Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f4kwwf_mXEseWIf7xpk3M5ubW3I.roa
File: f4kwwf_mXEseWIf7xpk3M5ubW3I.roa (raw, json)
Hash identifier: tadi0mAo5quUm0O1yQO0sFlswmslJfLsxLCmZYvvppg=
Subject key identifier: 7F:89:30:C1:FF:E6:5C:4B:1E:58:87:FB:C6:99:37:33:9B:9B:5B:72
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCEDA6DEA0034B55412CEDF0A4C6D4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f4kwwf_mXEseWIf7xpk3M5ubW3I.roa
Signing time: Tue 02 Jan 2024 06:29:31 +0000
ROA not before: Tue 02 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50738
IP address blocks: 87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 08:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:ed:a6:de:a0:03:4b:55:41:2c:ed:f0:a4:c6:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f8930c1ffe65c4b1e5887fbc69937339b9b5b72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:aa:c4:f7:2d:5e:61:9c:10:96:8b:21:45:8a:
a6:40:b6:ea:9d:a4:d2:2d:cb:c0:1b:c7:ad:9d:4a:
65:a9:47:c0:55:8e:16:12:3b:b5:59:3c:1c:11:d4:
6c:e4:b9:0c:9b:70:72:b3:01:b3:26:6f:6f:8e:ac:
52:28:c5:a0:9e:d2:90:ec:f5:a4:9d:15:00:60:7c:
9c:3e:a1:aa:a5:fd:36:3e:18:ca:5a:ac:58:f3:43:
8a:1c:9a:99:0a:1a:fd:d1:d2:04:d2:6c:1c:5f:75:
d8:1c:1c:5a:6e:8b:6b:32:fa:44:a6:78:0c:ee:70:
43:4f:33:bf:a1:79:9c:27:15:01:df:e2:d9:d6:30:
df:19:f2:1d:63:b3:ee:d3:ba:38:5d:4b:c1:ec:97:
54:e0:4a:75:af:cc:03:fe:57:c3:64:f7:11:fb:6b:
31:39:b8:73:11:ae:1a:0e:99:08:1b:29:8d:44:25:
88:d2:32:ad:7c:bd:e9:11:0e:6f:87:38:5a:9d:84:
2c:b4:01:af:c5:7a:ec:42:60:44:d3:64:97:59:1b:
bd:ba:51:46:c8:fa:5d:ea:5e:81:e8:5b:ce:f5:43:
71:96:6d:51:ef:51:4c:bc:4a:45:b4:0d:e9:85:15:
13:a8:c1:5a:24:fb:cc:2f:a3:f7:ca:7c:cc:1c:0d:
a7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:89:30:C1:FF:E6:5C:4B:1E:58:87:FB:C6:99:37:33:9B:9B:5B:72
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f4kwwf_mXEseWIf7xpk3M5ubW3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
94.156.248.0/24
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:e0:4d:71:75:53:6d:77:35:dd:e1:00:af:29:83:d5:48:b0:
9d:56:38:8c:49:b7:0b:70:d6:9a:0e:47:31:cb:6a:dc:ed:74:
60:0e:79:ec:36:d4:4c:71:b0:60:66:d8:0c:09:b5:70:f2:21:
96:4a:90:a9:ab:8a:6b:18:0c:53:2c:b3:0c:57:91:1b:30:09:
86:95:46:8b:c1:2f:3a:61:a3:47:7d:ea:14:16:7e:61:10:80:
0f:fd:68:c7:6d:20:c5:5b:1e:a3:23:d1:51:ad:52:aa:80:58:
b4:66:b2:f9:bc:8a:5d:3e:fe:5a:a6:9b:3b:f4:11:a5:50:4f:
92:90:bd:34:9c:5f:13:aa:f7:db:12:29:07:83:c9:0a:07:df:
4f:45:d8:f4:25:37:d6:e7:7f:4c:b0:59:d2:e6:b2:d7:c7:9f:
fa:5f:9e:6b:43:81:04:bf:0b:07:df:9c:19:bd:6c:da:27:9b:
68:5c:d8:33:65:96:e9:54:5f:87:54:2d:60:da:e7:ea:d8:29:
0f:2f:31:45:f7:7f:d2:74:73:7c:0d:ce:14:27:3c:e5:8b:f4:
10:ca:ed:80:75:fd:9a:b5:77:a8:7f:91:62:7b:0f:a9:18:76:
e2:de:2f:2a:6b:b5:91:6f:fb:0a:b0:a4:e2:29:4f:2f:1f:87:
09:4f:8f:4a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYzI3O2m3qADS1VBLO3wpMbUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Zjg5MzBjMWZmZTY1YzRiMWU1ODg3ZmJjNjk5MzczMzliOWI1YjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgarE9y1eYZwQloshRYqmQLbqnaTS
LcvAG8etnUplqUfAVY4WEju1WTwcEdRs5LkMm3ByswGzJm9vjqxSKMWgntKQ7PWk
nRUAYHycPqGqpf02PhjKWqxY80OKHJqZChr90dIE0mwcX3XYHBxabotrMvpEpngM
7nBDTzO/oXmcJxUB3+LZ1jDfGfIdY7Pu07o4XUvB7JdU4Ep1r8wD/lfDZPcR+2sx
ObhzEa4aDpkIGymNRCWI0jKtfL3pEQ5vhzhanYQstAGvxXrsQmBE02SXWRu9ulFG
yPpd6l6B6FvO9UNxlm1R71FMvEpFtA3phRUTqMFaJPvML6P3ynzMHA2nqQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFH+JMMH/5lxLHliH+8aZNzObm1tyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZjRrd3dmX21YRXNlV0lmN3hwazNNNXViVzNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJYuCAwQA
LYFUAwQALY2eAwQAT249AwQAUaHvAwQBV3l8AwQAV3miAwQCW8jAAwQAXpz4MAwD
BACrFhEDBACrFhIDBACrFh8DBADBGdgDBADBIxMwDQYJKoZIhvcNAQELBQADggEB
AGvgTXF1U213Nd3hAK8pg9VIsJ1WOIxJtwtw1poORzHLatztdGAOeew21ExxsGBm
2AwJtXDyIZZKkKmrimsYDFMsswxXkRswCYaVRovBLzpho0d96hQWfmEQgA/9aMdt
IMVbHqMj0VGtUqqAWLRmsvm8il0+/lqmmzv0EaVQT5KQvTScXxOq99sSKQeDyQoH
309F2PQlN9bnf0ywWdLmstfHn/pfnmtDgQS/CwffnBm9bNonm2hc2DNllulUX4dU
LWDa5+rYKQ8vMUX3f9J0c3wNzhQnPOWL9BDK7YB1/Zq1d6h/kWJ7D6kYduLeLypr
tZFv+wqwpOIpTy8fhwlPj0o=
-----END CERTIFICATE-----
Generated at Mon Jan 15 11:45:09 2024 by rpki-client on console-ams.rpki-client.org