Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TRg0hTTFduk7w7bxkmdIIOIVyY8.roa
File: TRg0hTTFduk7w7bxkmdIIOIVyY8.roa (raw, json)
Hash identifier: mXuHnnBc1X0tMpLV6FpldVKNQ+5HaKqB+Tka45khUds=
Subject key identifier: 4D:18:34:85:34:C5:76:E9:3B:C3:B6:F1:92:67:48:20:E2:15:C9:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019175530D6545CD3136D27426ACF85121BE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TRg0hTTFduk7w7bxkmdIIOIVyY8.roa
Signing time: Wed 21 Aug 2024 14:24:22 +0000
ROA not before: Wed 21 Aug 2024 14:24:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 171.22.31.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 08:05:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:75:53:0d:65:45:cd:31:36:d2:74:26:ac:f8:51:21:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 21 14:24:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d18348534c576e93bc3b6f192674820e215c98f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:60:3d:f4:c2:6d:2b:03:8b:df:89:b5:0d:e0:
2b:78:1d:34:c1:bc:88:8c:9f:a6:02:e7:f2:22:ce:
f6:81:b8:cc:ed:45:4d:c1:df:39:84:95:1b:bd:76:
9f:c6:47:7e:d6:b0:aa:12:0f:e1:79:9b:92:15:bd:
81:58:25:2b:6b:21:6a:de:ab:a7:d7:da:ad:7a:e8:
09:89:65:42:cf:a7:85:4b:c0:6f:ce:ba:c4:10:bd:
31:64:21:94:b0:e0:8a:f6:4c:95:21:2c:cf:9a:8e:
b7:da:45:a9:04:60:60:75:50:23:aa:f5:f0:02:1d:
d0:96:51:af:aa:9a:4b:27:e8:45:ef:e7:c7:8c:41:
5c:88:05:b4:05:62:18:ee:13:93:8f:95:de:37:df:
6e:5c:70:7d:80:7b:f4:17:b5:ab:ef:b9:51:9f:7b:
cb:bf:d1:7e:2e:0b:e0:59:8b:fb:16:49:72:b3:5a:
64:1b:cf:26:50:39:97:48:23:0e:b2:34:40:b6:7b:
d6:4d:b3:bb:19:5f:28:94:e4:ca:67:16:b8:51:ac:
a7:82:f9:f9:8a:ab:3c:c7:41:8b:49:0f:6d:09:df:
de:ed:76:db:12:fb:79:7e:00:81:95:fa:b4:83:77:
57:4e:2f:66:03:58:a0:df:4d:3b:4e:36:63:8c:77:
60:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:18:34:85:34:C5:76:E9:3B:C3:B6:F1:92:67:48:20:E2:15:C9:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TRg0hTTFduk7w7bxkmdIIOIVyY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.31.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:c9:a2:14:ce:f2:16:40:1e:21:c8:80:c5:8a:d0:3d:1d:e3:
84:16:75:b6:b0:9e:52:d4:4a:c7:a3:fb:c7:8e:45:4f:ae:c6:
da:94:59:f3:f4:5c:44:ef:e8:63:a1:d9:19:46:66:d4:9b:aa:
e5:7b:cc:ae:43:b8:2d:64:68:69:9e:44:b7:8c:0b:ce:a4:0f:
1d:cc:ee:3a:ad:87:17:ab:f1:2e:fc:8a:89:7c:88:f9:84:14:
9e:63:ab:af:cd:2f:09:e2:81:c7:a3:0b:b3:7a:3e:fb:3d:b1:
f0:19:94:e1:eb:1c:80:30:4c:ea:24:d0:9d:ea:18:5c:c6:56:
98:35:9b:39:52:b6:36:ad:d2:88:05:2d:2b:21:01:cb:2e:23:
15:f0:8e:a8:e6:1b:59:0c:d5:f5:c5:e2:63:b3:eb:a2:2d:16:
da:24:c7:a2:8f:66:b6:f3:5f:a0:67:41:50:46:87:f4:b8:05:
4b:fa:90:6c:ff:f1:d8:8e:52:22:80:fd:c0:67:0a:3d:98:b4:
41:63:e0:cc:ee:6e:a5:a4:86:65:87:99:b5:35:2f:6a:c1:48:
e0:ed:91:a6:aa:ba:21:6d:80:43:52:fd:40:f8:67:ad:c3:be:
ff:2e:b2:89:27:c7:39:d6:71:d4:b8:1f:05:a4:c6:13:dc:d2:
32:2c:94:48
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZF1Uw1lRc0xNtJ0Jqz4USG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODIxMTQyNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE4MzQ4NTM0YzU3NmU5M2JjM2I2ZjE5MjY3NDgyMGUyMTVjOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12A99MJtKwOL34m1DeAreB00wbyI
jJ+mAufyIs72gbjM7UVNwd85hJUbvXafxkd+1rCqEg/heZuSFb2BWCUrayFq3qun
19qteugJiWVCz6eFS8BvzrrEEL0xZCGUsOCK9kyVISzPmo632kWpBGBgdVAjqvXw
Ah3QllGvqppLJ+hF7+fHjEFciAW0BWIY7hOTj5XeN99uXHB9gHv0F7Wr77lRn3vL
v9F+LgvgWYv7Fklys1pkG88mUDmXSCMOsjRAtnvWTbO7GV8olOTKZxa4Uayngvn5
iqs8x0GLSQ9tCd/e7XbbEvt5fgCBlfq0g3dXTi9mA1ig3007TjZjjHdgewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE0YNIU0xXbpO8O28ZJnSCDiFcmPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVFJnMGhUVEZkdWs3dzdieGttZElJT0lWeVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAqxYfAwQA
wd5jMA0GCSqGSIb3DQEBCwUAA4IBAQCoyaIUzvIWQB4hyIDFitA9HeOEFnW2sJ5S
1ErHo/vHjkVPrsbalFnz9FxE7+hjodkZRmbUm6rle8yuQ7gtZGhpnkS3jAvOpA8d
zO46rYcXq/Eu/IqJfIj5hBSeY6uvzS8J4oHHowuzej77PbHwGZTh6xyAMEzqJNCd
6hhcxlaYNZs5UrY2rdKIBS0rIQHLLiMV8I6o5htZDNX1xeJjs+uiLRbaJMeij2a2
81+gZ0FQRof0uAVL+pBs//HYjlIigP3AZwo9mLRBY+DM7m6lpIZlh5m1NS9qwUjg
7ZGmqrohbYBDUv1A+Getw77/LrKJJ8c51nHUuB8FpMYT3NIyLJRI
-----END CERTIFICATE-----
Generated at Tue Sep 10 10:50:59 2024 by rpki-client on console-ams.rpki-client.org