Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CA5dbPiDuZCCJgmxc8W0eBNVflY.roa
File: CA5dbPiDuZCCJgmxc8W0eBNVflY.roa (raw, json)
Hash identifier: +egf431fJsstv8Feozk2iLs0fr1d3iqX5d4oujDGSBw=
Subject key identifier: 08:0E:5D:6C:F8:83:B9:90:82:26:09:B1:73:C5:B4:78:13:55:7E:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F2E8B76A88AD2E309158C95C0AC28B33F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CA5dbPiDuZCCJgmxc8W0eBNVflY.roa
Signing time: Tue 30 Apr 2024 10:27:22 +0000
ROA not before: Tue 30 Apr 2024 10:27:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.42.32.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 May 2024 13:33:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:8b:76:a8:8a:d2:e3:09:15:8c:95:c0:ac:28:b3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 10:27:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=080e5d6cf883b990822609b173c5b47813557e56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:68:b5:3f:4a:a7:ee:90:1e:42:6c:73:06:
dd:cd:56:35:90:70:01:73:fb:6b:3a:4c:16:95:9c:
38:4e:d0:a7:54:fb:bb:67:cb:8f:73:ee:0b:e8:c9:
27:93:8c:45:e0:41:51:8a:e9:7e:66:8f:d8:50:cc:
06:83:4e:6d:85:df:f7:c7:9d:53:4f:be:ae:e4:5b:
dc:93:13:75:15:8b:a2:a6:74:7b:00:fc:83:41:a9:
c0:9f:10:5c:7a:fe:ec:b9:2d:ce:9e:af:2c:7a:8d:
e3:45:ef:a2:74:00:2d:98:d1:c6:67:75:23:57:f5:
f7:6a:42:2b:5a:3b:f9:0f:06:55:63:05:7b:0f:46:
21:65:f9:5f:52:13:f5:b3:b6:61:9f:a8:d5:f4:b6:
4a:3b:53:7d:b2:53:91:ed:63:ed:5b:db:63:fd:2f:
6f:18:24:3c:21:f5:99:bb:db:51:10:a8:59:24:a7:
c1:de:11:2f:82:ff:af:d4:a0:77:e9:ae:1e:ce:71:
54:7d:c7:17:b9:60:e1:a7:79:03:b1:bf:0e:f5:df:
c8:e2:5c:d4:dc:73:8a:bc:31:c3:8a:e1:ee:69:8d:
21:ff:c2:53:7a:d0:fc:54:39:c8:b3:fc:8f:5b:82:
e9:50:9c:61:53:85:03:3c:09:a4:cf:39:ac:6c:fa:
3e:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:0E:5D:6C:F8:83:B9:90:82:26:09:B1:73:C5:B4:78:13:55:7E:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CA5dbPiDuZCCJgmxc8W0eBNVflY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.88.88.0/24
45.149.241.0/24
45.151.89.0/24
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
95.214.25.0-95.214.26.255
147.78.102.0/24
171.22.17.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
193.42.32.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
67:68:33:0e:dd:4c:00:80:e8:8f:41:de:aa:42:a1:9a:bc:f8:
0a:67:7e:77:22:ea:93:bc:68:e3:2f:f9:a7:7d:9c:1d:ef:e0:
82:cc:68:ce:c9:1c:44:9e:8b:d8:f6:75:11:07:ef:ca:d8:92:
71:7f:f7:45:fe:d6:77:4b:51:ec:6e:87:4d:03:03:e4:bf:0e:
93:ab:b3:da:6f:e4:3a:fd:84:73:1a:47:fa:a2:f5:65:8d:41:
05:75:1a:5a:44:aa:c5:2a:cb:8e:c1:54:1b:3d:11:dd:ca:11:
27:37:07:a4:6a:13:88:73:f5:b5:99:8d:d2:9a:f5:91:f1:21:
db:1f:ed:89:e5:ee:e8:fc:7f:0a:3b:ed:ad:f6:79:26:b7:78:
9b:1e:19:f2:17:00:ec:d0:74:5f:af:8c:6d:b3:46:28:10:b7:
c7:cf:7d:aa:63:ff:cf:04:2f:00:07:52:e5:b4:8a:98:43:2b:
11:40:3d:f9:8f:39:4b:48:5a:63:1d:24:03:f1:e1:df:a9:2c:
2c:24:49:67:48:44:3a:50:8b:0f:26:f2:98:ba:6a:91:3a:4d:
23:67:f0:7c:eb:29:46:36:12:31:8c:96:a4:40:28:25:60:81:
4e:94:07:85:e1:8c:c1:e8:e6:89:3f:76:36:57:ad:df:57:e9:
f7:fb:75:b9
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAY8ui3aoitLjCRWMlcCsKLM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDMwMTAyNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODBlNWQ2Y2Y4ODNiOTkwODIyNjA5YjE3M2M1YjQ3ODEzNTU3ZTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArxlotT9Kp+6QHkJscwbdzVY1kHAB
c/trOkwWlZw4TtCnVPu7Z8uPc+4L6Mknk4xF4EFRiul+Zo/YUMwGg05thd/3x51T
T76u5FvckxN1FYuipnR7APyDQanAnxBcev7suS3Onq8seo3jRe+idAAtmNHGZ3Uj
V/X3akIrWjv5DwZVYwV7D0YhZflfUhP1s7Zhn6jV9LZKO1N9slOR7WPtW9tj/S9v
GCQ8IfWZu9tREKhZJKfB3hEvgv+v1KB36a4eznFUfccXuWDhp3kDsb8O9d/I4lzU
3HOKvDHDiuHuaY0h/8JTetD8VDnIs/yPW4LpUJxhU4UDPAmkzzmsbPo+bwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFAgOXWz4g7mQgiYJsXPFtHgTVX5WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ0E1ZGJQaUR1WkNDSmdteGM4VzBlQk5WZmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAt
CZwDBAAtWFgDBAAtlfEDBAAtl1kDBABT22EDBAFUFa4DBABXeFcDBABXeS0DBAFX
eVYDBABXed0DBAFcd8QDBAJemqAwDAMEAF/WGQMEAF/WGgMEAJNOZgMEAKsWEQME
AqsWSAMEALLX4AMEArnYVAMEArnaVAMEAcEqIAMEAMIw+AMEAMI34DANBgkqhkiG
9w0BAQsFAAOCAQEAZ2gzDt1MAIDoj0HeqkKhmrz4Cmd+dyLqk7xo4y/5p32cHe/g
gsxozskcRJ6L2PZ1EQfvytiScX/3Rf7Wd0tR7G6HTQMD5L8Ok6uz2m/kOv2EcxpH
+qL1ZY1BBXUaWkSqxSrLjsFUGz0R3coRJzcHpGoTiHP1tZmN0pr1kfEh2x/tieXu
6Px/CjvtrfZ5Jrd4mx4Z8hcA7NB0X6+MbbNGKBC3x899qmP/zwQvAAdS5bSKmEMr
EUA9+Y85S0haYx0kA/Hh36ksLCRJZ0hEOlCLDybymLpqkTpNI2fwfOspRjYSMYyW
pEAoJWCBTpQHheGMwejmiT92Nlet31fp9/t1uQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:27 2024 by rpki-client on console-ams.rpki-client.org