Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JD7YZnqJgJt-eXUv2O4FvyiwqeU.roa
File: JD7YZnqJgJt-eXUv2O4FvyiwqeU.roa (raw, json)
Hash identifier: 4u54TzxbasJUTj1IPOhZehQBV/fyslj88Gk1AtMCLxg=
Subject key identifier: 24:3E:D8:66:7A:89:80:9B:7E:79:75:2F:D8:EE:05:BF:28:B0:A9:E5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01879E46F13062AF29578ABEC7C99A5E251A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JD7YZnqJgJt-eXUv2O4FvyiwqeU.roa
Signing time: Thu 20 Apr 2023 10:47:41 +0000
ROA not before: Thu 20 Apr 2023 10:47:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209043
IP address blocks: 45.14.166.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 Jun 2023 03:22:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9e:46:f1:30:62:af:29:57:8a:be:c7:c9:9a:5e:25:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 20 10:47:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=243ed8667a89809b7e79752fd8ee05bf28b0a9e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:30:a1:4b:3a:5b:51:ae:11:d2:97:6b:e0:
dd:41:82:7a:58:b3:6f:fe:a6:10:00:ab:7a:7d:75:
3d:03:a6:1d:dd:ff:c0:22:c1:b4:eb:1e:31:8e:7c:
71:f1:e9:28:28:e1:d9:08:41:2c:56:fd:61:64:dc:
04:f2:04:b6:35:b9:6e:36:85:2f:6f:5c:81:51:9c:
a3:85:01:82:6f:9c:5f:14:54:92:f3:16:a5:ed:82:
ba:d3:ea:71:81:20:e1:81:e4:9e:96:e2:81:9d:05:
60:bd:7a:94:22:59:df:7f:60:5e:27:96:0a:99:cc:
83:88:02:47:d0:5e:31:cc:22:73:b9:0b:5d:65:ab:
fc:f1:f8:7b:15:34:43:db:40:b0:86:1f:2f:94:0a:
ed:c3:bc:b6:18:57:56:bb:f8:50:67:cd:eb:3e:ca:
da:2c:62:9e:10:11:17:b4:4c:d7:f8:05:11:b4:c7:
69:3c:78:ba:57:a0:ee:a6:cd:84:df:52:f3:83:2c:
47:91:e0:d7:0b:8c:43:6f:cc:2a:62:05:f3:16:3d:
44:b4:e9:01:d4:96:94:37:50:38:0e:f4:28:25:e4:
43:33:34:34:d0:cd:18:cf:be:ce:04:08:d1:e3:80:
19:9d:9f:fa:ec:b5:92:cd:a4:ed:55:74:2b:f4:e8:
35:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:3E:D8:66:7A:89:80:9B:7E:79:75:2F:D8:EE:05:BF:28:B0:A9:E5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JD7YZnqJgJt-eXUv2O4FvyiwqeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
83.219.99.0/24
Signature Algorithm: sha256WithRSAEncryption
38:69:bf:5b:ae:b6:39:13:85:24:d1:ba:74:60:85:36:d4:36:
c0:d3:8b:97:4b:8a:14:96:61:9c:b8:52:79:a5:86:07:04:55:
39:c6:0d:db:01:f2:c8:20:17:4e:eb:04:04:c9:05:a7:ad:ce:
40:cc:0e:6b:00:f3:76:3e:21:e9:54:77:85:be:3d:b9:50:a0:
83:c4:69:1c:d0:8c:6f:72:e6:98:67:a4:11:24:a0:89:ec:7f:
ad:c2:98:fe:9f:a1:79:eb:2f:6d:19:43:f5:d0:d9:3e:2a:e8:
cc:3d:c9:be:57:1c:26:21:fa:3b:a9:7a:14:e3:40:7f:41:4a:
0f:ea:a2:38:2f:aa:59:5c:16:d5:bb:ec:7f:6e:04:4e:b1:d1:
36:00:2d:f7:07:22:a2:a9:9a:1b:f3:56:db:f4:30:27:c7:74:
fa:62:00:b5:0f:92:4c:55:80:94:71:84:a1:b6:9e:9b:73:f4:
29:85:3e:4a:94:ba:d5:c2:b4:27:43:40:d8:40:80:fa:fd:5b:
04:a4:98:a4:08:8c:57:50:f4:21:0a:2e:ad:d8:4b:00:e5:11:
27:fb:08:33:fb:04:db:28:99:9a:c9:d9:36:56:10:54:6c:2c:
fd:d4:72:f0:b2:c7:87:1a:2d:72:94:c9:5d:fb:df:91:5f:3c:
f8:c3:c2:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYeeRvEwYq8pV4q+x8maXiUaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDIwMTA0NzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDNlZDg2NjdhODk4MDliN2U3OTc1MmZkOGVlMDViZjI4YjBhOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQYwoUs6W1GuEdKXa+DdQYJ6WLNv
/qYQAKt6fXU9A6Yd3f/AIsG06x4xjnxx8ekoKOHZCEEsVv1hZNwE8gS2NbluNoUv
b1yBUZyjhQGCb5xfFFSS8xal7YK60+pxgSDhgeSeluKBnQVgvXqUIlnff2BeJ5YK
mcyDiAJH0F4xzCJzuQtdZav88fh7FTRD20Cwhh8vlArtw7y2GFdWu/hQZ83rPsra
LGKeEBEXtEzX+AURtMdpPHi6V6Dups2E31LzgyxHkeDXC4xDb8wqYgXzFj1EtOkB
1JaUN1A4DvQoJeRDMzQ00M0Yz77OBAjR44AZnZ/67LWSzaTtVXQr9Og1RQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCQ+2GZ6iYCbfnl1L9juBb8osKnlMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSkQ3WVpucUpnSnQtZVhVdjJPNEZ2eWl3cWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQ6mAwQA
U9tjMA0GCSqGSIb3DQEBCwUAA4IBAQA4ab9brrY5E4Uk0bp0YIU21DbA04uXS4oU
lmGcuFJ5pYYHBFU5xg3bAfLIIBdO6wQEyQWnrc5AzA5rAPN2PiHpVHeFvj25UKCD
xGkc0IxvcuaYZ6QRJKCJ7H+twpj+n6F56y9tGUP10Nk+KujMPcm+VxwmIfo7qXoU
40B/QUoP6qI4L6pZXBbVu+x/bgROsdE2AC33ByKiqZob81bb9DAnx3T6YgC1D5JM
VYCUcYShtp6bc/QphT5KlLrVwrQnQ0DYQID6/VsEpJikCIxXUPQhCi6t2EsA5REn
+wgz+wTbKJmaydk2VhBUbCz91HLwsseHGi1ylMld+9+RXzz4w8LP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:29 2024 by rpki-client on console-ams.rpki-client.org