Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erEK1f9N67o6BrATogMkHCb8qpo.roa
File: erEK1f9N67o6BrATogMkHCb8qpo.roa (raw, json)
Hash identifier: as/9cjaY0PhjXuEUIRhrmn7SxYsuM8guMpMhXNRAzsY=
Subject key identifier: 7A:B1:0A:D5:FF:4D:EB:BA:3A:06:B0:13:A2:03:24:1C:26:FC:AA:9A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F4536998775F155EFFEBED328F93E1666
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erEK1f9N67o6BrATogMkHCb8qpo.roa
Signing time: Sat 04 May 2024 20:05:57 +0000
ROA not before: Sat 04 May 2024 20:05:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60539
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/24 maxlen: 24
87.121.125.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 08 Oct 2024 13:56:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:45:36:99:87:75:f1:55:ef:fe:be:d3:28:f9:3e:16:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 4 20:05:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ab10ad5ff4debba3a06b013a203241c26fcaa9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:66:db:2a:c7:93:6e:6a:76:f1:82:01:5d:32:
b8:f8:7a:a5:ee:81:1d:79:ac:07:82:07:1f:e6:d1:
af:f6:00:75:81:42:cb:f6:1f:f4:8e:0e:fc:f0:af:
af:e5:12:eb:95:69:89:5e:c9:5c:98:26:ec:71:74:
f8:bd:ca:6f:86:1c:c0:07:d3:b3:2e:95:cf:83:63:
39:0f:ee:25:a3:b9:43:b9:cb:3b:6f:99:e0:07:28:
fd:ed:b7:e5:94:ff:59:ad:93:2c:77:17:1d:39:ab:
5e:ea:3d:18:23:fe:4e:82:8c:ec:d8:aa:d6:20:49:
5e:32:d7:97:e3:82:b2:ac:4e:24:50:ab:93:20:4f:
d9:df:e5:48:25:fa:88:d6:5a:d6:09:4f:77:de:65:
bd:83:32:1a:49:29:7c:6f:5d:5b:08:0c:2a:87:7d:
70:9d:17:f2:c1:52:08:a7:36:15:8e:e3:25:23:1b:
07:99:aa:33:02:e4:71:1b:cd:56:8c:57:80:24:8c:
78:f9:87:2f:bf:ed:13:b3:40:95:09:7f:9c:f0:ee:
c3:3a:d6:77:a7:3b:79:7b:79:89:60:4b:f6:2b:d7:
f3:5c:e5:ff:47:a9:ad:7f:db:8e:7a:a1:2d:8a:fb:
2a:98:c6:10:bb:5d:70:0b:93:b4:e5:91:a0:0d:03:
11:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B1:0A:D5:FF:4D:EB:BA:3A:06:B0:13:A2:03:24:1C:26:FC:AA:9A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erEK1f9N67o6BrATogMkHCb8qpo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
147.78.100.0/24
Signature Algorithm: sha256WithRSAEncryption
75:2d:d4:c1:0b:3c:0e:fc:f0:7a:4f:f5:31:0f:df:dd:f2:08:
98:d9:c6:d9:1c:8f:aa:e6:a2:4c:fa:9e:39:9d:b4:a4:35:21:
26:3a:f6:83:a1:38:e2:0c:02:ef:b4:f6:e2:3a:59:2b:a5:cd:
82:31:0e:3f:fe:05:b0:33:7c:4f:2f:ec:11:cf:88:d7:87:77:
40:3f:d1:5a:c8:13:e9:a3:e0:e6:63:6a:86:5c:09:20:8b:bd:
d9:b3:bd:e8:d5:4e:c5:ac:f9:36:f1:67:9a:98:1a:7c:70:06:
aa:a9:96:62:60:04:1e:89:ef:85:68:2e:37:0b:90:71:b2:12:
0b:09:e0:f7:be:f5:4b:2d:f8:fc:72:d2:8a:fb:de:c3:33:29:
2d:91:a8:d1:5e:b1:5f:6d:60:24:4b:67:7e:d7:a0:d7:69:93:
b1:93:40:df:11:d4:a8:57:8b:69:bd:46:cb:ee:c0:e1:09:5d:
1c:3c:a6:91:d7:e8:f7:e8:68:ea:a4:28:31:12:fb:92:14:34:
dd:a0:14:ff:99:f1:7f:55:8c:3f:e6:5f:2a:a2:ca:a4:9b:bb:
3a:e0:2d:a5:ad:cb:ef:ff:39:61:bc:4e:1c:f4:2f:c7:55:37:
4b:9e:71:92:a1:58:57:33:54:2f:21:04:8e:66:48:d0:df:84:
c2:48:7f:17
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9FNpmHdfFV7/6+0yj5PhZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNTA0MjAwNTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWIxMGFkNWZmNGRlYmJhM2EwNmIwMTNhMjAzMjQxYzI2ZmNhYTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4WbbKseTbmp28YIBXTK4+Hql7oEd
eawHggcf5tGv9gB1gULL9h/0jg788K+v5RLrlWmJXslcmCbscXT4vcpvhhzAB9Oz
LpXPg2M5D+4lo7lDucs7b5ngByj97bfllP9ZrZMsdxcdOate6j0YI/5Ogozs2KrW
IEleMteX44KyrE4kUKuTIE/Z3+VIJfqI1lrWCU933mW9gzIaSSl8b11bCAwqh31w
nRfywVIIpzYVjuMlIxsHmaozAuRxG81WjFeAJIx4+Ycvv+0Ts0CVCX+c8O7DOtZ3
pzt5e3mJYEv2K9fzXOX/R6mtf9uOeqEtivsqmMYQu11wC5O05ZGgDQMRuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHqxCtX/Teu6OgawE6IDJBwm/KqaMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZXJFSzFmOU42N282QnJBVG9nTWtIQ2I4cXBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY2eAwQB
V3l8AwQAV3miAwQAk05kMA0GCSqGSIb3DQEBCwUAA4IBAQB1LdTBCzwO/PB6T/Ux
D9/d8giY2cbZHI+q5qJM+p45nbSkNSEmOvaDoTjiDALvtPbiOlkrpc2CMQ4//gWw
M3xPL+wRz4jXh3dAP9FayBPpo+DmY2qGXAkgi73Zs73o1U7FrPk28WeamBp8cAaq
qZZiYAQeie+FaC43C5BxshILCeD3vvVLLfj8ctKK+97DMyktkajRXrFfbWAkS2d+
16DXaZOxk0DfEdSoV4tpvUbL7sDhCV0cPKaR1+j36GjqpCgxEvuSFDTdoBT/mfF/
VYw/5l8qosqkm7s64C2lrcvv/zlhvE4c9C/HVTdLnnGSoVhXM1QvIQSOZkjQ34TC
SH8X
-----END CERTIFICATE-----
Generated at Tue Oct 8 17:14:55 2024 by rpki-client on console-fra.rpki-client.org