Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5rmKVdDIl4ShtymlC6YhxfY_p0.roa
File: I5rmKVdDIl4ShtymlC6YhxfY_p0.roa (raw, json)
Hash identifier: lW2P3sXytnaRv+hVLe2wkXIC9y38SrExutHLCTMTz7A=
Subject key identifier: 23:9A:E6:29:57:43:22:5E:12:86:DC:A6:94:2E:98:87:17:D8:FE:9D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C4E8D2049A11BB67253DC11068E5E7E84
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5rmKVdDIl4ShtymlC6YhxfY_p0.roa
Signing time: Sat 09 Dec 2023 12:28:40 +0000
ROA not before: Sat 09 Dec 2023 12:28:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51396
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
87.121.69.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:4e:8d:20:49:a1:1b:b6:72:53:dc:11:06:8e:5e:7e:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 9 12:28:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=239ae6295743225e1286dca6942e988717d8fe9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:01:b3:92:10:8a:45:be:74:54:da:90:22:10:
f2:9c:91:92:b4:2e:24:d6:09:4c:06:8f:b7:77:24:
4c:38:5e:fc:c6:29:a9:6f:c7:28:d6:30:ac:e4:e7:
2c:90:2c:1b:8d:ec:8b:ee:4f:f1:08:e8:4c:b1:5a:
6f:2a:6e:93:c0:d0:76:08:e0:25:22:9f:a2:7f:69:
37:71:1e:ec:ac:d6:33:6e:40:ac:ea:e8:1d:a6:52:
71:0e:e4:31:24:d9:d9:40:23:ca:f9:47:a9:4b:7e:
f5:96:2e:65:4b:04:0d:89:02:d4:ee:10:4a:20:f8:
68:3e:bb:87:86:01:e8:73:30:9d:bc:e2:85:67:4a:
59:e9:08:0a:cd:de:d1:bf:e2:db:32:dc:d9:f4:f7:
4e:83:b5:1c:4e:89:a3:21:64:16:92:98:ff:a8:9e:
2f:29:fe:33:02:a8:21:30:81:ab:fb:97:83:b5:97:
8e:6d:85:3d:d6:5a:25:29:41:5f:23:dd:47:eb:9d:
1d:86:69:ac:81:c5:bd:99:ee:61:7f:ce:1b:58:c8:
66:c2:de:a1:d8:f0:95:bb:ac:67:47:c7:03:33:d9:
ab:47:53:75:50:d8:f0:b4:3e:0c:b7:af:ab:fb:b2:
5a:3d:b8:12:2c:8a:f9:1c:89:34:1e:76:67:fd:f3:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:9A:E6:29:57:43:22:5E:12:86:DC:A6:94:2E:98:87:17:D8:FE:9D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5rmKVdDIl4ShtymlC6YhxfY_p0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
87.121.69.0/24
94.103.124.0/23
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
02:df:e0:87:d2:d8:4f:c7:42:91:d1:25:b0:6d:b3:a0:2b:4f:
e7:c9:55:5f:98:94:71:b6:f8:18:29:8d:f0:51:cc:7c:4c:3f:
85:e0:f8:7b:ba:65:df:a9:6b:5b:fa:10:eb:fd:a4:01:ea:85:
91:61:94:17:2b:33:ba:b5:22:25:5d:e3:21:54:58:a8:4d:71:
e7:db:c5:9e:6a:65:98:55:f9:fa:b7:36:7d:0a:04:1c:78:8d:
2e:6d:4a:ee:27:0c:c1:0b:c1:3b:93:54:9f:44:b8:5f:42:30:
48:0d:1e:0a:8c:53:f7:4f:2b:19:71:7f:df:f5:8a:d6:62:45:
1c:dd:e5:3e:0d:61:77:56:c1:4b:38:3c:f3:84:c6:2b:ea:57:
6d:d0:1e:0c:a8:12:0f:90:41:02:e3:e2:13:0a:cd:b1:76:5e:
1b:ed:51:68:26:f2:24:9f:38:a8:dc:0e:03:3f:01:17:e0:aa:
99:29:18:30:1b:cb:69:1c:2d:f3:45:2d:8c:a6:3e:03:71:cf:
05:cb:ef:ce:d9:56:8f:f1:dc:c8:c8:37:78:65:d6:22:fc:0e:
eb:e2:e6:98:6f:00:6f:e7:9a:19:b9:3b:4d:8f:02:39:d8:53:
d4:82:a2:5c:64:1d:df:4d:68:c7:b5:1a:c9:b8:de:bc:7c:9f:
be:55:a2:5c
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYxOjSBJoRu2clPcEQaOXn6EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjA5MTIyODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzlhZTYyOTU3NDMyMjVlMTI4NmRjYTY5NDJlOTg4NzE3ZDhmZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQGzkhCKRb50VNqQIhDynJGStC4k
1glMBo+3dyRMOF78ximpb8co1jCs5OcskCwbjeyL7k/xCOhMsVpvKm6TwNB2COAl
Ip+if2k3cR7srNYzbkCs6ugdplJxDuQxJNnZQCPK+UepS371li5lSwQNiQLU7hBK
IPhoPruHhgHoczCdvOKFZ0pZ6QgKzd7Rv+LbMtzZ9PdOg7UcTomjIWQWkpj/qJ4v
Kf4zAqghMIGr+5eDtZeObYU91lolKUFfI91H650dhmmsgcW9me5hf84bWMhmwt6h
2PCVu6xnR8cDM9mrR1N1UNjwtD4Mt6+r+7JaPbgSLIr5HIk0HnZn/fO+RwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCOa5ilXQyJeEobcppQumIcX2P6dMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTVybUtWZERJbDRTaHR5bWxDNlloeGZZX3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAV3lFAwQBXmd8AwQAjWIEAwQAk05mAwQA
wSMSMA0GCSqGSIb3DQEBCwUAA4IBAQAC3+CH0thPx0KR0SWwbbOgK0/nyVVfmJRx
tvgYKY3wUcx8TD+F4Ph7umXfqWtb+hDr/aQB6oWRYZQXKzO6tSIlXeMhVFioTXHn
28WeamWYVfn6tzZ9CgQceI0ubUruJwzBC8E7k1SfRLhfQjBIDR4KjFP3TysZcX/f
9YrWYkUc3eU+DWF3VsFLODzzhMYr6ldt0B4MqBIPkEEC4+ITCs2xdl4b7VFoJvIk
nzio3A4DPwEX4KqZKRgwG8tpHC3zRS2Mpj4Dcc8Fy+/O2VaP8dzIyDd4ZdYi/A7r
4uaYbwBv55oZuTtNjwI52FPUgqJcZB3fTWjHtRrJuN68fJ++VaJc
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:10 2024 by rpki-client on console-ams.rpki-client.org