Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IVBgkS-JTcSkThw3XbA7QL8wyWQ.roa
File: IVBgkS-JTcSkThw3XbA7QL8wyWQ.roa (raw, json)
Hash identifier: nWwS7sgrxPZSPHF4rXwDPivSuZzTHWGFYyZZQHoliHs=
Subject key identifier: 21:50:60:91:2F:89:4D:C4:A4:4E:1C:37:5D:B0:3B:40:BF:30:C9:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01905D7EA46D3687137C6D22322102FCD162
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IVBgkS-JTcSkThw3XbA7QL8wyWQ.roa
Signing time: Fri 28 Jun 2024 06:18:18 +0000
ROA not before: Fri 28 Jun 2024 06:18:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 45.129.86.0/23 maxlen: 24
82.115.211.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 10:24:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5d:7e:a4:6d:36:87:13:7c:6d:22:32:21:02:fc:d1:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 28 06:18:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215060912f894dc4a44e1c375db03b40bf30c964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d3:4e:82:cc:13:07:8d:d9:1d:03:2b:f3:bf:
f8:c3:b2:ee:6e:bf:4f:ca:ac:a7:a9:04:82:ad:c3:
04:22:d4:0a:03:83:2a:3d:d0:ed:26:60:81:0b:36:
e0:a1:c5:02:06:cc:e8:50:4b:6d:aa:8b:e3:e0:12:
a8:55:06:2d:b9:e9:df:3d:d9:2e:cc:f6:d4:fb:03:
8a:54:b8:54:3d:af:19:74:e2:37:24:c0:1b:cc:b8:
87:d2:f1:eb:c8:9a:1f:e2:85:60:dc:01:c6:9f:47:
85:8a:90:da:75:a1:96:2f:3d:a2:e5:72:5e:81:a9:
8f:41:ac:0e:e9:61:0b:a6:4c:ba:1f:55:37:95:12:
df:2e:25:5b:36:f8:1b:b8:37:6c:0b:60:68:3c:f0:
a4:63:f2:c7:8a:b2:9c:b6:1e:03:6a:ff:e0:35:ce:
68:79:e0:32:3c:80:ca:e9:e3:ec:7c:ec:4c:51:ae:
45:80:0e:3b:2d:2d:0f:c6:ff:cc:ea:86:b1:d1:c9:
51:0d:e4:8f:fd:96:e3:7f:92:c0:9d:4c:ed:75:b9:
e4:ee:bf:89:77:05:fc:d5:29:18:f9:b5:26:19:5e:
53:81:8a:32:b6:8b:e6:1e:1b:d9:f7:46:bc:63:8b:
ec:2d:df:5b:ce:0c:4c:f4:8e:22:fc:97:9a:88:a0:
50:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:50:60:91:2F:89:4D:C4:A4:4E:1C:37:5D:B0:3B:40:BF:30:C9:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IVBgkS-JTcSkThw3XbA7QL8wyWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.86.0/23
82.115.211.0/24
185.252.176.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
65:18:03:66:a5:dc:3a:b8:50:ca:b5:ab:a0:16:b8:40:1c:b7:
ca:7d:b8:35:07:db:c0:f8:7e:eb:84:af:14:cf:cc:11:19:89:
a5:47:2c:02:25:2d:73:d0:2b:b2:d7:ef:84:55:6e:70:e5:cd:
27:92:da:a4:b5:8c:a4:eb:06:f6:db:17:ba:25:d5:6a:81:85:
17:07:00:42:39:ad:12:5b:1b:ce:00:4e:eb:42:2c:ad:a7:4c:
72:3d:d9:0e:1c:3c:91:4c:fc:a3:d6:43:65:57:8b:2a:07:0b:
40:79:5e:08:ab:86:4e:bb:11:df:76:12:46:61:5b:0b:e9:99:
28:bf:82:05:70:da:cc:4b:d0:27:a6:90:4f:63:51:18:a6:f6:
de:c8:5c:11:66:02:b9:5b:40:1e:cb:da:f9:a7:90:e7:4a:6f:
14:f9:b4:f4:c2:13:fd:d4:a5:e6:43:cc:a6:db:19:f8:59:b6:
d4:56:05:b6:95:94:d6:97:28:94:96:f1:d3:6e:aa:83:90:ee:
c2:89:62:59:e5:b4:30:3f:ea:32:8b:51:15:a9:a3:ef:32:fe:
2f:a9:85:4a:b8:9e:5b:0f:3c:f0:6b:9f:f7:47:b7:ae:be:41:
9b:41:4d:1f:5e:7f:c4:17:28:43:05:6a:a1:7f:99:2f:bc:14:
48:6e:76:f1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZBdfqRtNocTfG0iMiEC/NFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI4MDYxODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTUwNjA5MTJmODk0ZGM0YTQ0ZTFjMzc1ZGIwM2I0MGJmMzBjOTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldNOgswTB43ZHQMr87/4w7Lubr9P
yqynqQSCrcMEItQKA4MqPdDtJmCBCzbgocUCBszoUEttqovj4BKoVQYtuenfPdku
zPbU+wOKVLhUPa8ZdOI3JMAbzLiH0vHryJof4oVg3AHGn0eFipDadaGWLz2i5XJe
gamPQawO6WELpky6H1U3lRLfLiVbNvgbuDdsC2BoPPCkY/LHirKcth4Dav/gNc5o
eeAyPIDK6ePsfOxMUa5FgA47LS0Pxv/M6oax0clRDeSP/Zbjf5LAnUztdbnk7r+J
dwX81SkY+bUmGV5TgYoytovmHhvZ90a8Y4vsLd9bzgxM9I4i/JeaiKBQmwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCFQYJEviU3EpE4cN12wO0C/MMlkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSVZCZ2tTLUpUY1NrVGh3M1hiQTdRTDh3eVdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLYFWAwQA
UnPTAwQAufywAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQBlGANmpdw6uFDKtaug
FrhAHLfKfbg1B9vA+H7rhK8Uz8wRGYmlRywCJS1z0Cuy1++EVW5w5c0nktqktYyk
6wb22xe6JdVqgYUXBwBCOa0SWxvOAE7rQiytp0xyPdkOHDyRTPyj1kNlV4sqBwtA
eV4Iq4ZOuxHfdhJGYVsL6Zkov4IFcNrMS9AnppBPY1EYpvbeyFwRZgK5W0Aey9r5
p5DnSm8U+bT0whP91KXmQ8ym2xn4WbbUVgW2lZTWlyiUlvHTbqqDkO7CiWJZ5bQw
P+oyi1EVqaPvMv4vqYVKuJ5bDzzwa5/3R7euvkGbQU0fXn/EFyhDBWqhf5kvvBRI
bnbx
-----END CERTIFICATE-----
Generated at Mon Jul 29 14:18:38 2024 by rpki-client on console-ams.rpki-client.org