Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XeI9qcJOU3QTDbPEv9Sxs4lKSWQ.roa
File: XeI9qcJOU3QTDbPEv9Sxs4lKSWQ.roa (raw, json)
Hash identifier: nEivof69zWNRuxIZTZ0g0aWrixUDaPisRgUkbCiLV+Q=
Subject key identifier: 5D:E2:3D:A9:C2:4E:53:74:13:0D:B3:C4:BF:D4:B1:B3:89:4A:49:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019145C1A8BBCAE6D07B1D3F8AFD6070F627
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XeI9qcJOU3QTDbPEv9Sxs4lKSWQ.roa
Signing time: Mon 12 Aug 2024 08:43:25 +0000
ROA not before: Mon 12 Aug 2024 08:43:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 45.66.228.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 12:46:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:45:c1:a8:bb:ca:e6:d0:7b:1d:3f:8a:fd:60:70:f6:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 12 08:43:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5de23da9c24e5374130db3c4bfd4b1b3894a4964
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:06:b7:e4:52:7b:ed:74:57:4b:70:17:49:d4:
9b:94:49:3d:70:a2:c9:06:b3:0d:7e:d0:f6:db:6a:
9c:3f:8a:7a:5c:61:23:1f:6a:94:73:1f:eb:a8:db:
4a:c2:19:1d:90:21:f5:98:da:36:a9:c9:f3:6f:a9:
27:92:f0:bf:4e:4f:e1:ae:66:6d:0f:41:b0:aa:48:
c2:3a:8b:bd:67:50:07:e2:29:9c:ea:5e:7e:59:43:
4a:93:47:30:28:36:51:fe:60:39:87:2b:b8:9e:c9:
33:75:d2:7c:a1:69:be:3b:5c:75:40:5c:af:24:44:
e1:47:cc:8c:fc:44:6f:21:ae:18:8b:1e:b5:79:80:
d0:53:3b:2f:03:53:c3:62:1b:f9:c7:a5:25:8d:da:
3b:2d:9a:23:e2:3b:89:0d:0b:09:ad:04:b2:18:4b:
d9:3a:5d:98:56:d8:41:cc:55:bb:f9:f8:b5:0e:63:
77:ac:78:af:f6:13:75:25:fd:0d:08:e8:4e:56:24:
a0:dd:8e:f3:e4:0f:ac:bb:26:be:0f:9f:cd:eb:29:
18:4f:d6:a3:0b:1a:3b:7a:a5:de:72:35:2e:61:c1:
26:32:69:52:86:d5:5b:bc:ed:47:b4:e5:27:f6:45:
15:da:86:7b:74:dc:c3:87:ab:93:63:ed:91:32:60:
3e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E2:3D:A9:C2:4E:53:74:13:0D:B3:C4:BF:D4:B1:B3:89:4A:49:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XeI9qcJOU3QTDbPEv9Sxs4lKSWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
193.149.28.0/22
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
29:6c:9a:f9:90:03:b8:b2:fa:af:4e:5a:a6:59:0f:38:65:d6:
65:42:2a:b9:1a:e7:c4:96:33:23:6e:15:22:59:7e:66:10:23:
61:d0:cb:dd:14:b2:4a:f1:48:3b:17:13:65:ad:98:7c:e0:5b:
7c:2d:71:87:38:5a:5c:6f:c5:84:b6:98:77:96:b2:67:fd:c6:
96:9f:42:4d:b5:9c:be:11:7e:b8:fe:bd:87:76:50:5a:f1:6a:
09:13:7e:3e:77:a6:f0:ab:54:0e:f7:dd:cb:be:d2:51:0d:8a:
d9:42:ad:bc:73:90:26:13:f5:18:d2:1d:78:c5:68:96:9c:f7:
5f:94:0c:fd:f9:75:92:95:d0:cf:a8:5c:6d:9e:c1:b7:81:c9:
06:c4:a6:e0:da:09:cd:23:65:e8:22:d4:a8:03:87:67:54:73:
4e:a5:ef:53:a0:3f:8d:c1:52:60:dd:14:d1:a3:8b:02:1b:62:
fa:f5:a4:ed:36:08:c5:55:9f:23:ee:f9:a4:4e:86:2e:79:ee:
52:44:99:a9:49:b1:cb:59:59:29:e0:b1:2a:a9:16:18:ff:7a:
48:fd:50:7c:85:b0:10:0f:c6:9a:89:a2:5d:ef:23:e8:c0:d8:
f6:63:a4:d5:40:88:7a:bb:1d:6d:e9:a7:c3:b5:8b:0f:97:01:
55:36:78:da
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFFwai7yubQex0/iv1gcPYnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODEyMDg0MzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGUyM2RhOWMyNGU1Mzc0MTMwZGIzYzRiZmQ0YjFiMzg5NGE0OTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmga35FJ77XRXS3AXSdSblEk9cKLJ
BrMNftD222qcP4p6XGEjH2qUcx/rqNtKwhkdkCH1mNo2qcnzb6knkvC/Tk/hrmZt
D0GwqkjCOou9Z1AH4imc6l5+WUNKk0cwKDZR/mA5hyu4nskzddJ8oWm+O1x1QFyv
JEThR8yM/ERvIa4Yix61eYDQUzsvA1PDYhv5x6Uljdo7LZoj4juJDQsJrQSyGEvZ
Ol2YVthBzFW7+fi1DmN3rHiv9hN1Jf0NCOhOViSg3Y7z5A+suya+D5/N6ykYT9aj
Cxo7eqXecjUuYcEmMmlShtVbvO1HtOUn9kUV2oZ7dNzDh6uTY+2RMmA+8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF3iPanCTlN0Ew2zxL/UsbOJSklkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWGVJOXFjSk9VM1FURGJQRXY5U3hzNGxLU1dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALULkAwQC
wZUcAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQApbJr5kAO4svqvTlqm
WQ84ZdZlQiq5GufEljMjbhUiWX5mECNh0MvdFLJK8Ug7FxNlrZh84Ft8LXGHOFpc
b8WEtph3lrJn/caWn0JNtZy+EX64/r2HdlBa8WoJE34+d6bwq1QO993LvtJRDYrZ
Qq28c5AmE/UY0h14xWiWnPdflAz9+XWSldDPqFxtnsG3gckGxKbg2gnNI2XoItSo
A4dnVHNOpe9ToD+NwVJg3RTRo4sCG2L69aTtNgjFVZ8j7vmkToYuee5SRJmpSbHL
WVkp4LEqqRYY/3pI/VB8hbAQD8aaiaJd7yPowNj2Y6TVQIh6ux1t6afDtYsPlwFV
Nnja
-----END CERTIFICATE-----
Generated at Wed Aug 28 16:05:30 2024 by rpki-client on console-fra.rpki-client.org