Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WnJWk0Z_iK0LwUnh_YQa8qEjox8.roa
File: WnJWk0Z_iK0LwUnh_YQa8qEjox8.roa (raw, json)
Hash identifier: ALyRJnSKwdmlA+Dwj5B53btIxhCQkeqD1bOnCclER2k=
Subject key identifier: 5A:72:56:93:46:7F:88:AD:0B:C1:49:E1:FD:84:1A:F2:A1:23:A3:1F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0190974AB7F6D609A32FABB5D1F41751D89C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WnJWk0Z_iK0LwUnh_YQa8qEjox8.roa
Signing time: Tue 09 Jul 2024 11:39:34 +0000
ROA not before: Tue 09 Jul 2024 11:39:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152878
IP address blocks: 45.8.93.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 15:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:97:4a:b7:f6:d6:09:a3:2f:ab:b5:d1:f4:17:51:d8:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 9 11:39:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5a725693467f88ad0bc149e1fd841af2a123a31f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:6e:9d:a6:cd:b2:5f:09:ba:25:2d:41:71:6b:
fd:b7:a3:ae:9c:8f:e4:28:45:06:67:93:d6:5c:c6:
dd:6b:f5:8b:8b:c4:17:d4:0f:46:dc:c4:c3:ad:0f:
9e:04:16:27:93:3f:0a:29:da:47:ce:31:06:87:07:
ce:4e:7f:4e:b6:9d:e3:70:e7:35:7b:c0:e8:98:e4:
3f:68:18:01:c6:23:df:af:64:87:0a:80:2f:17:89:
4c:33:16:5f:c1:51:35:99:b3:28:9d:3e:14:ea:89:
b6:26:77:b2:3c:39:45:43:7f:ac:7e:34:ee:c2:aa:
65:2c:b0:26:6c:af:5f:9a:1b:5b:26:62:e3:54:d6:
27:a1:3b:68:89:54:35:cc:aa:55:30:d3:ca:9d:ef:
ae:bf:12:e2:12:43:3e:0d:b0:6d:cd:79:e9:11:3d:
af:49:13:77:ad:d1:35:11:2a:b8:1e:14:9e:de:c0:
7e:a5:7e:39:96:79:1e:fc:b0:65:a1:e4:8a:92:e3:
53:c6:64:d5:ba:96:d3:8f:b1:e7:20:19:94:6d:65:
c4:bf:d3:85:ad:f7:e3:78:0c:a1:79:82:3a:fa:4e:
3f:6f:c0:5d:62:13:80:7a:2f:4d:7c:1c:28:4a:17:
b1:e6:a2:26:d4:be:fd:29:40:dd:d8:95:79:32:a5:
55:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:72:56:93:46:7F:88:AD:0B:C1:49:E1:FD:84:1A:F2:A1:23:A3:1F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/WnJWk0Z_iK0LwUnh_YQa8qEjox8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.151.90.0/24
94.154.161.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:e3:1c:14:27:20:bf:05:46:35:74:98:60:68:4b:45:71:d0:
0e:64:c3:ae:89:26:1b:4e:03:a0:71:93:a4:83:b3:c1:d3:c6:
9d:d2:32:9e:d1:17:ed:95:21:23:f9:6f:54:00:56:fd:a0:f3:
ae:00:b7:ff:f4:0e:8e:8b:ec:42:86:1b:57:f7:48:4c:d3:b4:
f1:4e:2a:ca:be:9c:79:7b:25:30:90:d5:a4:47:d2:75:fe:d3:
90:c4:c6:93:7c:b4:49:f2:39:75:73:00:20:27:8b:3b:5d:90:
c6:30:3e:e9:1e:23:4f:e6:d9:8a:d5:37:da:3a:0c:f4:69:61:
e8:93:dd:94:7d:3f:45:3c:ec:85:ed:2d:5d:a0:8a:b7:70:c4:
76:a7:80:fb:a6:9a:64:7f:fc:1d:26:7f:0b:01:0b:bf:0f:a4:
27:7d:8b:5a:56:e2:a4:cc:50:7f:93:1f:c6:6b:8c:35:19:6f:
8e:1c:a8:93:bc:fd:bc:d5:9e:81:95:b0:d9:f9:b1:cc:c0:1c:
29:2d:5b:34:18:d6:19:c1:b6:0d:47:48:f2:5f:2f:da:14:c9:
a2:74:03:54:90:23:ce:dd:86:d1:ef:36:d3:e2:bc:1f:fb:eb:
f0:05:ee:47:be:fa:b5:19:ad:70:1e:f0:64:03:53:74:e3:a4:
71:c4:42:ac
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCXSrf21gmjL6u10fQXUdicMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzA5MTEzOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTcyNTY5MzQ2N2Y4OGFkMGJjMTQ5ZTFmZDg0MWFmMmExMjNhMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0G6dps2yXwm6JS1BcWv9t6OunI/k
KEUGZ5PWXMbda/WLi8QX1A9G3MTDrQ+eBBYnkz8KKdpHzjEGhwfOTn9Otp3jcOc1
e8DomOQ/aBgBxiPfr2SHCoAvF4lMMxZfwVE1mbMonT4U6om2JneyPDlFQ3+sfjTu
wqplLLAmbK9fmhtbJmLjVNYnoTtoiVQ1zKpVMNPKne+uvxLiEkM+DbBtzXnpET2v
SRN3rdE1ESq4HhSe3sB+pX45lnke/LBloeSKkuNTxmTVupbTj7HnIBmUbWXEv9OF
rffjeAyheYI6+k4/b8BdYhOAei9NfBwoShex5qIm1L79KUDd2JV5MqVV9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFpyVpNGf4itC8FJ4f2EGvKhI6MfMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvV25KV2swWl9pSzBMd1VuaF9ZUWE4cUVqb3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALQhdAwQA
LZdaAwQAXpqhMA0GCSqGSIb3DQEBCwUAA4IBAQB/4xwUJyC/BUY1dJhgaEtFcdAO
ZMOuiSYbTgOgcZOkg7PB08ad0jKe0RftlSEj+W9UAFb9oPOuALf/9A6Oi+xChhtX
90hM07TxTirKvpx5eyUwkNWkR9J1/tOQxMaTfLRJ8jl1cwAgJ4s7XZDGMD7pHiNP
5tmK1TfaOgz0aWHok92UfT9FPOyF7S1doIq3cMR2p4D7pppkf/wdJn8LAQu/D6Qn
fYtaVuKkzFB/kx/Ga4w1GW+OHKiTvP281Z6BlbDZ+bHMwBwpLVs0GNYZwbYNR0jy
Xy/aFMmidANUkCPO3YbR7zbT4rwf++vwBe5Hvvq1Ga1wHvBkA1N046RxxEKs
-----END CERTIFICATE-----
Generated at Wed Nov 20 17:30:19 2024 by rpki-client on console-fra.rpki-client.org