Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a9QtJXZo6VKDIFO5kD8x0pD8gnk.roa
File: a9QtJXZo6VKDIFO5kD8x0pD8gnk.roa (raw, json)
Hash identifier: s0BySiOkoXO7eQfDDLnEaCT+RlTfScJmlK4kdxvrCZc=
Subject key identifier: 6B:D4:2D:25:76:68:E9:52:83:20:53:B9:90:3F:31:D2:90:FC:82:79
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCFEE4F973AA1AC6627F6A9616F029
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a9QtJXZo6VKDIFO5kD8x0pD8gnk.roa
Signing time: Tue 02 Jan 2024 06:29:35 +0000
ROA not before: Tue 02 Jan 2024 06:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200785
IP address blocks: 93.123.84.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:20:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:fe:e4:f9:73:aa:1a:c6:62:7f:6a:96:16:f0:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6bd42d257668e952832053b9903f31d290fc8279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ad:08:23:b0:88:d0:56:c2:5e:c7:36:a5:23:
1f:8c:c1:3a:bf:52:3e:e2:68:49:5a:87:b7:21:e1:
09:2b:dd:2e:50:f8:22:8d:74:43:0e:1a:5a:7a:ef:
eb:46:55:5e:71:b0:03:44:50:70:35:e1:ad:47:13:
b7:ce:98:e8:29:0e:44:51:79:cf:1e:23:17:89:71:
28:44:a4:0e:cd:af:12:e4:6c:27:64:7d:09:1f:59:
19:35:41:91:a4:c7:04:9c:cf:73:bc:48:d5:69:e5:
11:c5:9b:25:1a:f7:c3:4e:94:9b:b6:26:a1:c9:71:
39:37:8f:aa:29:92:59:6e:28:12:c9:2f:00:fb:29:
57:04:a6:d1:dc:ab:47:34:08:bf:78:86:7e:20:37:
b4:1a:5a:2c:46:18:d2:2d:0d:c9:a3:c9:5e:99:25:
9c:67:3e:f5:ee:53:3e:9b:c8:52:1b:76:66:de:48:
d0:3b:e6:a7:80:66:fc:f9:5c:0a:22:33:9f:ae:fa:
27:0b:9f:77:1e:c1:92:22:5b:81:a9:a5:fe:a8:c6:
7e:88:0a:9f:b9:54:c3:65:54:2d:a4:0c:87:9b:18:
ec:60:2e:80:9c:6a:fe:0e:4e:e8:87:c8:d1:05:df:
79:07:f1:65:d6:4b:bf:6f:08:21:07:ed:a5:65:c3:
49:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D4:2D:25:76:68:E9:52:83:20:53:B9:90:3F:31:D2:90:FC:82:79
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/a9QtJXZo6VKDIFO5kD8x0pD8gnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.251.0/24
45.139.106.0/24
93.123.84.0/24
Signature Algorithm: sha256WithRSAEncryption
39:7e:e5:9d:c3:84:74:4d:94:6a:8a:a8:cf:9b:91:ca:ae:1b:
00:67:b3:8a:d4:4a:74:c6:c1:b6:77:b0:df:01:d4:b1:47:fe:
84:de:66:60:7e:8e:94:de:d6:7d:92:83:e1:3b:aa:2f:21:3b:
a4:5a:3a:61:71:a9:7c:c9:57:53:fe:9a:17:2b:39:c0:85:a3:
d0:7c:42:48:cd:93:5f:18:94:2e:da:c6:47:2a:9b:a8:9e:84:
bd:c7:52:ff:16:5a:94:5a:57:b1:ae:fd:25:e6:a8:a1:e6:d1:
6d:fc:26:9a:05:bf:6e:35:f2:dd:76:f4:6b:9b:22:65:d9:f3:
13:37:24:3a:1c:67:10:e9:6f:2c:ab:59:f9:99:2d:b0:25:54:
1f:58:8f:92:63:71:97:84:79:4c:50:12:72:43:c1:06:bf:70:
65:e2:e1:88:f0:3d:ce:ef:80:7d:d0:12:9d:f1:01:9a:f4:14:
7b:6d:fc:ea:6d:93:12:27:84:ba:5c:9d:43:8f:5f:67:57:3e:
67:c8:8c:3a:c7:b7:4f:05:51:23:ea:ea:fd:b1:94:9d:9d:ba:
e5:00:67:e1:60:59:e1:54:a4:64:25:40:20:79:0d:b1:83:16:
07:0e:2f:f1:4e:1e:c9:0c:f5:d5:7e:70:86:db:f9:75:89:b7:
08:3f:31:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzI3P7k+XOqGsZif2qWFvApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmQ0MmQyNTc2NjhlOTUyODMyMDUzYjk5MDNmMzFkMjkwZmM4Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a0II7CI0FbCXsc2pSMfjME6v1I+
4mhJWoe3IeEJK90uUPgijXRDDhpaeu/rRlVecbADRFBwNeGtRxO3zpjoKQ5EUXnP
HiMXiXEoRKQOza8S5GwnZH0JH1kZNUGRpMcEnM9zvEjVaeURxZslGvfDTpSbtiah
yXE5N4+qKZJZbigSyS8A+ylXBKbR3KtHNAi/eIZ+IDe0GlosRhjSLQ3Jo8lemSWc
Zz717lM+m8hSG3Zm3kjQO+angGb8+VwKIjOfrvonC593HsGSIluBqaX+qMZ+iAqf
uVTDZVQtpAyHmxjsYC6AnGr+Dk7oh8jRBd95B/Fl1ku/bwghB+2lZcNJhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGvULSV2aOlSgyBTuZA/MdKQ/IJ5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYTlRdEpYWm82VktESUZPNWtEOHgwcEQ4Z25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYX7AwQA
LYtqAwQAXXtUMA0GCSqGSIb3DQEBCwUAA4IBAQA5fuWdw4R0TZRqiqjPm5HKrhsA
Z7OK1Ep0xsG2d7DfAdSxR/6E3mZgfo6U3tZ9koPhO6ovITukWjphcal8yVdT/poX
KznAhaPQfEJIzZNfGJQu2sZHKpuonoS9x1L/FlqUWlexrv0l5qih5tFt/CaaBb9u
NfLddvRrmyJl2fMTNyQ6HGcQ6W8sq1n5mS2wJVQfWI+SY3GXhHlMUBJyQ8EGv3Bl
4uGI8D3O74B90BKd8QGa9BR7bfzqbZMSJ4S6XJ1Dj19nVz5nyIw6x7dPBVEj6ur9
sZSdnbrlAGfhYFnhVKRkJUAgeQ2xgxYHDi/xTh7JDPXVfnCG2/l1ibcIPzHh
-----END CERTIFICATE-----
Generated at Tue Sep 24 17:14:22 2024 by rpki-client on console-ams.rpki-client.org