Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vh2xUEiiTT-CFVgXyguHdF2gvuI.roa
File: Vh2xUEiiTT-CFVgXyguHdF2gvuI.roa (raw, json)
Hash identifier: 1PaM68kIJfIMfHNZR6sVUgVI0HGX/WSSa6JFoVa7+oE=
Subject key identifier: 56:1D:B1:50:48:A2:4D:3F:82:15:58:17:CA:0B:87:74:5D:A0:BE:E2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E4CF800A79B402933E76E53E89E1264EC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vh2xUEiiTT-CFVgXyguHdF2gvuI.roa
Signing time: Sun 17 Mar 2024 15:11:45 +0000
ROA not before: Sun 17 Mar 2024 15:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.62.0/24 maxlen: 24
87.121.63.0/24 maxlen: 24
87.121.114.0/24 maxlen: 24
87.121.115.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.75.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Mar 2024 12:11:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:4c:f8:00:a7:9b:40:29:33:e7:6e:53:e8:9e:12:64:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 15:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=561db15048a24d3f82155817ca0b87745da0bee2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1d:3e:91:63:f1:2d:32:31:00:f3:5c:3c:b3:
fe:5c:a8:e9:4e:3b:f0:45:58:eb:fe:e4:c4:a6:3e:
b0:d8:9d:1d:bf:84:d9:32:72:e2:a3:a4:6a:e1:70:
e9:21:b4:6f:d7:c9:cf:27:6f:10:f6:8f:ab:19:6c:
53:74:0d:99:d4:c0:2d:c0:27:5c:bb:be:1b:3b:7f:
8b:d2:94:aa:a0:f2:f7:b4:05:a1:8e:6a:bd:6c:d2:
55:24:3d:12:97:a1:70:5f:e4:39:6d:0d:65:f1:a6:
31:07:c9:47:5f:c5:fd:98:96:23:e1:88:72:fa:07:
31:64:31:3d:1f:ea:a3:2a:57:30:9e:a2:32:ab:1c:
fe:c9:c3:4a:78:90:38:44:c0:61:a4:15:e5:a4:e3:
b6:3e:24:e4:4d:f5:3a:ca:9f:c6:10:9b:a4:1e:2b:
17:5f:ea:95:5f:06:e6:de:ee:9e:8e:67:00:87:e9:
20:ed:85:5a:ef:dc:ac:c3:34:e6:b4:da:3e:80:21:
1c:bd:40:41:6f:60:89:4d:fd:d8:51:1a:c3:0b:47:
7c:6b:0d:99:dd:b4:8b:89:73:ec:cd:bb:f7:f9:0b:
fc:b8:3b:8c:9e:9b:f3:27:52:47:71:08:4b:fb:c3:
8e:59:84:a8:eb:7e:ea:e4:b8:b3:f3:f6:ce:b8:4c:
07:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1D:B1:50:48:A2:4D:3F:82:15:58:17:CA:0B:87:74:5D:A0:BE:E2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Vh2xUEiiTT-CFVgXyguHdF2gvuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
87.121.62.0/23
87.121.114.0/23
91.92.26.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
31:0c:af:6a:0a:26:06:7b:92:ae:3f:0a:3e:ef:8a:44:35:1e:
3f:97:bb:79:46:1a:af:92:ed:67:8f:e2:97:6b:8f:25:4f:fe:
c9:15:d5:b3:62:f8:28:5b:fb:00:41:6a:a7:d2:2e:7c:69:0b:
86:10:38:98:53:1d:21:cb:8b:3a:87:9d:45:7b:e5:84:81:2e:
ed:aa:72:b1:52:eb:c8:f8:2d:23:03:df:bf:a3:b9:fb:63:55:
38:28:b3:b3:bf:fd:42:c2:73:59:1d:d5:e5:bb:de:00:1c:29:
1c:43:79:6a:8d:fc:35:38:5a:88:7a:a0:b9:eb:e1:e4:14:82:
58:92:d4:16:32:74:ae:ac:f3:87:49:27:68:38:85:6a:d6:c6:
af:48:ae:e9:5b:6f:64:2a:30:8f:45:be:ab:ff:54:10:3e:ef:
c5:72:84:60:1f:e0:df:63:70:a1:9f:05:99:8b:62:85:68:da:
71:01:60:87:39:fe:4b:11:40:76:a5:b0:f1:1f:c5:10:20:3e:
49:61:be:94:68:ac:3b:d0:ea:6c:4c:4d:60:bb:0a:d5:04:2a:
77:cf:22:32:e0:55:3b:5c:d2:1c:df:99:21:61:ac:90:c1:40:
a2:d6:f7:b4:c1:52:f9:3c:9e:77:e3:b6:72:2c:7c:97:f4:01:
dd:72:b1:eb
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5M+ACnm0ApM+duU+ieEmTsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzE3MTUxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFkYjE1MDQ4YTI0ZDNmODIxNTU4MTdjYTBiODc3NDVkYTBiZWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoB0+kWPxLTIxAPNcPLP+XKjpTjvw
RVjr/uTEpj6w2J0dv4TZMnLio6Rq4XDpIbRv18nPJ28Q9o+rGWxTdA2Z1MAtwCdc
u74bO3+L0pSqoPL3tAWhjmq9bNJVJD0Sl6FwX+Q5bQ1l8aYxB8lHX8X9mJYj4Yhy
+gcxZDE9H+qjKlcwnqIyqxz+ycNKeJA4RMBhpBXlpOO2PiTkTfU6yp/GEJukHisX
X+qVXwbm3u6ejmcAh+kg7YVa79yswzTmtNo+gCEcvUBBb2CJTf3YURrDC0d8aw2Z
3bSLiXPszbv3+Qv8uDuMnpvzJ1JHcQhL+8OOWYSo637q5Liz8/bOuEwHtwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFYdsVBIok0/ghVYF8oLh3RdoL7iMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVmgyeFVFaWlUVC1DRlZnWHlndUhkRjJndnVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQheAwQB
V3hEAwQBV3k+AwQBV3lyAwQAW1waAwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUA
A4IBAQAxDK9qCiYGe5KuPwo+74pENR4/l7t5Rhqvku1nj+KXa48lT/7JFdWzYvgo
W/sAQWqn0i58aQuGEDiYUx0hy4s6h51Fe+WEgS7tqnKxUuvI+C0jA9+/o7n7Y1U4
KLOzv/1CwnNZHdXlu94AHCkcQ3lqjfw1OFqIeqC56+HkFIJYktQWMnSurPOHSSdo
OIVq1savSK7pW29kKjCPRb6r/1QQPu/FcoRgH+DfY3ChnwWZi2KFaNpxAWCHOf5L
EUB2pbDxH8UQID5JYb6UaKw70OpsTE1guwrVBCp3zyIy4FU7XNIc35khYayQwUCi
1ve0wVL5PJ5347ZyLHyX9AHdcrHr
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:34 2024 by rpki-client on console-ams.rpki-client.org