Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_7itmDBLdhZY-_Yhwl57YN9-2E8.roa
File: _7itmDBLdhZY-_Yhwl57YN9-2E8.roa (raw, json)
Hash identifier: AGAh58MgoUAprHGHiTW8LAjbUzfupiHsR63Q58y2Jf4=
Subject key identifier: FF:B8:AD:98:30:4B:76:16:58:FB:F6:21:C2:5E:7B:60:DF:7E:D8:4F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BD7581B3F5CE2EC6D09F50FBF9519B856
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_7itmDBLdhZY-_Yhwl57YN9-2E8.roa
Signing time: Thu 16 Nov 2023 08:55:57 +0000
ROA not before: Thu 16 Nov 2023 08:55:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49581
IP address blocks: 185.216.71.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Nov 2023 09:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:58:1b:3f:5c:e2:ec:6d:09:f5:0f:bf:95:19:b8:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 16 08:55:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ffb8ad98304b761658fbf621c25e7b60df7ed84f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:dd:6d:ed:31:ee:65:f8:90:9e:af:cb:38:8b:
88:8c:bc:82:7e:4f:ca:75:9f:78:8c:0f:90:b2:f0:
42:1e:84:57:18:7d:89:e3:f1:9f:d4:56:22:d3:f2:
b3:dc:1d:2c:e2:4d:b2:5b:37:d8:69:42:59:49:73:
fc:0c:5d:13:c3:32:da:33:20:14:12:7b:e9:d1:97:
af:2b:26:50:d5:0a:af:e4:24:09:15:a6:5a:ab:9a:
18:5e:50:a6:3a:f6:f2:f1:7c:b8:cb:3e:82:cc:12:
7b:ff:a9:d3:6a:08:ab:52:e0:0c:31:85:6a:9f:a4:
0e:b8:b0:e7:49:49:b8:5d:3f:56:38:5b:c9:99:3a:
42:00:53:6b:35:33:26:ae:34:2f:48:8c:d7:b1:08:
7e:7d:d0:bb:e9:b6:cc:21:a3:6e:49:0d:9d:45:0c:
dd:07:b5:4e:bf:9d:70:a0:d0:e5:bf:39:cb:93:40:
5e:99:bb:0c:75:8c:fb:8f:8f:e6:ae:72:7e:9c:4f:
f3:b8:85:e4:61:18:2d:b0:18:6a:fe:2c:54:f5:27:
4b:be:0d:a8:24:4d:63:e0:42:1c:5a:9f:08:3a:ee:
35:a8:15:40:82:e6:09:b9:b0:0e:fa:3b:e2:ec:9f:
30:c9:c8:d4:f7:cb:ee:2b:34:75:c9:69:e9:47:d8:
e4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:B8:AD:98:30:4B:76:16:58:FB:F6:21:C2:5E:7B:60:DF:7E:D8:4F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_7itmDBLdhZY-_Yhwl57YN9-2E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
141.98.7.0/24
185.216.71.0/24
Signature Algorithm: sha256WithRSAEncryption
25:50:5e:77:15:31:70:ac:66:fe:ad:46:a0:79:17:6b:fe:8b:
d4:15:92:7f:d6:49:db:ed:20:ab:53:ce:bf:cb:55:50:80:e0:
96:9b:7e:4a:40:94:3f:df:60:3e:f1:ca:ca:26:41:01:37:72:
0b:58:d8:8e:63:01:d1:77:df:38:7f:77:c0:03:41:68:4a:30:
54:a7:d8:d4:9d:08:1f:c3:15:ff:01:df:f6:ab:eb:51:7f:78:
13:a4:3b:39:90:c7:f5:91:5f:09:4e:1b:2f:6e:d5:3f:4a:d9:
d4:bd:e8:98:7b:76:21:18:d4:d0:20:75:ef:4b:4d:bf:df:1b:
50:83:4e:1a:ac:c9:7a:de:07:2c:8a:6e:c5:c2:23:32:72:45:
3e:c9:f8:81:6f:32:84:47:b9:70:1f:29:04:0e:55:29:93:00:
9a:a3:d4:1a:de:7e:2c:9b:92:1e:9d:ba:2f:22:f4:72:d9:e7:
bc:a1:7a:5b:4c:a6:91:24:0d:6e:b4:c0:90:2c:f9:56:d8:80:
6a:9b:5e:5d:f4:81:80:ff:ca:c6:3e:c8:0b:f6:15:27:6e:fd:
a4:22:40:86:24:e0:90:e2:ec:50:e4:a9:0e:3a:8d:0d:10:70:
27:8e:af:0c:40:54:ee:a2:53:4f:4d:60:2f:40:bb:a3:ef:e6:
59:63:f7:91
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYvXWBs/XOLsbQn1D7+VGbhWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTE2MDg1NTU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmI4YWQ5ODMwNGI3NjE2NThmYmY2MjFjMjVlN2I2MGRmN2VkODRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt1t7THuZfiQnq/LOIuIjLyCfk/K
dZ94jA+QsvBCHoRXGH2J4/Gf1FYi0/Kz3B0s4k2yWzfYaUJZSXP8DF0TwzLaMyAU
Envp0ZevKyZQ1Qqv5CQJFaZaq5oYXlCmOvby8Xy4yz6CzBJ7/6nTagirUuAMMYVq
n6QOuLDnSUm4XT9WOFvJmTpCAFNrNTMmrjQvSIzXsQh+fdC76bbMIaNuSQ2dRQzd
B7VOv51woNDlvznLk0BembsMdYz7j4/mrnJ+nE/zuIXkYRgtsBhq/ixU9SdLvg2o
JE1j4EIcWp8IOu41qBVAguYJubAO+jvi7J8wycjU98vuKzR1yWnpR9jkvwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP+4rZgwS3YWWPv2IcJee2DffthPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvXzdpdG1EQkxkaFpZLV9ZaHdsNTdZTjktMkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVhaAwQA
jWIHAwQAudhHMA0GCSqGSIb3DQEBCwUAA4IBAQAlUF53FTFwrGb+rUageRdr/ovU
FZJ/1knb7SCrU86/y1VQgOCWm35KQJQ/32A+8crKJkEBN3ILWNiOYwHRd984f3fA
A0FoSjBUp9jUnQgfwxX/Ad/2q+tRf3gTpDs5kMf1kV8JThsvbtU/StnUveiYe3Yh
GNTQIHXvS02/3xtQg04arMl63gcsim7FwiMyckU+yfiBbzKER7lwHykEDlUpkwCa
o9Qa3n4sm5IenbovIvRy2ee8oXpbTKaRJA1utMCQLPlW2IBqm15d9IGA/8rGPsgL
9hUnbv2kIkCGJOCQ4uxQ5KkOOo0NEHAnjq8MQFTuolNPTWAvQLuj7+ZZY/eR
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:36 2024 by rpki-client on console-ams.rpki-client.org