Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CNzxzKhbYNR6cU6qNl9Rk2Qf9fw.roa
File: CNzxzKhbYNR6cU6qNl9Rk2Qf9fw.roa (raw, json)
Hash identifier: 1ElhBNuUbfthS/s+U/vhgi12vIevM+Kjqg06O1F6iJ8=
Subject key identifier: 08:DC:F1:CC:A8:5B:60:D4:7A:71:4E:AA:36:5F:51:93:64:1F:F5:FC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019200CB306ED631C7F1D54F700EE3EAFE5C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CNzxzKhbYNR6cU6qNl9Rk2Qf9fw.roa
Signing time: Tue 17 Sep 2024 16:22:49 +0000
ROA not before: Tue 17 Sep 2024 16:22:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.37.41.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 10:39:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:00:cb:30:6e:d6:31:c7:f1:d5:4f:70:0e:e3:ea:fe:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 16:22:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=08dcf1cca85b60d47a714eaa365f5193641ff5fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:09:48:1b:ce:5f:de:b2:aa:33:fc:55:92:70:
11:9e:55:54:4e:59:0d:90:c9:19:d3:6b:16:5a:68:
23:8b:fd:d0:c3:1b:c0:7a:a0:c4:61:77:ab:be:09:
b9:c5:44:1d:be:d9:90:44:7d:ad:77:a1:71:be:e0:
c2:e2:8b:e9:87:dd:48:ac:69:1a:1f:bf:26:19:5e:
67:46:90:12:ec:da:74:87:86:88:7a:2f:07:bc:86:
f7:62:e0:c9:71:e9:e0:3a:21:e7:79:77:8a:6f:00:
4f:48:4b:e7:55:71:dc:34:9e:f4:ca:46:a2:31:0c:
33:24:8d:15:d5:38:03:10:2c:6a:aa:e2:5f:40:ca:
1f:47:1b:8b:49:56:26:f2:43:75:e2:4b:e6:4b:e6:
e9:67:4d:b9:32:6c:10:5b:e7:76:ff:04:55:02:b4:
c8:8d:f8:12:57:fa:24:83:9b:c1:b6:54:42:5b:94:
27:44:d4:7f:54:2e:29:c5:84:3b:99:52:42:8f:dd:
f5:aa:38:10:45:74:31:57:03:8c:fa:df:82:44:ef:
bb:4a:22:b9:11:1f:04:65:3f:24:9a:0b:c1:80:85:
6a:ba:90:0c:37:4c:a5:57:6c:08:b9:91:dc:b7:22:
4d:ae:04:8c:40:bf:a3:a9:49:28:3e:55:58:17:56:
c9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:DC:F1:CC:A8:5B:60:D4:7A:71:4E:AA:36:5F:51:93:64:1F:F5:FC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CNzxzKhbYNR6cU6qNl9Rk2Qf9fw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.88.88.0/24
45.149.241.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
92.119.196.0/23
93.123.39.0/24
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.103.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.37.41.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
23:13:73:4a:ae:cd:25:a5:61:b6:e4:98:7d:d0:7f:10:45:7e:
95:b5:07:50:3b:34:43:9d:fb:43:41:8a:8c:5b:67:1e:f8:b8:
f2:ed:3f:15:6b:41:62:d3:a8:5c:62:d4:2d:3f:cd:4d:4d:4d:
e7:eb:ce:81:40:f6:9c:68:3a:22:21:ac:d0:b5:51:a6:8a:74:
ed:56:21:7e:8d:92:90:df:ba:e5:57:47:18:bf:ba:91:c2:42:
d8:13:27:f7:54:bf:2a:73:ea:e8:10:d0:1e:f1:62:0f:7f:10:
b6:c5:4c:0f:70:6b:44:bc:ee:1b:51:f7:3b:e1:2b:28:31:ce:
5c:5b:b3:b9:f2:95:3b:ec:8c:c9:a1:a0:66:33:45:03:a8:f3:
44:b3:4c:1e:79:8b:14:a2:41:67:90:76:7a:6d:29:ec:11:52:
b4:63:95:d0:81:06:1a:d5:af:67:21:08:cd:a2:bf:91:c5:f7:
24:50:8c:6e:e9:45:0e:83:fe:96:c6:3e:9c:d3:f1:39:8c:9c:
1d:c5:5b:f5:3b:bf:b7:90:e8:10:db:32:43:d8:ee:f2:36:31:
a7:fb:ff:f4:22:ad:be:d4:d7:41:5b:dc:0b:a4:be:3d:d1:7f:
3c:ae:79:08:62:10:68:a0:ef:0d:57:7d:da:25:0c:dc:fa:bb:
4f:fd:3b:76
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZIAyzBu1jHH8dVPcA7j6v5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MTYyMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGRjZjFjY2E4NWI2MGQ0N2E3MTRlYWEzNjVmNTE5MzY0MWZmNWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwlIG85f3rKqM/xVknARnlVUTlkN
kMkZ02sWWmgji/3QwxvAeqDEYXervgm5xUQdvtmQRH2td6FxvuDC4ovph91IrGka
H78mGV5nRpAS7Np0h4aIei8HvIb3YuDJcengOiHneXeKbwBPSEvnVXHcNJ70ykai
MQwzJI0V1TgDECxqquJfQMofRxuLSVYm8kN14kvmS+bpZ025MmwQW+d2/wRVArTI
jfgSV/okg5vBtlRCW5QnRNR/VC4pxYQ7mVJCj931qjgQRXQxVwOM+t+CRO+7SiK5
ER8EZT8kmgvBgIVqupAMN0ylV2wIuZHctyJNrgSMQL+jqUkoPlVYF1bJ+wIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFAjc8cyoW2DUenFOqjZfUZNkH/X8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ056eHpLaGJZTlI2Y1U2cU5sOVJrMlFmOWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjCBiwQCAAEwgYQDBAAt
QuQDBAAtWFgDBAAtlfEDBAAtl1kDBAAtl1sDBABT22EDBABUNjADBABXeFcDBABX
eF0DBABXeS0DBAFcd8QDBABdeycDBAJemqADBABenAsDBACNYgEDBACTTmcDBAKr
FkgDBAK52FQDBAK52lQDBADBJSkDBADB3mADBADCMPswDQYJKoZIhvcNAQELBQAD
ggEBACMTc0quzSWlYbbkmH3QfxBFfpW1B1A7NEOd+0NBioxbZx74uPLtPxVrQWLT
qFxi1C0/zU1NTefrzoFA9pxoOiIhrNC1UaaKdO1WIX6NkpDfuuVXRxi/upHCQtgT
J/dUvypz6ugQ0B7xYg9/ELbFTA9wa0S87htR9zvhKygxzlxbs7nylTvsjMmhoGYz
RQOo80SzTB55ixSiQWeQdnptKewRUrRjldCBBhrVr2chCM2iv5HF9yRQjG7pRQ6D
/pbGPpzT8TmMnB3FW/U7v7eQ6BDbMkPY7vI2Maf7//Qirb7U10Fb3Aukvj3Rfzyu
eQhiEGig7w1XfdolDNz6u0/9O3Y=
-----END CERTIFICATE-----
Generated at Wed Sep 18 14:49:15 2024 by rpki-client on console-ams.rpki-client.org