Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObzUKV5w-YUJ0lCjnQH8ACANxZo.roa
File: ObzUKV5w-YUJ0lCjnQH8ACANxZo.roa (raw, json)
Hash identifier: 7eLYWGlkVJ0YrRuysh/a6oSXxOE87WNWnmZHk2zcT1o=
Subject key identifier: 39:BC:D4:29:5E:70:F9:85:09:D2:50:A3:9D:01:FC:00:20:0D:C5:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF431EAADADCD2D707D3004EB8EBD97A5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObzUKV5w-YUJ0lCjnQH8ACANxZo.roa
Signing time: Thu 29 Feb 2024 09:28:48 +0000
ROA not before: Thu 29 Feb 2024 09:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50738
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
171.22.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 15:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:31:ea:ad:ad:cd:2d:70:7d:30:04:eb:8e:bd:97:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 29 09:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39bcd4295e70f98509d250a39d01fc00200dc59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:aa:e9:e0:b9:32:32:82:9a:ee:93:b3:34:84:
d1:12:80:4b:7b:12:3d:ac:c9:06:dc:fc:63:f9:2d:
8a:26:60:41:93:31:46:90:01:41:e3:ed:af:51:d9:
69:ac:9b:a5:ac:34:eb:ce:83:7f:e9:44:ee:64:72:
1d:fe:dc:61:b1:19:13:ad:e0:18:21:6f:f6:37:af:
25:e0:f7:7d:82:45:fb:90:a3:06:e6:14:a2:9d:2b:
aa:cb:e4:47:5b:e9:e0:20:2d:e9:11:70:b5:01:ef:
f1:08:39:e7:6e:2c:80:e4:f4:9a:1b:99:49:aa:b4:
ee:29:30:d4:64:22:75:d6:94:c5:92:b7:73:88:6b:
cb:91:d3:54:e8:10:c4:42:f8:4d:d5:cd:af:8b:c6:
9a:aa:1f:f1:fd:a8:63:b9:17:38:2f:2c:6e:37:e7:
83:97:ac:a5:01:40:1f:5b:3b:0a:a4:4c:1c:32:f3:
2b:f9:33:d0:46:dd:4a:09:d5:08:a0:3b:e5:ed:2f:
db:d4:b1:d3:65:88:dc:75:52:f2:ac:ee:8c:ce:dc:
a6:6c:0c:04:7e:10:fd:81:01:75:6b:2f:05:1b:a9:
2f:5d:4b:dc:15:c2:4f:48:14:7e:e5:17:42:66:95:
3b:cb:43:54:04:d4:aa:12:5b:17:d1:57:e8:d4:a8:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:BC:D4:29:5E:70:F9:85:09:D2:50:A3:9D:01:FC:00:20:0D:C5:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ObzUKV5w-YUJ0lCjnQH8ACANxZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
171.22.17.0/24
Signature Algorithm: sha256WithRSAEncryption
94:13:f5:05:b0:73:ab:2d:b6:cb:7b:46:2d:3f:e5:c1:02:98:
03:21:75:b2:6e:0b:de:90:6f:65:ca:37:72:bd:9c:99:da:d3:
ee:cc:db:21:d7:78:dc:08:f6:83:8b:31:c3:ea:48:9e:5c:be:
2f:9e:5c:5a:cc:16:6b:f4:cb:58:eb:d7:b2:67:f3:80:23:76:
99:c5:e0:71:bb:25:05:95:40:c3:f1:6a:5b:4b:d1:fb:25:6f:
99:b9:03:c3:74:0c:65:fd:4d:69:94:18:77:55:3d:1b:13:2e:
33:e7:fa:43:8b:b2:c6:15:b1:9a:92:32:82:ad:36:fd:3a:9b:
27:c8:65:f1:69:5f:2a:09:b6:24:28:cb:1a:dd:0e:53:f2:ff:
b5:17:ab:1a:29:aa:45:82:56:92:23:06:7d:7e:90:3f:83:55:
2a:38:d2:6b:77:75:c9:1d:65:20:24:cf:83:12:56:b9:92:ac:
e6:90:5c:c9:cf:58:28:c8:9c:11:86:36:47:ed:73:8f:a8:69:
c6:72:98:80:8c:52:3b:4f:96:dc:6c:8f:21:89:14:82:9b:c4:
58:63:e6:9c:5d:54:12:02:7c:6a:78:2a:be:82:2b:2d:4e:26:
e4:62:6b:06:10:a5:ec:73:c7:92:e4:7c:a2:4c:7d:09:36:39:
5d:8b:fb:4d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY30Meqtrc0tcH0wBOuOvZelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI5MDkyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWJjZDQyOTVlNzBmOTg1MDlkMjUwYTM5ZDAxZmMwMDIwMGRjNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6rp4LkyMoKa7pOzNITREoBLexI9
rMkG3Pxj+S2KJmBBkzFGkAFB4+2vUdlprJulrDTrzoN/6UTuZHId/txhsRkTreAY
IW/2N68l4Pd9gkX7kKMG5hSinSuqy+RHW+ngIC3pEXC1Ae/xCDnnbiyA5PSaG5lJ
qrTuKTDUZCJ11pTFkrdziGvLkdNU6BDEQvhN1c2vi8aaqh/x/ahjuRc4LyxuN+eD
l6ylAUAfWzsKpEwcMvMr+TPQRt1KCdUIoDvl7S/b1LHTZYjcdVLyrO6MztymbAwE
fhD9gQF1ay8FG6kvXUvcFcJPSBR+5RdCZpU7y0NUBNSqElsX0Vfo1Ki+kQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDm81ClecPmFCdJQo50B/AAgDcWaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT2J6VUtWNXctWVVKMGxDam5RSDhBQ0FOeFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALY2eAwQB
V3l8AwQAV3miAwQCW8jAAwQAqxYRMA0GCSqGSIb3DQEBCwUAA4IBAQCUE/UFsHOr
LbbLe0YtP+XBApgDIXWybgvekG9lyjdyvZyZ2tPuzNsh13jcCPaDizHD6kieXL4v
nlxazBZr9MtY69eyZ/OAI3aZxeBxuyUFlUDD8WpbS9H7JW+ZuQPDdAxl/U1plBh3
VT0bEy4z5/pDi7LGFbGakjKCrTb9OpsnyGXxaV8qCbYkKMsa3Q5T8v+1F6saKapF
glaSIwZ9fpA/g1UqONJrd3XJHWUgJM+DEla5kqzmkFzJz1goyJwRhjZH7XOPqGnG
cpiAjFI7T5bcbI8hiRSCm8RYY+acXVQSAnxqeCq+gistTibkYmsGEKXsc8eS5Hyi
TH0JNjldi/tN
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:02:01 2024 by rpki-client on console-fra.rpki-client.org