Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YCkiMWYpdMoc1LiYr-biKBFqw0g.roa
File: YCkiMWYpdMoc1LiYr-biKBFqw0g.roa (raw, json)
Hash identifier: EM2e3aM+uZK95cmYw6F6OaufbclXWnV8BqtFJw2kVAI=
Subject key identifier: 60:29:22:31:66:29:74:CA:1C:D4:B8:98:AF:E6:E2:28:11:6A:C3:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D0C43C8C7AAF2169834895C22208092AA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YCkiMWYpdMoc1LiYr-biKBFqw0g.roa
Signing time: Mon 15 Jan 2024 08:36:25 +0000
ROA not before: Mon 15 Jan 2024 08:36:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206003
IP address blocks: 171.22.31.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 15:39:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:43:c8:c7:aa:f2:16:98:34:89:5c:22:20:80:92:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 15 08:36:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=60292231662974ca1cd4b898afe6e228116ac348
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:23:66:c0:03:04:fc:de:3a:87:71:09:c3:f4:
8f:e4:77:98:43:c9:bf:eb:2a:fd:67:40:b2:ed:2a:
f0:f1:d1:d4:04:22:6c:4e:7d:f9:16:e0:b8:eb:4b:
3b:22:2c:c1:a1:03:46:5d:d2:5b:ff:e1:23:5c:f2:
20:06:33:41:2a:39:8c:1c:15:ed:1d:f6:2a:47:09:
ef:49:8f:05:3a:e3:e4:8b:13:87:02:1a:a1:6b:b2:
ab:bc:82:3b:36:c5:d3:f5:f4:28:84:d7:19:14:d5:
1b:79:d4:09:1e:a4:8a:24:0c:c2:f3:1d:da:98:49:
d6:68:d1:bd:b3:ea:c2:d9:ad:3b:1e:2d:e3:77:a8:
5d:09:2c:50:1e:d4:1c:23:46:b4:89:29:dd:54:a3:
37:48:b4:3a:8b:de:49:37:45:6e:f9:b6:2d:4c:b4:
f2:4b:93:c2:9b:c4:25:37:8b:62:15:77:02:f2:53:
ca:4d:86:d4:de:aa:cf:04:af:99:4e:eb:13:77:86:
2d:b9:02:58:61:0e:d5:e6:1f:08:96:27:e4:f7:54:
33:71:56:78:78:32:65:74:16:c9:9b:b7:72:83:03:
7b:ce:c9:cc:69:e3:21:70:d1:10:ff:47:e7:6f:59:
5b:53:c6:6b:33:ca:9b:96:6c:1b:92:20:7f:26:af:
77:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:29:22:31:66:29:74:CA:1C:D4:B8:98:AF:E6:E2:28:11:6A:C3:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YCkiMWYpdMoc1LiYr-biKBFqw0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
94.156.248.0/24
171.22.17.0/24
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:66:d9:93:39:b6:82:6c:15:f6:40:84:a2:e0:95:c1:22:27:
d0:cf:00:fb:81:43:14:c1:76:4e:39:80:9b:47:76:43:c9:b1:
10:d5:64:13:ae:e3:89:73:3f:0d:c1:26:b7:82:aa:da:1f:f7:
2b:ec:dc:d4:40:04:09:3b:97:a1:35:8c:56:14:b3:c6:3d:32:
80:86:d7:34:cf:1c:c8:6a:b5:73:80:cb:b9:ae:02:6f:b9:ac:
02:09:49:7e:07:b5:72:4d:ef:77:54:1e:00:ea:e1:21:bd:00:
b8:85:56:3e:88:5a:08:52:d5:e2:21:b5:6b:29:15:31:b7:70:
24:18:6f:34:6b:bd:5f:99:26:be:57:92:cf:e2:2c:f4:1f:2c:
c9:91:b6:9e:53:41:96:49:81:a8:7d:eb:52:99:8f:f2:84:53:
81:af:ab:0f:44:58:2c:17:06:e4:9c:69:7d:41:42:d7:1e:23:
9e:af:b0:be:59:9a:54:cf:01:a0:e5:cf:cf:5f:de:75:03:0d:
d1:a9:31:1d:83:1f:b0:a9:e2:20:33:81:2f:31:0e:de:30:db:
75:a8:34:83:00:89:62:17:a1:c9:fc:b2:ed:0f:3a:1e:d7:ae:
4b:99:bf:45:5a:5e:1e:de:74:b0:49:42:4f:d5:70:f6:97:48:
f0:4d:8b:c7
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY0MQ8jHqvIWmDSJXCIggJKqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE1MDgzNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDI5MjIzMTY2Mjk3NGNhMWNkNGI4OThhZmU2ZTIyODExNmFjMzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yNmwAME/N46h3EJw/SP5HeYQ8m/
6yr9Z0Cy7Srw8dHUBCJsTn35FuC460s7IizBoQNGXdJb/+EjXPIgBjNBKjmMHBXt
HfYqRwnvSY8FOuPkixOHAhqha7KrvII7NsXT9fQohNcZFNUbedQJHqSKJAzC8x3a
mEnWaNG9s+rC2a07Hi3jd6hdCSxQHtQcI0a0iSndVKM3SLQ6i95JN0Vu+bYtTLTy
S5PCm8QlN4tiFXcC8lPKTYbU3qrPBK+ZTusTd4YtuQJYYQ7V5h8Ilifk91QzcVZ4
eDJldBbJm7dygwN7zsnMaeMhcNEQ/0fnb1lbU8ZrM8qblmwbkiB/Jq93kwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGApIjFmKXTKHNS4mK/m4igRasNIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUNraU1XWXBkTW9jMUxpWXItYmlLQkZxdzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJYuCAwQA
LYFUAwQALY2eAwQAT249AwQAUaHvAwQBV3l8AwQAV3miAwQCW8jAAwQAXpz4AwQA
qxYRAwQAqxYfAwQAwRnYAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQA7ZtmTObaC
bBX2QISi4JXBIifQzwD7gUMUwXZOOYCbR3ZDybEQ1WQTruOJcz8NwSa3gqraH/cr
7NzUQAQJO5ehNYxWFLPGPTKAhtc0zxzIarVzgMu5rgJvuawCCUl+B7VyTe93VB4A
6uEhvQC4hVY+iFoIUtXiIbVrKRUxt3AkGG80a71fmSa+V5LP4iz0HyzJkbaeU0GW
SYGofetSmY/yhFOBr6sPRFgsFwbknGl9QULXHiOer7C+WZpUzwGg5c/PX951Aw3R
qTEdgx+wqeIgM4EvMQ7eMNt1qDSDAIliF6HJ/LLtDzoe165Lmb9FWl4e3nSwSUJP
1XD2l0jwTYvH
-----END CERTIFICATE-----
Generated at Mon Jan 15 20:13:14 2024 by rpki-client on console-ams.rpki-client.org