Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/j3XepwpylboCL_viqpHt7Fy8E6o.roa
File: j3XepwpylboCL_viqpHt7Fy8E6o.roa (raw, json)
Hash identifier: I9oeZN31j0hAgzNmQi1A/GAb6XfSE8cuvTrM6TVJLLg=
Subject key identifier: 8F:75:DE:A7:0A:72:95:BA:02:2F:FB:E2:AA:91:ED:EC:5C:BC:13:AA
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCCD09D81403B9D4DC944B7089C49D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/j3XepwpylboCL_viqpHt7Fy8E6o.roa
Signing time: Tue 02 Jan 2024 06:29:22 +0000
ROA not before: Tue 02 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 45.66.229.0/24 maxlen: 24
87.121.100.0/24 maxlen: 24
87.121.101.0/24 maxlen: 24
194.59.30.0/24 maxlen: 24
88.218.76.0/22 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.64.0/23 maxlen: 24
87.120.89.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
87.121.57.0/24 maxlen: 24
87.121.56.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
87.120.220.0/23 maxlen: 24
94.156.78.0/24 maxlen: 24
87.120.35.0/24 maxlen: 24
87.120.34.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 Feb 2024 16:19:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cd:09:d8:14:03:b9:d4:dc:94:4b:70:89:c4:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8f75dea70a7295ba022ffbe2aa91edec5cbc13aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:14:7e:b5:e6:b6:ea:60:be:85:d8:5c:9e:
9f:bc:e6:e8:67:f8:1e:a0:07:c5:78:53:53:3e:ef:
5f:ca:6e:aa:55:32:d7:45:30:cb:cc:4d:23:a5:18:
b7:81:53:96:b6:f9:a4:26:ef:4b:6e:16:83:ef:03:
70:e3:aa:dc:82:02:54:96:61:06:87:66:e8:d1:b5:
0a:05:22:fb:cd:46:40:63:18:43:e8:19:9b:34:b8:
7b:80:d7:a0:1a:fb:41:33:b3:8b:26:0c:2f:8b:4e:
be:33:5a:8d:92:c3:8f:35:f2:ef:45:63:63:a6:be:
da:1b:4e:7e:63:56:55:b1:d3:7f:3e:a4:e5:5e:c4:
64:c7:e3:16:81:3d:5b:1c:9c:47:70:4d:09:6c:9e:
2d:0a:9b:30:00:11:4f:a0:bf:c8:b4:ac:ce:9d:38:
c8:7d:8d:18:2f:1e:67:cc:b3:85:36:38:a3:5d:d6:
f7:01:20:cc:66:77:71:a2:a7:71:fa:36:5b:89:97:
b0:9a:34:4e:10:4a:c8:1e:49:3d:15:62:60:1b:13:
0c:78:9e:c9:f4:a9:cf:1b:72:ad:76:dc:58:4d:c4:
d4:68:8d:9e:39:ca:04:0b:3f:ce:75:cf:b1:6a:d6:
d0:09:72:e5:1f:a5:e0:d5:81:1c:0d:32:59:9b:d2:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:75:DE:A7:0A:72:95:BA:02:2F:FB:E2:AA:91:ED:EC:5C:BC:13:AA
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/j3XepwpylboCL_viqpHt7Fy8E6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.229.0/24
84.21.173.0/24
87.120.32.0/24
87.120.34.0/23
87.120.64.0/23
87.120.89.0/24
87.120.220.0/23
87.121.56.0/23
87.121.100.0/23
88.218.76.0/22
94.103.126.0/24
94.156.78.0/24
194.59.30.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:5e:67:d5:73:3d:56:66:0d:4c:1a:ea:86:9c:ab:a1:e7:61:
eb:f8:60:18:2c:bc:2e:e9:b5:14:a3:13:28:57:9b:e9:92:eb:
1a:43:67:34:b3:41:0a:f2:0e:eb:8c:6d:52:18:af:ae:e6:50:
1a:16:43:f8:21:52:4d:09:ed:b8:3b:11:1f:c2:3f:60:0e:7b:
4e:16:a3:38:88:a1:02:c8:5d:bc:34:a6:89:50:4a:dd:89:42:
90:1e:27:25:cd:5c:7a:af:cb:e2:64:2d:df:2c:2c:96:cd:c7:
05:c3:73:53:d2:bd:60:e8:e2:5e:52:5d:c0:15:5d:da:50:51:
1c:25:27:a7:a5:b9:15:21:97:45:5b:4a:f1:d0:06:8a:b8:9e:
74:5c:c8:3a:46:20:8d:ac:45:69:77:59:00:0f:e1:d4:e7:28:
5f:59:2e:51:ba:49:11:06:5c:91:d9:76:6c:45:04:6c:74:1c:
c1:5f:e1:f0:6e:67:5d:0f:72:3f:9d:73:2b:38:44:cd:14:69:
98:98:78:64:01:b7:dc:0d:3e:b5:ff:42:00:ee:e8:07:24:ba:
2f:9e:96:d5:1d:20:f2:ab:44:43:03:12:2e:1f:2a:ba:bd:28:
0d:0c:f6:ae:0c:ce:4a:2b:2d:67:d9:19:0c:3e:60:05:06:a5:
79:13:88:f5
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYzI3M0J2BQDudTclEtwicSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Zjc1ZGVhNzBhNzI5NWJhMDIyZmZiZTJhYTkxZWRlYzVjYmMxM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAymEUfrXmtupgvoXYXJ6fvOboZ/ge
oAfFeFNTPu9fym6qVTLXRTDLzE0jpRi3gVOWtvmkJu9LbhaD7wNw46rcggJUlmEG
h2bo0bUKBSL7zUZAYxhD6BmbNLh7gNegGvtBM7OLJgwvi06+M1qNksOPNfLvRWNj
pr7aG05+Y1ZVsdN/PqTlXsRkx+MWgT1bHJxHcE0JbJ4tCpswABFPoL/ItKzOnTjI
fY0YLx5nzLOFNjijXdb3ASDMZndxoqdx+jZbiZewmjROEErIHkk9FWJgGxMMeJ7J
9KnPG3KtdtxYTcTUaI2eOcoECz/Odc+xatbQCXLlH6Xg1YEcDTJZm9KqxwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFI913qcKcpW6Ai/74qqR7excvBOqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvajNYZXB3cHlsYm9DTF92aXFwSHQ3Rnk4RTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALULlAwQA
VBWtAwQAV3ggAwQBV3giAwQBV3hAAwQAV3hZAwQBV3jcAwQBV3k4AwQBV3lkAwQC
WNpMAwQAXmd+AwQAXpxOAwQAwjseAwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IBAQB/
XmfVcz1WZg1MGuqGnKuh52Hr+GAYLLwu6bUUoxMoV5vpkusaQ2c0s0EK8g7rjG1S
GK+u5lAaFkP4IVJNCe24OxEfwj9gDntOFqM4iKECyF28NKaJUErdiUKQHiclzVx6
r8viZC3fLCyWzccFw3NT0r1g6OJeUl3AFV3aUFEcJSenpbkVIZdFW0rx0AaKuJ50
XMg6RiCNrEVpd1kAD+HU5yhfWS5RukkRBlyR2XZsRQRsdBzBX+HwbmddD3I/nXMr
OETNFGmYmHhkAbfcDT61/0IA7ugHJLovnpbVHSDyq0RDAxIuHyq6vSgNDPauDM5K
Ky1n2RkMPmAFBqV5E4j1
-----END CERTIFICATE-----
Generated at Wed Feb 21 19:06:50 2024 by rpki-client on console-ams.rpki-client.org