Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HkaIZiCsIgG1tpDqwtXesZGD4l8.roa
File: HkaIZiCsIgG1tpDqwtXesZGD4l8.roa (raw, json)
Hash identifier: 7al0jtGHj/vPtCUQneQJjnYbMAn7EMIgRMgWDi7SEM8=
Subject key identifier: 1E:46:88:66:20:AC:22:01:B5:B6:90:EA:C2:D5:DE:B1:91:83:E2:5F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187DB3CBB451BEDEE60860CB0D9270B2A8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HkaIZiCsIgG1tpDqwtXesZGD4l8.roa
Signing time: Tue 02 May 2023 06:53:23 +0000
ROA not before: Tue 02 May 2023 06:53:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200785
IP address blocks: 45.139.106.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Aug 2023 12:45:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:3c:bb:45:1b:ed:ee:60:86:0c:b0:d9:27:0b:2a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 06:53:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e46886620ac2201b5b690eac2d5deb19183e25f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:dc:2e:fb:55:04:cf:07:c1:f3:32:25:ed:52:
0f:c2:e2:9b:04:ba:a2:d7:88:9e:64:cd:b7:28:59:
24:cb:b9:bd:65:ca:29:b4:be:c5:ce:ee:51:f2:98:
2e:6b:b0:3b:4c:aa:29:cf:2f:60:d0:35:eb:4e:b5:
c7:92:a5:a1:f8:bc:40:6c:2e:9b:6d:ae:af:0e:dd:
0f:bb:43:c1:0f:98:ce:dc:8b:8b:99:84:4a:c8:f7:
f5:08:38:de:9c:f6:1c:e5:38:fd:1b:bd:12:fd:68:
d3:6f:bc:d8:60:f3:e4:fa:cd:70:1d:99:b0:38:59:
b6:c8:2e:ef:be:25:20:6e:20:a1:a7:8d:0c:47:50:
e2:01:ac:b2:9a:a1:81:62:da:8a:ed:9f:14:0a:9c:
f1:b9:cb:78:70:9b:44:71:17:84:15:d3:3f:e3:81:
90:ab:5f:e2:39:b4:05:91:28:52:95:4d:01:77:cb:
de:42:10:2b:47:ce:23:7e:ae:09:8e:49:b9:8f:27:
10:7a:ea:e6:2b:5c:cf:c9:d4:1e:20:cd:e6:a2:92:
72:54:02:09:2f:02:06:bf:8e:24:ef:b0:08:3d:0c:
04:95:4c:07:91:cd:86:01:f3:55:7b:dd:78:08:dd:
19:37:b6:05:fb:b7:98:ec:a9:7e:93:ec:94:5f:b0:
4a:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:46:88:66:20:AC:22:01:B5:B6:90:EA:C2:D5:DE:B1:91:83:E2:5F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HkaIZiCsIgG1tpDqwtXesZGD4l8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.251.0/24
45.139.106.0/24
87.120.33.0/24
Signature Algorithm: sha256WithRSAEncryption
07:68:5c:af:e2:81:11:5f:39:f9:81:a8:28:ae:92:35:be:90:
21:d8:36:8e:2e:05:ae:87:99:db:30:e2:a2:68:4d:68:df:fb:
16:7b:f4:7b:7c:30:13:40:ee:b3:ca:23:b1:08:06:30:44:5e:
1a:4c:16:47:fe:8d:b4:e5:a8:65:d9:18:f8:7a:4f:c8:67:24:
12:9a:df:2a:6c:c5:37:00:08:37:34:22:47:99:05:c5:a1:dc:
af:9e:f6:f2:50:c6:82:8c:75:6f:cd:a0:bb:c2:1a:a3:1c:b2:
37:aa:31:29:89:be:79:05:19:7f:73:2d:9a:9c:df:8f:24:6e:
e1:fe:67:31:23:11:2a:72:68:ed:c1:cb:97:74:8a:b7:e7:c0:
ae:a5:49:d2:d0:6a:e2:6c:50:36:76:47:a8:8e:46:f1:84:51:
63:3c:5f:d9:05:f0:bf:b3:a2:a0:36:5a:33:21:6d:b6:98:de:
87:73:20:45:12:38:d8:42:05:85:76:b3:30:d4:3c:c2:4c:a4:
54:b9:2e:98:2c:f6:ee:91:28:94:20:3d:81:77:69:48:7b:ad:
9f:5e:a2:77:38:58:a1:d1:81:cb:4c:c4:b6:ca:cc:7e:be:09:
f1:c3:a5:9b:a9:ab:10:09:64:24:1e:dd:5d:55:a8:0e:c7:ed:
f6:06:24:a9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYfbPLtFG+3uYIYMsNknCyqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTAyMDY1MzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTQ2ODg2NjIwYWMyMjAxYjViNjkwZWFjMmQ1ZGViMTkxODNlMjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2dwu+1UEzwfB8zIl7VIPwuKbBLqi
14ieZM23KFkky7m9ZcoptL7Fzu5R8pgua7A7TKopzy9g0DXrTrXHkqWh+LxAbC6b
ba6vDt0Pu0PBD5jO3IuLmYRKyPf1CDjenPYc5Tj9G70S/WjTb7zYYPPk+s1wHZmw
OFm2yC7vviUgbiChp40MR1DiAayymqGBYtqK7Z8UCpzxuct4cJtEcReEFdM/44GQ
q1/iObQFkShSlU0Bd8veQhArR84jfq4Jjkm5jycQeurmK1zPydQeIM3mopJyVAIJ
LwIGv44k77AIPQwElUwHkc2GAfNVe914CN0ZN7YF+7eY7Kl+k+yUX7BKWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB5GiGYgrCIBtbaQ6sLV3rGRg+JfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSGthSVppQ3NJZ0cxdHBEcXd0WGVzWkdENGw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYX7AwQA
LYtqAwQAV3ghMA0GCSqGSIb3DQEBCwUAA4IBAQAHaFyv4oERXzn5gagorpI1vpAh
2DaOLgWuh5nbMOKiaE1o3/sWe/R7fDATQO6zyiOxCAYwRF4aTBZH/o205ahl2Rj4
ek/IZyQSmt8qbMU3AAg3NCJHmQXFodyvnvbyUMaCjHVvzaC7whqjHLI3qjEpib55
BRl/cy2anN+PJG7h/mcxIxEqcmjtwcuXdIq358CupUnS0GribFA2dkeojkbxhFFj
PF/ZBfC/s6KgNlozIW22mN6HcyBFEjjYQgWFdrMw1DzCTKRUuS6YLPbukSiUID2B
d2lIe62fXqJ3OFih0YHLTMS2ysx+vgnxw6WbqasQCWQkHt1dVagOx+32BiSp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:03 2024 by rpki-client on console-fra.rpki-client.org