Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Pir7uBT2R36EifP4cfpYNUki1zY.roa
File: Pir7uBT2R36EifP4cfpYNUki1zY.roa (raw, json)
Hash identifier: J7UZUzWe3miZRuZSkBEJFt8AuuIc0m9Az89Fso31QWI=
Subject key identifier: 3E:2A:FB:B8:14:F6:47:7E:84:89:F3:F8:71:FA:58:35:49:22:D7:36
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019490E530448D56DBBA9BAFBFC3F9BD8945
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Pir7uBT2R36EifP4cfpYNUki1zY.roa
Signing time: Thu 23 Jan 2025 02:02:06 +0000
ROA not before: Thu 23 Jan 2025 02:02:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 45.95.3.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
87.121.98.0/24 maxlen: 24
87.121.218.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.198.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 06:10:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:90:e5:30:44:8d:56:db:ba:9b:af:bf:c3:f9:bd:89:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 23 02:02:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e2afbb814f6477e8489f3f871fa58354922d736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ae:17:ff:a6:77:31:08:5b:2b:89:fd:e8:43:
61:f5:a2:f4:25:aa:9d:12:d4:40:d8:f7:20:37:f4:
9d:db:bc:33:4e:8d:56:9a:54:15:a7:a0:5a:a2:40:
b8:6e:e9:cf:3d:59:fd:0f:d5:63:90:66:56:bc:d3:
38:e8:38:9d:40:22:a0:2e:e4:e8:5c:a4:7a:e0:0c:
bd:38:40:ab:aa:51:1c:73:48:02:a1:da:c7:5c:58:
ac:59:12:38:48:2e:80:bd:12:e4:83:25:86:d2:bf:
90:93:4a:d7:78:30:b2:43:91:a0:94:59:81:cb:b2:
9b:77:10:ce:a6:56:85:40:a9:10:d1:f2:bb:68:0a:
f2:f2:91:56:b2:67:c1:82:ae:83:bb:e6:8d:00:ee:
29:87:a1:84:f0:f6:b4:0d:c1:2a:58:58:a7:e0:e9:
03:ed:b3:3d:63:f8:3e:ad:a0:ab:5e:9e:d4:60:31:
11:81:39:60:24:da:b6:3f:98:e1:93:3c:03:62:5e:
72:74:f1:1d:80:22:aa:3f:f8:80:1b:bc:2b:f8:2a:
8d:6b:b1:9c:3e:d3:44:dd:9d:c8:31:4e:87:41:55:
aa:a7:be:df:8d:d4:78:23:03:4a:6f:79:75:09:0c:
46:9a:13:bd:42:c2:42:e3:f9:cb:67:86:2e:f9:b1:
5c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:2A:FB:B8:14:F6:47:7E:84:89:F3:F8:71:FA:58:35:49:22:D7:36
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Pir7uBT2R36EifP4cfpYNUki1zY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.3.0/24
83.143.113.0/24
87.121.98.0/24
87.121.218.0/24
185.246.222.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:32:c8:68:1f:e6:f4:69:82:e1:e9:45:2c:fd:0b:61:a9:a3:
36:9b:9d:a1:1a:9b:7c:6c:a9:f6:14:f7:42:66:42:77:03:51:
a3:fa:77:4b:7e:8b:94:4c:83:3d:b7:21:be:cc:80:5b:11:7a:
17:a3:39:a0:04:e4:2f:b8:6a:0c:1a:04:67:e5:5d:49:98:fb:
20:0f:3a:d4:f2:a5:b6:45:0f:e4:dc:b8:2a:b7:e7:88:98:43:
52:52:36:84:68:81:ba:35:cb:ba:75:3c:09:e6:2c:24:fd:ea:
e3:0f:f0:68:21:21:2f:36:b2:69:69:e2:9a:53:46:f6:7a:47:
2e:92:8d:41:c2:55:a1:85:37:56:70:d5:1c:9d:a4:11:37:64:
0e:b7:a5:2a:8c:67:f3:2a:30:72:62:25:5a:f2:d7:f6:7b:ae:
b7:99:1b:28:89:c6:84:d5:97:54:3c:89:83:ab:9c:5d:01:1a:
de:32:fc:e1:35:30:3b:a9:63:d9:c4:b6:9f:cb:08:b8:6c:13:
73:7e:c2:c2:3f:d6:d0:b0:97:3b:ef:81:f6:66:cd:87:ca:5c:
b8:31:10:9d:fd:2a:93:42:1b:80:c3:72:a0:d3:fa:39:9f:7a:
a0:50:b4:0e:3d:04:fd:1f:53:2c:f8:b3:39:e5:b7:70:3e:9d:
56:88:4b:72
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZSQ5TBEjVbbupuvv8P5vYlFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTIzMDIwMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTJhZmJiODE0ZjY0NzdlODQ4OWYzZjg3MWZhNTgzNTQ5MjJkNzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5a4X/6Z3MQhbK4n96ENh9aL0Jaqd
EtRA2PcgN/Sd27wzTo1WmlQVp6BaokC4bunPPVn9D9VjkGZWvNM46DidQCKgLuTo
XKR64Ay9OECrqlEcc0gCodrHXFisWRI4SC6AvRLkgyWG0r+Qk0rXeDCyQ5GglFmB
y7KbdxDOplaFQKkQ0fK7aAry8pFWsmfBgq6Du+aNAO4ph6GE8Pa0DcEqWFin4OkD
7bM9Y/g+raCrXp7UYDERgTlgJNq2P5jhkzwDYl5ydPEdgCKqP/iAG7wr+CqNa7Gc
PtNE3Z3IMU6HQVWqp77fjdR4IwNKb3l1CQxGmhO9QsJC4/nLZ4Yu+bFc6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFD4q+7gU9kd+hInz+HH6WDVJItc2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUGlyN3VCVDJSMzZFaWZQNGNmcFlOVWtpMXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALV8DAwQA
U49xAwQAV3liAwQAV3naAwQAufbeAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQBr
MshoH+b0aYLh6UUs/QthqaM2m52hGpt8bKn2FPdCZkJ3A1Gj+ndLfouUTIM9tyG+
zIBbEXoXozmgBOQvuGoMGgRn5V1JmPsgDzrU8qW2RQ/k3Lgqt+eImENSUjaEaIG6
Ncu6dTwJ5iwk/erjD/BoISEvNrJpaeKaU0b2ekcuko1BwlWhhTdWcNUcnaQRN2QO
t6UqjGfzKjByYiVa8tf2e663mRsoicaE1ZdUPImDq5xdARreMvzhNTA7qWPZxLaf
ywi4bBNzfsLCP9bQsJc774H2Zs2Hyly4MRCd/SqTQhuAw3Kg0/o5n3qgULQOPQT9
H1Ms+LM55bdwPp1WiEty
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:40:01 2025 by rpki-client