
d4:19:2c:37:94:7e:c3:2e:f0:8b:5f:46:f0:bc:b4:92:59:06:
bc:07:29:6b:1b:5e:71:dd:bf:10:fe:7f:5f:4c:aa:76:e7:07:
d5:32:13:94:5a:8a:31:94:de:ff:2f:c9:50:d7:15:a4:07:ec:
5e:cf:06:19:6d:74:21:40:b5:70:c0:b4:68:54:42:15:50:17:
d1:5e:2b:d2:b6:f3:a2:1d:cb:7b:fa:4f:6f:bd:a5:e6:9f:fb:
8c:51:79:a8:eb:2e:47:a1:f1:22:fd:96:d3:d9:fb:2b:a0:66:
5e:36:c2:8a:30:8b:69:c5:6d:cc:be:19:a9:67:78:87:7d:6d:
58:6a:3e:2a:a6:a8:ba:ca:dc:38:bc:9c:69:b7:21:05:49:d9:
07:9b:81:86:52:d2:4e:aa:de:2b:a8:c7:8b:84:46:0f:10:2f:
b4:66:49:da:60:a7:7c:a9:68:f1:52:2c:d3:11:e9:41:c8:f7:
88:7b:0b:21:b5:f7:1c:22:39:8b:07:a0:44:a3:b2:0b:24:c3:
7f:6c:96:8a:92:21:9c:4e:2d:1c:7d:15:2d:60:b8:8f:79:ee:
f0:2d:bc:02:bb:91:a2:3d:a2:81:ed:78:1f:e0:43:89:51:bb:
41:9d:65:c7
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY3i6EKkoAUfptkrABGqhkoNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI2MDA1NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjJjNDJmMjlhOWUwZTY0ZDA5NWYyNWIzNzgzMzdlYjY3NzlhNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwtkAgb4S1LzhEvQluZgEy6QHG1XI
+3/XaGcDBV51fkTFWRPoX5xQ1cEpprI15qDvg06hdkY3oi5fyoqDHiviqd5sBgrU
lVmh5V+pyT5EOv7svt42rAuEJy87GpbLpEyIq/mbsF3cUp0f7xVbcebMviqkyu25
gRgbp5IxsvkGmNlABcFsiMvJXgU7HHh3r9z7Y37/MnqoikCJQNmIg1DRqLqazubC
G/12GzQgvRLS2BrRPqMiR1GOWa1FRNF3NVJMTqAkB3axHAYnMBP4rwx2mNOmzQsv
zmo52fiMCihsaTDlspCfyluhRDBYDcDNIBmQDscip8NXU4vg4dMRUaUJ6wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFO8sQvKang5k0JXyWzeDN+tneadAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvN3l4QzhwcWVEbVRRbGZKYk40TTM2MmQ1cDBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABf1BAwQA
LQheAwQALQ6mAwQBV3hEAwQBV3k8AwQAW1waAwQBXXtKAwQAXXtQAwQBufygAwQB
1FfMMA0GCSqGSIb3DQEBCwUAA4IBAQCiOPfEiwC4PYy80KZvBas7rqbUGSw3lH7D
LvCLX0bwvLSSWQa8BylrG15x3b8Q/n9fTKp25wfVMhOUWooxlN7/L8lQ1xWkB+xe
zwYZbXQhQLVwwLRoVEIVUBfRXivStvOiHct7+k9vvaXmn/uMUXmo6y5HofEi/ZbT
2fsroGZeNsKKMItpxW3MvhmpZ3iHfW1Yaj4qpqi6ytw4vJxptyEFSdkHm4GGUtJO
qt4rqMeLhEYPEC+0ZknaYKd8qWjxUizTEelByPeIewshtfccIjmLB6BEo7ILJMN/
bJaKkiGcTi0cfRUtYLiPee7wLbwCu5GiPaKB7Xgf4EOJUbtBnWXH
-----END CERTIFICATE-----
Generated at Tue Feb 27 22:11:15 2024 by rpki-client on console-ams.rpki-client.org