Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e50bKEky8oyR-TEa6RlBtRn0rpk.roa
File: e50bKEky8oyR-TEa6RlBtRn0rpk.roa (raw, json)
Hash identifier: 6tT7fMfdnow19sskUePDJRwDmfHuoK+43fkOcY2B7U4=
Subject key identifier: 7B:9D:1B:28:49:32:F2:8C:91:F9:31:1A:E9:19:41:B5:19:F4:AE:99
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018FBD77004BD0AA73B2AE2BF936AF7001A6
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e50bKEky8oyR-TEa6RlBtRn0rpk.roa
Signing time: Tue 28 May 2024 04:30:43 +0000
ROA not before: Tue 28 May 2024 04:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jun 2024 00:13:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:77:00:4b:d0:aa:73:b2:ae:2b:f9:36:af:70:01:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 28 04:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b9d1b284932f28c91f9311ae91941b519f4ae99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b1:1d:20:91:0b:9a:f5:e5:3f:1a:ed:e0:8b:
80:dc:7f:be:b3:18:b9:dd:56:b5:4e:d6:e8:74:2b:
0b:7a:e7:77:bb:49:77:3d:57:fa:39:db:0c:17:41:
2b:31:fe:cc:f8:67:45:4d:98:f6:dd:18:96:65:fa:
4a:29:06:3e:13:3f:2e:08:86:68:6a:6a:00:bc:c7:
c7:de:8f:5b:0c:e0:f6:c1:8e:c3:43:73:7e:c1:03:
33:ad:6b:22:ec:8d:8c:b6:ec:44:c1:d0:3b:a5:28:
c0:eb:75:a4:ef:6e:13:c2:a8:eb:1f:02:8a:d6:e8:
cd:43:87:c6:f4:70:a5:01:6f:84:0a:f7:76:a5:a5:
59:75:e1:c7:c1:8d:1f:91:ab:f1:b3:e1:db:81:fa:
da:55:07:17:36:0b:93:34:92:18:56:65:57:65:07:
29:bf:28:0a:b7:53:f2:12:c1:d1:3d:a5:3d:f9:64:
a9:cc:b4:cc:20:c9:da:41:6b:84:0a:fb:c3:06:da:
25:c9:bb:b5:9d:ef:eb:16:f9:eb:92:f0:45:f8:62:
17:f0:77:97:7c:b8:4a:43:c7:72:e8:12:6e:5b:9b:
02:be:1e:72:71:7c:c8:79:10:62:8e:12:3b:5e:50:
39:ea:c9:40:22:94:fa:72:20:77:6c:35:fb:23:c4:
e5:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:9D:1B:28:49:32:F2:8C:91:F9:31:1A:E9:19:41:B5:19:F4:AE:99
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/e50bKEky8oyR-TEa6RlBtRn0rpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.74.0/23
93.123.116.0/24
94.156.14.0/24
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a4:17:bd:6a:29:e9:fd:c1:d7:71:38:84:22:36:d5:3a:10:
8c:4f:a3:ea:6b:17:97:8f:7e:f0:9e:d6:60:c0:63:0c:87:9d:
cf:2c:7b:23:76:92:f3:e2:21:2a:0b:61:77:d4:1b:92:4e:0b:
2d:5e:a3:32:e5:05:13:82:03:35:09:ee:c7:da:9a:31:96:08:
95:28:c7:a3:47:5d:ca:99:8b:36:4e:a7:1e:63:6c:8b:2c:6c:
c5:0a:42:b0:85:64:39:52:16:ed:50:7c:48:ec:8b:c5:88:11:
40:93:c3:28:b2:21:77:07:ec:a9:ab:59:32:da:a2:fe:a8:0f:
2e:91:db:db:db:42:e7:d4:07:da:81:65:af:91:25:4c:de:25:
a6:fe:72:5d:7b:73:ea:4e:33:70:f1:a0:3c:8d:c3:25:cc:7f:
bb:75:f3:b1:8b:40:a5:1e:34:9a:4a:3f:db:8c:0b:cb:6f:34:
7d:e4:a3:02:11:47:92:fd:7a:59:48:09:af:59:7e:e2:f7:8d:
4c:59:9a:67:f6:b7:9a:a9:1d:ac:fd:56:8c:d6:87:42:21:d1:
3c:46:75:c1:32:40:ce:66:04:06:0b:6b:65:a8:fe:b1:d1:ce:
05:7b:9a:54:b0:53:4b:45:28:01:3f:64:48:d7:88:e5:71:c8:
fb:1a:33:80
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+9dwBL0Kpzsq4r+TavcAGmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTI4MDQzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjlkMWIyODQ5MzJmMjhjOTFmOTMxMWFlOTE5NDFiNTE5ZjRhZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbEdIJELmvXlPxrt4IuA3H++sxi5
3Va1TtbodCsLeud3u0l3PVf6OdsMF0ErMf7M+GdFTZj23RiWZfpKKQY+Ez8uCIZo
amoAvMfH3o9bDOD2wY7DQ3N+wQMzrWsi7I2MtuxEwdA7pSjA63Wk724TwqjrHwKK
1ujNQ4fG9HClAW+ECvd2paVZdeHHwY0fkavxs+HbgfraVQcXNguTNJIYVmVXZQcp
vygKt1PyEsHRPaU9+WSpzLTMIMnaQWuECvvDBtolybu1ne/rFvnrkvBF+GIX8HeX
fLhKQ8dy6BJuW5sCvh5ycXzIeRBijhI7XlA56slAIpT6ciB3bDX7I8TlCQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHudGyhJMvKMkfkxGukZQbUZ9K6ZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZTUwYktFa3k4b3lSLVRFYTZSbEJ0Um4wcnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZXwAwQA
V3hEAwQAV3kuAwQBXXtKAwQAXXt0AwQAXpwOAwQAudqIMA0GCSqGSIb3DQEBCwUA
A4IBAQB0pBe9ainp/cHXcTiEIjbVOhCMT6PqaxeXj37wntZgwGMMh53PLHsjdpLz
4iEqC2F31BuSTgstXqMy5QUTggM1Ce7H2poxlgiVKMejR13KmYs2TqceY2yLLGzF
CkKwhWQ5UhbtUHxI7IvFiBFAk8MosiF3B+ypq1ky2qL+qA8ukdvb20Ln1AfagWWv
kSVM3iWm/nJde3PqTjNw8aA8jcMlzH+7dfOxi0ClHjSaSj/bjAvLbzR95KMCEUeS
/XpZSAmvWX7i941MWZpn9reaqR2s/VaM1odCIdE8RnXBMkDOZgQGC2tlqP6x0c4F
e5pUsFNLRSgBP2RI14jlccj7GjOA
-----END CERTIFICATE-----
Generated at Fri Jun 28 02:14:11 2024 by rpki-client on console-fra.rpki-client.org