Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa
File: k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa (raw, json)
Hash identifier: wzGJ8OjRFZLUZiw3QZFcRzTmy2dUCCuc+nzeAQBEkDQ=
Subject key identifier: 93:5F:81:F3:82:6E:D4:C3:8F:97:78:16:B4:52:FA:2F:F8:8B:24:90
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCCF0AA8A4DBBA14AA91DC525BF2CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
91.92.27.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
93.123.76.0/22 maxlen: 24
141.98.5.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 08:18:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cf:0a:a8:a4:db:ba:14:aa:91:dc:52:5b:f2:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=935f81f3826ed4c38f977816b452fa2ff88b2490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:97:87:45:35:8c:89:79:80:74:53:28:fd:f2:
92:39:88:44:39:37:2c:b1:e2:91:5c:3f:d6:68:51:
c1:97:4c:13:5f:f0:84:53:8e:7f:40:7a:31:05:ff:
3e:f8:35:51:56:86:5f:a0:e1:f3:f5:32:d5:bc:07:
94:52:93:6b:21:66:1c:4c:09:57:a2:45:cb:d2:9c:
19:bf:cc:b6:c5:b5:63:1f:e9:48:2c:d9:00:3d:6b:
9b:5c:85:9b:ab:8c:ab:bb:86:f1:d5:ad:65:6e:9a:
6a:5e:f1:d4:19:b2:55:72:32:51:e8:1a:5d:5e:72:
d3:a6:27:1e:5b:4b:18:c0:ac:12:5d:7d:6b:52:12:
7e:56:57:ff:4b:df:f0:01:20:ad:8d:5f:fe:d8:74:
f7:8e:a3:90:ab:e4:81:b3:f2:47:8f:8e:b7:39:8f:
91:30:cf:38:c0:08:49:21:74:c4:e2:c6:58:1a:7e:
67:4b:16:65:14:05:09:6e:a6:4a:8f:11:9a:18:ac:
4b:f8:4b:76:4d:78:a2:85:7e:ee:60:28:67:6a:26:
37:e6:47:76:39:cb:88:bc:b3:cd:da:af:c3:87:d1:
d0:85:b2:f8:b6:50:26:3b:ff:b0:0b:d5:e6:b6:f2:
cb:04:27:3a:00:8a:12:e3:fb:21:b1:b6:3a:f5:4d:
30:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:5F:81:F3:82:6E:D4:C3:8F:97:78:16:B4:52:FA:2F:F8:8B:24:90
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k1-B84Ju1MOPl3gWtFL6L_iLJJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
45.8.92.0/24
45.139.123.0/24
87.121.38.0/24
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
91.92.16.0/24
91.92.27.0/24
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.76.0/22
93.123.112.0/22
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.178.0/24
94.156.180.0/23
94.156.237.0-94.156.238.255
141.98.5.0/24
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
Signature Algorithm: sha256WithRSAEncryption
28:b1:a1:e2:ec:5d:55:b8:a6:a4:23:3a:4b:ee:aa:db:36:4d:
cf:d5:9c:ec:f8:78:c1:4c:b6:6a:98:f4:bb:68:22:df:9f:7e:
c9:0c:61:20:28:1f:76:f0:e3:d6:71:98:c8:d8:96:0e:b0:32:
44:f9:58:fa:b2:b5:1d:ec:c3:45:19:9e:24:88:b3:f4:e8:c7:
3e:bd:c9:6a:64:1b:6e:01:2f:50:57:8a:0e:a1:6c:37:e5:6d:
49:14:32:e4:4e:46:56:bf:e5:5f:91:00:f9:59:68:5e:a4:b8:
d8:c1:de:f4:cd:15:9d:f4:79:c4:2e:ec:e7:10:28:84:02:a1:
2b:c0:77:cb:ec:ec:ce:c4:03:17:f8:20:2f:46:fd:89:89:d7:
22:ec:d8:5b:31:fc:bd:fb:c7:fa:e6:bf:57:16:8f:31:48:53:
04:3a:4f:d1:c6:e7:0f:0c:46:f2:2e:49:da:f6:fa:3c:3f:f8:
1e:fd:ad:ca:2a:45:2c:d4:48:95:11:00:38:12:14:a0:8e:c9:
92:a9:3a:1d:fb:6e:d1:5d:a7:c4:da:e3:f7:03:f3:5f:56:25:
8a:f0:ea:6d:19:4e:8d:35:f9:f3:72:c3:3a:7a:a7:5a:e0:0a:
e0:b2:84:2f:97:d7:78:fb:0f:98:f7:26:19:04:3d:dc:ae:6a:
41:26:b6:99
-----BEGIN CERTIFICATE-----
MIIFtDCCBJygAwIBAgISAYzI3M8KqKTbuhSqkdxSW/LMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzVmODFmMzgyNmVkNGMzOGY5Nzc4MTZiNDUyZmEyZmY4OGIyNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZeHRTWMiXmAdFMo/fKSOYhEOTcs
seKRXD/WaFHBl0wTX/CEU45/QHoxBf8++DVRVoZfoOHz9TLVvAeUUpNrIWYcTAlX
okXL0pwZv8y2xbVjH+lILNkAPWubXIWbq4yru4bx1a1lbppqXvHUGbJVcjJR6Bpd
XnLTpiceW0sYwKwSXX1rUhJ+Vlf/S9/wASCtjV/+2HT3jqOQq+SBs/JHj463OY+R
MM84wAhJIXTE4sZYGn5nSxZlFAUJbqZKjxGaGKxL+Et2TXiihX7uYChnaiY35kd2
OcuIvLPN2q/Dh9HQhbL4tlAmO/+wC9XmtvLLBCc6AIoS4/shsbY69U0wxwIDAQAB
o4ICwDCCArwwHQYDVR0OBBYEFJNfgfOCbtTDj5d4FrRS+i/4iySQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvazEtQjg0SnUxTU9QbDNnV3RGTDZMX2lMSkpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHVBggrBgEFBQcBBwEB/wSBxTCBwjCBvwQCAAEwgbgDBAIF
/TgDBAAtCFwDBAAti3sDBABXeSYDBAJXeTwwDAMEAFd5ZwMEAFd5aAMEAVd5cgME
AFtcEAMEAFtcGwMEAFtcQwMEAF17GAMEAV17GgMEAl17TAMEAl17cAMEAV6aoAME
AF6arQMEAF6cAgMEAF6cmAMEAV6cmgMEAF6csgMEAV6ctDAMAwQAXpztAwQAXpzu
AwQAjWIFAwQAufyxAwQAwRnbAwQAwS8+AwQAwTp5AwQAwTp7MA0GCSqGSIb3DQEB
CwUAA4IBAQAosaHi7F1VuKakIzpL7qrbNk3P1Zzs+HjBTLZqmPS7aCLfn37JDGEg
KB928OPWcZjI2JYOsDJE+Vj6srUd7MNFGZ4kiLP06Mc+vclqZBtuAS9QV4oOoWw3
5W1JFDLkTkZWv+VfkQD5WWhepLjYwd70zRWd9HnELuznECiEAqErwHfL7OzOxAMX
+CAvRv2Jidci7NhbMfy9+8f65r9XFo8xSFMEOk/RxucPDEbyLkna9vo8P/ge/a3K
KkUs1EiVEQA4EhSgjsmSqTod+27RXafE2uP3A/NfViWK8OptGU6NNfnzcsM6eqda
4ArgsoQvl9d4+w+Y9yYZBD3crmpBJraZ
-----END CERTIFICATE-----
Generated at Thu Jan 11 12:38:56 2024 by rpki-client on console-ams.rpki-client.org