Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i52Rl3AQ0S33Ij8W1E-Tw-IbX1s.roa
File: i52Rl3AQ0S33Ij8W1E-Tw-IbX1s.roa (raw, json)
Hash identifier: JOVoVya5tqqjv5vrwwhBCaO0LzTrMDH9ZkNOIi8vK2A=
Subject key identifier: 8B:9D:91:97:70:10:D1:2D:F7:22:3F:16:D4:4F:93:C3:E2:1B:5F:5B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01907329D26A4F27B1E7B4412EEDBCEF14AC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i52Rl3AQ0S33Ij8W1E-Tw-IbX1s.roa
Signing time: Tue 02 Jul 2024 11:17:19 +0000
ROA not before: Tue 02 Jul 2024 11:17:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.149.240.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 10:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:73:29:d2:6a:4f:27:b1:e7:b4:41:2e:ed:bc:ef:14:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 2 11:17:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b9d91977010d12df7223f16d44f93c3e21b5f5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:06:f9:69:e0:d1:7b:b8:6c:b9:80:67:b2:28:
19:d0:f4:89:43:c9:6e:c9:22:4b:13:ee:d8:bf:82:
16:23:d3:89:90:b5:46:51:95:d3:e8:e3:d4:23:7b:
8a:56:b8:f3:52:95:5f:b1:30:6e:0d:bc:11:c3:4c:
e3:8c:b6:0c:1a:43:88:f3:ed:c1:59:14:94:dd:13:
49:50:ee:82:81:33:17:71:ed:67:84:9d:76:19:3b:
62:9d:ac:dc:6e:45:6a:17:1e:94:ad:85:75:ff:9d:
99:45:77:41:86:8a:16:d8:9d:b3:06:36:95:8b:25:
13:ad:e8:83:30:42:51:c4:76:02:88:30:02:de:5d:
2e:95:6f:1e:41:cf:9b:c5:4c:1a:5a:9d:f6:2b:96:
fb:3f:6f:68:61:31:53:5f:fe:04:cd:03:89:b9:b8:
81:6f:4f:a2:5b:84:15:23:60:06:fb:ab:dd:b9:d7:
5d:40:7f:05:a3:27:1b:24:1c:42:19:14:6d:52:a1:
93:81:a2:56:a9:6f:64:00:fe:8d:e1:df:8e:f0:4f:
eb:2b:16:c9:9c:c7:16:be:a8:e0:9b:43:c9:52:22:
f5:61:65:b5:4c:de:00:ea:c9:25:40:3b:09:2c:f5:
bf:8f:41:6d:ff:49:59:bd:64:15:4f:c7:61:7f:5c:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:9D:91:97:70:10:D1:2D:F7:22:3F:16:D4:4F:93:C3:E2:1B:5F:5B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/i52Rl3AQ0S33Ij8W1E-Tw-IbX1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
87.121.46.0/24
93.123.116.0/24
94.156.14.0/24
95.214.25.0-95.214.26.255
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:f1:db:4e:3e:ea:c7:5c:64:c1:23:6d:62:00:b6:1e:41:30:
b7:ff:cd:8b:a2:03:2d:59:bb:7f:38:d7:2b:31:e2:c5:53:b2:
95:e4:7e:93:f5:fe:79:22:f7:13:f6:17:95:39:59:af:c5:5c:
d1:b0:17:a2:ef:dd:d7:bc:2e:7c:b7:e7:6c:12:86:51:76:7e:
18:8c:a0:12:65:8d:af:8e:d8:8e:73:34:c5:59:7d:1e:59:c9:
ed:c2:1d:54:b4:12:0b:d1:28:a1:b8:dd:ab:32:ef:ca:93:7e:
70:23:8a:f2:a2:5c:72:8b:fb:21:af:ec:b9:ca:8c:56:13:f8:
f6:0d:a2:1d:55:64:be:80:81:01:0f:a4:c3:0b:3e:fd:07:fb:
76:df:e2:08:ab:c8:44:1d:0f:2f:53:04:78:4b:14:d4:34:77:
d6:9d:e4:6c:3d:e5:e9:cd:e8:e7:05:09:0d:13:1e:9a:51:54:
1a:2d:94:cd:4e:db:52:66:a6:ea:08:27:e8:29:1d:70:77:53:
49:ec:c8:d5:85:bb:6a:67:14:d1:c9:69:b1:52:f8:df:88:12:
27:93:62:e0:1f:aa:f8:65:13:88:8f:2d:d2:8a:ce:c8:6a:20:
7f:74:a3:47:d9:7a:71:85:06:31:fe:44:67:52:b6:12:2e:72:
41:23:18:dd
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZBzKdJqTyex57RBLu287xSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNzAyMTExNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjlkOTE5NzcwMTBkMTJkZjcyMjNmMTZkNDRmOTNjM2UyMWI1ZjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogb5aeDRe7hsuYBnsigZ0PSJQ8lu
ySJLE+7Yv4IWI9OJkLVGUZXT6OPUI3uKVrjzUpVfsTBuDbwRw0zjjLYMGkOI8+3B
WRSU3RNJUO6CgTMXce1nhJ12GTtinazcbkVqFx6UrYV1/52ZRXdBhooW2J2zBjaV
iyUTreiDMEJRxHYCiDAC3l0ulW8eQc+bxUwaWp32K5b7P29oYTFTX/4EzQOJubiB
b0+iW4QVI2AG+6vdudddQH8FoycbJBxCGRRtUqGTgaJWqW9kAP6N4d+O8E/rKxbJ
nMcWvqjgm0PJUiL1YWW1TN4A6sklQDsJLPW/j0Ft/0lZvWQVT8dhf1wskQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIudkZdwENEt9yI/FtRPk8PiG19bMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaTUyUmwzQVEwUzMzSWo4VzFFLVR3LUliWDFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALZXwAwQA
V3hEAwQAV3kuAwQAXXt0AwQAXpwOMAwDBABf1hkDBABf1hoDBAC52ogwDQYJKoZI
hvcNAQELBQADggEBAGzx204+6sdcZMEjbWIAth5BMLf/zYuiAy1Zu3841ysx4sVT
spXkfpP1/nki9xP2F5U5Wa/FXNGwF6Lv3de8Lny352wShlF2fhiMoBJlja+O2I5z
NMVZfR5Zye3CHVS0EgvRKKG43asy78qTfnAjivKiXHKL+yGv7LnKjFYT+PYNoh1V
ZL6AgQEPpMMLPv0H+3bf4giryEQdDy9TBHhLFNQ0d9ad5Gw95enN6OcFCQ0THppR
VBotlM1O21JmpuoIJ+gpHXB3U0nsyNWFu2pnFNHJabFS+N+IEieTYuAfqvhlE4iP
LdKKzshqIH90o0fZenGFBjH+RGdSthIuckEjGN0=
-----END CERTIFICATE-----
Generated at Wed Oct 16 12:02:04 2024 by rpki-client on console-fra.rpki-client.org