Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U4QJKhs2aqKosV3MtNUVUY0kp-Q.roa
File: U4QJKhs2aqKosV3MtNUVUY0kp-Q.roa (raw, json)
Hash identifier: NDeKHoZCONZVXhrnshhhcdhEMIcFYtqia7Kzz14koXQ=
Subject key identifier: 53:84:09:2A:1B:36:6A:A2:A8:B1:5D:CC:B4:D5:15:51:8D:24:A7:E4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F1E4F08D17BB4DFE08C6C4F202D2766EB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U4QJKhs2aqKosV3MtNUVUY0kp-Q.roa
Signing time: Sat 27 Apr 2024 06:47:27 +0000
ROA not before: Sat 27 Apr 2024 06:47:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.9.156.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.21.174.0/23 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.86.0/23 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.246.223.0/24 maxlen: 24
193.42.32.0/23 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 13:39:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1e:4f:08:d1:7b:b4:df:e0:8c:6c:4f:20:2d:27:66:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 27 06:47:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5384092a1b366aa2a8b15dccb4d515518d24a7e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8f:f4:ff:b9:54:2f:6b:fb:58:be:f7:5f:ad:
87:06:b0:6b:26:48:c1:25:69:f6:70:06:53:e7:ff:
70:28:25:b0:ec:04:a4:6d:af:9d:3e:54:50:d6:ae:
eb:96:11:c5:f5:c1:bc:18:69:ee:53:0b:16:f8:b9:
b8:2b:e7:77:f1:5e:64:c2:66:5e:74:2f:95:3e:b7:
2f:b2:74:75:ee:e6:f1:8d:61:34:e3:af:eb:25:5c:
69:a5:5a:b6:42:fa:0b:48:d4:ed:4e:f9:88:b0:71:
c6:07:c6:35:2c:11:56:bb:bf:49:78:8f:2a:fc:df:
57:03:a1:eb:cf:2e:7a:ae:e3:67:e0:27:4d:3b:09:
b6:01:44:a2:73:ec:74:6a:25:d8:6e:89:af:d1:c8:
5f:7a:2b:36:fa:65:3f:06:15:7c:c1:c3:b1:f0:2d:
6d:5d:84:81:8a:dc:85:71:dd:4b:82:92:72:ab:3d:
ac:0d:2a:33:a2:61:f5:93:c6:7c:6e:17:7b:ad:27:
b0:7f:e7:7d:cc:04:ce:fb:75:3e:11:96:d1:bb:24:
86:c8:f4:3b:ee:d1:00:81:76:8e:b3:28:f4:f8:eb:
ac:c1:53:32:e3:23:48:aa:fa:51:a7:99:db:5c:8f:
36:f7:3d:03:c9:70:45:67:09:ea:e8:82:e5:9f:5e:
d6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:84:09:2A:1B:36:6A:A2:A8:B1:5D:CC:B4:D5:15:51:8D:24:A7:E4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/U4QJKhs2aqKosV3MtNUVUY0kp-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.88.88.0/24
45.151.89.0/24
83.219.97.0/24
84.21.174.0/23
87.120.87.0/24
87.121.45.0/24
87.121.86.0/23
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
95.214.25.0-95.214.26.255
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
185.216.84.0/22
185.218.84.0/22
185.246.223.0/24
193.42.32.0/23
194.48.248.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
28:de:e0:c2:62:8e:49:8a:57:de:a4:73:c5:58:52:38:57:d2:
60:68:2e:13:e5:5d:16:79:32:b7:71:0e:d7:93:83:59:75:3f:
0e:35:dc:ac:3d:ff:ae:63:ea:0e:f5:ac:19:e6:43:6e:ad:cc:
66:2c:de:ef:ef:17:56:3c:83:48:41:b8:5a:1e:08:fd:c3:cc:
90:91:f0:5d:5b:13:1a:65:f0:f1:c9:b2:2b:fd:24:02:be:9f:
90:64:72:36:5f:b0:5d:1f:cf:70:f2:71:c2:4f:08:c3:fb:7b:
41:de:03:d3:3e:dd:e6:1b:5c:e5:38:ed:57:34:c9:5c:0e:d3:
64:1e:4d:29:f2:86:48:b2:d0:5a:87:4b:a7:bf:4b:69:95:5a:
6e:a5:bf:36:e9:6d:56:6a:f0:3d:ef:60:05:aa:43:8e:63:35:
45:96:a2:c4:1e:9b:cb:8a:1f:50:b5:0b:e8:7e:73:29:f8:63:
d6:16:38:ed:4b:ce:73:35:ac:a5:c5:5a:76:39:c8:23:41:0e:
9f:d0:82:f7:40:ad:c0:56:56:fe:e8:80:1e:9b:46:ef:c0:3d:
2f:9d:de:db:ca:bc:b2:4f:ef:68:e4:2e:3a:31:b9:ec:c2:ea:
d7:c1:67:d2:13:e2:b8:fc:37:0a:a8:9e:9f:7a:ad:6b:d0:e6:
be:12:9d:f2
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAY8eTwjRe7Tf4IxsTyAtJ2brMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDI3MDY0NzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzg0MDkyYTFiMzY2YWEyYThiMTVkY2NiNGQ1MTU1MThkMjRhN2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4/0/7lUL2v7WL73X62HBrBrJkjB
JWn2cAZT5/9wKCWw7ASkba+dPlRQ1q7rlhHF9cG8GGnuUwsW+Lm4K+d38V5kwmZe
dC+VPrcvsnR17ubxjWE046/rJVxppVq2QvoLSNTtTvmIsHHGB8Y1LBFWu79JeI8q
/N9XA6Hrzy56ruNn4CdNOwm2AUSic+x0aiXYbomv0chfeis2+mU/BhV8wcOx8C1t
XYSBityFcd1LgpJyqz2sDSozomH1k8Z8bhd7rSewf+d9zATO+3U+EZbRuySGyPQ7
7tEAgXaOsyj0+OuswVMy4yNIqvpRp5nbXI829z0DyXBFZwnq6ILln17WNwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFFOECSobNmqiqLFdzLTVFVGNJKfkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVTRRSktoczJhcUtvc1YzTXROVVZVWTBrcC1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAt
CZwDBAAtWFgDBAAtl1kDBABT22EDBAFUFa4DBABXeFcDBABXeS0DBAFXeVYDBABX
ed0DBAFcd8QDBAJemqAwDAMEAF/WGQMEAF/WGgMEAJNOZgMEAqsWSAMEALLX4AME
ArnYVAMEArnaVAMEALn23wMEAcEqIAMEAMIw+AMEAMI34DANBgkqhkiG9w0BAQsF
AAOCAQEAKN7gwmKOSYpX3qRzxVhSOFfSYGguE+VdFnkyt3EO15ODWXU/DjXcrD3/
rmPqDvWsGeZDbq3MZize7+8XVjyDSEG4Wh4I/cPMkJHwXVsTGmXw8cmyK/0kAr6f
kGRyNl+wXR/PcPJxwk8Iw/t7Qd4D0z7d5htc5TjtVzTJXA7TZB5NKfKGSLLQWodL
p79LaZVabqW/NultVmrwPe9gBapDjmM1RZaixB6by4ofULUL6H5zKfhj1hY47UvO
czWspcVadjnII0EOn9CC90CtwFZW/uiAHptG78A9L53e28q8sk/vaOQuOjG57MLq
18Fn0hPiuPw3Cqien3qta9DmvhKd8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org