Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9m1PTrv40DWxcP4BFt3LrFeR3Cs.roa
File: 9m1PTrv40DWxcP4BFt3LrFeR3Cs.roa (raw, json)
Hash identifier: iobSPZByoBSQfGk4woD3OjR7Doj/kGALsgVqNEcshfU=
Subject key identifier: F6:6D:4F:4E:BB:F8:D0:35:B1:70:FE:01:16:DD:CB:AC:57:91:DC:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DD7D04A9A373910E0A7A750697DA2DD2A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9m1PTrv40DWxcP4BFt3LrFeR3Cs.roa
Signing time: Fri 23 Feb 2024 21:12:48 +0000
ROA not before: Fri 23 Feb 2024 21:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 May 2024 12:04:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:d7:d0:4a:9a:37:39:10:e0:a7:a7:50:69:7d:a2:dd:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 23 21:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f66d4f4ebbf8d035b170fe0116ddcbac5791dc2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:66:e2:1d:84:14:ac:f3:f2:50:d7:53:3f:ca:
79:8b:ca:7a:ab:e2:a1:76:04:72:0a:4e:af:9d:79:
c7:4f:de:eb:ab:75:2a:86:5a:e1:43:3c:73:06:29:
50:7e:8d:9b:e9:58:61:cf:3f:be:b3:ef:b5:4c:3b:
e9:49:0b:4d:66:65:0b:20:2b:be:ef:b0:ab:f2:ad:
b7:61:65:b7:bb:eb:d5:07:ae:ee:dc:ce:7d:05:cc:
7a:84:17:74:10:e4:f3:25:8a:43:d0:47:98:70:32:
9e:8f:8d:32:53:95:d0:13:fb:02:6a:c4:84:fb:19:
2d:19:a3:c1:c8:8f:35:b1:ce:5f:5e:45:f1:66:61:
63:e0:57:6b:a0:29:2f:79:d6:03:f2:4f:62:75:d1:
58:52:53:e3:7c:69:43:20:0b:8e:43:a8:dc:ae:bd:
4e:30:f9:cc:de:93:b4:ef:02:ad:cc:31:b1:e4:5c:
26:a6:30:2a:98:68:c6:35:ef:3c:00:d4:df:0d:46:
07:25:ac:38:13:00:5b:a3:59:bf:e3:2e:59:10:35:
7a:23:b1:a3:75:74:99:db:4a:63:87:c9:24:a5:46:
6e:f8:80:c3:27:bf:b7:c6:d8:8b:b5:6a:e8:2f:d0:
7f:ca:1f:5a:52:3c:d6:49:4a:a7:e2:3e:1c:09:79:
03:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6D:4F:4E:BB:F8:D0:35:B1:70:FE:01:16:DD:CB:AC:57:91:DC:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/9m1PTrv40DWxcP4BFt3LrFeR3Cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
43:1e:d5:e1:65:0f:9c:8b:b6:02:3c:8e:d3:21:03:67:8c:2e:
2c:1e:db:ea:23:0a:7d:18:a9:c6:e1:9e:52:6f:7e:80:f7:39:
ec:2a:23:30:dd:a1:a9:9d:a6:17:82:83:bc:e8:56:71:77:31:
6a:ef:99:e2:aa:17:0c:55:c9:85:16:84:e7:57:c7:d4:14:12:
6d:75:bd:a7:31:31:ed:d0:f4:a8:86:dd:00:b0:59:1a:11:76:
7b:20:fe:2c:de:30:bd:78:01:5e:0b:1a:2b:cc:11:bd:80:9a:
c4:ea:37:21:cc:35:bd:2c:e5:99:cc:25:25:df:55:9f:47:be:
07:ba:c5:b2:1e:94:48:5c:27:5f:f4:3e:dd:d2:89:7c:85:2a:
aa:0e:5c:6c:9c:93:96:12:f3:26:0f:61:d6:14:d0:cf:85:d3:
9a:24:e4:fd:ac:e5:75:82:54:ba:61:66:da:c1:f1:18:86:dc:
b5:75:fd:5d:c5:e5:b1:d4:db:97:5d:bf:5f:8b:c2:bb:bc:8d:
82:49:fc:d1:ae:bd:2d:0a:95:60:02:0f:bc:48:1b:52:66:c2:
77:48:cc:e1:96:cf:77:9a:a1:9d:e7:55:cc:1d:51:c3:f2:38:
50:77:8b:60:01:4b:ed:e7:a3:90:bb:1b:80:4d:13:94:24:fd:
e7:e3:3b:ff
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY3X0EqaNzkQ4KenUGl9ot0qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIzMjExMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZkNGY0ZWJiZjhkMDM1YjE3MGZlMDExNmRkY2JhYzU3OTFkYzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2biHYQUrPPyUNdTP8p5i8p6q+Kh
dgRyCk6vnXnHT97rq3UqhlrhQzxzBilQfo2b6Vhhzz++s++1TDvpSQtNZmULICu+
77Cr8q23YWW3u+vVB67u3M59Bcx6hBd0EOTzJYpD0EeYcDKej40yU5XQE/sCasSE
+xktGaPByI81sc5fXkXxZmFj4FdroCkvedYD8k9iddFYUlPjfGlDIAuOQ6jcrr1O
MPnM3pO07wKtzDGx5FwmpjAqmGjGNe88ANTfDUYHJaw4EwBbo1m/4y5ZEDV6I7Gj
dXSZ20pjh8kkpUZu+IDDJ7+3xtiLtWroL9B/yh9aUjzWSUqn4j4cCXkD0wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFPZtT067+NA1sXD+ARbdy6xXkdwrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOW0xUFRydjQwRFd4Y1A0QkZ0M0xyRmVSM0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjpfAwQA
LYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQAk05mAwQAwSMSMA0G
CSqGSIb3DQEBCwUAA4IBAQBDHtXhZQ+ci7YCPI7TIQNnjC4sHtvqIwp9GKnG4Z5S
b36A9znsKiMw3aGpnaYXgoO86FZxdzFq75niqhcMVcmFFoTnV8fUFBJtdb2nMTHt
0PSoht0AsFkaEXZ7IP4s3jC9eAFeCxorzBG9gJrE6jchzDW9LOWZzCUl31WfR74H
usWyHpRIXCdf9D7d0ol8hSqqDlxsnJOWEvMmD2HWFNDPhdOaJOT9rOV1glS6YWba
wfEYhty1df1dxeWx1NuXXb9fi8K7vI2CSfzRrr0tCpVgAg+8SBtSZsJ3SMzhls93
mqGd51XMHVHD8jhQd4tgAUvt56OQuxuATROUJP3n4zv/
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:26 2024 by rpki-client on console-ams.rpki-client.org