Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hEQwiYdAaCDUZMX4t7OWlv4rccU.roa
File: hEQwiYdAaCDUZMX4t7OWlv4rccU.roa (raw, json)
Hash identifier: /IpHOKvW7XH4Hcao9ktV3BwVROU2qkv95iOE5ij0MAM=
Subject key identifier: 84:44:30:89:87:40:68:20:D4:64:C5:F8:B7:B3:96:96:FE:2B:71:C5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01919DB2722665F82B8C3378BB7FCB85319D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hEQwiYdAaCDUZMX4t7OWlv4rccU.roa
Signing time: Thu 29 Aug 2024 10:33:23 +0000
ROA not before: Thu 29 Aug 2024 10:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 37.139.130.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
85.217.144.0/23 maxlen: 24
185.225.74.0/23 maxlen: 24
193.149.28.0/22 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 10:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9d:b2:72:26:65:f8:2b:8c:33:78:bb:7f:cb:85:31:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 29 10:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8444308987406820d464c5f8b7b39696fe2b71c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e3:e1:cf:cc:31:94:cd:58:ed:8d:e3:a1:9f:
50:04:e9:df:92:4c:12:51:a2:ab:17:52:df:1a:1e:
30:bc:4b:6b:d7:0b:c6:97:c0:6f:5e:f3:68:ee:1c:
e1:3e:a1:02:ff:6e:c0:cb:fe:26:10:42:69:37:51:
4c:d1:54:ae:b3:15:77:7b:46:7d:04:42:bf:cf:02:
d9:af:27:57:b2:f4:88:38:69:2e:84:d1:70:56:b6:
bc:a2:36:b0:ba:85:4e:aa:63:85:c8:00:97:bd:04:
d3:fa:6b:95:6a:69:c4:e0:f3:de:12:f5:55:68:bc:
22:ff:de:e7:10:8d:17:1e:ea:21:d1:7e:da:72:8f:
17:5f:38:4d:fa:9a:b7:4a:48:f3:b4:fd:46:27:34:
45:71:40:00:21:cc:2f:50:16:1d:aa:ad:a3:ce:6d:
32:9e:5b:98:4f:af:45:19:e4:52:60:86:49:ef:17:
3f:ef:4e:78:69:3a:56:ff:ba:57:4a:12:6b:ce:90:
11:54:57:d9:20:39:a8:f2:59:61:c8:36:80:e8:be:
6c:ba:34:46:30:60:d6:9c:83:b3:2a:6a:a5:52:cd:
e7:ca:d7:50:ae:64:a7:f9:d7:1b:b8:ba:a3:67:92:
94:d8:57:35:93:cd:21:ab:95:b3:cd:cd:a8:fe:5c:
71:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:44:30:89:87:40:68:20:D4:64:C5:F8:B7:B3:96:96:FE:2B:71:C5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hEQwiYdAaCDUZMX4t7OWlv4rccU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.149.243.0/24
79.110.61.0/24
85.217.144.0/23
185.225.74.0/23
193.149.28.0/22
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d0:2a:34:bc:d6:36:37:28:a9:59:24:1a:b0:7c:75:ab:f7:
cc:70:79:a5:01:4a:d9:61:2c:dc:70:79:e3:0e:21:8b:fd:ff:
d1:bc:e1:3a:ea:64:68:da:3d:eb:c4:4a:06:6b:41:4c:a0:73:
e7:66:25:05:34:98:03:dc:f9:d6:47:77:ba:8b:e0:b7:94:a0:
4f:d4:7f:99:55:2a:90:9a:bd:08:70:55:70:d8:25:38:4a:98:
c2:21:cb:2c:50:3d:17:04:ea:a5:7b:38:f2:9e:65:7e:9f:81:
9c:dd:47:28:77:f1:00:04:ca:88:3c:ad:06:32:e3:d0:03:09:
d8:58:27:54:45:4f:e3:5d:09:f8:52:d8:b9:77:d7:8b:98:89:
04:30:1e:04:ea:7f:16:d3:f3:20:c5:ce:4a:22:4d:00:b1:a0:
d9:a1:b6:30:90:c5:95:b1:63:42:a5:08:db:db:78:ba:3e:af:
02:af:a2:25:da:5a:3c:00:ee:17:76:34:27:d3:d6:bf:5c:f1:
5f:0a:a8:3b:8c:eb:25:64:26:44:0a:2e:bd:bb:35:9d:3d:52:
bf:47:68:ee:e4:44:6e:74:27:3d:47:7d:ea:0e:83:0b:ce:eb:
70:7f:67:4f:71:64:ed:38:81:5e:02:86:51:c2:65:05:07:5f:
03:31:42:f5
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZGdsnImZfgrjDN4u3/LhTGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODI5MTAzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQ0MzA4OTg3NDA2ODIwZDQ2NGM1ZjhiN2IzOTY5NmZlMmI3MWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOPhz8wxlM1Y7Y3joZ9QBOnfkkwS
UaKrF1LfGh4wvEtr1wvGl8BvXvNo7hzhPqEC/27Ay/4mEEJpN1FM0VSusxV3e0Z9
BEK/zwLZrydXsvSIOGkuhNFwVra8ojawuoVOqmOFyACXvQTT+muVamnE4PPeEvVV
aLwi/97nEI0XHuoh0X7aco8XXzhN+pq3SkjztP1GJzRFcUAAIcwvUBYdqq2jzm0y
nluYT69FGeRSYIZJ7xc/7054aTpW/7pXShJrzpARVFfZIDmo8llhyDaA6L5sujRG
MGDWnIOzKmqlUs3nytdQrmSn+dcbuLqjZ5KU2Fc1k80hq5Wzzc2o/lxxKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIREMImHQGgg1GTF+Lezlpb+K3HFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaEVRd2lZZEFhQ0RVWk1YNHQ3T1dsdjRyY2NVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAJYuCAwQA
LZXzAwQAT249AwQBVdmQAwQBueFKAwQCwZUcAwQA1HMpMA0GCSqGSIb3DQEBCwUA
A4IBAQBx0Co0vNY2NyipWSQasHx1q/fMcHmlAUrZYSzccHnjDiGL/f/RvOE66mRo
2j3rxEoGa0FMoHPnZiUFNJgD3PnWR3e6i+C3lKBP1H+ZVSqQmr0IcFVw2CU4SpjC
IcssUD0XBOqlezjynmV+n4Gc3Ucod/EABMqIPK0GMuPQAwnYWCdURU/jXQn4Uti5
d9eLmIkEMB4E6n8W0/Mgxc5KIk0AsaDZobYwkMWVsWNCpQjb23i6Pq8Cr6Il2lo8
AO4XdjQn09a/XPFfCqg7jOslZCZECi69uzWdPVK/R2ju5ERudCc9R33qDoMLzutw
f2dPcWTtOIFeAoZRwmUFB18DMUL1
-----END CERTIFICATE-----
Generated at Thu Oct 3 13:08:42 2024 by rpki-client on console-fra.rpki-client.org