Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkmPv5sD8HGDn3jb9yy_uTqk-s0.roa
File: gkmPv5sD8HGDn3jb9yy_uTqk-s0.roa (raw, json)
Hash identifier: l89n8oa3IljHfkOu7V3D07Wt60xWDlcm6fR5SNmqJXo=
Subject key identifier: 82:49:8F:BF:9B:03:F0:71:83:9F:78:DB:F7:2C:BF:B9:3A:A4:FA:CD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A3C9D0C1CD2F90B8D486560D211F6A9B9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkmPv5sD8HGDn3jb9yy_uTqk-s0.roa
Signing time: Mon 28 Aug 2023 14:47:19 +0000
ROA not before: Mon 28 Aug 2023 14:47:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 45.66.229.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.126.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
94.156.78.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 18 Dec 2023 14:13:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:3c:9d:0c:1c:d2:f9:0b:8d:48:65:60:d2:11:f6:a9:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 28 14:47:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=82498fbf9b03f071839f78dbf72cbfb93aa4facd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6c:ca:f2:0f:4c:7b:55:4c:ff:bc:f2:29:d0:
49:b6:f7:70:eb:75:b5:5e:e4:a4:8a:9c:8a:7a:55:
1d:e0:4c:0e:40:36:ef:b6:cb:ed:6e:1c:8d:52:3d:
42:5c:b9:16:53:2f:3e:37:4c:03:cd:20:cc:f8:96:
f4:e6:9a:72:75:54:d1:c5:04:f3:8e:d9:3a:f5:87:
f7:3a:ff:14:bc:5e:7b:ce:69:48:2d:3e:02:d8:16:
13:ad:79:0a:ee:ab:2f:dc:53:99:ab:cb:fe:84:50:
a3:8c:e9:e8:53:33:da:d1:57:10:c3:87:68:ab:57:
a5:74:66:f7:59:ee:70:b5:65:b8:67:75:e1:fb:de:
c7:30:c0:4b:3a:2e:0e:3b:16:72:01:7b:7a:23:43:
79:fb:a2:1b:a2:14:03:2b:5e:a0:44:a4:1a:eb:58:
44:71:74:e1:69:3e:de:51:37:fa:00:f4:5c:39:fc:
a8:44:01:dc:8f:83:d0:bb:a2:5b:d4:25:89:f7:39:
3c:b5:e9:d9:81:ce:b9:98:fb:51:12:9a:ea:8d:2b:
e9:b2:60:7c:01:c0:e9:5a:5d:09:2b:f8:ff:99:1e:
3f:1b:88:bf:fd:f5:dc:61:18:86:d6:3c:57:34:5f:
55:56:03:31:be:a7:02:dd:f5:11:c9:f1:d9:4c:0b:
f4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:49:8F:BF:9B:03:F0:71:83:9F:78:DB:F7:2C:BF:B9:3A:A4:FA:CD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gkmPv5sD8HGDn3jb9yy_uTqk-s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
94.103.126.0/24
94.156.78.0/24
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
59:3b:23:6a:91:24:45:65:2c:73:d8:ce:ad:ce:85:0e:dd:2c:
0e:19:c2:f1:92:2b:10:b5:43:58:2d:5d:c5:2a:6b:8b:91:07:
a6:cc:57:6d:f1:97:9b:be:53:8f:1a:8f:e0:c9:40:7c:93:17:
98:d7:1b:7b:76:f9:de:30:eb:dc:7a:eb:28:5c:56:a7:80:e8:
59:c3:11:2e:52:8c:9c:36:b4:08:6d:ae:c3:94:cb:f3:e6:1d:
d9:08:7f:11:1e:bc:7a:d9:b9:6b:f2:84:b8:ee:cb:fd:1b:43:
b0:5f:8b:4e:e6:30:80:b5:21:46:6d:2a:d9:09:3d:42:fe:d3:
7e:49:33:6f:9f:09:9c:0e:97:14:cb:84:53:62:cb:ba:49:d4:
97:cf:76:22:16:3a:c9:a7:64:3e:5e:81:d3:80:16:49:01:9e:
25:72:79:31:fe:85:c3:42:23:ad:5f:59:6d:46:b8:2b:b8:c8:
ee:e4:d7:ea:ce:87:e9:bb:bb:f9:0d:7c:e9:04:bf:27:f8:ce:
df:0d:f3:76:54:1d:cc:24:2d:fe:15:4c:fd:68:d7:40:a0:69:
e2:47:ec:e8:97:da:d7:ee:9c:d5:1f:f3:f3:18:ce:b1:6b:88:
b4:95:20:5f:9d:89:3b:68:59:70:5d:28:61:54:75:ed:55:01:
7f:f3:71:18
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYo8nQwc0vkLjUhlYNIR9qm5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODI4MTQ0NzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjQ5OGZiZjliMDNmMDcxODM5Zjc4ZGJmNzJjYmZiOTNhYTRmYWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmzK8g9Me1VM/7zyKdBJtvdw63W1
XuSkipyKelUd4EwOQDbvtsvtbhyNUj1CXLkWUy8+N0wDzSDM+Jb05ppydVTRxQTz
jtk69Yf3Ov8UvF57zmlILT4C2BYTrXkK7qsv3FOZq8v+hFCjjOnoUzPa0VcQw4do
q1eldGb3We5wtWW4Z3Xh+97HMMBLOi4OOxZyAXt6I0N5+6IbohQDK16gRKQa61hE
cXThaT7eUTf6APRcOfyoRAHcj4PQu6Jb1CWJ9zk8tenZgc65mPtREprqjSvpsmB8
AcDpWl0JK/j/mR4/G4i//fXcYRiG1jxXNF9VVgMxvqcC3fURyfHZTAv0uQIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFIJJj7+bA/Bxg5942/csv7k6pPrNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ2ttUHY1c0Q4SEdEbjNqYjl5eV91VHFrLXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALULlAwQA
VBWtAwQAV3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQBV3k4AwQBV3lkAwQA
Xmd+AwQAXpxOAwQAwjseAwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IBAQBZOyNqkSRF
ZSxz2M6tzoUO3SwOGcLxkisQtUNYLV3FKmuLkQemzFdt8ZebvlOPGo/gyUB8kxeY
1xt7dvneMOvceusoXFangOhZwxEuUoycNrQIba7DlMvz5h3ZCH8RHrx62blr8oS4
7sv9G0OwX4tO5jCAtSFGbSrZCT1C/tN+STNvnwmcDpcUy4RTYsu6SdSXz3YiFjrJ
p2Q+XoHTgBZJAZ4lcnkx/oXDQiOtX1ltRrgruMju5Nfqzofpu7v5DXzpBL8n+M7f
DfN2VB3MJC3+FUz9aNdAoGniR+zol9rX7pzVH/PzGM6xa4i0lSBfnYk7aFlwXShh
VHXtVQF/83EY
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org