Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FaQ98dgv4Q8uqzNxeKDtIqmP2V8.roa
File: FaQ98dgv4Q8uqzNxeKDtIqmP2V8.roa (raw, json)
Hash identifier: kKb7V+FgHt1jj2+yrD/zdXS4Y/pgBVi+reX4QnOtOUI=
Subject key identifier: 15:A4:3D:F1:D8:2F:E1:0F:2E:AB:33:71:78:A0:ED:22:A9:8F:D9:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DC6E60F5B39D0AFB8F26DFF536C668CD8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FaQ98dgv4Q8uqzNxeKDtIqmP2V8.roa
Signing time: Tue 20 Feb 2024 14:23:02 +0000
ROA not before: Tue 20 Feb 2024 14:23:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 00:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c6:e6:0f:5b:39:d0:af:b8:f2:6d:ff:53:6c:66:8c:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 20 14:23:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15a43df1d82fe10f2eab337178a0ed22a98fd95f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8f:ec:8a:fb:9a:a8:ed:99:f7:11:55:17:f6:
a4:cf:87:31:e6:15:7e:d4:03:d6:60:84:be:32:fc:
e2:fe:3c:ee:24:03:22:45:2a:36:b8:c7:67:e8:46:
9d:e8:fd:17:5f:b2:f8:68:95:ca:2f:be:b1:48:9f:
56:35:a1:30:ce:51:d8:9f:3b:cc:e8:51:33:36:94:
8d:bb:8b:ca:10:57:d0:e2:ac:1d:d1:b9:dd:f4:78:
22:aa:63:a8:f0:b0:6c:b1:81:67:10:ad:49:33:4d:
ad:86:39:57:01:46:64:65:a9:f4:c3:b7:ec:6e:3a:
8c:05:5c:a2:17:de:aa:71:62:2a:00:37:8d:e4:21:
cb:b3:bc:c2:c7:db:86:c8:21:9f:ae:e6:83:4f:21:
b4:a3:8f:2e:69:81:89:5e:0d:cc:07:ec:81:b4:a3:
07:7f:e5:ec:a7:fa:be:c0:0b:0e:a4:71:62:c3:02:
97:7f:7d:0d:11:a5:4e:00:3b:bf:2e:40:10:9a:2f:
59:04:7f:7c:36:e2:56:b3:30:98:55:67:73:df:2e:
7f:0b:62:b1:f9:c7:03:6e:7e:b1:14:8b:96:6f:be:
52:e7:0d:c8:ec:f0:e7:d8:88:f5:2a:6d:16:46:fc:
57:23:69:21:f7:2c:1b:11:8d:fc:04:1f:5f:5c:03:
a2:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:A4:3D:F1:D8:2F:E1:0F:2E:AB:33:71:78:A0:ED:22:A9:8F:D9:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FaQ98dgv4Q8uqzNxeKDtIqmP2V8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
91.92.26.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
99:7a:80:53:98:58:ca:28:6e:32:df:3d:fd:dc:66:2a:bc:c8:
f4:bb:81:b9:24:10:f4:2d:a2:cf:25:05:79:2d:82:0e:de:68:
5f:b3:c2:35:40:58:bc:b3:fd:4b:57:ce:54:b8:ca:a2:43:95:
4f:40:d6:65:a3:51:4e:e5:93:72:16:bf:5a:81:1d:94:8c:a0:
c0:af:1c:7f:71:f7:c7:f0:e1:96:c2:78:08:77:ba:ef:b4:88:
c1:dc:5f:b9:02:52:ee:71:96:62:dd:42:69:7b:fb:18:ba:0c:
0a:2c:5d:db:0b:75:0f:fb:a5:e4:80:09:29:71:eb:72:70:c7:
d8:c2:b6:b4:75:4f:92:a5:f3:18:f2:cd:2f:10:c7:2e:20:ae:
2e:b0:b2:fa:1c:04:81:11:52:95:cc:71:70:79:81:df:4e:97:
93:d2:5f:6e:c6:42:3f:79:90:85:64:80:12:41:ba:4c:cb:7d:
0c:50:e6:5b:ec:cc:4a:22:95:fb:5a:fe:3e:ad:e0:d8:8b:fa:
25:ab:13:7b:8d:36:71:cb:bf:9c:79:23:38:f5:84:05:0d:e1:
26:66:79:8c:b9:79:23:2a:e0:61:82:c6:17:88:a9:e9:cd:67:
78:61:09:62:03:87:40:23:4e:11:8b:28:67:bc:4c:e8:d0:aa:
5a:f9:c9:9c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3G5g9bOdCvuPJt/1NsZozYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjIwMTQyMzAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWE0M2RmMWQ4MmZlMTBmMmVhYjMzNzE3OGEwZWQyMmE5OGZkOTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY/sivuaqO2Z9xFVF/akz4cx5hV+
1APWYIS+Mvzi/jzuJAMiRSo2uMdn6Ead6P0XX7L4aJXKL76xSJ9WNaEwzlHYnzvM
6FEzNpSNu4vKEFfQ4qwd0bnd9HgiqmOo8LBssYFnEK1JM02thjlXAUZkZan0w7fs
bjqMBVyiF96qcWIqADeN5CHLs7zCx9uGyCGfruaDTyG0o48uaYGJXg3MB+yBtKMH
f+Xsp/q+wAsOpHFiwwKXf30NEaVOADu/LkAQmi9ZBH98NuJWszCYVWdz3y5/C2Kx
+ccDbn6xFIuWb75S5w3I7PDn2Ij1Km0WRvxXI2kh9ywbEY38BB9fXAOizQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBWkPfHYL+EPLqszcXig7SKpj9lfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRmFROThkZ3Y0UTh1cXpOeGVLRHRJcW1QMlY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQB
V3hEAwQAW1waAwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCZeoBTmFjK
KG4y3z393GYqvMj0u4G5JBD0LaLPJQV5LYIO3mhfs8I1QFi8s/1LV85UuMqiQ5VP
QNZlo1FO5ZNyFr9agR2UjKDArxx/cffH8OGWwngId7rvtIjB3F+5AlLucZZi3UJp
e/sYugwKLF3bC3UP+6XkgAkpcetycMfYwra0dU+SpfMY8s0vEMcuIK4usLL6HASB
EVKVzHFweYHfTpeT0l9uxkI/eZCFZIASQbpMy30MUOZb7MxKIpX7Wv4+reDYi/ol
qxN7jTZxy7+ceSM49YQFDeEmZnmMuXkjKuBhgsYXiKnpzWd4YQliA4dAI04Riyhn
vEzo0Kpa+cmc
-----END CERTIFICATE-----
Generated at Thu Feb 22 03:37:15 2024 by rpki-client on console-ams.rpki-client.org