Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icyXQDKyhM51gaP_Uj4WzdQOTh4.roa
File: icyXQDKyhM51gaP_Uj4WzdQOTh4.roa (raw, json)
Hash identifier: ChM/lRXCz6/3lP7fZuWeotr3a32FdmjypstBgQA3568=
Subject key identifier: 89:CC:97:40:32:B2:84:CE:75:81:A3:FF:52:3E:16:CD:D4:0E:4E:1E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01905FFA048B873F0BCA9B0D7BFCB92AEBD9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icyXQDKyhM51gaP_Uj4WzdQOTh4.roa
Signing time: Fri 28 Jun 2024 17:52:19 +0000
ROA not before: Fri 28 Jun 2024 17:52:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207459
IP address blocks: 45.66.228.0/24 maxlen: 24
141.98.5.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jul 2024 13:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:5f:fa:04:8b:87:3f:0b:ca:9b:0d:7b:fc:b9:2a:eb:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 28 17:52:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89cc974032b284ce7581a3ff523e16cdd40e4e1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:ae:3a:b8:45:76:2a:15:8b:c4:d8:7c:a1:
a2:4d:69:30:ee:71:11:2b:a2:9d:ca:e9:7e:43:fa:
7e:22:c5:90:f7:56:6d:be:1a:cd:91:7e:1f:2c:ca:
f2:64:c0:d5:4b:fb:46:f2:bd:92:13:39:4c:27:0b:
1c:a4:6e:1e:bf:16:d3:1b:36:3a:fd:b7:e3:e4:7d:
b2:1c:d1:ef:33:e9:eb:fa:06:a4:40:99:44:a7:2f:
f1:5a:8f:fb:98:8e:32:9b:0f:66:5e:93:ec:3b:0e:
ba:88:44:b7:8a:19:99:af:5d:f3:cc:17:55:5e:3f:
41:9a:7a:59:ec:9a:1c:9e:21:23:06:93:4c:44:5f:
09:08:15:9b:80:c3:5a:0d:c6:3d:76:22:0e:6e:6f:
9e:51:31:2f:45:2f:7c:9f:54:01:b3:fa:3a:ba:98:
07:bf:b3:95:dc:59:4d:ad:05:75:16:65:65:93:ca:
78:a4:b8:95:bf:69:da:56:25:9f:f3:fe:9c:b7:f9:
39:21:91:07:03:54:8f:88:1b:6e:43:dc:3b:e3:1d:
e7:d1:1e:ed:3d:5f:ab:06:f6:2e:d2:e0:ae:3d:c6:
c6:a3:3d:11:78:20:7a:5c:7b:ea:40:a2:c6:fe:f9:
41:e8:7a:70:c3:72:71:61:cc:75:98:ba:68:f1:00:
2f:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:CC:97:40:32:B2:84:CE:75:81:A3:FF:52:3E:16:CD:D4:0E:4E:1E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/icyXQDKyhM51gaP_Uj4WzdQOTh4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
141.98.5.0/24
178.215.238.0/24
193.149.28.0/22
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:60:f4:f9:f9:74:4f:1a:03:ce:f8:a9:55:57:40:7f:d0:2f:
d8:b1:f3:fd:a9:e9:18:32:19:fc:8f:a4:d0:d3:99:8b:93:dc:
1a:16:08:8c:c0:0d:b0:38:90:10:0b:8f:4d:d8:74:e3:41:bc:
ec:09:d2:55:11:bc:81:9c:50:68:bc:2d:b2:7b:39:31:93:35:
df:ff:39:74:73:5e:76:cd:13:e6:ed:c0:eb:d0:8c:2e:bd:b0:
dc:d3:89:59:7c:06:11:c8:d2:87:5f:84:67:8f:b7:bf:15:3d:
29:4d:00:91:df:c2:9f:e6:40:89:72:1d:7e:c7:24:11:d8:3d:
76:d0:0b:d7:20:4d:f7:66:7a:27:97:a7:1c:17:6f:1c:98:64:
ea:80:27:01:67:7e:e1:3c:21:01:49:dc:9d:62:fa:4c:3c:e4:
32:69:c3:90:6b:d3:c0:7f:2d:e7:9d:5e:f4:81:a4:fa:4e:32:
0b:3d:ea:ee:83:1e:0f:bb:0e:f3:54:3c:05:13:d2:cb:11:e1:
53:e4:cd:6d:6f:cf:fd:6b:d2:a6:5f:e2:40:bd:e3:06:c0:dd:
1d:a5:3d:1c:b2:cd:ab:81:d8:a1:8d:b8:f3:e4:12:55:1c:67:
98:4d:b0:d0:f2:fe:9a:82:d6:ce:87:b0:9f:66:9a:51:93:24:
f4:a6:78:8a
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZBf+gSLhz8LypsNe/y5KuvZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNjI4MTc1MjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWNjOTc0MDMyYjI4NGNlNzU4MWEzZmY1MjNlMTZjZGQ0MGU0ZTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWauOrhFdioVi8TYfKGiTWkw7nER
K6Kdyul+Q/p+IsWQ91ZtvhrNkX4fLMryZMDVS/tG8r2SEzlMJwscpG4evxbTGzY6
/bfj5H2yHNHvM+nr+gakQJlEpy/xWo/7mI4ymw9mXpPsOw66iES3ihmZr13zzBdV
Xj9BmnpZ7JocniEjBpNMRF8JCBWbgMNaDcY9diIObm+eUTEvRS98n1QBs/o6upgH
v7OV3FlNrQV1FmVlk8p4pLiVv2naViWf8/6ct/k5IZEHA1SPiBtuQ9w74x3n0R7t
PV+rBvYu0uCuPcbGoz0ReCB6XHvqQKLG/vlB6Hpww3JxYcx1mLpo8QAvyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFInMl0AysoTOdYGj/1I+Fs3UDk4eMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaWN5WFFES3loTTUxZ2FQX1VqNFd6ZFFPVGg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALULkAwQA
jWIFAwQAstfuAwQCwZUcAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQCq
YPT5+XRPGgPO+KlVV0B/0C/YsfP9qekYMhn8j6TQ05mLk9waFgiMwA2wOJAQC49N
2HTjQbzsCdJVEbyBnFBovC2yezkxkzXf/zl0c152zRPm7cDr0IwuvbDc04lZfAYR
yNKHX4Rnj7e/FT0pTQCR38Kf5kCJch1+xyQR2D120AvXIE33Znonl6ccF28cmGTq
gCcBZ37hPCEBSdydYvpMPOQyacOQa9PAfy3nnV70gaT6TjILPerugx4Puw7zVDwF
E9LLEeFT5M1tb8/9a9KmX+JAveMGwN0dpT0css2rgdihjbjz5BJVHGeYTbDQ8v6a
gtbOh7CfZppRkyT0pniK
-----END CERTIFICATE-----
Generated at Thu Jul 4 15:56:53 2024 by rpki-client on console-ams.rpki-client.org