Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OUJEptwzXrL5UaGH1x7X96IvCIY.roa
File: OUJEptwzXrL5UaGH1x7X96IvCIY.roa (raw, json)
Hash identifier: rYTgp56csRi/Pc5BmjjstQjup5BkTWM+Uvzxp3Di6D0=
Subject key identifier: 39:42:44:A6:DC:33:5E:B2:F9:51:A1:87:D7:1E:D7:F7:A2:2F:08:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F2E24ECBC092ADEAD9EC8D2A40796AB03
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OUJEptwzXrL5UaGH1x7X96IvCIY.roa
Signing time: Tue 30 Apr 2024 08:35:22 +0000
ROA not before: Tue 30 Apr 2024 08:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20911
IP address blocks: 45.90.90.0/23 maxlen: 24
84.21.174.0/23 maxlen: 24
93.123.26.0/23 maxlen: 23
193.42.34.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 10:47:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:24:ec:bc:09:2a:de:ad:9e:c8:d2:a4:07:96:ab:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 08:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394244a6dc335eb2f951a187d71ed7f7a22f0886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8c:f3:7f:8c:30:3f:68:5f:fd:c2:d6:73:18:
f6:84:d4:26:0d:bb:30:5f:4a:7b:58:c3:22:84:60:
f5:e5:52:68:3b:d9:a7:71:18:41:1d:75:1f:ce:56:
60:a2:f5:4d:b4:a2:87:92:e9:30:ec:35:97:10:05:
24:83:13:12:d8:9a:ec:88:97:b6:a4:a0:3a:78:33:
e3:1f:ed:ca:d0:70:e4:b9:66:6e:3b:5d:85:d2:fa:
43:91:99:a7:9d:33:bb:57:f7:bd:2d:63:d2:59:d7:
b5:e4:94:78:5e:9b:c0:b9:2e:7c:1e:f1:22:55:10:
21:9e:1f:10:ff:8d:28:61:5c:f9:99:e8:e4:b0:d7:
4f:b7:53:54:8e:cd:65:8b:e5:dd:66:93:0c:86:87:
00:aa:1e:31:de:99:2e:08:60:dd:d4:b3:96:ca:ed:
0d:b6:ca:96:e7:fe:d0:3b:fa:7d:e3:a7:df:2a:c3:
cf:5b:fb:e4:f2:e4:64:71:75:35:6c:18:90:33:b2:
fe:45:6a:9c:65:94:35:f0:e5:22:df:ed:b8:58:f4:
b1:2b:fd:d8:77:65:d1:d8:24:a7:aa:14:78:66:be:
8b:66:0a:46:2e:ac:75:0b:c3:97:cf:99:b9:e9:b9:
a6:b0:fa:fd:37:c7:93:b1:1f:66:09:e0:ed:2a:55:
25:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:42:44:A6:DC:33:5E:B2:F9:51:A1:87:D7:1E:D7:F7:A2:2F:08:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OUJEptwzXrL5UaGH1x7X96IvCIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.90.0/23
84.21.174.0/23
93.123.26.0/23
193.42.34.0/23
Signature Algorithm: sha256WithRSAEncryption
37:62:52:aa:b8:00:9d:fd:c3:f7:0d:24:46:5c:d9:77:11:cb:
f7:f6:7d:72:d0:4d:a2:d2:66:b0:0b:76:1e:3e:26:b8:2d:93:
06:f4:85:d7:67:f2:a3:4f:ff:98:2a:88:d3:d6:bc:a7:83:da:
48:a0:c4:40:64:dd:52:a9:99:07:0a:2f:6e:90:97:b0:2b:fc:
6f:a1:2e:11:6f:2f:95:6b:63:69:c8:48:23:e0:b0:54:8c:0a:
e7:75:41:eb:39:76:7d:8c:90:96:2f:73:0e:29:b9:d4:55:9e:
fb:82:e8:65:b2:42:ff:69:90:10:e3:da:9f:5d:67:dc:10:23:
bd:2a:61:fc:a4:40:d7:9d:4b:52:43:0b:ab:98:07:6d:2d:98:
0c:37:97:6a:cd:ec:5a:65:8c:87:51:73:4d:84:6a:69:2f:8c:
4b:2f:c4:61:9a:70:7b:13:98:35:78:e6:6d:6d:36:cd:29:41:
6b:d4:e2:ce:3f:45:46:2d:b7:80:71:c8:81:c5:13:02:d9:44:
e4:2f:67:e3:f4:5f:56:59:ea:d3:2b:d1:3e:8b:6a:3e:ec:b2:
fb:79:c6:e8:00:70:71:18:fb:f9:09:b6:c9:7b:1c:3c:7d:b1:
bc:3d:60:23:b8:f2:b0:59:49:0c:c5:b8:78:27:be:d9:10:50:
b5:f9:9a:32
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY8uJOy8CSrerZ7I0qQHlqsDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDMwMDgzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQyNDRhNmRjMzM1ZWIyZjk1MWExODdkNzFlZDdmN2EyMmYwODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYzzf4wwP2hf/cLWcxj2hNQmDbsw
X0p7WMMihGD15VJoO9mncRhBHXUfzlZgovVNtKKHkukw7DWXEAUkgxMS2JrsiJe2
pKA6eDPjH+3K0HDkuWZuO12F0vpDkZmnnTO7V/e9LWPSWde15JR4XpvAuS58HvEi
VRAhnh8Q/40oYVz5mejksNdPt1NUjs1li+XdZpMMhocAqh4x3pkuCGDd1LOWyu0N
tsqW5/7QO/p946ffKsPPW/vk8uRkcXU1bBiQM7L+RWqcZZQ18OUi3+24WPSxK/3Y
d2XR2CSnqhR4Zr6LZgpGLqx1C8OXz5m56bmmsPr9N8eTsR9mCeDtKlUltwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDlCRKbcM16y+VGhh9ce1/eiLwiGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT1VKRXB0d3pYckw1VWFHSDF4N1g5Nkl2Q0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLVpaAwQB
VBWuAwQBXXsaAwQBwSoiMA0GCSqGSIb3DQEBCwUAA4IBAQA3YlKquACd/cP3DSRG
XNl3Ecv39n1y0E2i0mawC3YePia4LZMG9IXXZ/KjT/+YKojT1ryng9pIoMRAZN1S
qZkHCi9ukJewK/xvoS4Rby+Va2NpyEgj4LBUjArndUHrOXZ9jJCWL3MOKbnUVZ77
guhlskL/aZAQ49qfXWfcECO9KmH8pEDXnUtSQwurmAdtLZgMN5dqzexaZYyHUXNN
hGppL4xLL8RhmnB7E5g1eOZtbTbNKUFr1OLOP0VGLbeAcciBxRMC2UTkL2fj9F9W
WerTK9E+i2o+7LL7ecboAHBxGPv5CbbJexw8fbG8PWAjuPKwWUkMxbh4J77ZEFC1
+Zoy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:06 2024 by rpki-client on console-fra.rpki-client.org