Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B3S4WjIjZBNIgQwyOTERDB_ckgA.roa
File: B3S4WjIjZBNIgQwyOTERDB_ckgA.roa (raw, json)
Hash identifier: EzyLy6Eq+cjaeJqJSEck1pc8ZresanIZo61UZRUUMDk=
Subject key identifier: 07:74:B8:5A:32:23:64:13:48:81:0C:32:39:31:11:0C:1F:DC:92:00
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D22077AB19C8579C57F2C44C8EB5FEEC2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B3S4WjIjZBNIgQwyOTERDB_ckgA.roa
Signing time: Fri 19 Jan 2024 14:02:11 +0000
ROA not before: Fri 19 Jan 2024 14:02:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51396
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 Feb 2024 21:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:22:07:7a:b1:9c:85:79:c5:7f:2c:44:c8:eb:5f:ee:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 19 14:02:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0774b85a3223641348810c323931110c1fdc9200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:83:2c:fa:73:2d:ff:db:75:65:85:7e:9d:54:
56:e6:7a:47:4c:3f:4d:9d:ec:64:29:ef:65:6d:27:
2d:74:86:5d:a5:7c:c6:6a:ac:78:02:30:e0:de:be:
2d:b6:54:75:4a:93:ce:db:05:42:2b:d6:bf:81:cc:
06:99:a7:da:17:72:2a:cb:bc:b0:9a:4a:78:1c:2b:
51:dc:cd:60:7f:06:29:ef:29:a1:6c:96:c9:3b:04:
81:3b:74:aa:d2:4b:fe:22:7b:3a:2a:90:d1:a1:95:
90:86:e9:f3:b3:6b:3c:86:87:ef:d2:5b:94:0c:14:
d9:d6:ac:a1:51:f8:32:2e:12:2a:7b:38:f7:60:1c:
8a:19:5e:3b:74:d0:e0:b0:dd:44:90:ed:29:c7:c5:
94:01:5e:3c:28:f0:7e:c2:48:e3:92:51:5b:da:da:
94:b3:fc:98:a1:4e:40:30:ec:c6:56:f8:ff:bc:ac:
bd:df:2e:72:2f:c5:c2:86:0e:44:79:9d:fb:1e:a9:
74:19:bf:a6:11:b9:ff:e8:da:b6:93:de:83:9d:8f:
86:d4:65:82:34:84:11:fe:29:a7:90:21:9c:b9:d3:
86:de:17:6e:f7:2f:cd:15:a5:a4:20:96:eb:2c:eb:
63:9f:fa:35:d5:8f:00:83:8e:6c:19:91:02:8b:ac:
8d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:74:B8:5A:32:23:64:13:48:81:0C:32:39:31:11:0C:1F:DC:92:00
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/B3S4WjIjZBNIgQwyOTERDB_ckgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/23
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:95:ca:63:18:fd:1a:3d:41:8e:73:3e:27:e4:b2:00:dd:3d:
41:9d:7a:c8:35:4b:d8:33:90:d8:6e:37:3b:0b:15:1f:d6:9a:
1d:68:ff:96:cc:cb:27:c2:15:6d:7d:9a:ee:13:00:b8:a7:39:
3e:e0:3b:bd:43:33:15:1f:0e:db:14:47:0a:b2:43:27:b2:33:
e1:c0:43:d2:2a:eb:00:50:43:71:eb:49:99:03:44:87:85:b7:
dd:08:4a:86:c4:b9:8c:e5:77:59:26:60:f0:f3:f7:30:d9:85:
c9:11:9f:4f:d6:9b:b8:c3:ff:a3:a6:92:1a:74:c8:e7:f9:b9:
8a:1c:9d:42:81:86:ad:5f:ad:64:1b:fa:33:1a:3e:0c:ad:0a:
c7:29:43:97:fc:b9:6f:95:ef:9f:b5:05:da:69:ba:10:c8:b3:
6d:be:72:7b:2d:f7:17:73:0f:7d:e8:69:ef:32:0f:fc:9c:6d:
4d:32:96:d8:9c:ca:06:66:f3:01:d4:66:ad:41:b6:c1:02:ec:
44:a7:c0:ab:f6:91:79:43:80:88:57:30:03:37:74:66:e6:e3:
0b:97:d5:0a:17:e9:0c:a8:4a:9b:16:57:55:13:28:2a:cd:48:
fb:cd:4a:dd:13:33:7d:d0:76:d7:3c:99:b7:30:02:a0:d0:4c:
4e:5b:37:ce
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY0iB3qxnIV5xX8sRMjrX+7CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE5MTQwMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzc0Yjg1YTMyMjM2NDEzNDg4MTBjMzIzOTMxMTEwYzFmZGM5MjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAioMs+nMt/9t1ZYV+nVRW5npHTD9N
nexkKe9lbSctdIZdpXzGaqx4AjDg3r4ttlR1SpPO2wVCK9a/gcwGmafaF3Iqy7yw
mkp4HCtR3M1gfwYp7ymhbJbJOwSBO3Sq0kv+Ins6KpDRoZWQhunzs2s8hofv0luU
DBTZ1qyhUfgyLhIqezj3YByKGV47dNDgsN1EkO0px8WUAV48KPB+wkjjklFb2tqU
s/yYoU5AMOzGVvj/vKy93y5yL8XChg5EeZ37Hql0Gb+mEbn/6Nq2k96DnY+G1GWC
NIQR/imnkCGcudOG3hdu9y/NFaWkIJbrLOtjn/o11Y8Ag45sGZECi6yNOwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAd0uFoyI2QTSIEMMjkxEQwf3JIAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQjNTNFdqSWpaQk5JZ1F3eU9URVJEQl9ja2dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjpfAwQA
LYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQBk05mAwQAwSMSMA0G
CSqGSIb3DQEBCwUAA4IBAQCPlcpjGP0aPUGOcz4n5LIA3T1BnXrINUvYM5DYbjc7
CxUf1podaP+WzMsnwhVtfZruEwC4pzk+4Du9QzMVHw7bFEcKskMnsjPhwEPSKusA
UENx60mZA0SHhbfdCEqGxLmM5XdZJmDw8/cw2YXJEZ9P1pu4w/+jppIadMjn+bmK
HJ1CgYatX61kG/ozGj4MrQrHKUOX/Llvle+ftQXaaboQyLNtvnJ7LfcXcw996Gnv
Mg/8nG1NMpbYnMoGZvMB1GatQbbBAuxEp8Cr9pF5Q4CIVzADN3Rm5uMLl9UKF+kM
qEqbFldVEygqzUj7zUrdEzN90HbXPJm3MAKg0ExOWzfO
-----END CERTIFICATE-----
Generated at Sat Feb 24 01:09:35 2024 by rpki-client on console-ams.rpki-client.org