Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q71rN4pT3DNzjNzO_NipNwnCVIo.roa
File: Q71rN4pT3DNzjNzO_NipNwnCVIo.roa (raw, json)
Hash identifier: /pmmvgID50pPDbp+57Ti+QHptJJoc0uC6L/6gn+zFyw=
Subject key identifier: 43:BD:6B:37:8A:53:DC:33:73:8C:DC:CE:FC:D8:A9:37:09:C2:54:8A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192C92E73AF665947F3775AC0BBCA030ADB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q71rN4pT3DNzjNzO_NipNwnCVIo.roa
Signing time: Sat 26 Oct 2024 14:15:17 +0000
ROA not before: Sat 26 Oct 2024 14:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 194.113.36.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
194.113.38.0/24 maxlen: 24
194.113.39.0/24 maxlen: 24
212.87.220.0/24 maxlen: 24
212.87.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 20:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c9:2e:73:af:66:59:47:f3:77:5a:c0:bb:ca:03:0a:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 26 14:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43bd6b378a53dc33738cdccefcd8a93709c2548a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:bd:06:96:cb:f8:2f:af:f3:5a:ce:93:3f:92:
fb:76:a3:03:bd:49:73:10:99:12:05:31:36:f1:51:
0e:bc:2c:60:f9:da:1b:2d:06:b0:b4:3d:70:77:78:
9d:60:78:e7:ea:0f:da:08:44:62:6b:87:2b:77:7d:
02:b8:39:a8:a2:d5:5d:b6:63:73:06:81:27:0c:36:
0f:0d:9c:8a:e4:1d:a4:0c:eb:86:26:b2:4b:34:a7:
c5:e2:d1:09:00:bf:58:1c:e3:17:13:6c:c2:0a:85:
8e:12:fb:09:95:09:0d:9c:4e:84:18:7d:1c:80:ab:
fb:70:cd:e3:33:4c:8e:7e:83:e8:4b:d9:4c:f3:f4:
91:68:c8:5c:6f:b5:b6:72:94:f0:81:61:f8:94:c6:
ea:2a:bf:0e:cf:2c:d6:44:f7:54:af:d7:76:fb:3d:
a0:fc:a9:55:0e:57:a8:c3:2b:4d:e0:19:c1:55:41:
8b:7a:f9:4f:2b:14:28:66:ca:fa:50:d6:94:0d:73:
e0:fe:34:68:8b:bd:54:9b:a4:ad:63:93:e0:4f:fd:
31:c4:9a:25:39:fc:f3:3a:91:06:12:3a:cb:88:2f:
1a:fe:30:dc:4e:1e:97:be:e6:18:24:55:3e:02:d8:
bb:24:77:d0:c2:85:87:c0:91:ac:e4:6a:19:ed:72:
44:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:BD:6B:37:8A:53:DC:33:73:8C:DC:CE:FC:D8:A9:37:09:C2:54:8A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Q71rN4pT3DNzjNzO_NipNwnCVIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.36.0/22
212.87.220.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:61:e6:77:50:a3:62:97:0e:6b:18:80:df:2a:4f:00:ef:d9:
98:21:07:22:12:1d:4b:31:a3:ba:9f:06:c0:b6:e1:02:16:9d:
02:22:5c:6a:d0:79:50:19:53:2f:8d:f2:48:e6:7f:9f:16:ca:
71:2a:b4:d7:57:7d:8f:60:dd:88:9e:2c:69:b5:35:f0:6a:12:
25:df:02:9a:c6:bb:bb:a4:13:7a:9e:8a:2a:43:9f:38:b3:5b:
28:09:c9:31:92:18:46:08:ae:7c:f3:45:ce:ee:e2:90:1d:f8:
91:6f:de:30:c5:22:bd:a7:51:db:0b:70:6a:dc:40:a9:ee:e3:
99:60:9e:07:d5:81:1e:2e:a5:d2:d9:1d:a0:71:6a:48:11:a7:
2f:79:21:13:d2:3e:e4:af:aa:52:82:6b:c8:00:95:99:02:f8:
13:7e:d7:e9:76:1f:a5:8b:b7:7d:b4:3f:c0:4b:99:9d:30:7c:
44:55:94:8b:a6:36:5d:29:bc:ac:23:bc:d5:1a:b2:96:56:21:
86:51:61:93:3a:41:f9:4b:18:96:ae:8a:44:22:c2:e9:2b:16:
ef:f0:36:18:36:4b:d3:51:07:67:a0:c0:87:fa:8a:32:b2:e9:
96:6a:c8:66:10:fc:9f:88:62:17:08:2c:1b:6d:ab:5a:70:f6:
f5:75:71:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLJLnOvZllH83dawLvKAwrbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI2MTQxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2JkNmIzNzhhNTNkYzMzNzM4Y2RjY2VmY2Q4YTkzNzA5YzI1NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqb0Glsv4L6/zWs6TP5L7dqMDvUlz
EJkSBTE28VEOvCxg+dobLQawtD1wd3idYHjn6g/aCERia4crd30CuDmootVdtmNz
BoEnDDYPDZyK5B2kDOuGJrJLNKfF4tEJAL9YHOMXE2zCCoWOEvsJlQkNnE6EGH0c
gKv7cM3jM0yOfoPoS9lM8/SRaMhcb7W2cpTwgWH4lMbqKr8OzyzWRPdUr9d2+z2g
/KlVDleowytN4BnBVUGLevlPKxQoZsr6UNaUDXPg/jRoi71Um6StY5PgT/0xxJol
OfzzOpEGEjrLiC8a/jDcTh6XvuYYJFU+Ati7JHfQwoWHwJGs5GoZ7XJE7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEO9azeKU9wzc4zczvzYqTcJwlSKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUTcxck40cFQzRE56ak56T19OaXBOd25DVklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwnEkAwQB
1FfcMA0GCSqGSIb3DQEBCwUAA4IBAQBaYeZ3UKNilw5rGIDfKk8A79mYIQciEh1L
MaO6nwbAtuECFp0CIlxq0HlQGVMvjfJI5n+fFspxKrTXV32PYN2InixptTXwahIl
3wKaxru7pBN6nooqQ584s1soCckxkhhGCK5880XO7uKQHfiRb94wxSK9p1HbC3Bq
3ECp7uOZYJ4H1YEeLqXS2R2gcWpIEacveSET0j7kr6pSgmvIAJWZAvgTftfpdh+l
i7d9tD/AS5mdMHxEVZSLpjZdKbysI7zVGrKWViGGUWGTOkH5SxiWropEIsLpKxbv
8DYYNkvTUQdnoMCH+ooysumWashmEPyfiGIXCCwbbatacPb1dXFX
-----END CERTIFICATE-----
Generated at Thu Nov 14 23:48:16 2024 by rpki-client on console-ams.rpki-client.org