Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SfVmpuujLD7qELLvRcH6i26KFrM.roa
File: SfVmpuujLD7qELLvRcH6i26KFrM.roa (raw, json)
Hash identifier: tL7bIPx8ldkdhii8ndWf8BBsVfjktNO1oKEBtPF+t7k=
Subject key identifier: 49:F5:66:A6:EB:A3:2C:3E:EA:10:B2:EF:45:C1:FA:8B:6E:8A:16:B3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A42720BB5B1C3A7090A621ACB0558FD05
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SfVmpuujLD7qELLvRcH6i26KFrM.roa
Signing time: Tue 29 Aug 2023 17:58:04 +0000
ROA not before: Tue 29 Aug 2023 17:58:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
45.8.94.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Aug 2023 15:16:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:42:72:0b:b5:b1:c3:a7:09:0a:62:1a:cb:05:58:fd:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 29 17:58:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=49f566a6eba32c3eea10b2ef45c1fa8b6e8a16b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:07:a4:23:a7:e1:ee:5b:f6:ec:1b:d8:2d:3c:
5b:48:b8:15:82:64:cc:aa:22:70:3b:b1:1f:f7:25:
02:f0:80:5c:f8:e3:f6:d9:f8:e6:23:61:8d:f2:ae:
93:e1:eb:6b:01:2e:14:92:11:7d:47:31:1a:ea:4b:
d7:b3:c3:3c:0e:11:7e:54:f4:7b:e4:e0:85:37:73:
49:7a:52:3d:c3:81:d4:28:94:60:ef:90:0a:42:91:
71:4d:49:30:2d:a4:f5:69:a4:3d:5e:b7:12:33:e2:
7f:5f:23:89:db:12:52:13:b1:52:b2:66:68:cc:62:
48:f5:fc:f5:66:71:f4:aa:44:c7:d7:28:82:de:25:
48:b1:91:b0:b1:40:6d:a6:bc:3f:84:c2:89:b8:82:
74:03:52:06:3c:46:ea:d4:f9:e9:84:eb:6d:2d:47:
23:0b:ee:2b:3c:c2:0d:1c:5c:bd:26:f3:66:c2:76:
f3:90:f3:99:76:69:c9:e0:c8:2d:2e:92:36:7e:bd:
90:3d:3f:62:ac:99:8b:b5:04:bc:f9:ba:ae:b3:23:
14:e1:1e:68:15:52:3b:19:ff:fe:5a:51:98:34:95:
69:27:7a:54:ba:4d:4f:85:d8:01:e7:55:40:88:74:
ab:3e:f0:8e:1e:47:e8:c5:86:b6:97:e7:43:ac:52:
b8:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:F5:66:A6:EB:A3:2C:3E:EA:10:B2:EF:45:C1:FA:8B:6E:8A:16:B3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/SfVmpuujLD7qELLvRcH6i26KFrM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
83.219.99.0/24
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
74:6f:d9:ca:d6:d5:51:dc:1d:9e:94:6a:cf:61:e8:5f:ea:65:
e0:c7:12:61:3e:3b:c7:e1:4c:a1:1e:fb:9e:e1:7c:2c:33:d4:
11:7d:11:b8:3e:5b:b7:f1:a1:2f:aa:a9:a7:ac:34:6d:6d:58:
08:ca:5d:6b:8c:23:7c:93:5e:e2:99:eb:bb:a1:be:5e:1f:66:
a7:0c:44:38:b7:81:7e:2a:d1:c3:73:b3:ee:7c:07:7a:98:dc:
30:be:83:54:4a:70:98:0c:a7:4b:83:b9:98:ee:53:c2:44:e8:
97:7c:ed:bb:81:1c:19:cd:f5:38:e4:72:8b:5c:95:6c:57:e4:
29:62:36:21:d9:e8:84:71:65:79:81:f5:63:40:31:96:bf:e9:
32:61:6e:2a:1c:cd:62:32:a7:7c:98:0c:a5:3b:eb:02:3e:a3:
2c:1c:38:f0:ca:4e:e5:4a:5b:23:f9:6f:32:14:3b:8e:56:98:
7d:14:cc:76:ad:b0:5c:4f:d3:36:98:88:19:97:ba:8e:b1:6c:
f6:e0:72:7c:bf:e4:9e:e2:5c:ff:1c:e2:05:d9:4e:a6:4b:b2:
a7:3a:bd:6a:2c:e2:4e:06:eb:83:46:1d:26:a9:0e:fc:c7:f7:
c4:0e:51:42:5a:1d:77:8b:cd:65:47:94:ec:27:00:81:c5:25:
f8:af:1c:8e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpCcgu1scOnCQpiGssFWP0FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODI5MTc1ODA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWY1NjZhNmViYTMyYzNlZWExMGIyZWY0NWMxZmE4YjZlOGExNmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAekI6fh7lv27BvYLTxbSLgVgmTM
qiJwO7Ef9yUC8IBc+OP22fjmI2GN8q6T4etrAS4UkhF9RzEa6kvXs8M8DhF+VPR7
5OCFN3NJelI9w4HUKJRg75AKQpFxTUkwLaT1aaQ9XrcSM+J/XyOJ2xJSE7FSsmZo
zGJI9fz1ZnH0qkTH1yiC3iVIsZGwsUBtprw/hMKJuIJ0A1IGPEbq1PnphOttLUcj
C+4rPMINHFy9JvNmwnbzkPOZdmnJ4MgtLpI2fr2QPT9irJmLtQS8+bqusyMU4R5o
FVI7Gf/+WlGYNJVpJ3pUuk1PhdgB51VAiHSrPvCOHkfoxYa2l+dDrFK47QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEn1Zqbroyw+6hCy70XB+otuihazMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvU2ZWbXB1dWpMRDdxRUxMdlJjSDZpMjZLRnJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQA
U9tjAwQBV3hEAwQBXXtKAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQB0b9nK1tVR
3B2elGrPYehf6mXgxxJhPjvH4UyhHvue4XwsM9QRfRG4Plu38aEvqqmnrDRtbVgI
yl1rjCN8k17imeu7ob5eH2anDEQ4t4F+KtHDc7PufAd6mNwwvoNUSnCYDKdLg7mY
7lPCROiXfO27gRwZzfU45HKLXJVsV+QpYjYh2eiEcWV5gfVjQDGWv+kyYW4qHM1i
Mqd8mAylO+sCPqMsHDjwyk7lSlsj+W8yFDuOVph9FMx2rbBcT9M2mIgZl7qOsWz2
4HJ8v+Se4lz/HOIF2U6mS7KnOr1qLOJOBuuDRh0mqQ78x/fEDlFCWh13i81lR5Ts
JwCBxSX4rxyO
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:33 2024 by rpki-client on console-ams.rpki-client.org