Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X6z48X8ZOIoAr2Ru5uZBov033S8.roa
File: X6z48X8ZOIoAr2Ru5uZBov033S8.roa (raw, json)
Hash identifier: ywMG/BBFv19IoH4vQAt5HDYsgS+5/w6dCFr73UpKuw0=
Subject key identifier: 5F:AC:F8:F1:7F:19:38:8A:00:AF:64:6E:E6:E6:41:A2:FD:37:DD:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF05D6311EB863E73C4A23683505C90A0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X6z48X8ZOIoAr2Ru5uZBov033S8.roa
Signing time: Wed 28 Feb 2024 15:37:48 +0000
ROA not before: Wed 28 Feb 2024 15:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.132.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
192.145.28.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Mar 2024 12:14:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f0:5d:63:11:eb:86:3e:73:c4:a2:36:83:50:5c:90:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 28 15:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5facf8f17f19388a00af646ee6e641a2fd37dd2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1d:15:b6:52:1f:a1:79:f0:30:11:f8:ec:30:
5e:5d:d3:21:d1:f1:20:b5:30:91:61:b9:31:95:4f:
3e:99:5c:cf:a8:92:72:34:f4:f4:b6:1e:1a:66:f6:
ec:1f:b4:0e:72:c5:44:1d:eb:71:5a:4b:b6:c0:58:
9c:7e:cd:da:1a:a7:23:8e:38:d1:c6:7e:e2:75:00:
89:09:07:94:fa:b1:a4:d3:79:4f:df:a6:80:3d:dc:
62:74:bc:34:a3:7b:da:77:d1:75:da:9d:26:a3:28:
76:2c:7e:83:0f:a7:b9:19:d4:80:ac:05:18:d3:1d:
89:7b:32:a5:95:21:7b:3e:5a:3c:ef:32:ef:cc:7b:
86:f3:00:c1:c6:a2:69:9b:62:cc:bc:a8:b5:a1:b2:
95:5c:a9:8a:45:cf:0c:33:80:4f:a9:13:b7:00:ee:
ca:5d:a8:83:dc:de:4d:b8:7b:2c:86:07:ce:9d:18:
3d:b3:c1:59:3d:3b:37:db:11:67:ac:48:92:c6:ed:
24:75:d1:38:58:68:24:fd:df:f3:a7:bc:a3:c6:85:
4a:6f:11:d3:cc:1b:5f:57:39:a3:a5:5e:ea:fa:94:
85:ea:81:04:72:4e:af:c5:c7:12:cc:a8:9c:b9:ca:
45:84:92:11:30:58:c3:bc:26:3c:a3:11:14:49:45:
8e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AC:F8:F1:7F:19:38:8A:00:AF:64:6E:E6:E6:41:A2:FD:37:DD:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X6z48X8ZOIoAr2Ru5uZBov033S8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.132.0/24
94.156.177.0/24
178.215.226.0/24
185.225.73.0/24
192.145.28.0/22
Signature Algorithm: sha256WithRSAEncryption
85:e2:d4:7f:95:0d:c0:fe:c3:14:2a:5c:70:fe:d6:01:ca:9d:
55:1d:43:a2:cd:29:9c:94:df:58:35:9e:76:5d:7b:ca:b0:f5:
b6:ff:de:d5:84:43:4d:19:49:a6:01:ea:9f:6b:0b:33:8a:b7:
c4:54:63:2f:e4:e0:f8:98:fd:a5:73:d9:ea:f4:e6:71:1a:81:
bc:2a:81:53:27:03:af:50:cb:cf:f1:6e:76:47:40:f7:38:25:
2e:b3:18:bd:39:7b:60:26:99:e6:b4:83:68:36:27:54:14:56:
e3:fb:81:85:34:12:71:4b:6e:2a:25:00:89:78:03:66:cd:36:
fb:73:a8:3b:ab:3c:90:42:6a:3a:ee:8c:44:f8:48:e2:ff:ad:
16:e7:f9:fc:30:ad:37:2c:83:0b:9a:aa:80:54:e5:cb:20:8b:
02:f5:9a:30:af:13:12:9c:71:88:d1:06:f3:8f:c8:4f:12:ca:
d8:64:ca:2f:33:84:78:73:06:15:5a:92:30:c1:00:bc:44:af:
5f:12:9c:d9:37:27:0f:2b:e1:4c:87:5e:15:f7:00:ae:2d:62:
9e:af:33:81:67:97:11:57:7e:43:b8:bd:5d:87:b9:0f:b4:5a:
af:53:51:cc:2f:32:d5:29:ca:34:aa:cf:d6:7a:96:49:a7:fa:
01:74:c1:88
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY3wXWMR64Y+c8SiNoNQXJCgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI4MTUzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFjZjhmMTdmMTkzODhhMDBhZjY0NmVlNmU2NDFhMmZkMzdkZDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgB0VtlIfoXnwMBH47DBeXdMh0fEg
tTCRYbkxlU8+mVzPqJJyNPT0th4aZvbsH7QOcsVEHetxWku2wFicfs3aGqcjjjjR
xn7idQCJCQeU+rGk03lP36aAPdxidLw0o3vad9F12p0moyh2LH6DD6e5GdSArAUY
0x2JezKllSF7Plo87zLvzHuG8wDBxqJpm2LMvKi1obKVXKmKRc8MM4BPqRO3AO7K
XaiD3N5NuHsshgfOnRg9s8FZPTs32xFnrEiSxu0kddE4WGgk/d/zp7yjxoVKbxHT
zBtfVzmjpV7q+pSF6oEEck6vxccSzKicucpFhJIRMFjDvCY8oxEUSUWOiwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF+s+PF/GTiKAK9kbubmQaL9N90vMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWDZ6NDhYOFpPSW9BcjJSdTV1WkJvdjAzM1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVdGEAwQA
XpyxAwQAstfiAwQAueFJAwQCwJEcMA0GCSqGSIb3DQEBCwUAA4IBAQCF4tR/lQ3A
/sMUKlxw/tYByp1VHUOizSmclN9YNZ52XXvKsPW2/97VhENNGUmmAeqfawszirfE
VGMv5OD4mP2lc9nq9OZxGoG8KoFTJwOvUMvP8W52R0D3OCUusxi9OXtgJpnmtINo
NidUFFbj+4GFNBJxS24qJQCJeANmzTb7c6g7qzyQQmo67oxE+Eji/60W5/n8MK03
LIMLmqqAVOXLIIsC9ZowrxMSnHGI0Qbzj8hPEsrYZMovM4R4cwYVWpIwwQC8RK9f
EpzZNycPK+FMh14V9wCuLWKerzOBZ5cRV35DuL1dh7kPtFqvU1HMLzLVKco0qs/W
epZJp/oBdMGI
-----END CERTIFICATE-----
Generated at Sun Mar 3 12:51:37 2024 by rpki-client on console-ams.rpki-client.org