Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB8xaAtDNSoGns5yREZ2CEchGaw.roa
File: TB8xaAtDNSoGns5yREZ2CEchGaw.roa (raw, json)
Hash identifier: +0zsFRqGUx+OJqyruAtJ3cXhuRiFTr8PQr6AXkYBEwI=
Subject key identifier: 4C:1F:31:68:0B:43:35:2A:06:9E:CE:72:44:46:76:08:47:21:19:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D7D75EB6AF5F03007B2A7C6AC1F3779E7
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB8xaAtDNSoGns5yREZ2CEchGaw.roa
Signing time: Tue 06 Feb 2024 08:08:16 +0000
ROA not before: Tue 06 Feb 2024 08:08:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203168
IP address blocks: 45.128.96.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 14:37:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7d:75:eb:6a:f5:f0:30:07:b2:a7:c6:ac:1f:37:79:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 6 08:08:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c1f31680b43352a069ece7244467608472119ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:89:a3:20:3f:2f:b9:c6:2c:c5:98:d7:ca:ea:
93:76:d7:60:c8:f2:e0:6d:2f:4e:84:e8:80:ca:35:
0f:75:36:97:db:29:ad:73:56:47:5e:53:00:ec:1e:
a1:31:2b:73:33:40:55:2a:08:b4:84:0c:c5:2f:36:
2b:2d:00:6d:64:7f:d7:06:a3:17:0a:13:e8:94:c3:
31:a1:ca:00:d7:85:66:00:8c:01:25:1d:6b:d8:c0:
a1:f9:f0:ae:45:2d:5b:60:1a:c5:b5:73:6b:8a:e4:
7f:94:c0:55:88:0d:09:5d:a2:c5:2b:8c:58:ff:7d:
03:cb:2d:d1:46:7f:a6:7d:e4:24:82:6d:8c:c6:e6:
ca:c8:51:09:ac:eb:16:83:37:9f:74:3c:e2:7e:bb:
25:03:af:ca:26:ba:53:6c:37:dd:69:75:0a:8d:66:
64:c7:03:87:46:98:6a:f7:25:ff:f3:11:66:9c:dc:
bb:b4:80:5c:bf:d1:ca:41:27:73:22:69:b0:08:2f:
eb:30:52:47:31:18:87:df:38:ba:9e:03:9f:59:d9:
57:bb:b1:ba:cb:c3:6b:8b:f2:2d:0e:80:0b:cb:88:
5f:80:6a:5d:f4:20:48:03:65:02:e6:36:27:bc:f0:
43:1b:2a:ed:ed:62:03:66:16:b8:88:06:89:d2:d0:
99:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1F:31:68:0B:43:35:2A:06:9E:CE:72:44:46:76:08:47:21:19:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB8xaAtDNSoGns5yREZ2CEchGaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
87.120.84.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
88:87:31:d1:df:31:c0:c5:e9:9d:61:09:72:a3:d1:4f:90:11:
9a:98:72:64:5e:9a:e7:9f:0e:30:ff:39:4f:66:f9:76:73:63:
19:0d:58:12:ea:df:0e:fc:c4:d0:24:84:76:ea:dc:e2:88:87:
3b:ec:05:a4:a0:6e:3c:a1:68:a6:62:8f:f0:52:e8:f2:3d:30:
85:ab:98:35:4d:10:f7:ce:dd:f7:96:a5:31:4d:02:44:5c:6d:
84:02:c5:05:df:98:49:fd:2c:e6:c6:a5:b5:15:99:40:44:6a:
0c:f4:46:11:39:a2:e5:8b:c1:2a:27:d8:f0:69:9e:19:a6:a9:
cc:d5:c8:1d:0a:ff:3d:23:8b:f2:1d:c6:1e:dd:b4:c9:4f:7f:
ed:c4:3c:26:08:6b:b8:e9:7d:fd:7f:78:5d:8a:9b:9a:8f:0e:
ed:1f:c8:db:0b:9f:fd:e3:8e:d1:bd:3a:49:c3:aa:5e:c3:7e:
58:e6:57:62:ed:06:33:5c:fe:2b:67:0f:3a:93:f7:84:8d:dd:
24:36:5c:ff:67:78:7a:6f:58:63:ac:15:af:4c:ae:b8:a4:40:
3f:9d:7f:f2:27:30:c8:41:61:32:4b:8b:be:83:01:cc:ba:97:
42:38:7c:82:34:44:a6:2d:b4:1a:36:e7:09:83:b8:88:7e:41:
3a:3f:db:b8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY19detq9fAwB7KnxqwfN3nnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA2MDgwODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFmMzE2ODBiNDMzNTJhMDY5ZWNlNzI0NDQ2NzYwODQ3MjExOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkImjID8vucYsxZjXyuqTdtdgyPLg
bS9OhOiAyjUPdTaX2ymtc1ZHXlMA7B6hMStzM0BVKgi0hAzFLzYrLQBtZH/XBqMX
ChPolMMxocoA14VmAIwBJR1r2MCh+fCuRS1bYBrFtXNriuR/lMBViA0JXaLFK4xY
/30Dyy3RRn+mfeQkgm2MxubKyFEJrOsWgzefdDzifrslA6/KJrpTbDfdaXUKjWZk
xwOHRphq9yX/8xFmnNy7tIBcv9HKQSdzImmwCC/rMFJHMRiH3zi6ngOfWdlXu7G6
y8Nri/ItDoALy4hfgGpd9CBIA2UC5jYnvPBDGyrt7WIDZha4iAaJ0tCZRQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEwfMWgLQzUqBp7OckRGdghHIRmsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVEI4eGFBdEROU29HbnM1eVJFWjJDRWNoR2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYBgAwQA
V3hUAwQAwd5gAwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQCIhzHR3zHAxemdYQly
o9FPkBGamHJkXprnnw4w/zlPZvl2c2MZDVgS6t8O/MTQJIR26tziiIc77AWkoG48
oWimYo/wUujyPTCFq5g1TRD3zt33lqUxTQJEXG2EAsUF35hJ/SzmxqW1FZlARGoM
9EYROaLli8EqJ9jwaZ4ZpqnM1cgdCv89I4vyHcYe3bTJT3/txDwmCGu46X39f3hd
ipuajw7tH8jbC5/9447RvTpJw6pew35Y5ldi7QYzXP4rZw86k/eEjd0kNlz/Z3h6
b1hjrBWvTK64pEA/nX/yJzDIQWEyS4u+gwHMupdCOHyCNESmLbQaNucJg7iIfkE6
P9u4
-----END CERTIFICATE-----
Generated at Fri Feb 9 18:27:17 2024 by rpki-client on console-ams.rpki-client.org