Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f7wQlBtKifkJjd4rVM9eXNCJYIM.roa
File: f7wQlBtKifkJjd4rVM9eXNCJYIM.roa (raw, json)
Hash identifier: PT8nOtPYmEW/+Ak8k6HMVbzlJ/xBAWjBZ4dOydTuyx4=
Subject key identifier: 7F:BC:10:94:1B:4A:89:F9:09:8D:DE:2B:54:CF:5E:5C:D0:89:60:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01905C3079FE81CDD2EC7E7BB27926F83903
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f7wQlBtKifkJjd4rVM9eXNCJYIM.roa
Signing time: Fri 28 Jun 2024 00:13:19 +0000
ROA not before: Fri 28 Jun 2024 00:13:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 11:16:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5c:30:79:fe:81:cd:d2:ec:7e:7b:b2:79:26:f8:39:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 28 00:13:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7fbc10941b4a89f9098dde2b54cf5e5cd0896083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:9e:6d:22:bf:1f:da:39:4e:b8:30:c0:11:7f:
99:90:3b:c4:b7:db:ec:90:49:f4:bc:11:ad:57:4d:
40:03:ea:80:84:bd:43:64:b5:56:7d:e3:63:b9:c7:
64:c1:ff:c0:53:14:f7:a2:c4:c2:27:81:17:d5:5d:
d3:59:da:ae:6a:02:6c:6f:61:72:16:14:5a:2d:e5:
3c:7c:dd:af:f3:27:40:8d:29:fb:a7:d9:1c:5e:2f:
8a:e0:78:3b:df:ad:9f:a1:46:02:a5:8d:65:35:96:
a5:a3:71:c2:ae:f8:09:e3:f9:fb:5b:a1:b0:da:ec:
f8:0d:61:88:f0:18:67:52:aa:de:21:9d:72:ca:c4:
56:06:a9:15:85:ef:8e:1f:2f:99:ad:ca:95:88:30:
6a:95:53:b4:3a:9a:9c:53:7e:73:44:a2:51:1a:65:
96:b0:90:08:50:cc:12:52:22:0c:9a:ba:9f:49:ea:
ba:a6:f9:04:97:ad:f3:2d:67:04:5e:ee:52:f4:44:
8b:a1:15:66:97:45:26:45:a8:1a:2c:ce:b2:c8:e1:
2b:ce:4b:35:0f:15:e0:51:1e:92:b0:61:47:5c:e1:
87:76:c6:6b:9c:03:34:67:a5:66:0b:92:81:34:9f:
8d:cf:6f:3c:d9:c8:5a:eb:cb:86:9e:bd:23:04:d1:
51:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:BC:10:94:1B:4A:89:F9:09:8D:DE:2B:54:CF:5E:5C:D0:89:60:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f7wQlBtKifkJjd4rVM9eXNCJYIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.116.0/24
94.156.14.0/24
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
76:16:b7:21:30:3f:f8:82:9b:0a:fd:90:c1:bd:61:e8:66:36:
1e:58:c2:f6:ab:78:eb:d0:1b:9a:8f:41:4a:7d:c1:7f:51:8f:
90:db:4e:05:d1:70:53:c9:03:d9:0d:b8:ba:26:1a:a9:58:03:
f8:29:17:e7:99:18:66:b7:51:f2:24:a9:46:ae:ca:2d:30:bf:
54:e0:e4:68:aa:a4:46:3e:14:59:a9:52:52:37:53:5b:b8:54:
64:41:95:67:b9:a7:89:a1:4b:01:47:3f:66:28:95:f5:0a:d0:
fd:47:54:07:66:d5:c3:ea:d4:71:16:75:0e:91:42:d8:a1:cc:
76:66:e2:4c:05:94:56:c4:89:41:0e:4d:be:8b:0d:c9:8c:54:
c2:72:57:ed:00:1e:ed:85:d0:0b:01:ea:78:ca:44:9d:84:b4:
0a:1a:38:80:11:bb:6e:4d:c4:d1:cd:f1:53:0b:2e:5e:2c:a7:
e6:84:e1:53:a5:58:fd:a2:de:f3:e0:07:40:67:5c:14:27:89:
f7:30:b0:25:68:b7:7e:94:1d:fa:bf:9a:b0:f0:10:23:93:25:
35:66:db:fe:db:fc:4b:f8:46:8f:10:bf:ea:3b:e7:a3:4b:c1:
d5:18:40:2c:95:93:1c:5f:ac:c2:a1:ff:46:04:ac:e5:a1:60:
43:09:73:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBcMHn+gc3S7H57snkm+DkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI4MDAxMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmJjMTA5NDFiNGE4OWY5MDk4ZGRlMmI1NGNmNWU1Y2QwODk2MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu55tIr8f2jlOuDDAEX+ZkDvEt9vs
kEn0vBGtV01AA+qAhL1DZLVWfeNjucdkwf/AUxT3osTCJ4EX1V3TWdquagJsb2Fy
FhRaLeU8fN2v8ydAjSn7p9kcXi+K4Hg7362foUYCpY1lNZalo3HCrvgJ4/n7W6Gw
2uz4DWGI8BhnUqreIZ1yysRWBqkVhe+OHy+ZrcqViDBqlVO0OpqcU35zRKJRGmWW
sJAIUMwSUiIMmrqfSeq6pvkEl63zLWcEXu5S9ESLoRVml0UmRagaLM6yyOErzks1
DxXgUR6SsGFHXOGHdsZrnAM0Z6VmC5KBNJ+Nz2882cha68uGnr0jBNFRXQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH+8EJQbSon5CY3eK1TPXlzQiWCDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZjd3UWxCdEtpZmtKamQ0clZNOWVYTkNKWUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALZXwAwQA
V3hEAwQAV3kuAwQAXXt0AwQAXpwOAwQAudqIMA0GCSqGSIb3DQEBCwUAA4IBAQB2
FrchMD/4gpsK/ZDBvWHoZjYeWML2q3jr0Buaj0FKfcF/UY+Q204F0XBTyQPZDbi6
JhqpWAP4KRfnmRhmt1HyJKlGrsotML9U4ORoqqRGPhRZqVJSN1NbuFRkQZVnuaeJ
oUsBRz9mKJX1CtD9R1QHZtXD6tRxFnUOkULYocx2ZuJMBZRWxIlBDk2+iw3JjFTC
clftAB7thdALAep4ykSdhLQKGjiAEbtuTcTRzfFTCy5eLKfmhOFTpVj9ot7z4AdA
Z1wUJ4n3MLAlaLd+lB36v5qw8BAjkyU1Ztv+2/xL+EaPEL/qO+ejS8HVGEAslZMc
X6zCof9GBKzloWBDCXOQ
-----END CERTIFICATE-----
Generated at Tue Jul 2 12:56:00 2024 by rpki-client on console-ams.rpki-client.org