Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y6drll88D-y5o1oySXHu0p8ZPGc.roa
File: Y6drll88D-y5o1oySXHu0p8ZPGc.roa (raw, json)
Hash identifier: hqmym59OTCjPiZX18WW81cZP6VWZ9NFDTIRSbmBWdfw=
Subject key identifier: 63:A7:6B:96:5F:3C:0F:EC:B9:A3:5A:32:49:71:EE:D2:9F:19:3C:67
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192C92E74B00CA7C774B2357ABDA786FA78
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y6drll88D-y5o1oySXHu0p8ZPGc.roa
Signing time: Sat 26 Oct 2024 14:15:17 +0000
ROA not before: Sat 26 Oct 2024 14:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62425
IP address blocks: 45.95.0.0/22 maxlen: 24
45.95.3.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.121.217.0/24 maxlen: 24
94.125.100.0/24 maxlen: 24
94.125.101.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Oct 2024 05:44:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c9:2e:74:b0:0c:a7:c7:74:b2:35:7a:bd:a7:86:fa:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 26 14:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63a76b965f3c0fecb9a35a324971eed29f193c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c2:ab:5b:cc:9a:3e:53:61:7a:5a:6d:80:3a:
e8:84:3e:89:03:43:4e:89:e8:5b:83:f9:f7:ed:e1:
65:90:c4:fa:d7:95:61:55:f8:72:74:ae:a5:88:e0:
d9:ac:e7:db:ae:0a:22:12:9a:f6:cb:ec:d6:59:79:
7e:8d:15:4e:6c:87:d5:15:cc:34:f5:94:31:83:48:
de:11:b6:67:86:77:8c:15:8c:d6:af:6a:d7:a9:eb:
f6:f0:81:37:d1:00:6f:1b:b2:fe:80:a7:53:43:74:
a0:c7:ac:e4:64:4b:a0:74:a6:3a:c8:af:4f:63:82:
a7:a1:b4:08:df:79:2c:77:59:86:db:0f:b6:23:78:
e9:f5:7c:b5:36:35:03:20:e0:82:4f:21:8c:58:e8:
5d:17:f3:b7:1b:78:1f:b5:55:7f:20:e4:ab:7a:19:
da:99:dd:89:e9:8e:9c:fe:92:71:05:77:3a:42:cc:
79:f1:a0:1b:6d:d5:76:80:81:97:eb:1b:4e:65:83:
36:27:20:61:99:6c:20:41:73:68:b9:58:6f:ad:23:
e9:b5:18:37:73:80:fc:29:aa:e1:bb:8f:ec:b0:62:
29:71:bb:99:1d:bf:94:5f:ac:a3:bc:1f:da:6e:73:
f2:a0:e3:8f:a1:ab:9c:7b:56:dd:e0:a6:68:d1:ff:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:A7:6B:96:5F:3C:0F:EC:B9:A3:5A:32:49:71:EE:D2:9F:19:3C:67
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Y6drll88D-y5o1oySXHu0p8ZPGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
87.120.36.0/24
87.121.217.0/24
94.125.100.0/23
109.206.242.0/24
185.218.137.0/24
Signature Algorithm: sha256WithRSAEncryption
09:b9:1a:bd:ec:39:9f:f8:03:2d:39:e1:9a:0a:3c:c0:e3:6a:
7b:b2:4f:24:7e:da:9e:c6:2e:b4:b1:85:1a:38:2e:74:fb:a6:
8e:2f:5b:92:ca:38:d3:44:b8:c8:77:a8:ca:66:96:16:7e:e7:
fa:70:f1:66:0e:c4:dd:4f:09:17:26:36:e8:89:6e:f9:6e:b0:
45:9f:ec:07:7e:4f:ce:da:82:b5:79:7c:b7:89:0d:28:ab:13:
66:e1:4a:db:ef:5e:2a:1b:41:03:11:07:bf:58:01:41:16:de:
c6:51:46:8c:a6:62:22:95:93:bf:5f:43:e2:4c:57:b9:5c:c5:
8c:81:f3:64:c6:d1:07:6f:b3:93:69:bc:e9:25:ed:67:62:b1:
ea:d3:b4:ad:44:68:a8:e0:64:77:8d:05:62:24:a0:e9:2a:7d:
55:88:db:17:6b:80:47:3f:0b:03:a7:ed:a7:66:e2:87:11:7e:
c4:59:5f:f5:b9:e8:3e:70:ef:5e:ef:cb:66:44:3b:15:7f:68:
d3:1e:d0:43:3a:11:3c:6f:4d:04:d4:2f:e8:58:1d:5d:18:57:
7b:6a:b0:ec:38:bd:59:f7:10:e1:df:76:3b:a9:f4:30:6b:2f:
1c:f1:75:e7:2b:da:bd:fb:fd:cb:ae:4c:ae:b9:1c:57:14:7d:
2d:24:3a:06
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZLJLnSwDKfHdLI1er2nhvp4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDI2MTQxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2E3NmI5NjVmM2MwZmVjYjlhMzVhMzI0OTcxZWVkMjlmMTkzYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssKrW8yaPlNhelptgDrohD6JA0NO
iehbg/n37eFlkMT615VhVfhydK6liODZrOfbrgoiEpr2y+zWWXl+jRVObIfVFcw0
9ZQxg0jeEbZnhneMFYzWr2rXqev28IE30QBvG7L+gKdTQ3Sgx6zkZEugdKY6yK9P
Y4KnobQI33ksd1mG2w+2I3jp9Xy1NjUDIOCCTyGMWOhdF/O3G3gftVV/IOSrehna
md2J6Y6c/pJxBXc6Qsx58aAbbdV2gIGX6xtOZYM2JyBhmWwgQXNouVhvrSPptRg3
c4D8Karhu4/ssGIpcbuZHb+UX6yjvB/abnPyoOOPoauce1bd4KZo0f/SNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGOna5ZfPA/suaNaMklx7tKfGTxnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWTZkcmxsODhELXk1bzFveVNYSHUwcDhaUEdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLV8AAwQA
V3gkAwQAV3nZAwQBXn1kAwQAbc7yAwQAudqJMA0GCSqGSIb3DQEBCwUAA4IBAQAJ
uRq97Dmf+AMtOeGaCjzA42p7sk8kftqexi60sYUaOC50+6aOL1uSyjjTRLjId6jK
ZpYWfuf6cPFmDsTdTwkXJjboiW75brBFn+wHfk/O2oK1eXy3iQ0oqxNm4Urb714q
G0EDEQe/WAFBFt7GUUaMpmIilZO/X0PiTFe5XMWMgfNkxtEHb7OTabzpJe1nYrHq
07StRGio4GR3jQViJKDpKn1ViNsXa4BHPwsDp+2nZuKHEX7EWV/1ueg+cO9e78tm
RDsVf2jTHtBDOhE8b00E1C/oWB1dGFd7arDsOL1Z9xDh33Y7qfQway8c8XXnK9q9
+/3LrkyuuRxXFH0tJDoG
-----END CERTIFICATE-----
Generated at Tue Oct 29 09:23:25 2024 by rpki-client on console-ams.rpki-client.org