Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/foOn8p8Rr0q8jqKxP3DEX-Ym940.roa
File: foOn8p8Rr0q8jqKxP3DEX-Ym940.roa (raw, json)
Hash identifier: KvU8FOYyCDV0nX1kTDAycJd+HVgStP6WW63RqNqSLuk=
Subject key identifier: 7E:83:A7:F2:9F:11:AF:4A:BC:8E:A2:B1:3F:70:C4:5F:E6:26:F7:8D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D5AE78AA23894136944F6B1634ED1E044
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/foOn8p8Rr0q8jqKxP3DEX-Ym940.roa
Signing time: Tue 30 Jan 2024 15:05:40 +0000
ROA not before: Tue 30 Jan 2024 15:05:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203168
IP address blocks: 45.128.96.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Jan 2024 19:27:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5a:e7:8a:a2:38:94:13:69:44:f6:b1:63:4e:d1:e0:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 30 15:05:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e83a7f29f11af4abc8ea2b13f70c45fe626f78d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:79:df:74:6f:ee:fd:68:ce:b0:4e:a2:0b:ca:
f6:84:3f:89:ac:c9:ed:64:e2:14:bf:20:44:d1:7e:
98:57:d8:93:25:68:9b:10:3f:23:03:7f:60:60:3f:
bf:c3:97:93:62:8e:bb:fe:ec:20:2e:51:73:7f:66:
58:0e:49:68:ec:9f:a6:2a:de:a4:29:14:87:af:58:
73:49:ad:19:5f:4f:55:a3:4c:de:74:d0:55:8b:b1:
c3:25:c0:df:ca:37:3c:23:26:de:2a:c5:ba:36:0a:
76:c5:8d:68:ef:e8:68:b3:33:23:b9:cd:b7:4d:b2:
0b:df:0e:f0:36:71:3d:68:22:b6:ae:e2:76:4b:53:
d1:c5:1c:d2:78:53:d6:c4:b3:af:03:3e:e8:2e:33:
4c:a3:b8:72:6f:25:74:f3:16:6d:e1:fe:0c:53:07:
95:f2:80:4e:3a:9b:42:42:f2:26:b1:9a:21:c1:13:
16:aa:f4:c6:5a:50:d9:af:63:50:c4:de:60:33:f7:
8d:69:5a:3b:cc:b9:bc:76:3a:75:77:c7:2e:08:68:
f7:e0:f4:77:e6:46:ab:0b:16:72:04:17:05:b2:c1:
3c:b1:c0:43:39:c5:a5:ac:a8:73:c4:a3:50:6e:d0:
8c:bd:8a:6c:4e:ab:58:d1:0a:f0:44:d4:1c:42:62:
05:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:83:A7:F2:9F:11:AF:4A:BC:8E:A2:B1:3F:70:C4:5F:E6:26:F7:8D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/foOn8p8Rr0q8jqKxP3DEX-Ym940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
32:c5:3c:44:49:cb:40:cf:4e:20:a7:d6:89:a6:f4:e6:44:8a:
c7:4d:7b:31:9a:1a:81:e9:0a:17:78:27:22:78:a7:56:40:37:
ff:af:40:9b:cf:58:04:1f:08:4d:f3:75:0a:aa:12:bb:d5:c8:
76:85:62:57:78:13:9c:f0:9a:0e:09:08:02:04:53:c9:dd:cd:
8a:df:90:e4:e8:0b:40:5d:a8:e1:a5:26:04:8d:ba:af:13:4a:
f0:2b:9a:29:0a:59:59:fa:3b:ed:32:91:88:28:36:37:9b:c9:
35:71:17:db:30:1d:02:b3:e8:1d:ed:3e:ba:4b:e3:bf:b6:d5:
b5:9c:d7:aa:b5:c3:03:51:61:f6:fe:22:f7:67:8d:c6:fb:e1:
d4:84:9f:56:dd:87:53:1e:0d:ec:b8:16:0e:97:48:5c:e2:c1:
d3:a0:33:f7:4a:0c:8f:0c:0d:12:ea:57:4e:20:a0:19:c2:54:
cc:47:ad:47:b4:76:dd:00:44:c9:a0:93:ae:5e:50:5b:9a:41:
6a:76:2e:23:46:8b:b0:28:c9:b3:8c:2c:a6:0b:c9:66:4e:0c:
a2:8b:0e:f5:0a:20:4a:e3:19:8e:83:d0:e0:cd:33:b1:c4:c7:
53:20:3e:21:ea:05:5c:ee:db:15:3b:fe:40:17:e4:7d:e3:1a:
ba:bb:69:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1a54qiOJQTaUT2sWNO0eBEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTMwMTUwNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgzYTdmMjlmMTFhZjRhYmM4ZWEyYjEzZjcwYzQ1ZmU2MjZmNzhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXnfdG/u/WjOsE6iC8r2hD+JrMnt
ZOIUvyBE0X6YV9iTJWibED8jA39gYD+/w5eTYo67/uwgLlFzf2ZYDklo7J+mKt6k
KRSHr1hzSa0ZX09Vo0zedNBVi7HDJcDfyjc8IybeKsW6Ngp2xY1o7+hoszMjuc23
TbIL3w7wNnE9aCK2ruJ2S1PRxRzSeFPWxLOvAz7oLjNMo7hybyV08xZt4f4MUweV
8oBOOptCQvImsZohwRMWqvTGWlDZr2NQxN5gM/eNaVo7zLm8djp1d8cuCGj34PR3
5karCxZyBBcFssE8scBDOcWlrKhzxKNQbtCMvYpsTqtY0QrwRNQcQmIFhwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFH6Dp/KfEa9KvI6isT9wxF/mJveNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZm9PbjhwOFJyMHE4anFLeFAzREVYLVltOTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALYBgAwQA
wd5gMA0GCSqGSIb3DQEBCwUAA4IBAQAyxTxESctAz04gp9aJpvTmRIrHTXsxmhqB
6QoXeCcieKdWQDf/r0Cbz1gEHwhN83UKqhK71ch2hWJXeBOc8JoOCQgCBFPJ3c2K
35Dk6AtAXajhpSYEjbqvE0rwK5opCllZ+jvtMpGIKDY3m8k1cRfbMB0Cs+gd7T66
S+O/ttW1nNeqtcMDUWH2/iL3Z43G++HUhJ9W3YdTHg3suBYOl0hc4sHToDP3SgyP
DA0S6ldOIKAZwlTMR61HtHbdAETJoJOuXlBbmkFqdi4jRouwKMmzjCymC8lmTgyi
iw71CiBK4xmOg9DgzTOxxMdTID4h6gVc7tsVO/5AF+R94xq6u2k2
-----END CERTIFICATE-----
Generated at Tue Jan 30 21:19:53 2024 by rpki-client on console-ams.rpki-client.org