Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SPT2jk8DVs-GPBIcEa_u4jzc45w.roa
File: SPT2jk8DVs-GPBIcEa_u4jzc45w.roa (raw, json)
Hash identifier: nX7jPTTeNFrS/4TLDx5c2N/cO7C4cqWUUPrkTokixwQ=
Subject key identifier: 48:F4:F6:8E:4F:03:56:CF:86:3C:12:1C:11:AF:EE:E2:3C:DC:E3:9C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188705C6D93B128E45487B108F8CD4B293E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SPT2jk8DVs-GPBIcEa_u4jzc45w.roa
Signing time: Wed 31 May 2023 05:51:25 +0000
ROA not before: Wed 31 May 2023 05:51:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 94.156.14.0/24 maxlen: 24
45.14.167.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
45.129.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 Jun 2023 05:26:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:70:5c:6d:93:b1:28:e4:54:87:b1:08:f8:cd:4b:29:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 31 05:51:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=48f4f68e4f0356cf863c121c11afeee23cdce39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:62:0b:10:0a:e3:6f:2d:36:2b:8a:89:71:1e:
d5:2d:10:dc:b3:fe:80:9c:46:b7:06:7a:94:35:dc:
50:46:e1:3a:9b:64:f7:9f:32:1a:5c:79:9a:07:5c:
a8:0b:b7:ce:58:42:8e:93:e9:7d:2a:d0:bf:91:f9:
a2:5b:e8:71:c1:ef:3c:39:5a:a0:3a:0a:d0:9e:1c:
15:a0:89:17:48:08:c9:6c:35:5a:56:0e:41:80:63:
65:20:6f:5f:1b:3d:0f:95:c9:d5:80:aa:72:ca:8a:
5c:8e:6c:af:8a:c8:74:8e:53:fc:b0:21:3a:8a:17:
fa:23:b3:74:fb:28:0a:f7:ee:db:02:80:6d:99:9b:
be:95:70:f9:b0:b3:cd:42:5a:23:7d:11:82:01:ed:
d5:d4:aa:a0:07:47:d2:ba:0a:60:29:15:a9:72:ca:
33:84:ff:28:a7:6c:35:fe:12:1b:1e:79:c1:f5:b7:
7e:0b:14:fa:e9:79:69:0e:22:ac:a3:d1:37:e7:62:
5a:3a:03:ea:26:51:8e:42:4b:e0:da:dc:3b:ee:3c:
81:0f:c5:b5:c7:00:9a:3e:32:09:ab:c8:96:51:44:
b2:1a:d9:24:dc:22:22:e8:7a:5a:95:c7:fd:3a:fe:
59:ec:e2:e3:8d:68:7e:dc:72:8c:25:00:32:d1:96:
7e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F4:F6:8E:4F:03:56:CF:86:3C:12:1C:11:AF:EE:E2:3C:DC:E3:9C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SPT2jk8DVs-GPBIcEa_u4jzc45w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.167.0/24
45.129.85.0/24
83.219.98.0/24
94.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:6e:f6:b1:cf:a9:84:bf:a0:d5:00:12:84:93:5e:e9:30:8d:
e0:f6:47:54:23:4d:de:fb:52:8f:2e:dc:61:28:b0:b9:75:65:
45:d4:b5:11:c8:e0:1a:47:7e:ec:51:73:54:a3:2c:89:5a:32:
68:50:89:9e:fd:df:98:0d:74:19:c7:e2:2c:b3:4d:47:78:0f:
a9:08:16:81:db:6a:0c:b0:6b:b1:c3:3c:d9:87:9a:f8:11:1c:
d7:32:08:a1:4e:63:81:ca:5d:9c:f6:c7:be:51:53:9a:b6:5b:
c9:cd:c9:4d:dc:eb:84:95:cf:74:dd:7b:4b:91:58:48:da:18:
b4:cf:2a:ed:3e:42:53:1d:31:be:34:9a:11:d1:72:f5:fd:59:
ab:bd:54:81:ac:7a:da:9c:9f:01:9e:85:49:78:a1:97:39:65:
5c:c1:a7:78:bd:0a:a7:a5:23:0e:d7:6a:e8:d7:50:78:cb:9b:
bf:1b:b7:a8:c9:f9:29:a9:f5:8e:ba:a2:df:28:10:62:77:7e:
ff:7c:fd:a2:e0:e8:ed:32:d2:fe:2f:52:57:90:13:6b:f3:fe:
3a:34:92:fa:e8:5c:ed:51:41:32:49:e8:66:21:fe:a5:b9:30:
09:fc:ef:51:7e:75:2e:28:90:a2:02:49:b5:6f:74:16:e7:a7:
c2:a8:d2:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYhwXG2TsSjkVIexCPjNSyk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTMxMDU1MTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGY0ZjY4ZTRmMDM1NmNmODYzYzEyMWMxMWFmZWVlMjNjZGNlMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWILEArjby02K4qJcR7VLRDcs/6A
nEa3BnqUNdxQRuE6m2T3nzIaXHmaB1yoC7fOWEKOk+l9KtC/kfmiW+hxwe88OVqg
OgrQnhwVoIkXSAjJbDVaVg5BgGNlIG9fGz0PlcnVgKpyyopcjmyvish0jlP8sCE6
ihf6I7N0+ygK9+7bAoBtmZu+lXD5sLPNQlojfRGCAe3V1KqgB0fSugpgKRWpcsoz
hP8op2w1/hIbHnnB9bd+CxT66XlpDiKso9E352JaOgPqJlGOQkvg2tw77jyBD8W1
xwCaPjIJq8iWUUSyGtkk3CIi6Hpalcf9Ov5Z7OLjjWh+3HKMJQAy0ZZ+cwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEj09o5PA1bPhjwSHBGv7uI83OOcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU1BUMmprOERWcy1HUEJJY0VhX3U0anpjNDV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ6nAwQA
LYFVAwQAU9tiAwQAXpwOMA0GCSqGSIb3DQEBCwUAA4IBAQCwbvaxz6mEv6DVABKE
k17pMI3g9kdUI03e+1KPLtxhKLC5dWVF1LURyOAaR37sUXNUoyyJWjJoUIme/d+Y
DXQZx+Iss01HeA+pCBaB22oMsGuxwzzZh5r4ERzXMgihTmOByl2c9se+UVOatlvJ
zclN3OuElc903XtLkVhI2hi0zyrtPkJTHTG+NJoR0XL1/VmrvVSBrHranJ8BnoVJ
eKGXOWVcwad4vQqnpSMO12ro11B4y5u/G7eoyfkpqfWOuqLfKBBid37/fP2i4Ojt
MtL+L1JXkBNr8/46NJL66FztUUEySehmIf6luTAJ/O9RfnUuKJCiAkm1b3QW56fC
qNIa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:07 2024 by rpki-client on console-fra.rpki-client.org