Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GH5lkFlAkzEXxRQZ8BtzetuFe7Q.roa
File: GH5lkFlAkzEXxRQZ8BtzetuFe7Q.roa (raw, json)
Hash identifier: q1bl9sBVaqGxIZFJT3uKrw8ovNLfCu0RE6IqKiq0blw=
Subject key identifier: 18:7E:65:90:59:40:93:31:17:C5:14:19:F0:1B:73:7A:DB:85:7B:B4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E55D859DF5451CA294EB1B6D615101FDE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GH5lkFlAkzEXxRQZ8BtzetuFe7Q.roa
Signing time: Tue 19 Mar 2024 08:33:45 +0000
ROA not before: Tue 19 Mar 2024 08:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203168
IP address blocks: 45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Apr 2024 06:45:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:55:d8:59:df:54:51:ca:29:4e:b1:b6:d6:15:10:1f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 19 08:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=187e65905940933117c51419f01b737adb857bb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:24:74:d5:5b:e8:88:09:60:a4:be:a3:18:1c:
85:70:60:c6:10:42:21:af:79:65:72:fa:47:4a:aa:
36:19:63:4c:20:12:9f:3c:f2:1b:88:9e:c0:3e:27:
a1:4b:15:76:b1:bc:ae:4d:6f:17:c1:fd:fb:ca:57:
8a:24:c0:b5:be:04:7a:a8:02:08:48:7d:23:07:48:
cc:bd:63:93:7e:93:93:05:0e:ff:c4:81:4a:60:23:
66:7b:b6:27:66:ae:27:5c:68:36:d6:3e:af:64:ba:
03:50:71:a6:16:1d:3a:01:38:55:16:eb:eb:80:92:
af:c9:ca:ce:23:a0:4e:1a:d3:33:93:fa:f7:9f:e6:
26:b7:74:eb:7f:d5:96:a1:2f:7c:4e:c3:33:47:58:
a9:d6:6d:86:80:c1:5c:85:54:48:3c:47:a2:a7:11:
56:8d:3a:6d:32:7b:12:0e:fa:1d:cc:0c:1b:23:ae:
1a:69:e9:98:61:45:0c:87:8d:bf:0b:a7:51:17:c9:
3f:16:85:ae:5d:9b:e8:22:d4:1e:a7:aa:d0:d4:03:
9f:b3:33:9b:68:35:c3:ab:94:ce:41:c8:ae:4a:73:
a8:43:25:03:0a:77:13:2f:d4:d4:6c:38:a1:68:0b:
a1:f7:96:f1:a8:7b:cb:29:aa:fe:89:82:5f:a9:5a:
d1:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:7E:65:90:59:40:93:31:17:C5:14:19:F0:1B:73:7A:DB:85:7B:B4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/GH5lkFlAkzEXxRQZ8BtzetuFe7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.128.96.0/24
87.120.84.0/24
94.156.10.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
25:ce:28:1a:7e:66:4a:eb:c2:73:15:94:3a:7a:14:eb:93:76:
63:92:79:1a:86:b3:af:98:0c:ec:5f:58:61:4c:94:c9:8e:3e:
06:cc:1b:a9:31:ca:ee:94:78:a7:bf:10:44:40:3f:14:d0:56:
63:ad:15:1c:42:54:30:78:ad:86:1f:73:d5:96:7b:75:49:21:
1c:3b:28:4b:0b:e0:0b:c3:0c:5a:14:06:84:b5:87:21:fa:9a:
8e:d2:40:1d:a7:97:16:94:b2:ac:05:a9:bd:c2:08:e6:c8:ba:
c6:3e:2e:a4:9d:f4:0b:a1:78:d4:49:03:62:90:f8:0d:b8:6d:
38:46:55:26:3c:16:13:68:96:0c:76:4c:f3:2f:c9:b3:f1:e3:
a1:99:ee:78:f7:4d:02:cd:fc:62:1e:a5:37:4e:9d:4d:bd:3e:
2c:68:c0:b5:38:ae:0b:fb:bd:6b:07:54:c6:f2:0a:1e:47:d6:
fc:fa:f5:ea:8a:88:b7:e1:b5:bd:72:ff:73:54:98:52:9a:5f:
26:61:67:95:8a:9e:70:74:78:25:0e:da:d3:b5:72:aa:d1:d1:
f8:b4:ce:26:e6:02:bc:bc:e2:04:52:8e:25:86:7b:71:ca:2f:
b4:1c:c6:e8:30:9b:9a:6e:4c:11:a9:b8:1a:b5:dc:34:51:73:
b4:92:0f:51
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY5V2FnfVFHKKU6xttYVEB/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE5MDgzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODdlNjU5MDU5NDA5MzMxMTdjNTE0MTlmMDFiNzM3YWRiODU3YmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCR01VvoiAlgpL6jGByFcGDGEEIh
r3llcvpHSqo2GWNMIBKfPPIbiJ7APiehSxV2sbyuTW8Xwf37yleKJMC1vgR6qAII
SH0jB0jMvWOTfpOTBQ7/xIFKYCNme7YnZq4nXGg21j6vZLoDUHGmFh06AThVFuvr
gJKvycrOI6BOGtMzk/r3n+Ymt3Trf9WWoS98TsMzR1ip1m2GgMFchVRIPEeipxFW
jTptMnsSDvodzAwbI64aaemYYUUMh42/C6dRF8k/FoWuXZvoItQep6rQ1AOfszOb
aDXDq5TOQciuSnOoQyUDCncTL9TUbDihaAuh95bxqHvLKar+iYJfqVrRbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBh+ZZBZQJMxF8UUGfAbc3rbhXu0MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR0g1bGtGbEFrekVYeFJRWjhCdHpldHVGZTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVhaAwQA
LYBgAwQAV3hUAwQAXpwKAwQAwd5gAwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQAl
zigafmZK68JzFZQ6ehTrk3ZjknkahrOvmAzsX1hhTJTJjj4GzBupMcrulHinvxBE
QD8U0FZjrRUcQlQweK2GH3PVlnt1SSEcOyhLC+ALwwxaFAaEtYch+pqO0kAdp5cW
lLKsBam9wgjmyLrGPi6knfQLoXjUSQNikPgNuG04RlUmPBYTaJYMdkzzL8mz8eOh
me54900CzfxiHqU3Tp1NvT4saMC1OK4L+71rB1TG8goeR9b8+vXqioi34bW9cv9z
VJhSml8mYWeVip5wdHglDtrTtXKq0dH4tM4m5gK8vOIEUo4lhntxyi+0HMboMJua
bkwRqbgatdw0UXO0kg9R
-----END CERTIFICATE-----
Generated at Thu Apr 11 11:03:12 2024 by rpki-client on console-ams.rpki-client.org