Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XIY7vJdEuM7wYHwp8x-7Pr0zf4s.roa
File: XIY7vJdEuM7wYHwp8x-7Pr0zf4s.roa (raw, json)
Hash identifier: tukluYjWi9rOxrK7+i7oTXOhB6rCfaGAl4Gp3czMG9k=
Subject key identifier: 5C:86:3B:BC:97:44:B8:CE:F0:60:7C:29:F3:1F:BB:3E:BD:33:7F:8B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DABEE607588010E0EB4359A920AC5D9CD
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XIY7vJdEuM7wYHwp8x-7Pr0zf4s.roa
Signing time: Thu 15 Feb 2024 08:42:22 +0000
ROA not before: Thu 15 Feb 2024 08:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.147.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Feb 2024 15:18:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ab:ee:60:75:88:01:0e:0e:b4:35:9a:92:0a:c5:d9:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 15 08:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5c863bbc9744b8cef0607c29f31fbb3ebd337f8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:31:2f:52:d0:64:8e:8c:cf:db:36:7e:a0:20:
0f:94:ed:64:55:77:e2:31:fa:dc:b5:22:1c:9b:05:
6f:3a:92:55:63:75:f0:6f:24:a2:34:d9:3c:d3:d2:
2c:46:c7:18:8d:eb:85:bc:16:f7:6f:14:b5:58:a3:
30:2f:67:7a:3c:9c:a6:7a:6e:ba:cb:16:cb:b7:44:
49:7c:1d:fb:9b:32:81:d5:5f:b8:ad:55:be:ac:05:
9e:fd:27:e6:b2:88:fb:c3:30:b7:0d:45:89:15:f0:
7a:f6:db:db:02:49:ce:0b:18:49:0e:b1:93:1f:8e:
c8:6e:9d:e8:41:0f:cc:cf:0f:22:a3:e3:ac:5b:62:
e8:06:49:e0:42:6d:31:e0:15:69:ac:38:fa:2f:e8:
24:1b:82:23:7d:65:09:b3:7a:19:92:f3:54:fa:90:
71:2f:80:6f:ee:a2:b9:d6:80:a9:07:67:f2:ed:cb:
25:74:f9:b7:4f:31:65:5b:dd:61:90:da:ad:47:df:
a1:d3:81:9f:70:6c:3c:32:e7:85:73:e4:c5:6e:5d:
51:27:67:4e:97:c8:30:13:ae:82:b5:2e:df:20:bc:
cb:ee:0a:1c:e2:0a:c6:43:5e:b8:81:81:92:e0:aa:
bd:54:fe:bc:b9:d9:22:14:0e:e6:1b:e7:37:b6:29:
01:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:86:3B:BC:97:44:B8:CE:F0:60:7C:29:F3:1F:BB:3E:BD:33:7F:8B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XIY7vJdEuM7wYHwp8x-7Pr0zf4s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
87.120.68.0/23
87.120.192.0/23
87.121.147.0/24
91.92.26.0/24
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:13:44:62:31:df:02:31:f9:07:66:bf:d8:9b:e7:bc:d8:a0:
00:6e:8c:f2:18:f5:fb:fe:d5:71:79:68:7c:ce:2a:8c:61:15:
8a:f0:80:d1:4f:d0:47:6f:0c:a2:ed:a2:eb:03:ea:8d:f3:c1:
8d:98:91:c6:38:88:30:16:6b:37:5c:4d:03:2f:b3:e1:aa:1c:
f1:1c:06:f8:c1:87:13:b4:05:48:bf:ac:a9:a0:30:9f:ac:ab:
52:cd:3b:5a:70:58:90:b4:49:ea:8d:ef:58:26:a7:5c:0a:8b:
9c:6c:59:c1:06:91:8b:c7:59:7f:e9:41:d4:ae:4d:b1:20:d3:
e8:05:fd:59:b9:5a:47:99:81:f7:2f:67:d1:0b:5e:7b:c3:55:
b4:11:fe:e8:0d:f3:95:16:a4:72:4b:7f:48:1a:7b:7b:6d:a1:
18:cd:11:ed:3e:1b:6f:77:19:52:2b:f1:b7:11:d5:0b:14:2f:
9c:71:ce:88:d2:df:94:92:de:fb:5f:12:aa:10:44:1b:b7:0d:
c9:30:ec:f4:90:66:ee:8b:1f:8d:46:2b:7c:25:fc:b6:4f:ab:
49:3c:23:51:12:e9:ce:8f:24:f5:3a:fc:2b:7b:cd:ea:09:c9:
b0:18:7d:9a:34:9f:8d:85:5e:11:1a:ce:e2:30:e0:e4:0f:61:
16:33:fd:07
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY2r7mB1iAEODrQ1mpIKxdnNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjE1MDg0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzg2M2JiYzk3NDRiOGNlZjA2MDdjMjlmMzFmYmIzZWJkMzM3ZjhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkTEvUtBkjozP2zZ+oCAPlO1kVXfi
MfrctSIcmwVvOpJVY3XwbySiNNk809IsRscYjeuFvBb3bxS1WKMwL2d6PJymem66
yxbLt0RJfB37mzKB1V+4rVW+rAWe/Sfmsoj7wzC3DUWJFfB69tvbAknOCxhJDrGT
H47Ibp3oQQ/Mzw8io+OsW2LoBkngQm0x4BVprDj6L+gkG4IjfWUJs3oZkvNU+pBx
L4Bv7qK51oCpB2fy7csldPm3TzFlW91hkNqtR9+h04GfcGw8MueFc+TFbl1RJ2dO
l8gwE66CtS7fILzL7goc4grGQ164gYGS4Kq9VP68udkiFA7mG+c3tikBPQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFFyGO7yXRLjO8GB8KfMfuz69M3+LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWElZN3ZKZEV1TTd3WUh3cDh4LTdQcjB6ZjRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALQheAwQB
V3hEAwQBV3jAAwQAV3mTAwQAW1waAwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUA
A4IBAQCkE0RiMd8CMfkHZr/Ym+e82KAAbozyGPX7/tVxeWh8ziqMYRWK8IDRT9BH
bwyi7aLrA+qN88GNmJHGOIgwFms3XE0DL7PhqhzxHAb4wYcTtAVIv6ypoDCfrKtS
zTtacFiQtEnqje9YJqdcCoucbFnBBpGLx1l/6UHUrk2xINPoBf1ZuVpHmYH3L2fR
C157w1W0Ef7oDfOVFqRyS39IGnt7baEYzRHtPhtvdxlSK/G3EdULFC+ccc6I0t+U
kt77XxKqEEQbtw3JMOz0kGbuix+NRit8Jfy2T6tJPCNREunOjyT1Ovwre83qCcmw
GH2aNJ+NhV4RGs7iMODkD2EWM/0H
-----END CERTIFICATE-----
Generated at Mon Feb 19 18:02:50 2024 by rpki-client on console-ams.rpki-client.org