Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dB68Z7TB0WMDcABpTZt4I81YaUc.roa
File: dB68Z7TB0WMDcABpTZt4I81YaUc.roa (raw, json)
Hash identifier: SF0QwBJdCiA0viBnvKrO8+K9RBMidMJRix/a6CWehCc=
Subject key identifier: 74:1E:BC:67:B4:C1:D1:63:03:70:00:69:4D:9B:78:23:CD:58:69:47
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E80427F8D259306EE49A6AAAF22A9EFB6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dB68Z7TB0WMDcABpTZt4I81YaUc.roa
Signing time: Wed 27 Mar 2024 14:13:45 +0000
ROA not before: Wed 27 Mar 2024 14:13:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215240
IP address blocks: 45.8.92.0/24 maxlen: 24
93.123.39.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Apr 2024 12:39:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:80:42:7f:8d:25:93:06:ee:49:a6:aa:af:22:a9:ef:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 27 14:13:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=741ebc67b4c1d163037000694d9b7823cd586947
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:0e:93:f5:b9:5b:09:70:77:de:66:36:d9:
43:b5:5f:c0:11:bd:59:40:05:55:e1:ac:00:3c:b1:
f1:e2:f5:d1:9d:83:5d:e6:93:31:c4:0c:5d:ad:3e:
30:41:b9:88:2e:80:1b:b3:71:03:55:76:ec:f4:b0:
60:ab:b5:c4:06:8e:12:c4:48:f4:2d:b6:3a:f7:b2:
b0:57:4c:25:38:af:da:2b:76:a3:dd:12:9d:72:92:
a1:2e:24:63:64:d9:4a:13:99:3f:dd:8e:2e:73:0e:
93:c6:b6:36:5f:b4:c0:c4:cf:0f:d7:17:33:93:b3:
9a:51:97:e2:a7:80:d9:ad:10:94:30:13:40:12:44:
de:b4:9a:ef:3b:41:fe:09:4f:a8:d2:84:e9:53:0f:
55:0c:5e:13:54:ea:75:ad:fd:39:07:36:29:60:ed:
46:07:5c:af:d5:90:e9:14:1e:58:81:12:6f:19:16:
59:42:45:1f:cf:bd:9a:3e:d8:5f:c7:86:9c:88:42:
10:35:25:ab:17:d5:a0:af:72:73:a0:aa:1b:29:b0:
e0:7e:e7:2b:45:6b:d9:7d:f9:08:7a:d0:7d:84:fb:
6d:ce:6e:11:eb:7d:0c:de:31:34:1b:98:a6:cf:a0:
6b:fd:cd:b7:40:0e:00:ee:0b:83:2f:27:0b:d2:18:
aa:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:1E:BC:67:B4:C1:D1:63:03:70:00:69:4D:9B:78:23:CD:58:69:47
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/dB68Z7TB0WMDcABpTZt4I81YaUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.92.0/24
93.123.39.0/24
94.156.8.0/24
147.78.103.0/24
185.216.70.0/24
Signature Algorithm: sha256WithRSAEncryption
11:1c:f6:2e:eb:9a:e9:7e:92:14:bd:64:c5:ac:21:8d:1d:42:
63:07:ee:44:ad:f4:c0:40:32:6a:9f:c0:02:1f:ee:a7:0f:b4:
c6:1b:7f:ad:7c:2e:18:1f:8f:eb:92:a4:93:13:f8:39:6c:9d:
c7:2f:f2:6d:06:40:c2:9e:49:be:5b:f8:33:a3:97:1f:af:f7:
ed:be:50:3e:b5:45:be:8a:07:2a:6a:f6:14:da:8b:4d:c6:db:
71:6d:88:dc:07:2f:81:57:a2:09:0e:03:9e:99:6a:f5:ff:20:
d8:d1:32:dc:76:30:f7:5b:f0:eb:c9:c2:8a:df:d0:ba:a3:b6:
46:ff:ed:2a:09:82:4c:0d:3c:83:f4:88:d7:24:a8:2a:d2:a4:
68:9f:1b:ae:a6:f7:2d:3a:f6:d4:b8:52:c5:72:6e:46:c2:0c:
ba:71:04:fb:e7:60:ef:dd:27:2e:b5:89:f9:68:dd:dc:6f:67:
0d:91:14:67:19:ec:0f:7d:c8:4b:47:63:33:63:b7:cd:13:cf:
02:f5:f3:fe:3d:f4:1e:36:8b:4a:3a:a8:8d:8a:55:1d:45:40:
a3:98:bc:12:65:9a:12:14:86:ba:69:93:61:01:a4:28:41:4b:
8f:40:cd:7e:3c:bd:60:1e:55:0c:9b:cd:62:bb:08:82:d0:99:
bf:a5:44:93
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6AQn+NJZMG7kmmqq8iqe+2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzI3MTQxMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDFlYmM2N2I0YzFkMTYzMDM3MDAwNjk0ZDliNzgyM2NkNTg2OTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllAOk/W5Wwlwd95mNtlDtV/AEb1Z
QAVV4awAPLHx4vXRnYNd5pMxxAxdrT4wQbmILoAbs3EDVXbs9LBgq7XEBo4SxEj0
LbY697KwV0wlOK/aK3aj3RKdcpKhLiRjZNlKE5k/3Y4ucw6TxrY2X7TAxM8P1xcz
k7OaUZfip4DZrRCUMBNAEkTetJrvO0H+CU+o0oTpUw9VDF4TVOp1rf05BzYpYO1G
B1yv1ZDpFB5YgRJvGRZZQkUfz72aPthfx4aciEIQNSWrF9Wgr3JzoKobKbDgfucr
RWvZffkIetB9hPttzm4R630M3jE0G5imz6Br/c23QA4A7guDLycL0hiq6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHQevGe0wdFjA3AAaU2beCPNWGlHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZEI2OFo3VEIwV01EY0FCcFRadDRJODFZYVVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQhcAwQA
XXsnAwQAXpwIAwQAk05nAwQAudhGMA0GCSqGSIb3DQEBCwUAA4IBAQARHPYu65rp
fpIUvWTFrCGNHUJjB+5ErfTAQDJqn8ACH+6nD7TGG3+tfC4YH4/rkqSTE/g5bJ3H
L/JtBkDCnkm+W/gzo5cfr/ftvlA+tUW+igcqavYU2otNxttxbYjcBy+BV6IJDgOe
mWr1/yDY0TLcdjD3W/DrycKK39C6o7ZG/+0qCYJMDTyD9IjXJKgq0qRonxuupvct
OvbUuFLFcm5Gwgy6cQT752Dv3ScutYn5aN3cb2cNkRRnGewPfchLR2MzY7fNE88C
9fP+PfQeNotKOqiNilUdRUCjmLwSZZoSFIa6aZNhAaQoQUuPQM1+PL1gHlUMm81i
uwiC0Jm/pUST
-----END CERTIFICATE-----
Generated at Thu Apr 4 17:26:15 2024 by rpki-client on console-ams.rpki-client.org