Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iA-7AybHTHaoef1dD5jAar_oICY.roa
File: iA-7AybHTHaoef1dD5jAar_oICY.roa (raw, json)
Hash identifier: jfeWLX98AknkzAFpNet9or8Qcch/i75Ef431exyix5c=
Subject key identifier: 88:0F:BB:03:26:C7:4C:76:A8:79:FD:5D:0F:98:C0:6A:BF:E8:20:26
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B0364419AA0A0D33F54DEEF20AE1373ED
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iA-7AybHTHaoef1dD5jAar_oICY.roa
Signing time: Fri 06 Oct 2023 05:09:43 +0000
ROA not before: Fri 06 Oct 2023 05:09:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25369
IP address blocks: 194.31.204.0/24 maxlen: 24
45.90.88.0/23 maxlen: 24
5.252.132.0/22 maxlen: 24
193.58.120.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
193.25.218.0/24 maxlen: 24
5.253.64.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Nov 2023 08:38:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:03:64:41:9a:a0:a0:d3:3f:54:de:ef:20:ae:13:73:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 6 05:09:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=880fbb0326c74c76a879fd5d0f98c06abfe82026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9e:be:98:13:4d:2e:86:72:13:1b:f9:12:83:
fd:42:92:9e:40:98:56:aa:09:d7:73:96:b8:53:e7:
0e:ec:11:4c:e6:db:e7:3a:d4:fd:b1:16:a6:60:db:
c3:43:a4:b7:33:4b:c5:a0:d0:6d:d6:14:b0:b5:58:
6d:f3:aa:fe:47:99:7a:cd:b1:06:8e:11:d9:db:e4:
a6:dc:dd:82:4e:84:ef:5a:00:1d:ba:1e:0a:e7:e7:
0f:8d:96:fa:86:81:a1:6f:36:a4:cb:c7:e7:75:64:
5f:23:80:26:51:21:e2:29:9a:b8:a7:d9:36:4b:9f:
6d:26:b8:6b:e4:8b:76:8e:14:2f:4d:89:3d:40:cc:
a8:87:cb:00:53:bb:d6:a7:0d:92:dd:96:ac:63:f5:
d5:4a:d1:7b:2c:48:5c:f7:9a:e6:cf:ce:b9:89:63:
82:18:4e:ea:6c:dd:5d:6f:eb:72:0e:e8:1b:79:f5:
9e:23:d5:23:54:ae:b2:4a:48:f0:92:4d:01:52:33:
da:5a:ed:41:01:3a:d3:72:ff:dc:de:68:eb:8a:61:
0f:6a:52:35:1d:d7:ce:3a:5c:dd:bf:18:c1:72:90:
f3:af:29:c5:b6:2d:dd:54:1a:50:67:19:97:a2:93:
93:f9:f5:b8:68:11:f1:15:71:29:fe:bb:35:13:6b:
ee:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0F:BB:03:26:C7:4C:76:A8:79:FD:5D:0F:98:C0:6A:BF:E8:20:26
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iA-7AybHTHaoef1dD5jAar_oICY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.132.0/22
5.253.64.0/22
45.90.88.0/23
45.149.241.0/24
193.25.218.0/24
193.58.120.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
97:07:f7:98:89:e6:84:03:52:9c:7f:8f:a2:4b:3b:ac:ce:44:
5e:43:2d:24:86:6b:63:96:dd:4a:1e:47:5a:7e:53:10:67:9c:
cc:87:f0:a5:b9:7b:4d:ba:94:c8:da:2c:2d:19:e4:d9:d8:a3:
12:79:17:93:fb:3a:df:94:f6:ca:f7:8a:a2:0f:5b:16:12:83:
b3:d7:80:98:02:c2:2c:d0:1b:9e:af:59:af:e4:70:98:8b:8b:
aa:33:46:e4:2d:3e:1a:ee:3a:3b:41:42:9c:ca:bf:70:6b:43:
b4:6f:2f:1d:80:8b:ed:ea:7c:92:aa:d2:3f:d8:4a:82:8a:27:
2d:12:24:67:7d:fa:1e:a7:dd:4c:60:d8:37:3a:7e:80:d7:0b:
54:9b:c7:13:90:d1:7a:aa:cc:9b:55:05:ac:8f:70:b8:80:ee:
02:5a:47:a7:d1:19:08:ab:c2:62:fe:33:38:17:24:01:90:4b:
d4:a0:1a:da:0d:8f:f5:ad:3c:ef:41:fd:9d:fb:69:78:78:39:
b4:20:f4:c0:14:0c:0b:81:b8:2c:e3:50:48:25:dd:33:73:df:
57:d9:04:f4:90:27:c7:65:1d:e9:9d:98:2b:74:33:e0:23:85:
14:2c:11:d5:20:87:89:cc:81:85:46:c6:21:9e:43:da:a8:9b:
93:6b:fa:a6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYsDZEGaoKDTP1Te7yCuE3PtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDA2MDUwOTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBmYmIwMzI2Yzc0Yzc2YTg3OWZkNWQwZjk4YzA2YWJmZTgyMDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ6+mBNNLoZyExv5EoP9QpKeQJhW
qgnXc5a4U+cO7BFM5tvnOtT9sRamYNvDQ6S3M0vFoNBt1hSwtVht86r+R5l6zbEG
jhHZ2+Sm3N2CToTvWgAduh4K5+cPjZb6hoGhbzaky8fndWRfI4AmUSHiKZq4p9k2
S59tJrhr5It2jhQvTYk9QMyoh8sAU7vWpw2S3ZasY/XVStF7LEhc95rmz865iWOC
GE7qbN1db+tyDugbefWeI9UjVK6ySkjwkk0BUjPaWu1BATrTcv/c3mjrimEPalI1
HdfOOlzdvxjBcpDzrynFti3dVBpQZxmXopOT+fW4aBHxFXEp/rs1E2vuqQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIgPuwMmx0x2qHn9XQ+YwGq/6CAmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaUEtN0F5YkhUSGFvZWYxZEQ1akFhcl9vSUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCBfyEAwQC
Bf1AAwQBLVpYAwQALZXxAwQAwRnaAwQAwTp4AwQAwh/MMA0GCSqGSIb3DQEBCwUA
A4IBAQCXB/eYieaEA1Kcf4+iSzuszkReQy0khmtjlt1KHkdaflMQZ5zMh/CluXtN
upTI2iwtGeTZ2KMSeReT+zrflPbK94qiD1sWEoOz14CYAsIs0Buer1mv5HCYi4uq
M0bkLT4a7jo7QUKcyr9wa0O0by8dgIvt6nySqtI/2EqCiictEiRnffoep91MYNg3
On6A1wtUm8cTkNF6qsybVQWsj3C4gO4CWken0RkIq8Ji/jM4FyQBkEvUoBraDY/1
rTzvQf2d+2l4eDm0IPTAFAwLgbgs41BIJd0zc99X2QT0kCfHZR3pnZgrdDPgI4UU
LBHVIIeJzIGFRsYhnkPaqJuTa/qm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:17 2024 by rpki-client on console-fra.rpki-client.org