Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Rds5urTluqZHaLXee6XVTxp36m4.roa
File: Rds5urTluqZHaLXee6XVTxp36m4.roa (raw, json)
Hash identifier: TlCppDBY4dTP4vTM/jrNvNvdCzVqnylJy3WIk4Ds6Ek=
Subject key identifier: 45:DB:39:BA:B4:E5:BA:A6:47:68:B5:DE:7B:A5:D5:4F:1A:77:EA:6E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF86C0F5FAC7BC29F16838076F0B4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Rds5urTluqZHaLXee6XVTxp36m4.roa
Signing time: Tue 02 Jan 2024 06:29:33 +0000
ROA not before: Tue 02 Jan 2024 06:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197450
IP address blocks: 81.161.230.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 07:13:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f8:6c:0f:5f:ac:7b:c2:9f:16:83:80:76:f0:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=45db39bab4e5baa64768b5de7ba5d54f1a77ea6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:18:2d:e9:0c:9a:bb:87:01:ea:18:2b:b7:73:
75:dd:a4:58:98:99:03:47:78:20:31:bd:c2:dd:55:
88:8d:23:ed:8e:33:df:f5:44:59:93:49:a1:0a:fe:
98:49:16:d1:09:1c:3a:a5:a1:19:b3:60:b3:e3:a4:
43:28:bd:3d:e5:1c:9d:a2:97:32:c4:6b:9b:f1:02:
0c:f9:87:04:95:b8:4f:22:33:21:a9:7d:6a:90:35:
30:6e:a6:08:d8:dc:a9:16:ca:55:4c:4b:47:e1:bf:
d4:f2:69:e0:ee:a1:2b:14:cf:f3:3c:48:df:e5:b5:
39:42:79:3f:f5:76:72:42:c2:c9:8c:a8:8b:47:16:
f7:cc:f5:8d:d7:78:de:72:68:bb:31:49:da:f7:3b:
39:92:b5:8a:9e:ce:a9:54:86:91:e6:65:36:01:ae:
2b:06:ac:e2:0c:a2:62:bd:e4:b8:15:85:03:3d:ab:
dc:c8:49:49:0c:c0:35:b8:71:96:7f:7a:8e:2f:2b:
4e:24:1c:68:42:48:55:64:60:cf:73:89:64:70:28:
ed:19:fd:bf:6c:77:17:a9:10:24:05:7b:94:19:fa:
c5:aa:db:2c:f5:53:00:60:56:1f:2a:f8:14:5a:e3:
0c:81:c4:d5:8b:82:0d:14:98:d4:90:48:86:2d:d5:
d1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:DB:39:BA:B4:E5:BA:A6:47:68:B5:DE:7B:A5:D5:4F:1A:77:EA:6E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Rds5urTluqZHaLXee6XVTxp36m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.129.86.0/24
81.161.230.0/24
85.31.47.0/24
87.120.166.0/24
87.121.44.0/24
87.121.46.0/24
94.156.8.0/24
94.156.79.0/24
178.215.239.0/24
185.221.64.0/24
185.225.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:7b:0a:ae:29:fd:e3:5e:4b:20:ee:59:e7:3e:2c:d3:e9:27:
2a:d6:aa:bc:d7:99:eb:25:3d:a0:cf:72:2b:f3:37:37:5e:bb:
9f:c4:12:ee:18:84:8a:d1:54:0d:3c:bd:d7:5e:7e:34:7a:e7:
4f:6b:8c:14:cd:7b:6f:a1:26:6c:ba:f1:8d:74:93:fc:f6:25:
94:2e:84:fe:7d:7e:1a:85:4d:34:77:8f:ed:37:d6:ef:ac:19:
22:6f:f3:d3:2d:6d:c7:94:69:9b:2d:4e:c6:d9:6f:0a:3e:fc:
d0:c9:88:04:f5:0c:fd:b4:4a:85:44:ad:3a:f8:51:a3:8c:c2:
d1:69:df:c2:d1:e5:7b:aa:2e:4d:d3:eb:6d:4f:5e:47:b4:36:
4d:c3:e3:b5:f7:c8:62:e9:34:da:dc:a0:1a:ff:3b:98:ed:be:
4e:16:68:bb:02:b1:82:a3:f6:a1:f5:91:31:b2:6b:33:8b:5b:
77:0a:e1:45:04:89:6b:f8:04:a4:7f:04:08:52:ab:89:e9:04:
43:78:5f:19:a5:ce:cb:15:3d:07:1d:57:cd:ce:1b:73:4d:12:
68:2d:c0:23:ba:45:89:58:ff:ca:5c:13:d3:22:28:47:a6:01:
31:e6:ab:78:fd:df:7b:3b:b2:24:09:49:23:78:a2:d9:77:71:
31:f8:ac:ff
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzI3PhsD1+se8KfFoOAdvC0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWRiMzliYWI0ZTViYWE2NDc2OGI1ZGU3YmE1ZDU0ZjFhNzdlYTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBgt6Qyau4cB6hgrt3N13aRYmJkD
R3ggMb3C3VWIjSPtjjPf9URZk0mhCv6YSRbRCRw6paEZs2Cz46RDKL095Rydopcy
xGub8QIM+YcElbhPIjMhqX1qkDUwbqYI2NypFspVTEtH4b/U8mng7qErFM/zPEjf
5bU5Qnk/9XZyQsLJjKiLRxb3zPWN13jecmi7MUna9zs5krWKns6pVIaR5mU2Aa4r
BqziDKJiveS4FYUDPavcyElJDMA1uHGWf3qOLytOJBxoQkhVZGDPc4lkcCjtGf2/
bHcXqRAkBXuUGfrFqtss9VMAYFYfKvgUWuMMgcTVi4INFJjUkEiGLdXRPwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEXbObq05bqmR2i13nul1U8ad+puMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUmRzNXVyVGx1cVpIYUxYZWU2WFZUeHAzNm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALYDpAwQA
LYFWAwQAUaHmAwQAVR8vAwQAV3imAwQAV3ksAwQAV3kuAwQAXpwIAwQAXpxPAwQA
stfvAwQAud1AAwQAueFLMA0GCSqGSIb3DQEBCwUAA4IBAQCiewquKf3jXksg7lnn
PizT6Scq1qq815nrJT2gz3Ir8zc3XrufxBLuGISK0VQNPL3XXn40eudPa4wUzXtv
oSZsuvGNdJP89iWULoT+fX4ahU00d4/tN9bvrBkib/PTLW3HlGmbLU7G2W8KPvzQ
yYgE9Qz9tEqFRK06+FGjjMLRad/C0eV7qi5N0+ttT15HtDZNw+O198hi6TTa3KAa
/zuY7b5OFmi7ArGCo/ah9ZExsmszi1t3CuFFBIlr+ASkfwQIUquJ6QRDeF8Zpc7L
FT0HHVfNzhtzTRJoLcAjukWJWP/KXBPTIihHpgEx5qt4/d97O7IkCUkjeKLZd3Ex
+Kz/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org