Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O4fPHO2AMSEQ4q6yI6kzSeMgzNE.roa
File: O4fPHO2AMSEQ4q6yI6kzSeMgzNE.roa (raw, json)
Hash identifier: bNtvswSJuOde8EnXSyYQ1w8/bS7RbRO9+ayfD2ZCLKo=
Subject key identifier: 3B:87:CF:1C:ED:80:31:21:10:E2:AE:B2:23:A9:33:49:E3:20:CC:D1
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01931B98AC831185FDA621C51964C96C4244
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O4fPHO2AMSEQ4q6yI6kzSeMgzNE.roa
Signing time: Mon 11 Nov 2024 14:20:10 +0000
ROA not before: Mon 11 Nov 2024 14:20:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.240.0/20 maxlen: 32
92.119.196.0/23 maxlen: 24
93.123.84.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
94.156.64.0/21 maxlen: 32
141.98.1.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 15:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:98:ac:83:11:85:fd:a6:21:c5:19:64:c9:6c:42:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 11 14:20:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b87cf1ced80312110e2aeb223a93349e320ccd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:34:a6:72:ba:39:9d:26:c7:d0:70:97:7a:f8:
e2:8d:73:12:54:74:1d:87:05:8c:c7:46:0e:1a:01:
dc:99:42:05:1f:f8:2d:f0:55:dd:5d:3f:9f:1a:4b:
6f:69:5a:6f:8d:dd:f1:15:ef:77:8d:9c:e5:73:ed:
90:4d:81:1a:29:06:b4:f4:6e:1e:88:5c:c1:7a:ff:
99:11:50:28:75:32:f9:67:d3:8b:ac:55:88:8a:5a:
ff:0f:00:ff:9b:e7:67:74:d1:3e:5e:fb:18:21:27:
1b:28:55:cc:88:d0:3d:ba:07:34:85:35:08:6e:0b:
13:96:41:8d:c6:b2:b0:45:d7:32:47:1a:8d:65:7b:
70:ff:19:cf:c8:dc:54:61:16:da:86:fc:b5:5e:c0:
b9:3b:81:b8:b2:8d:b4:8d:02:54:91:07:19:29:57:
bb:b7:f1:58:9a:81:03:0d:78:57:69:d3:d9:8c:56:
84:13:05:9a:86:bc:3a:8c:c8:e0:23:61:ef:7f:d0:
dc:ea:94:4f:fc:49:87:f5:98:32:28:f7:83:4c:81:
06:78:c6:ca:d2:0c:29:d5:98:17:ff:9f:28:fb:12:
6e:53:d1:d2:d9:de:ff:35:09:88:7e:74:5c:11:3e:
e7:47:d8:45:5b:bd:0b:ad:aa:69:2b:a3:86:86:56:
b1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:87:CF:1C:ED:80:31:21:10:E2:AE:B2:23:A9:33:49:E3:20:CC:D1
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O4fPHO2AMSEQ4q6yI6kzSeMgzNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.164.0/24
45.66.228.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.166.0/24
87.121.45.0/24
87.121.124.0/23
87.121.162.0/24
87.121.165.0/24
91.92.240.0/20
92.119.196.0/23
93.123.84.0/24
94.154.160.0/22
94.156.11.0/24
94.156.64.0/21
141.98.1.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:2e:f8:de:04:b7:57:86:fa:ea:c2:47:f5:5d:c6:8c:ef:81:
47:12:11:bf:75:13:f7:ec:d5:10:f5:64:30:11:24:a1:66:67:
2e:9c:73:6f:eb:2b:d3:8e:d9:b6:f6:c1:aa:2c:bc:bb:58:40:
57:ba:9f:bb:45:d3:6a:11:09:ad:87:3b:47:b8:b1:2d:cb:a7:
5d:7d:26:5e:1d:f4:df:d7:fb:05:fc:b1:40:34:26:a8:b7:11:
ed:16:7f:45:91:8b:6b:a7:35:e2:1d:7d:57:90:60:ba:85:c0:
4e:37:da:c0:21:d2:f2:72:86:9f:84:86:63:4e:8c:06:11:41:
01:54:d1:45:79:a4:fc:fc:30:22:65:e0:8b:41:af:74:b5:3b:
82:25:9a:02:74:c4:5a:90:a6:30:f4:b5:38:97:53:d7:69:a4:
56:e2:9c:f5:90:3d:37:cb:7b:6b:ec:76:74:82:02:66:60:6f:
99:8f:96:d1:22:bb:7a:83:2a:0b:b3:18:8f:81:16:20:08:19:
ac:e3:78:e8:81:ef:34:92:3b:4e:eb:38:f2:f9:36:91:73:80:
36:7d:d4:75:86:e1:ab:32:eb:73:d9:f2:b5:e5:c7:31:0b:c4:
f8:ce:a0:f4:87:06:6e:ab:84:5d:64:b4:e8:c1:56:eb:fe:f7:
d2:fd:b3:c4
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZMbmKyDEYX9piHFGWTJbEJEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTExMTQyMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjg3Y2YxY2VkODAzMTIxMTBlMmFlYjIyM2E5MzM0OWUzMjBjY2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoDSmcro5nSbH0HCXevjijXMSVHQd
hwWMx0YOGgHcmUIFH/gt8FXdXT+fGktvaVpvjd3xFe93jZzlc+2QTYEaKQa09G4e
iFzBev+ZEVAodTL5Z9OLrFWIilr/DwD/m+dndNE+XvsYIScbKFXMiNA9ugc0hTUI
bgsTlkGNxrKwRdcyRxqNZXtw/xnPyNxUYRbahvy1XsC5O4G4so20jQJUkQcZKVe7
t/FYmoEDDXhXadPZjFaEEwWahrw6jMjgI2Hvf9Dc6pRP/EmH9ZgyKPeDTIEGeMbK
0gwp1ZgX/58o+xJuU9HS2d7/NQmIfnRcET7nR9hFW70LrappK6OGhlaxZQIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFDuHzxztgDEhEOKusiOpM0njIMzRMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTzRmUEhPMkFNU0VRNHE2eUk2a3pTZU1nek5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAAt
DqQDBAAtQuQDBAAtWlgDBAAti2oDBAAtjZ4DBAAtl1kDBAAtl1sDBABT22EDBABU
NjADBABXeFcDBABXeKYDBABXeS0DBAFXeXwDBABXeaIDBABXeaUDBARbXPADBAFc
d8QDBABde1QDBAJemqADBABenAsDBANenEADBACNYgEDBACTTmQDBAKrFkgDBAK5
2FQDBAK52lQwDQYJKoZIhvcNAQELBQADggEBAKQu+N4Et1eG+urCR/VdxozvgUcS
Eb91E/fs1RD1ZDARJKFmZy6cc2/rK9OO2bb2waosvLtYQFe6n7tF02oRCa2HO0e4
sS3Lp119Jl4d9N/X+wX8sUA0Jqi3Ee0Wf0WRi2unNeIdfVeQYLqFwE432sAh0vJy
hp+EhmNOjAYRQQFU0UV5pPz8MCJl4ItBr3S1O4IlmgJ0xFqQpjD0tTiXU9dppFbi
nPWQPTfLe2vsdnSCAmZgb5mPltEiu3qDKguzGI+BFiAIGazjeOiB7zSSO07rOPL5
NpFzgDZ91HWG4asy63PZ8rXlxzELxPjOoPSHBm6rhF1ktOjBVuv+99L9s8Q=
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:19 2024 by rpki-client on console-fra.rpki-client.org