Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hA7PguRrHquyewHHouVcsqXq0kg.roa
File: hA7PguRrHquyewHHouVcsqXq0kg.roa (raw, json)
Hash identifier: THrPMRdJzBEXnhQVh++GjxZTEfMwM951pcHA2snZaeU=
Subject key identifier: 84:0E:CF:82:E4:6B:1E:AB:B2:7B:01:C7:A2:E5:5C:B2:A5:EA:D2:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E0E73EBF5A20AA7C170A75A88E7893243
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hA7PguRrHquyewHHouVcsqXq0kg.roa
Signing time: Tue 05 Mar 2024 11:51:01 +0000
ROA not before: Tue 05 Mar 2024 11:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206003
IP address blocks: 45.141.158.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 05 May 2024 09:36:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:73:eb:f5:a2:0a:a7:c1:70:a7:5a:88:e7:89:32:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 5 11:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=840ecf82e46b1eabb27b01c7a2e55cb2a5ead248
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:2b:96:cf:18:ea:47:0b:2a:59:53:32:09:a7:
7f:47:45:4a:9b:e3:6c:25:28:73:3b:7f:75:c8:da:
ad:b6:f9:9c:7b:80:d1:ad:7d:80:4e:6e:95:62:b1:
f0:c7:2d:a1:78:29:da:9d:3c:70:4d:cd:bb:f0:f1:
22:70:c5:cb:b7:fe:85:cb:4f:52:e6:0b:94:4c:1b:
05:a4:2f:80:01:a4:ed:86:d9:cd:91:b9:5b:a9:74:
5c:de:9f:76:68:b0:d0:b8:ff:ac:b4:10:14:af:d2:
33:1f:80:ec:e7:2c:51:3c:5e:27:ae:fe:d1:de:8e:
f3:07:10:cf:de:05:bc:f1:b1:07:37:cf:96:3f:31:
a8:46:dc:91:6a:38:26:81:5b:55:e0:f2:26:5b:95:
00:2a:3d:af:1e:81:5f:f1:6d:4c:ad:82:47:9e:1d:
1e:5b:a4:d6:42:d8:76:c0:aa:31:fa:1c:3f:9c:98:
0f:2b:bb:b3:db:1a:b5:81:af:21:8c:ac:c6:f2:ad:
b4:08:fa:8c:fb:fa:0a:4a:92:99:5e:4f:26:54:38:
08:a7:0f:54:bd:18:68:70:c6:04:fd:f1:03:09:51:
21:d4:92:4e:fb:f1:15:5d:fa:3d:4d:c7:19:a3:0c:
ce:33:07:56:f0:d0:a1:7e:c6:1c:f4:ab:df:60:62:
ff:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:0E:CF:82:E4:6B:1E:AB:B2:7B:01:C7:A2:E5:5C:B2:A5:EA:D2:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hA7PguRrHquyewHHouVcsqXq0kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
87.121.124.0/23
87.121.162.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:50:5a:6f:70:e0:d4:e2:a1:e2:d3:c6:b7:e1:f9:92:a6:95:
f8:6c:7c:86:98:ca:07:37:67:ff:de:6e:11:3f:f9:f3:0d:8c:
41:3c:6c:73:b7:c8:89:09:99:cb:3e:06:90:40:76:0e:88:05:
6f:8b:f5:0c:a8:e2:57:de:55:ca:3a:b6:b5:2d:bd:58:a8:36:
0a:43:df:c7:09:5b:d4:c2:86:32:ed:20:59:ec:ad:65:67:dd:
74:e1:b5:2e:79:e5:69:f3:ab:6d:9d:cc:6d:7d:38:fc:71:1e:
9c:5e:4c:bf:5f:32:4f:77:28:f8:c8:f3:38:37:45:34:e2:c1:
74:91:be:dd:e7:c9:45:8c:50:a6:8e:0e:1d:7d:31:94:c5:84:
ac:7b:90:54:df:7d:74:b8:b7:1e:a5:60:15:1d:74:29:74:3b:
04:17:7e:c9:20:be:a4:70:d5:e8:50:f9:34:0e:63:94:3d:1e:
20:55:8b:82:c4:07:33:65:d7:dd:85:cc:fd:ec:7b:ad:da:03:
78:49:6c:1c:38:75:4c:4c:30:bb:5f:49:90:5b:68:f6:50:6e:
e9:1d:97:3b:d4:4b:44:e4:19:77:b6:d4:01:13:7a:25:f9:6b:
79:64:61:bb:23:3f:da:c5:45:7f:a9:66:4e:d4:44:85:25:8b:
72:83:15:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4Oc+v1ogqnwXCnWojniTJDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzA1MTE1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDBlY2Y4MmU0NmIxZWFiYjI3YjAxYzdhMmU1NWNiMmE1ZWFkMjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSuWzxjqRwsqWVMyCad/R0VKm+Ns
JShzO391yNqttvmce4DRrX2ATm6VYrHwxy2heCnanTxwTc278PEicMXLt/6Fy09S
5guUTBsFpC+AAaTthtnNkblbqXRc3p92aLDQuP+stBAUr9IzH4Ds5yxRPF4nrv7R
3o7zBxDP3gW88bEHN8+WPzGoRtyRajgmgVtV4PImW5UAKj2vHoFf8W1MrYJHnh0e
W6TWQth2wKox+hw/nJgPK7uz2xq1ga8hjKzG8q20CPqM+/oKSpKZXk8mVDgIpw9U
vRhocMYE/fEDCVEh1JJO+/EVXfo9TccZowzOMwdW8NChfsYc9KvfYGL/DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIQOz4Lkax6rsnsBx6LlXLKl6tJIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaEE3UGd1UnJIcXV5ZXdISG91VmNzcVhxMGtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALY2eAwQB
V3l8AwQAV3miMA0GCSqGSIb3DQEBCwUAA4IBAQCqUFpvcODU4qHi08a34fmSppX4
bHyGmMoHN2f/3m4RP/nzDYxBPGxzt8iJCZnLPgaQQHYOiAVvi/UMqOJX3lXKOra1
Lb1YqDYKQ9/HCVvUwoYy7SBZ7K1lZ9104bUueeVp86ttncxtfTj8cR6cXky/XzJP
dyj4yPM4N0U04sF0kb7d58lFjFCmjg4dfTGUxYSse5BU3310uLcepWAVHXQpdDsE
F37JIL6kcNXoUPk0DmOUPR4gVYuCxAczZdfdhcz97Hut2gN4SWwcOHVMTDC7X0mQ
W2j2UG7pHZc71EtE5Bl3ttQBE3ol+Wt5ZGG7Iz/axUV/qWZO1ESFJYtygxWB
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:40 2024 by rpki-client on console-ams.rpki-client.org