Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YIXQzwk1bUr1A0kHrrrn5xy0CTs.roa
File: YIXQzwk1bUr1A0kHrrrn5xy0CTs.roa (raw, json)
Hash identifier: c4W4M2pwN0PK+vquBYrwc7xK3cmNQXUMEWwS80ESIb4=
Subject key identifier: 60:85:D0:CF:09:35:6D:4A:F5:03:49:07:AE:BA:E7:E7:1C:B4:09:3B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192AEB6A1D3A0CA55F2BB5029FB0FAD3D1A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YIXQzwk1bUr1A0kHrrrn5xy0CTs.roa
Signing time: Mon 21 Oct 2024 10:54:17 +0000
ROA not before: Mon 21 Oct 2024 10:54:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208287
IP address blocks: 45.90.89.0/24 maxlen: 24
82.115.211.0/24 maxlen: 24
185.222.160.0/24 maxlen: 24
185.222.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:50:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:b6:a1:d3:a0:ca:55:f2:bb:50:29:fb:0f:ad:3d:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 21 10:54:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6085d0cf09356d4af5034907aebae7e71cb4093b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fa:73:7b:e5:05:4f:81:db:62:6d:a7:c5:8c:
5d:1a:3b:6e:80:37:59:0d:b7:f8:36:26:f6:54:dc:
9c:1f:0e:40:80:0e:04:ca:69:ea:ca:2d:99:bf:e0:
9b:f7:bf:49:37:d6:6a:74:0a:7d:3a:db:b0:c6:d5:
26:10:4c:21:b0:f3:23:86:95:5e:96:50:15:fd:ea:
5b:67:80:97:b8:eb:54:09:38:ea:c4:6f:bd:75:1b:
e5:60:43:59:63:c8:34:0f:da:ab:94:ac:e6:99:89:
e5:4a:01:ff:8c:f7:df:20:32:14:bb:f1:64:a5:a3:
ab:b1:e3:65:a5:70:b2:80:66:e9:78:56:af:ba:8a:
46:63:37:8f:7a:9b:1c:0a:f7:85:c5:95:d2:4b:3c:
79:6f:aa:13:d3:b5:85:b9:ee:50:69:a6:ca:f1:cc:
88:fd:0d:29:84:b6:aa:8d:27:81:53:a6:65:1f:f8:
d4:28:7f:9b:80:7d:27:2a:87:e5:6e:22:0d:31:73:
61:64:65:81:89:25:a2:19:ca:ae:03:2f:b9:7f:3e:
71:08:84:6c:61:ce:dd:35:14:f7:62:bf:34:e6:f2:
f1:83:e8:9d:05:b8:2c:f7:6a:f1:02:82:87:fd:1b:
62:13:bc:20:d1:7f:21:6b:d6:ca:be:0a:f5:3d:32:
02:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:85:D0:CF:09:35:6D:4A:F5:03:49:07:AE:BA:E7:E7:1C:B4:09:3B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YIXQzwk1bUr1A0kHrrrn5xy0CTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.89.0/24
82.115.211.0/24
185.222.160.0/24
185.222.162.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:c2:ba:83:f6:78:e6:0b:58:3e:cf:d1:d9:43:4c:af:80:bf:
fc:31:24:2f:5f:06:63:0f:46:0e:c2:c4:82:4c:29:b9:69:19:
44:24:29:3a:20:b6:64:41:26:c5:5d:c3:04:90:5f:81:75:6f:
0b:53:30:49:83:85:a7:f8:48:f1:94:d9:0a:c1:53:fd:37:11:
19:7d:d3:b0:94:04:fb:cd:7f:80:93:e5:12:ac:71:4a:96:5b:
a5:d3:2d:09:69:ba:ac:13:0c:3e:29:a9:6b:bb:de:4f:91:de:
63:df:5b:c7:09:a7:ec:19:a0:63:fc:6a:4b:bc:4a:d2:82:af:
50:6d:e8:83:88:78:66:7f:cd:34:7e:ef:e8:7a:14:16:3d:d2:
3b:20:77:a1:16:b5:98:02:9c:5a:91:94:f3:18:1f:44:e4:5c:
3d:0a:e0:b4:34:80:51:19:6f:a5:47:d4:df:39:df:66:ee:3b:
6f:7b:2b:4d:95:4f:8c:c2:22:30:cf:cb:c8:55:e2:0a:b5:2a:
e6:6f:28:d8:db:9e:b9:6e:b2:49:8c:0c:1f:16:15:f9:04:5b:
fe:b5:db:09:1c:c1:67:2e:a6:14:f0:2a:e8:d3:7a:60:a7:7b:
fd:85:ed:bc:29:eb:e5:cb:9f:04:7c:d4:67:3e:05:4b:95:05:
e1:c7:6b:7c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZKutqHToMpV8rtQKfsPrT0aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIxMTA1NDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDg1ZDBjZjA5MzU2ZDRhZjUwMzQ5MDdhZWJhZTdlNzFjYjQwOTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvpze+UFT4HbYm2nxYxdGjtugDdZ
Dbf4Nib2VNycHw5AgA4Eymnqyi2Zv+Cb979JN9ZqdAp9OtuwxtUmEEwhsPMjhpVe
llAV/epbZ4CXuOtUCTjqxG+9dRvlYENZY8g0D9qrlKzmmYnlSgH/jPffIDIUu/Fk
paOrseNlpXCygGbpeFavuopGYzePepscCveFxZXSSzx5b6oT07WFue5QaabK8cyI
/Q0phLaqjSeBU6ZlH/jUKH+bgH0nKoflbiINMXNhZGWBiSWiGcquAy+5fz5xCIRs
Yc7dNRT3Yr805vLxg+idBbgs92rxAoKH/RtiE7wg0X8ha9bKvgr1PTIC9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGCF0M8JNW1K9QNJB6665+cctAk7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUlYUXp3azFiVXIxQTBrSHJycm41eHkwQ1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVpZAwQA
UnPTAwQAud6gAwQAud6iMA0GCSqGSIb3DQEBCwUAA4IBAQAfwrqD9njmC1g+z9HZ
Q0yvgL/8MSQvXwZjD0YOwsSCTCm5aRlEJCk6ILZkQSbFXcMEkF+BdW8LUzBJg4Wn
+EjxlNkKwVP9NxEZfdOwlAT7zX+Ak+USrHFKllul0y0JabqsEww+Kalru95Pkd5j
31vHCafsGaBj/GpLvErSgq9QbeiDiHhmf800fu/oehQWPdI7IHehFrWYApxakZTz
GB9E5Fw9CuC0NIBRGW+lR9TfOd9m7jtveytNlU+MwiIwz8vIVeIKtSrmbyjY2565
brJJjAwfFhX5BFv+tdsJHMFnLqYU8Cro03pgp3v9he28Kevly58EfNRnPgVLlQXh
x2t8
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:33:29 2025 by rpki-client