Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ieSUwowKMz_MovwR88wg71HDFo4.roa
File: ieSUwowKMz_MovwR88wg71HDFo4.roa (raw, json)
Hash identifier: bB8XhsgaH+rIgoxE/yEiedT4bL3cDqvrBwv2o2Cqy8M=
Subject key identifier: 89:E4:94:C2:8C:0A:33:3F:CC:A2:FC:11:F3:CC:20:EF:51:C3:16:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01882EFC1D0F4069C981148FF14A7A102262
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ieSUwowKMz_MovwR88wg71HDFo4.roa
Signing time: Thu 18 May 2023 13:10:54 +0000
ROA not before: Thu 18 May 2023 13:10:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1
IP address blocks: 81.161.231.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 May 2023 02:12:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:2e:fc:1d:0f:40:69:c9:81:14:8f:f1:4a:7a:10:22:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 18 13:10:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89e494c28c0a333fcca2fc11f3cc20ef51c3168e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:3a:56:cd:e3:1b:83:c7:b8:5c:cb:c0:83:
0e:00:a4:92:6e:c3:09:ff:fc:c9:bf:d0:dd:c5:9c:
8b:80:00:a9:6a:73:e8:6e:cc:44:13:32:0e:0b:c5:
06:49:7f:15:85:9b:db:6e:93:f0:5f:db:73:0d:a0:
75:df:31:ba:b7:f1:14:93:0a:07:f7:1d:6c:81:4d:
9a:c7:47:d3:6d:f8:a8:b9:19:c8:a6:0d:1e:cc:80:
b9:9b:ef:9e:d6:84:2e:19:36:b1:9c:0c:4b:c0:8f:
e7:d0:e5:6d:6e:c6:f5:76:b5:e2:29:4f:fb:76:a8:
9f:54:40:a3:32:ca:6f:c6:16:cd:c7:59:3a:c6:8b:
2b:f8:ec:5f:f5:60:46:a0:7a:76:1b:3f:09:f6:6b:
dc:7e:70:2a:53:7f:39:cf:75:57:ab:7f:4b:cd:b6:
22:e3:9c:38:bd:90:e5:36:86:5d:4a:1d:bf:d9:5f:
a7:38:4c:ba:16:16:61:14:25:e2:f1:75:c1:f5:79:
9e:70:be:0d:69:ff:4d:5c:47:f8:23:a5:16:3d:88:
cd:fb:72:fb:f1:11:d6:81:9e:34:20:ab:ea:73:1b:
dd:2b:7e:f2:d4:20:20:de:73:45:a6:6c:15:c0:89:
ed:79:49:ee:68:51:35:18:1c:8f:18:64:b9:e4:a8:
73:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E4:94:C2:8C:0A:33:3F:CC:A2:FC:11:F3:CC:20:EF:51:C3:16:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ieSUwowKMz_MovwR88wg71HDFo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.231.0/24
164.40.185.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
90:cc:2c:ca:03:e7:7f:77:70:12:39:d8:26:26:f3:f9:bf:89:
54:86:84:5d:20:f8:11:eb:36:e9:c9:98:f4:fe:a0:61:06:12:
f3:9a:6c:3a:d7:cd:3d:36:4c:8e:63:85:27:bf:d6:0f:d9:26:
ea:6e:e9:fe:70:1c:4a:33:38:0b:5b:d2:90:69:d9:32:7f:00:
8b:9b:21:b6:94:50:78:37:42:6c:58:52:fa:90:4b:69:1d:8a:
04:d6:9b:60:64:db:a3:ac:a3:ca:ad:eb:7e:eb:6e:6e:fc:f5:
a6:ae:9e:20:2d:cc:88:d7:03:00:4f:2e:4d:f8:fa:f0:7d:6d:
ef:69:90:06:4c:36:19:50:ad:73:6c:34:59:95:b7:c7:9e:10:
ee:7c:4b:8a:b3:21:dc:8c:a0:ef:e1:f8:be:9f:77:59:cd:01:
b0:a5:7c:97:38:16:f6:98:d8:dd:37:29:82:b2:2f:00:56:ff:
ed:7b:fd:83:47:c7:c5:02:07:ea:95:c3:df:8f:47:6b:de:48:
4e:6a:51:bf:ca:f3:4a:d1:a7:48:af:6d:54:7d:2c:ce:67:59:
e2:18:65:a2:36:f2:09:27:1d:d4:ca:71:7f:16:c7:14:ee:9a:
90:9d:5a:43:b3:04:f7:fc:c6:c7:64:48:e1:e7:59:0c:0a:7a:
3f:b5:0a:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYgu/B0PQGnJgRSP8Up6ECJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE4MTMxMDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWU0OTRjMjhjMGEzMzNmY2NhMmZjMTFmM2NjMjBlZjUxYzMxNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZs6Vs3jG4PHuFzLwIMOAKSSbsMJ
//zJv9DdxZyLgACpanPobsxEEzIOC8UGSX8VhZvbbpPwX9tzDaB13zG6t/EUkwoH
9x1sgU2ax0fTbfiouRnIpg0ezIC5m++e1oQuGTaxnAxLwI/n0OVtbsb1drXiKU/7
dqifVECjMspvxhbNx1k6xosr+Oxf9WBGoHp2Gz8J9mvcfnAqU385z3VXq39LzbYi
45w4vZDlNoZdSh2/2V+nOEy6FhZhFCXi8XXB9XmecL4Naf9NXEf4I6UWPYjN+3L7
8RHWgZ40IKvqcxvdK37y1CAg3nNFpmwVwInteUnuaFE1GByPGGS55KhzpQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFInklMKMCjM/zKL8EfPMIO9RwxaOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaWVTVXdvd0tNel9Nb3Z3Ujg4d2c3MUhERm80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUaHnAwQA
pCi5AwQAud1AMA0GCSqGSIb3DQEBCwUAA4IBAQCQzCzKA+d/d3ASOdgmJvP5v4lU
hoRdIPgR6zbpyZj0/qBhBhLzmmw61809NkyOY4Unv9YP2Sbqbun+cBxKMzgLW9KQ
adkyfwCLmyG2lFB4N0JsWFL6kEtpHYoE1ptgZNujrKPKret+625u/PWmrp4gLcyI
1wMATy5N+PrwfW3vaZAGTDYZUK1zbDRZlbfHnhDufEuKsyHcjKDv4fi+n3dZzQGw
pXyXOBb2mNjdNymCsi8AVv/te/2DR8fFAgfqlcPfj0dr3khOalG/yvNK0adIr21U
fSzOZ1niGGWiNvIJJx3UynF/FscU7pqQnVpDswT3/MbHZEjh51kMCno/tQoP
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:41 2024 by rpki-client on console-ams.rpki-client.org