Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U3YGi6hz9Tfb2g1iV5Us6rHZMMw.roa
File: U3YGi6hz9Tfb2g1iV5Us6rHZMMw.roa (raw, json)
Hash identifier: 63VyBulaMsTSkYhpLX68V9Wwhk1akoQ3SbFADUmH4Kw=
Subject key identifier: 53:76:06:8B:A8:73:F5:37:DB:DA:0D:62:57:95:2C:EA:B1:D9:30:CC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E74D0CFA22DEB5E9904359834BA229B01
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U3YGi6hz9Tfb2g1iV5Us6rHZMMw.roa
Signing time: Mon 25 Mar 2024 08:53:45 +0000
ROA not before: Mon 25 Mar 2024 08:53:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 45.129.86.0/23 maxlen: 24
82.115.208.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:74:d0:cf:a2:2d:eb:5e:99:04:35:98:34:ba:22:9b:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 25 08:53:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5376068ba873f537dbda0d6257952ceab1d930cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1d:3e:15:04:89:fd:0f:a4:75:9c:7c:6b:56:
27:70:34:f1:21:8f:29:27:e8:33:e9:16:5b:5d:79:
cd:fe:37:ec:84:10:0f:2e:47:06:2c:14:97:35:9b:
80:99:bd:91:b1:28:98:ec:df:7a:89:ea:18:51:fd:
13:72:a9:c6:b3:f9:ad:b0:6a:3d:a1:7b:e1:c8:70:
5e:09:b8:d0:c3:e8:58:fb:ff:0c:ff:41:65:fe:55:
9b:e5:97:b8:3c:43:70:2e:75:b2:e5:cc:1a:84:a9:
6b:47:02:10:fb:df:8e:78:d1:9a:0b:3a:be:68:f8:
65:df:2a:26:b5:5f:3a:80:aa:af:63:52:46:e8:48:
4d:81:7a:6b:5a:5e:92:b5:38:bc:5a:df:3c:9d:94:
41:97:9e:03:37:9a:93:18:b6:da:a9:bf:2c:8f:dc:
d9:b7:b6:62:0e:21:64:f4:27:70:b7:8f:99:46:08:
4d:f6:1f:b3:e6:1f:d9:5e:19:77:4a:e2:3b:6b:b7:
03:3a:9c:20:bd:29:22:de:3d:2d:72:08:ac:f1:c7:
83:11:c0:52:99:70:0c:ed:3f:91:16:7c:49:99:3b:
73:0f:c1:54:95:f2:6a:df:e5:b0:ed:4c:a1:db:10:
6f:6f:7a:86:f2:ff:d9:fc:de:17:5e:52:fe:75:bd:
fa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:76:06:8B:A8:73:F5:37:DB:DA:0D:62:57:95:2C:EA:B1:D9:30:CC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U3YGi6hz9Tfb2g1iV5Us6rHZMMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.86.0/23
82.115.208.0/24
94.154.161.0/24
171.22.31.0/24
185.252.176.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
54:86:12:1b:1a:5c:bc:43:7b:de:8b:39:d5:73:f4:03:d6:b4:
8b:b1:53:b4:fb:0a:c7:b6:99:1e:06:10:87:54:0c:c5:13:60:
a9:69:3f:06:ae:a0:69:25:9d:0e:b4:c9:0e:f6:c9:80:63:c4:
a9:02:24:e2:0d:d3:c8:6f:ad:df:00:21:c2:aa:41:a2:a7:05:
89:a9:1f:2d:b0:32:4e:94:fe:3d:5c:64:c1:03:b7:83:88:5d:
b2:cd:b2:90:3b:ca:c5:24:c7:0a:98:5d:06:62:1b:ff:04:49:
12:41:4b:69:94:6d:f2:42:4a:ca:46:63:45:0a:0c:f3:09:88:
07:43:71:6b:df:3d:83:ca:eb:7e:29:bf:9e:e0:00:19:8d:0d:
f3:51:29:fb:5f:df:07:30:04:7c:d0:9c:86:7e:d0:ba:8d:99:
dd:a5:5d:1c:5b:c2:14:ee:ec:e4:7c:34:ce:dc:f2:9a:35:c3:
c6:23:e0:bd:96:b2:20:ac:9b:6e:16:d0:a1:9f:84:56:89:00:
24:24:2e:a6:c2:98:ff:b0:43:c8:98:f9:42:77:de:85:6d:6a:
c3:e2:3a:0c:7c:04:e6:7d:ec:c6:9d:b2:cd:98:8c:dd:13:fd:
a7:8f:24:76:ef:12:04:30:04:ab:44:74:d4:82:54:95:1f:46:
c0:d7:ab:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY500M+iLetemQQ1mDS6IpsBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI1MDg1MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzc2MDY4YmE4NzNmNTM3ZGJkYTBkNjI1Nzk1MmNlYWIxZDkzMGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h0+FQSJ/Q+kdZx8a1YncDTxIY8p
J+gz6RZbXXnN/jfshBAPLkcGLBSXNZuAmb2RsSiY7N96ieoYUf0TcqnGs/mtsGo9
oXvhyHBeCbjQw+hY+/8M/0Fl/lWb5Ze4PENwLnWy5cwahKlrRwIQ+9+OeNGaCzq+
aPhl3yomtV86gKqvY1JG6EhNgXprWl6StTi8Wt88nZRBl54DN5qTGLbaqb8sj9zZ
t7ZiDiFk9Cdwt4+ZRghN9h+z5h/ZXhl3SuI7a7cDOpwgvSki3j0tcgis8ceDEcBS
mXAM7T+RFnxJmTtzD8FUlfJq3+Ww7Uyh2xBvb3qG8v/Z/N4XXlL+db363QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFN2Bouoc/U329oNYleVLOqx2TDMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVTNZR2k2aHo5VGZiMmcxaVY1VXM2ckhaTU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBLYFWAwQA
UnPQAwQAXpqhAwQAqxYfAwQAufywAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQBU
hhIbGly8Q3veiznVc/QD1rSLsVO0+wrHtpkeBhCHVAzFE2CpaT8GrqBpJZ0OtMkO
9smAY8SpAiTiDdPIb63fACHCqkGipwWJqR8tsDJOlP49XGTBA7eDiF2yzbKQO8rF
JMcKmF0GYhv/BEkSQUtplG3yQkrKRmNFCgzzCYgHQ3Fr3z2Dyut+Kb+e4AAZjQ3z
USn7X98HMAR80JyGftC6jZndpV0cW8IU7uzkfDTO3PKaNcPGI+C9lrIgrJtuFtCh
n4RWiQAkJC6mwpj/sEPImPlCd96FbWrD4joMfATmfezGnbLNmIzdE/2njyR27xIE
MASrRHTUglSVH0bA16uX
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org