Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C1kt5FCfte_KOeH0Ef698K_7jhM.roa
File: C1kt5FCfte_KOeH0Ef698K_7jhM.roa (raw, json)
Hash identifier: kZa92rvms3y7yZS/cg9zgZq3kmGO7UjiwXg3PhKxj9A=
Subject key identifier: 0B:59:2D:E4:50:9F:B5:EF:CA:39:E1:F4:11:FE:BD:F0:AF:FB:8E:13
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DEE6CF8D970DBFFB4C7159F5BF0CB0F02
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C1kt5FCfte_KOeH0Ef698K_7jhM.roa
Signing time: Wed 28 Feb 2024 06:35:35 +0000
ROA not before: Wed 28 Feb 2024 06:35:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50738
IP address blocks: 45.129.84.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 09:25:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ee:6c:f8:d9:70:db:ff:b4:c7:15:9f:5b:f0:cb:0f:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 28 06:35:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b592de4509fb5efca39e1f411febdf0affb8e13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:be:a3:fc:c2:55:ff:f0:9b:c3:86:e5:84:
d1:cf:98:61:63:38:b7:fb:ae:a5:5f:18:b9:61:4b:
45:e4:c0:a0:88:69:5b:ad:a1:a5:bd:00:e5:e0:f2:
49:b1:84:74:7a:d8:55:1d:61:35:4c:80:fb:99:02:
8f:34:fd:00:c6:b6:b3:23:3e:94:6c:5a:b3:4b:18:
a1:a0:9b:b5:a3:4e:04:54:2c:6e:70:b1:df:4e:3d:
8e:d7:f1:18:2a:b1:3f:59:ee:89:ef:99:db:11:f0:
31:53:e7:0b:b5:ae:c8:8e:f6:fa:da:9c:c3:3f:13:
47:92:7e:38:69:2f:da:cb:3b:b4:84:3e:9a:01:42:
7c:93:4a:7e:02:c4:3c:50:17:b8:43:12:dc:9d:96:
51:e4:7d:65:48:a2:28:07:35:5f:f9:53:ea:74:7d:
2a:06:a7:95:19:29:fa:c5:d9:d5:c4:7f:35:a3:06:
8f:ce:53:31:dd:e2:45:fc:ee:65:af:b7:86:6c:43:
9a:d3:6a:a4:8a:92:2d:e9:02:6b:1f:f1:1d:b1:94:
4d:95:f1:c6:36:75:0a:8f:9f:1c:2f:8f:2b:96:ec:
49:a9:b9:7e:03:f2:ac:aa:e8:79:c6:cf:a4:22:60:
24:fd:ce:0d:b3:65:62:9c:ea:8a:b6:10:72:7d:e4:
20:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:59:2D:E4:50:9F:B5:EF:CA:39:E1:F4:11:FE:BD:F0:AF:FB:8E:13
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/C1kt5FCfte_KOeH0Ef698K_7jhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.84.0/24
45.141.158.0/24
81.161.239.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
171.22.17.0/24
171.22.31.0/24
Signature Algorithm: sha256WithRSAEncryption
67:a9:9e:85:5f:eb:cb:f2:30:e4:b1:ee:2e:4d:5c:eb:b9:50:
da:e1:bf:41:62:92:b0:3d:ed:da:eb:bb:90:dc:85:5d:cd:6f:
37:04:ef:fd:74:d1:2f:6c:1e:9f:57:d2:3e:ce:88:0a:07:d6:
9e:d3:68:64:85:66:8e:e7:52:4e:b2:06:b4:d4:71:89:cd:5c:
8a:0e:2e:9c:50:ae:cb:b9:50:13:0d:71:91:44:d9:19:90:54:
0b:b5:67:df:91:c9:03:bd:4a:c3:fc:52:62:6c:fb:7d:01:45:
30:3c:ac:b0:9e:56:2c:10:90:66:dc:d3:a5:6a:53:fd:0f:0d:
c5:0d:54:c7:32:4f:9f:bc:39:8b:b1:d6:8e:b5:09:f7:0c:63:
68:ab:a4:5f:1c:69:cd:68:d5:63:b5:37:c0:f5:85:80:c2:74:
26:0c:80:0f:ca:72:ec:8a:aa:b1:68:e0:7f:bf:c6:52:fe:57:
79:6f:c0:5c:ad:0b:08:ca:89:fc:35:b8:bf:1c:be:4f:48:b6:
ef:3d:d9:2e:a1:79:8d:9c:aa:e0:d0:f6:30:b7:39:6e:75:89:
15:34:9c:1b:ed:47:02:97:44:40:6d:b1:c8:85:57:9e:63:5b:
3a:15:e9:2b:1a:73:81:66:ac:f2:bc:97:ec:34:c4:8b:d9:2b:
2f:32:59:29
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY3ubPjZcNv/tMcVn1vwyw8CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI4MDYzNTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjU5MmRlNDUwOWZiNWVmY2EzOWUxZjQxMWZlYmRmMGFmZmI4ZTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjq+o/zCVf/wm8OG5YTRz5hhYzi3
+66lXxi5YUtF5MCgiGlbraGlvQDl4PJJsYR0ethVHWE1TID7mQKPNP0AxrazIz6U
bFqzSxihoJu1o04EVCxucLHfTj2O1/EYKrE/We6J75nbEfAxU+cLta7Ijvb62pzD
PxNHkn44aS/ayzu0hD6aAUJ8k0p+AsQ8UBe4QxLcnZZR5H1lSKIoBzVf+VPqdH0q
BqeVGSn6xdnVxH81owaPzlMx3eJF/O5lr7eGbEOa02qkipIt6QJrH/EdsZRNlfHG
NnUKj58cL48rluxJqbl+A/Ksquh5xs+kImAk/c4Ns2VinOqKthByfeQgWwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAtZLeRQn7Xvyjnh9BH+vfCv+44TMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQzFrdDVGQ2Z0ZV9LT2VIMEVmNjk4S183amhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALYFUAwQA
LY2eAwQAUaHvAwQBV3l8AwQAV3miAwQCW8jAAwQAqxYRAwQAqxYfMA0GCSqGSIb3
DQEBCwUAA4IBAQBnqZ6FX+vL8jDkse4uTVzruVDa4b9BYpKwPe3a67uQ3IVdzW83
BO/9dNEvbB6fV9I+zogKB9ae02hkhWaO51JOsga01HGJzVyKDi6cUK7LuVATDXGR
RNkZkFQLtWffkckDvUrD/FJibPt9AUUwPKywnlYsEJBm3NOlalP9Dw3FDVTHMk+f
vDmLsdaOtQn3DGNoq6RfHGnNaNVjtTfA9YWAwnQmDIAPynLsiqqxaOB/v8ZS/ld5
b8BcrQsIyon8Nbi/HL5PSLbvPdkuoXmNnKrg0PYwtzludYkVNJwb7UcCl0RAbbHI
hVeeY1s6FekrGnOBZqzyvJfsNMSL2SsvMlkp
-----END CERTIFICATE-----
Generated at Thu Feb 29 14:02:43 2024 by rpki-client on console-ams.rpki-client.org