Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7V26zdQL6wanCQaY6LJALX9JGM.roa
File: X7V26zdQL6wanCQaY6LJALX9JGM.roa (raw, json)
Hash identifier: yDEUZeaRZqrIPFcMWbhDoWSoG7uyVyaiBavcgoacdBY=
Subject key identifier: 5F:B5:76:EB:37:50:2F:AC:1A:9C:24:1A:63:A2:C9:00:B5:FD:24:63
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ECBE7286E244E12461FC2696C5C9578A5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7V26zdQL6wanCQaY6LJALX9JGM.roa
Signing time: Thu 11 Apr 2024 06:45:07 +0000
ROA not before: Thu 11 Apr 2024 06:45:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203168
IP address blocks: 45.88.90.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
94.156.10.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 16:14:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:e7:28:6e:24:4e:12:46:1f:c2:69:6c:5c:95:78:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 11 06:45:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fb576eb37502fac1a9c241a63a2c900b5fd2463
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:92:a9:86:3e:0f:33:cd:4c:8e:84:b6:0e:71:
e4:85:05:5c:bc:08:7d:65:3b:bf:78:3e:df:8c:d4:
f9:8a:8c:05:18:82:48:66:d6:8b:f8:de:0d:20:d1:
69:21:ae:bd:64:95:bf:af:fc:b1:75:17:fa:93:2e:
07:1d:ea:24:60:b6:7c:59:eb:56:f8:2d:81:b8:47:
bc:c5:a7:2e:d5:c8:8d:ab:7a:fa:6c:32:19:e8:05:
f9:e1:0f:a2:e5:a2:8d:6c:2c:57:46:cd:c2:9e:85:
e8:f0:0c:69:38:6c:c4:2d:e2:15:a9:01:6d:65:f1:
34:f5:3e:b9:d2:66:24:78:d2:5f:7f:9b:fc:85:8e:
e1:75:9e:af:52:a8:65:e2:7c:0f:71:f1:4d:bd:4e:
52:92:7a:c6:b5:d8:3d:29:90:d2:b1:d8:f3:32:95:
7a:33:eb:65:84:7c:0a:f8:56:55:26:48:46:55:5d:
bb:16:4f:75:1e:78:68:d6:9c:fc:31:d5:a4:55:3e:
8c:90:e5:75:83:8f:e0:a8:06:cc:64:39:62:e5:b5:
71:89:fd:f4:5c:3f:33:5c:af:63:c7:3d:b3:10:c9:
04:f6:5f:2b:25:7a:78:c0:76:7b:66:d8:8b:f0:45:
dc:d4:bf:bb:67:f3:d9:82:ae:43:b7:69:8f:c3:15:
5d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B5:76:EB:37:50:2F:AC:1A:9C:24:1A:63:A2:C9:00:B5:FD:24:63
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/X7V26zdQL6wanCQaY6LJALX9JGM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.128.96.0/24
87.120.84.0/24
87.121.105.0/24
94.156.10.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:5b:9c:ef:ff:1f:1c:a8:a4:7c:c0:88:a2:e8:9e:6f:fe:3f:
0f:b5:21:95:64:f4:73:21:4f:3d:80:99:07:ba:b5:cd:b8:6c:
50:0b:20:70:54:2e:b1:64:f5:63:3f:ff:10:41:bf:05:a7:31:
ce:36:e7:b6:4a:b5:3d:31:79:dc:49:6a:77:78:09:25:2f:29:
98:63:da:94:fc:94:ce:54:6c:5f:97:07:ff:ac:60:97:b7:ef:
62:97:fa:21:65:b5:11:4a:18:06:a3:0b:fb:67:09:9b:47:53:
81:0f:93:be:df:71:ba:32:fa:b9:63:37:db:11:dd:01:c0:8e:
67:70:ea:e3:14:f4:26:ed:06:20:cd:e3:35:5c:73:ea:30:9a:
2f:c7:96:0e:db:38:34:55:71:27:3d:37:32:30:e7:32:f1:a6:
cd:53:96:c8:96:d1:f5:13:d9:62:ea:65:d4:3c:cc:a9:d1:72:
7b:18:61:6f:49:a0:3b:64:ba:71:73:96:7f:6f:80:30:a3:62:
5d:51:30:dc:22:8f:be:40:c0:72:2d:36:03:68:a1:10:54:64:
80:42:ac:0d:66:7f:f3:e4:8e:b0:0e:b3:80:12:d2:b2:39:21:
e5:2c:0c:50:cc:02:a8:85:ce:98:7e:39:12:91:0c:64:c8:94:
e2:a9:d8:f4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY7L5yhuJE4SRh/CaWxclXilMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDExMDY0NTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmI1NzZlYjM3NTAyZmFjMWE5YzI0MWE2M2EyYzkwMGI1ZmQyNDYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppKphj4PM81MjoS2DnHkhQVcvAh9
ZTu/eD7fjNT5iowFGIJIZtaL+N4NINFpIa69ZJW/r/yxdRf6ky4HHeokYLZ8WetW
+C2BuEe8xacu1ciNq3r6bDIZ6AX54Q+i5aKNbCxXRs3CnoXo8AxpOGzELeIVqQFt
ZfE09T650mYkeNJff5v8hY7hdZ6vUqhl4nwPcfFNvU5SknrGtdg9KZDSsdjzMpV6
M+tlhHwK+FZVJkhGVV27Fk91Hnho1pz8MdWkVT6MkOV1g4/gqAbMZDli5bVxif30
XD8zXK9jxz2zEMkE9l8rJXp4wHZ7ZtiL8EXc1L+7Z/PZgq5Dt2mPwxVdjwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF+1dus3UC+sGpwkGmOiyQC1/SRjMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWDdWMjZ6ZFFMNndhbkNRYVk2TEpBTFg5SkdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVhaAwQA
LYBgAwQAV3hUAwQAV3lpAwQAXpwKAwQAwd5gAwQAwjD7MA0GCSqGSIb3DQEBCwUA
A4IBAQA6W5zv/x8cqKR8wIii6J5v/j8PtSGVZPRzIU89gJkHurXNuGxQCyBwVC6x
ZPVjP/8QQb8FpzHONue2SrU9MXncSWp3eAklLymYY9qU/JTOVGxflwf/rGCXt+9i
l/ohZbURShgGowv7ZwmbR1OBD5O+33G6Mvq5YzfbEd0BwI5ncOrjFPQm7QYgzeM1
XHPqMJovx5YO2zg0VXEnPTcyMOcy8abNU5bIltH1E9li6mXUPMyp0XJ7GGFvSaA7
ZLpxc5Z/b4Awo2JdUTDcIo++QMByLTYDaKEQVGSAQqwNZn/z5I6wDrOAEtKyOSHl
LAxQzAKohc6YfjkSkQxkyJTiqdj0
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:35 2024 by rpki-client on console-ams.rpki-client.org