Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NAtiB0MZsRvb4EweegA52r5I4JQ.roa
File: NAtiB0MZsRvb4EweegA52r5I4JQ.roa (raw, json)
Hash identifier: vJle2oqoUf8MXmjJs34ABE7mmSsQj24C6gq2o82VdZc=
Subject key identifier: 34:0B:62:07:43:19:B1:1B:DB:E0:4C:1E:7A:00:39:DA:BE:48:E0:94
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E48F4C88B5C0E02B2B437B1D4A3BC8851
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NAtiB0MZsRvb4EweegA52r5I4JQ.roa
Signing time: Sat 16 Mar 2024 20:29:45 +0000
ROA not before: Sat 16 Mar 2024 20:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.61.0/24 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 17 Mar 2024 15:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:f4:c8:8b:5c:0e:02:b2:b4:37:b1:d4:a3:bc:88:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 16 20:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=340b62074319b11bdbe04c1e7a0039dabe48e094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:43:b6:d0:71:0f:66:a7:94:c0:06:ff:c6:7a:
6f:cc:44:1f:e5:09:9c:b2:77:11:3e:df:7f:27:9e:
70:52:93:4a:6c:08:87:c8:8a:49:61:39:d1:b8:06:
bb:ee:4a:ff:fa:9a:95:13:a1:1e:aa:e0:88:a4:55:
39:f4:ea:85:6f:2d:af:a5:db:c0:1f:e0:1e:b3:63:
b1:f9:3e:7b:b0:53:d6:d4:0c:2e:e8:1d:d8:08:69:
a1:b0:d5:5d:52:5e:96:56:04:8b:dc:e9:2f:03:d8:
4a:c1:e4:c6:30:ba:33:59:64:de:db:d1:9d:2d:5e:
37:3c:4a:2b:1c:50:ee:30:0d:af:86:1c:00:43:e9:
fc:46:6b:84:bf:71:2c:81:10:30:00:dd:a1:e3:24:
0f:19:56:4f:90:bf:6c:49:14:61:78:21:59:d6:0d:
1c:f4:03:51:66:69:65:d1:d2:d8:5b:2a:67:d7:4c:
ff:fc:91:06:b4:0d:c7:eb:a4:0a:b7:de:45:36:b6:
c2:95:80:b4:a9:3b:85:2a:94:c8:a7:09:9b:b4:d4:
26:e2:b0:3a:00:e0:64:c3:81:b6:61:c8:81:3f:d4:
a4:ea:6c:86:7d:97:55:51:33:c4:fe:a3:21:44:02:
d6:9d:8c:27:11:e6:05:00:1f:8a:55:17:a1:9f:a0:
9c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:0B:62:07:43:19:B1:1B:DB:E0:4C:1E:7A:00:39:DA:BE:48:E0:94
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/NAtiB0MZsRvb4EweegA52r5I4JQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
87.121.61.0-87.121.63.255
87.121.114.0/23
91.92.26.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
06:ac:29:72:fe:4a:eb:10:03:a1:4a:bd:75:08:96:88:a7:bd:
c7:be:93:9f:a0:01:0d:9e:b9:b6:9e:0d:63:f6:3e:63:b0:64:
90:10:8b:41:49:43:05:07:11:12:d6:83:ce:5b:d5:fe:06:b0:
4b:0b:ce:88:fb:80:70:aa:7f:ca:1f:e6:ef:a0:dd:cc:ac:f5:
c8:02:15:57:ad:59:78:fe:37:cf:64:7d:23:e0:7f:e4:49:73:
36:84:64:f1:78:f3:30:78:9d:17:c0:62:37:5c:a0:e5:c2:85:
34:7d:bf:a0:6a:94:49:23:40:ad:71:99:a6:4d:81:76:75:8e:
61:1e:dc:03:dc:40:4c:71:68:c3:0d:2b:45:5b:bb:62:18:dd:
8f:c1:58:9e:2d:5c:a9:f3:3f:2f:3d:3b:c3:0f:d6:7f:46:07:
49:48:3d:8a:84:03:a0:ab:93:bb:9d:f6:be:51:1f:ac:0e:a9:
83:d6:c5:c8:20:b0:aa:fa:d3:1a:6a:0b:a8:e8:7d:8e:e6:f3:
16:66:d0:46:2c:47:32:26:9c:f1:b3:3e:f0:4c:57:28:d1:f2:
d2:80:23:ac:29:e1:a0:4c:d0:23:f0:c1:1a:5e:78:9a:4b:ed:
f2:36:fa:cc:5a:3e:74:30:97:34:0e:c0:a8:72:ef:66:4d:fe:
60:bf:c7:0d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY5I9MiLXA4CsrQ3sdSjvIhRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE2MjAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNDBiNjIwNzQzMTliMTFiZGJlMDRjMWU3YTAwMzlkYWJlNDhlMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkO20HEPZqeUwAb/xnpvzEQf5Qmc
sncRPt9/J55wUpNKbAiHyIpJYTnRuAa77kr/+pqVE6EequCIpFU59OqFby2vpdvA
H+Aes2Ox+T57sFPW1Awu6B3YCGmhsNVdUl6WVgSL3OkvA9hKweTGMLozWWTe29Gd
LV43PEorHFDuMA2vhhwAQ+n8RmuEv3EsgRAwAN2h4yQPGVZPkL9sSRRheCFZ1g0c
9ANRZmll0dLYWypn10z//JEGtA3H66QKt95FNrbClYC0qTuFKpTIpwmbtNQm4rA6
AOBkw4G2YciBP9Sk6myGfZdVUTPE/qMhRALWnYwnEeYFAB+KVRehn6Cc3wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFDQLYgdDGbEb2+BMHnoAOdq+SOCUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTkF0aUIwTVpzUnZiNEV3ZWVnQTUycjVJNEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALQheAwQB
V3hEMAwDBABXeT0DBAZXeQADBAFXeXIDBABbXBoDBAFde0oDBAG5/KAwDQYJKoZI
hvcNAQELBQADggEBAAasKXL+SusQA6FKvXUIloinvce+k5+gAQ2eubaeDWP2PmOw
ZJAQi0FJQwUHERLWg85b1f4GsEsLzoj7gHCqf8of5u+g3cys9cgCFVetWXj+N89k
fSPgf+RJczaEZPF48zB4nRfAYjdcoOXChTR9v6BqlEkjQK1xmaZNgXZ1jmEe3APc
QExxaMMNK0Vbu2IY3Y/BWJ4tXKnzPy89O8MP1n9GB0lIPYqEA6Crk7ud9r5RH6wO
qYPWxcggsKr60xpqC6jofY7m8xZm0EYsRzImnPGzPvBMVyjR8tKAI6wp4aBM0CPw
wRpeeJpL7fI2+sxaPnQwlzQOwKhy72ZN/mC/xw0=
-----END CERTIFICATE-----
Generated at Sun Mar 17 16:41:57 2024 by rpki-client on console-ams.rpki-client.org