Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RN_hFD0YpgiIQajViWfzkIUASM8.roa
File: RN_hFD0YpgiIQajViWfzkIUASM8.roa (raw, json)
Hash identifier: 8qAd8hcElHBmapinlUolTcOo4RlFayw38AZolCTFmAg=
Subject key identifier: 44:DF:E1:14:3D:18:A6:08:88:41:A8:D5:89:67:F3:90:85:00:48:CF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F53B0A88157918A2FCA6A3831CE28157D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RN_hFD0YpgiIQajViWfzkIUASM8.roa
Signing time: Tue 07 May 2024 15:33:57 +0000
ROA not before: Tue 07 May 2024 15:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399486
IP address blocks: 45.88.91.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
85.209.133.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 May 2024 12:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:53:b0:a8:81:57:91:8a:2f:ca:6a:38:31:ce:28:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 7 15:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44dfe1143d18a6088841a8d58967f390850048cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:96:dd:4d:5a:a9:14:3a:58:cc:0a:d4:83:28:
68:8f:22:c4:53:98:33:39:e6:38:2e:19:9e:d4:aa:
19:be:95:c2:20:5e:42:93:f7:ee:8c:35:13:67:43:
c2:80:c5:8d:b9:0f:9c:6b:6c:67:9d:53:9b:01:c4:
9a:02:76:4d:c7:5a:42:c8:2d:3c:72:4c:46:50:f6:
c8:ba:9d:e1:7e:75:3c:d1:1b:d2:cb:dd:ad:d5:14:
1a:5c:2b:b7:65:c0:5d:06:fa:08:ae:04:c8:56:62:
97:5a:26:9d:75:d9:37:c6:1e:e3:55:f9:e1:8f:c9:
48:b5:43:a5:7a:7a:72:68:53:fd:80:a4:de:a4:f5:
cd:02:9b:2b:9e:db:02:29:4a:9d:69:7f:4d:b6:de:
bf:0b:46:e2:93:08:b3:e1:20:15:c0:58:ac:fc:b4:
bd:3b:b9:2b:61:ff:6c:4e:82:0c:45:65:82:9b:28:
9e:6b:64:20:94:de:77:d1:8e:d0:23:e9:f1:d3:c4:
2b:72:2a:47:8e:ba:c1:46:e4:eb:32:b0:12:62:84:
ed:14:aa:98:2d:7a:28:b7:82:ca:18:9f:24:11:ab:
02:78:42:82:51:57:03:1b:52:6c:d1:9d:99:65:d1:
bf:77:5f:81:a8:a4:f6:4d:89:e1:4d:48:83:39:ec:
af:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DF:E1:14:3D:18:A6:08:88:41:A8:D5:89:67:F3:90:85:00:48:CF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RN_hFD0YpgiIQajViWfzkIUASM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.91.0/24
80.76.49.0/24
85.209.133.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:1c:91:b4:6e:58:5c:7d:fa:05:b3:68:e1:01:a5:b3:ee:09:
07:d8:b4:66:b5:8c:6a:cc:2f:bb:ba:be:1e:b2:8b:1c:77:f3:
e0:ac:7c:b1:21:b5:53:43:ff:46:95:8b:4d:50:05:30:3e:18:
43:02:c5:01:a5:3e:79:c2:67:7a:48:9a:da:fb:03:6b:f9:77:
fd:4f:23:84:77:48:ab:6a:7c:37:d1:89:a3:64:d5:06:aa:6e:
0d:5d:d8:5c:6f:87:97:80:fe:65:2d:f5:ce:c1:c6:a3:af:df:
c8:57:e9:57:44:0c:56:0f:66:7f:58:62:b6:83:a3:31:ff:d5:
ce:00:7d:44:ee:04:ed:15:f8:b5:4d:30:35:8c:05:b2:b9:11:
2b:6e:97:26:60:f9:fc:2a:53:02:4a:c1:12:30:6d:86:43:7c:
11:6e:3c:90:0b:7e:7a:ed:8b:13:58:94:73:ff:41:f6:d6:f0:
ee:56:fc:e5:63:70:8f:06:c6:95:fe:1a:32:f0:95:93:22:cd:
ed:86:fa:db:03:34:2e:2f:ad:63:05:66:08:00:56:a1:bc:05:
7f:da:53:59:6a:03:31:b5:82:e8:4d:5c:77:69:37:3b:2f:e9:
42:2f:8d:0d:50:fe:f9:48:00:7d:22:a1:35:6a:28:be:44:69:
0b:92:6e:ea
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9TsKiBV5GKL8pqODHOKBV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTA3MTUzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRmZTExNDNkMThhNjA4ODg0MWE4ZDU4OTY3ZjM5MDg1MDA0OGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5bdTVqpFDpYzArUgyhojyLEU5gz
OeY4Lhme1KoZvpXCIF5Ck/fujDUTZ0PCgMWNuQ+ca2xnnVObAcSaAnZNx1pCyC08
ckxGUPbIup3hfnU80RvSy92t1RQaXCu3ZcBdBvoIrgTIVmKXWiadddk3xh7jVfnh
j8lItUOlenpyaFP9gKTepPXNApsrntsCKUqdaX9Ntt6/C0bikwiz4SAVwFis/LS9
O7krYf9sToIMRWWCmyiea2QglN530Y7QI+nx08QrcipHjrrBRuTrMrASYoTtFKqY
LXoot4LKGJ8kEasCeEKCUVcDG1Js0Z2ZZdG/d1+BqKT2TYnhTUiDOeyvzQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFETf4RQ9GKYIiEGo1Yln85CFAEjPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUk5faEZEMFlwZ2lJUWFqVmlXZnprSVVBU004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVhbAwQA
UEwxAwQAVdGFAwQAwjsfMA0GCSqGSIb3DQEBCwUAA4IBAQAdHJG0blhcffoFs2jh
AaWz7gkH2LRmtYxqzC+7ur4esoscd/PgrHyxIbVTQ/9GlYtNUAUwPhhDAsUBpT55
wmd6SJra+wNr+Xf9TyOEd0iranw30YmjZNUGqm4NXdhcb4eXgP5lLfXOwcajr9/I
V+lXRAxWD2Z/WGK2g6Mx/9XOAH1E7gTtFfi1TTA1jAWyuRErbpcmYPn8KlMCSsES
MG2GQ3wRbjyQC3567YsTWJRz/0H21vDuVvzlY3CPBsaV/hoy8JWTIs3thvrbAzQu
L61jBWYIAFahvAV/2lNZagMxtYLoTVx3aTc7L+lCL40NUP75SAB9IqE1aii+RGkL
km7q
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org