Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fN9hdZjY-_3tlvTXNz4GPyBzjaU.roa
File: fN9hdZjY-_3tlvTXNz4GPyBzjaU.roa (raw, json)
Hash identifier: 0Y729iBbPiYRKTp85RYTa1p42z9NKFJ2T8jurvjNakI=
Subject key identifier: 7C:DF:61:75:98:D8:FB:FD:ED:96:F4:D7:37:3E:06:3F:20:73:8D:A5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01922D526DE86D6975F9D953F22310F6FB70
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fN9hdZjY-_3tlvTXNz4GPyBzjaU.roa
Signing time: Thu 26 Sep 2024 07:53:49 +0000
ROA not before: Thu 26 Sep 2024 07:53:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 10:12:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2d:52:6d:e8:6d:69:75:f9:d9:53:f2:23:10:f6:fb:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 26 07:53:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7cdf617598d8fbfded96f4d7373e063f20738da5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:fc:ce:55:34:69:f5:d9:12:3b:b2:91:e1:c0:
37:5d:32:04:b4:a3:4e:0b:f8:75:f8:43:bb:d8:68:
9d:2a:55:83:8d:45:0b:16:b4:5c:5a:0b:c7:80:b8:
d5:7f:e3:25:e9:5d:84:d2:9e:ac:e1:3a:00:00:2b:
80:ca:4b:4b:86:21:a8:26:74:6c:6e:86:9f:b1:23:
c1:97:ef:fe:a0:d0:4f:9b:98:3a:3f:ee:bd:23:86:
0c:6b:c3:54:72:00:e7:cd:52:cc:1b:d8:af:fe:fb:
f7:25:c9:8e:c7:44:d6:95:fa:11:42:e2:ae:ff:f7:
0b:1a:71:e9:9f:93:08:dd:a1:06:8f:ec:c0:74:d9:
1a:e8:d2:ec:a8:db:ac:46:3e:6e:f7:6b:7d:e5:a5:
d5:bb:bf:c6:ff:0b:6c:4e:ae:c4:91:87:34:79:b9:
34:e6:f7:9c:61:c4:bc:47:73:a5:69:98:42:f4:ed:
c2:25:6d:10:91:0c:7c:59:e7:00:d9:84:46:b3:ff:
d3:c7:1a:6a:52:60:f3:11:56:be:88:eb:18:0f:71:
f1:dc:4e:5d:60:b1:9d:c7:33:10:a8:07:a4:5f:50:
4c:89:2b:b9:5f:18:f6:53:34:bc:1b:36:43:93:6c:
41:b2:45:4d:1f:98:10:98:74:b2:b7:c0:91:6b:a8:
a1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:DF:61:75:98:D8:FB:FD:ED:96:F4:D7:37:3E:06:3F:20:73:8D:A5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/fN9hdZjY-_3tlvTXNz4GPyBzjaU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.133.251.0/24
171.22.31.0/24
185.246.223.0/24
193.222.99.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e2:62:35:5e:03:3f:04:1b:bc:50:08:77:99:32:d2:4d:dd:
c8:11:bf:b6:58:28:6b:eb:96:c8:d6:9b:5e:6a:ea:c2:87:99:
f8:0f:05:3c:fb:1b:a4:5c:7f:b1:70:b4:75:68:11:76:4d:3b:
b9:54:a3:83:71:10:e5:32:80:cf:c5:9d:6c:0b:c3:8e:bb:1c:
5e:55:4e:cd:09:c1:80:c1:df:2f:99:22:26:2b:91:fa:92:9a:
45:a1:44:54:c4:bd:93:c0:51:c0:f5:4f:21:25:88:c2:a8:fa:
bc:ec:cb:54:8d:67:80:5a:4f:cf:20:2c:79:f9:9d:bd:f9:c2:
ae:b4:8c:9d:a3:d0:18:75:2f:2b:2e:ed:83:21:35:18:56:37:
5e:4a:88:75:9d:62:5c:e4:25:9b:83:ba:93:4c:d2:b3:e8:7f:
c5:d5:d3:55:d8:19:ed:7b:32:b2:74:f2:1e:7b:21:8f:1d:0b:
1c:de:82:54:09:50:fd:72:9f:86:df:76:1b:32:e6:39:f6:a7:
9e:81:93:fc:2a:d0:7b:4f:85:f5:49:ab:27:59:4e:8b:28:cf:
cd:0c:1e:32:e3:81:d7:03:cd:2c:6e:aa:83:0b:5c:df:7a:ba:
70:77:f6:0d:95:ba:67:5f:40:94:29:98:04:98:ce:13:f6:a3:
f6:95:ce:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZItUm3obWl1+dlT8iMQ9vtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTI2MDc1MzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2RmNjE3NTk4ZDhmYmZkZWQ5NmY0ZDczNzNlMDYzZjIwNzM4ZGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/zOVTRp9dkSO7KR4cA3XTIEtKNO
C/h1+EO72GidKlWDjUULFrRcWgvHgLjVf+Ml6V2E0p6s4ToAACuAyktLhiGoJnRs
boafsSPBl+/+oNBPm5g6P+69I4YMa8NUcgDnzVLMG9iv/vv3JcmOx0TWlfoRQuKu
//cLGnHpn5MI3aEGj+zAdNka6NLsqNusRj5u92t95aXVu7/G/wtsTq7EkYc0ebk0
5vecYcS8R3OlaZhC9O3CJW0QkQx8WecA2YRGs//TxxpqUmDzEVa+iOsYD3Hx3E5d
YLGdxzMQqAekX1BMiSu5Xxj2UzS8GzZDk2xBskVNH5gQmHSyt8CRa6ih2QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHzfYXWY2Pv97Zb01zc+Bj8gc42lMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZk45aGRaalktXzN0bHZUWE56NEdQeUJ6amFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALULkAwQA
LYX7AwQAqxYfAwQAufbfAwQAwd5jMA0GCSqGSIb3DQEBCwUAA4IBAQBJ4mI1XgM/
BBu8UAh3mTLSTd3IEb+2WChr65bI1pteaurCh5n4DwU8+xukXH+xcLR1aBF2TTu5
VKODcRDlMoDPxZ1sC8OOuxxeVU7NCcGAwd8vmSImK5H6kppFoURUxL2TwFHA9U8h
JYjCqPq87MtUjWeAWk/PICx5+Z29+cKutIydo9AYdS8rLu2DITUYVjdeSoh1nWJc
5CWbg7qTTNKz6H/F1dNV2BntezKydPIeeyGPHQsc3oJUCVD9cp+G33YbMuY59qee
gZP8KtB7T4X1SasnWU6LKM/NDB4y44HXA80sbqqDC1zferpwd/YNlbpnX0CUKZgE
mM4T9qP2lc7K
-----END CERTIFICATE-----
Generated at Fri Oct 18 12:04:42 2024 by rpki-client on console-fra.rpki-client.org