Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fHqFzlS4GoIougTrceGLtgKgD64.roa
File: fHqFzlS4GoIougTrceGLtgKgD64.roa (raw, json)
Hash identifier: 37p9H/B/v3Ua/UYw+Abi2ZHVDYvL/WzMYZwsrmZ6nsM=
Subject key identifier: 7C:7A:85:CE:54:B8:1A:82:28:BA:04:EB:71:E1:8B:B6:02:A0:0F:AE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DF431EB35EC2576477A96116BCD7EE317
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fHqFzlS4GoIougTrceGLtgKgD64.roa
Signing time: Thu 29 Feb 2024 09:28:48 +0000
ROA not before: Thu 29 Feb 2024 09:28:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61302
IP address blocks: 45.141.158.0/24 maxlen: 24
82.115.210.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 15:05:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:31:eb:35:ec:25:76:47:7a:96:11:6b:cd:7e:e3:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 29 09:28:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7c7a85ce54b81a8228ba04eb71e18bb602a00fae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:37:2f:60:88:c3:ec:72:ad:bd:43:f2:eb:
78:e5:5e:70:70:17:b6:80:e2:60:f0:3a:c5:7c:c5:
ed:73:0f:e7:9e:ea:8c:62:47:c1:41:29:a0:52:c7:
29:eb:63:58:8c:ad:ac:1e:4e:c7:2a:0b:27:ef:a6:
c6:10:6e:b9:f9:02:fb:90:4f:ff:2b:d6:7a:74:8d:
2c:e4:83:5a:fe:8e:14:f4:46:90:10:e3:ab:30:f3:
2e:24:ba:6a:4c:6d:d0:8b:50:76:c1:26:b0:94:5c:
c9:a0:17:b3:48:38:d5:1b:92:86:20:16:21:bd:73:
78:c2:40:41:36:02:db:92:e1:aa:61:af:ba:3b:84:
ab:fd:e5:b5:47:d8:6e:e0:2c:b7:22:45:c2:a0:97:
0d:20:a0:9e:03:5e:d6:bd:d2:32:47:05:de:6e:bc:
3b:a2:da:ba:0b:2f:0b:31:7c:f3:eb:c9:88:af:4a:
28:b3:be:66:7c:96:e5:e4:dd:23:af:b5:05:82:32:
90:30:5d:f4:2d:5f:f6:97:1f:a9:e1:83:6a:49:05:
0e:0f:65:6c:9f:12:9f:94:c7:cd:24:e5:51:35:ca:
01:b5:88:99:a3:e8:37:c0:71:ca:50:6c:f7:89:54:
1e:7a:89:a0:75:7a:58:2f:c8:22:fe:c2:ac:b4:d2:
02:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7A:85:CE:54:B8:1A:82:28:BA:04:EB:71:E1:8B:B6:02:A0:0F:AE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fHqFzlS4GoIougTrceGLtgKgD64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
82.115.210.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
147.78.100.0/24
171.22.17.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:62:41:4f:d0:af:59:e2:96:1f:51:04:d6:f5:63:01:b8:34:
0b:1f:19:31:75:29:62:96:14:b8:43:87:69:e8:1d:f1:33:8f:
77:31:df:51:f3:fe:7b:05:f3:aa:6e:90:55:a9:22:42:5a:5d:
3f:72:21:41:8c:d6:fb:e5:8f:d3:d2:a3:d7:97:08:be:63:62:
01:b9:5a:88:cf:bb:e8:33:e4:75:cc:57:a6:f4:63:de:bc:eb:
7c:8e:21:86:fc:58:e2:ce:72:c8:16:12:79:89:79:4b:ea:87:
1d:8f:5d:a0:e9:81:4d:7c:f0:17:f4:5f:4b:61:38:87:e3:d4:
dd:74:6f:b1:26:d9:0b:e1:a2:9d:e8:7b:64:92:0e:e9:4c:65:
47:8a:83:9d:75:d7:73:d0:56:fa:2e:f5:55:c1:51:94:06:b5:
52:28:56:56:3d:4f:2e:1e:fe:59:ed:d5:59:14:30:2d:da:5a:
f5:14:04:83:47:54:15:d7:b6:2d:ec:65:f0:81:48:28:cd:6d:
a5:68:95:5b:b6:2e:22:2a:95:83:54:3b:5e:09:c3:04:25:e4:
68:66:87:96:c8:2e:fd:73:fd:e4:b9:e4:bf:fc:42:cb:26:94:
67:3a:af:09:9c:e7:7b:bf:b8:66:c9:79:89:8f:61:16:be:68:
93:ad:32:1c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY30Mes17CV2R3qWEWvNfuMXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI5MDkyODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzdhODVjZTU0YjgxYTgyMjhiYTA0ZWI3MWUxOGJiNjAyYTAwZmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD83L2CIw+xyrb1D8ut45V5wcBe2
gOJg8DrFfMXtcw/nnuqMYkfBQSmgUscp62NYjK2sHk7HKgsn76bGEG65+QL7kE//
K9Z6dI0s5INa/o4U9EaQEOOrMPMuJLpqTG3Qi1B2wSawlFzJoBezSDjVG5KGIBYh
vXN4wkBBNgLbkuGqYa+6O4Sr/eW1R9hu4Cy3IkXCoJcNIKCeA17WvdIyRwXebrw7
otq6Cy8LMXzz68mIr0oos75mfJbl5N0jr7UFgjKQMF30LV/2lx+p4YNqSQUOD2Vs
nxKflMfNJOVRNcoBtYiZo+g3wHHKUGz3iVQeeomgdXpYL8gi/sKstNICBQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHx6hc5UuBqCKLoE63Hhi7YCoA+uMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZkhxRnpsUzRHb0lvdWdUcmNlR0x0Z0tnRDY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALY2eAwQA
UnPSAwQBV3l8AwQAV3miAwQCW8jAAwQAk05kAwQAqxYRMA0GCSqGSIb3DQEBCwUA
A4IBAQBKYkFP0K9Z4pYfUQTW9WMBuDQLHxkxdSlilhS4Q4dp6B3xM493Md9R8/57
BfOqbpBVqSJCWl0/ciFBjNb75Y/T0qPXlwi+Y2IBuVqIz7voM+R1zFem9GPevOt8
jiGG/FjiznLIFhJ5iXlL6ocdj12g6YFNfPAX9F9LYTiH49TddG+xJtkL4aKd6Htk
kg7pTGVHioOddddz0Fb6LvVVwVGUBrVSKFZWPU8uHv5Z7dVZFDAt2lr1FASDR1QV
17Yt7GXwgUgozW2laJVbti4iKpWDVDteCcMEJeRoZoeWyC79c/3kueS//ELLJpRn
Oq8JnOd7v7hmyXmJj2EWvmiTrTIc
-----END CERTIFICATE-----
Generated at Thu Feb 29 19:07:31 2024 by rpki-client on console-ams.rpki-client.org