Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S3KxlZkGdwxSsC1M0zeOUlQW2no.roa
File: S3KxlZkGdwxSsC1M0zeOUlQW2no.roa (raw, json)
Hash identifier: 10rSc2ko6sbc6MWDfwifFSHFnma3uHiWCfl+151cjsI=
Subject key identifier: 4B:72:B1:95:99:06:77:0C:52:B0:2D:4C:D3:37:8E:52:54:16:DA:7A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F1AE2E1470F2548A4FD55C97456BCA86B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S3KxlZkGdwxSsC1M0zeOUlQW2no.roa
Signing time: Fri 26 Apr 2024 14:50:27 +0000
ROA not before: Fri 26 Apr 2024 14:50:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399486
IP address blocks: 45.88.91.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
85.209.133.0/24 maxlen: 24
194.59.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 17:29:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1a:e2:e1:47:0f:25:48:a4:fd:55:c9:74:56:bc:a8:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 26 14:50:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b72b1959906770c52b02d4cd3378e525416da7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:03:9c:0b:02:d0:0f:cc:04:19:56:7a:7d:e4:
a2:2c:b3:65:04:0a:d3:09:ee:cd:08:b1:f3:77:39:
fb:31:a1:bb:1c:f4:fa:25:39:3a:1c:73:0e:62:2b:
4a:4f:5d:98:0f:1d:da:11:1d:7a:92:ea:58:de:54:
72:7e:3c:e4:fb:65:28:ac:4b:f0:a3:3b:35:67:ca:
6e:77:84:1c:d8:2b:c9:52:71:35:0c:e2:57:7b:e0:
7b:eb:06:1f:4a:03:4c:31:61:4e:d7:51:32:73:77:
7a:01:51:18:a1:cc:88:17:fe:cb:0d:9a:fb:4b:f0:
f5:f6:b3:8e:ba:72:fc:6f:dc:fa:ad:4b:6c:70:cb:
66:0b:a4:11:ce:1c:e4:7f:e3:8d:dd:ea:28:34:16:
2d:7d:e4:86:5a:30:db:bd:fc:34:70:4c:ef:06:41:
64:2b:01:aa:df:ee:61:8d:2d:9d:66:51:79:ba:2b:
d1:0a:e2:08:62:a0:0e:d8:a4:21:7c:c6:11:51:01:
ef:b6:66:41:ec:45:31:b4:ec:02:82:c6:a4:8a:79:
dc:dc:ef:b8:9d:22:95:8f:73:f8:2c:2d:ae:3a:a9:
f5:cc:68:aa:e6:f0:84:43:9b:bb:da:6e:e3:3b:ea:
64:a2:eb:70:fe:d7:a1:cf:9f:5a:ed:9e:30:73:c3:
16:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:72:B1:95:99:06:77:0C:52:B0:2D:4C:D3:37:8E:52:54:16:DA:7A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/S3KxlZkGdwxSsC1M0zeOUlQW2no.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.91.0/24
79.110.49.0/24
80.76.49.0/24
85.209.133.0/24
194.59.31.0/24
Signature Algorithm: sha256WithRSAEncryption
40:63:f8:21:99:ed:02:a4:46:cd:65:43:d5:ed:41:cc:8c:30:
d8:ad:41:18:c7:93:45:39:34:dd:a4:7d:29:15:27:d4:3f:74:
8c:34:88:3d:76:e0:49:7b:db:81:32:c7:c3:8b:e8:36:d8:bf:
68:c1:17:dd:e1:f6:d7:56:b7:22:0d:11:25:b2:9c:a8:54:5a:
72:90:a5:23:0e:60:77:b6:01:a9:00:69:16:06:23:a3:cf:b5:
ff:ec:e4:fe:3b:cc:96:10:99:d0:00:17:48:55:61:0a:c6:37:
f5:07:80:3e:67:5b:a1:e3:7a:d0:e4:cd:f2:7f:d6:df:f1:08:
d4:ae:51:d3:bd:13:15:cf:4c:b9:12:13:f8:a1:80:57:b7:9d:
bc:24:b4:97:6d:39:32:51:13:e2:c8:4f:2c:ce:1a:15:fc:0a:
ac:e9:5d:10:88:da:8d:07:f9:aa:55:ac:f5:a4:3b:d2:37:bf:
7b:11:bf:bd:69:0a:00:f6:2c:69:6a:07:56:7d:1b:11:94:ea:
c9:92:c4:77:d6:54:f2:04:41:db:27:bd:2d:bc:fe:66:e3:a2:
24:ab:04:2d:fa:1c:29:26:b4:90:b4:d1:c6:f7:56:31:01:31:
19:d6:84:68:ea:7a:c0:f1:52:b4:80:eb:96:33:52:4b:8b:b3:
76:7c:4a:82
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8a4uFHDyVIpP1VyXRWvKhrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDI2MTQ1MDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjcyYjE5NTk5MDY3NzBjNTJiMDJkNGNkMzM3OGU1MjU0MTZkYTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArwOcCwLQD8wEGVZ6feSiLLNlBArT
Ce7NCLHzdzn7MaG7HPT6JTk6HHMOYitKT12YDx3aER16kupY3lRyfjzk+2UorEvw
ozs1Z8pud4Qc2CvJUnE1DOJXe+B76wYfSgNMMWFO11Eyc3d6AVEYocyIF/7LDZr7
S/D19rOOunL8b9z6rUtscMtmC6QRzhzkf+ON3eooNBYtfeSGWjDbvfw0cEzvBkFk
KwGq3+5hjS2dZlF5uivRCuIIYqAO2KQhfMYRUQHvtmZB7EUxtOwCgsakinnc3O+4
nSKVj3P4LC2uOqn1zGiq5vCEQ5u72m7jO+pkoutw/tehz59a7Z4wc8MWDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEtysZWZBncMUrAtTNM3jlJUFtp6MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUzNLeGxaa0dkd3hTc0MxTTB6ZU9VbFFXMm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVhbAwQA
T24xAwQAUEwxAwQAVdGFAwQAwjsfMA0GCSqGSIb3DQEBCwUAA4IBAQBAY/ghme0C
pEbNZUPV7UHMjDDYrUEYx5NFOTTdpH0pFSfUP3SMNIg9duBJe9uBMsfDi+g22L9o
wRfd4fbXVrciDRElspyoVFpykKUjDmB3tgGpAGkWBiOjz7X/7OT+O8yWEJnQABdI
VWEKxjf1B4A+Z1uh43rQ5M3yf9bf8QjUrlHTvRMVz0y5EhP4oYBXt528JLSXbTky
URPiyE8szhoV/Aqs6V0QiNqNB/mqVaz1pDvSN797Eb+9aQoA9ixpagdWfRsRlOrJ
ksR31lTyBEHbJ70tvP5m46IkqwQt+hwpJrSQtNHG91YxATEZ1oRo6nrA8VK0gOuW
M1JLi7N2fEqC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org