Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lDnN5pbWd6PDGxwJuZg6BbiKc44.roa
File: lDnN5pbWd6PDGxwJuZg6BbiKc44.roa (raw, json)
Hash identifier: 2J2iMMOlVEXwR7oAUSyiJAk6GuH5T0ra0p5/gmyn/S8=
Subject key identifier: 94:39:CD:E6:96:D6:77:A3:C3:1B:1C:09:B9:98:3A:05:B8:8A:73:8E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019251D52C2E8235FA9E93C7F89EB6004E97
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lDnN5pbWd6PDGxwJuZg6BbiKc44.roa
Signing time: Thu 03 Oct 2024 10:02:57 +0000
ROA not before: Thu 03 Oct 2024 10:02:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 37.139.130.0/24 maxlen: 24
45.149.243.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
85.217.144.0/23 maxlen: 24
147.78.102.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
185.225.74.0/23 maxlen: 24
193.35.18.0/24 maxlen: 24
193.149.28.0/22 maxlen: 24
212.115.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 10 Nov 2024 19:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:51:d5:2c:2e:82:35:fa:9e:93:c7:f8:9e:b6:00:4e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 3 10:02:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9439cde696d677a3c31b1c09b9983a05b88a738e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:64:97:34:4b:59:ee:5d:fc:49:4b:b6:98:74:
db:ed:9e:9a:b1:96:4d:73:eb:7f:f2:e9:7b:f9:0b:
a0:c1:9d:0b:06:be:b1:54:fc:e9:25:58:4a:92:cc:
f8:0b:fe:9e:61:71:24:ff:f8:df:04:ea:55:ce:cb:
34:6f:0f:12:4b:55:aa:16:2d:0e:7a:6a:9b:17:f4:
6f:79:d2:0a:f7:73:f7:d6:ab:06:18:b5:88:1f:87:
15:23:6e:26:db:9c:e2:07:ee:cb:83:7c:44:80:03:
6c:16:5b:67:1b:98:4e:f8:f2:e5:cd:d5:61:e5:cb:
9f:61:5e:b7:b2:b0:43:68:4e:5a:1f:d0:80:6c:84:
52:74:2d:96:5f:37:34:e6:96:cc:0c:fc:4d:83:6a:
ce:ab:89:8f:9c:3b:48:0f:32:15:3f:16:a2:bf:9b:
95:57:6c:d7:3c:1d:14:9b:77:bf:70:a8:ce:a6:40:
f7:8a:51:9d:6e:82:88:49:17:2b:c9:58:cb:ef:65:
47:a0:2b:4e:3d:b5:91:b1:4e:f1:bd:ad:be:65:a4:
19:be:8f:53:3c:74:e4:0e:83:33:ec:47:86:96:b2:
df:04:8b:63:dc:6f:f3:5e:05:cd:ed:01:19:f4:b8:
27:3c:ff:41:c3:bc:6b:09:2e:a1:c7:8b:61:25:eb:
d3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:39:CD:E6:96:D6:77:A3:C3:1B:1C:09:B9:98:3A:05:B8:8A:73:8E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lDnN5pbWd6PDGxwJuZg6BbiKc44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.149.243.0/24
79.110.61.0/24
83.219.98.0/24
85.217.144.0/23
147.78.102.0/24
178.215.227.0/24
185.225.74.0/23
193.35.18.0/24
193.149.28.0/22
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c0:4d:31:cc:d5:39:ed:07:97:ca:2e:88:8b:ff:75:6c:f7:
1a:cc:94:a0:b2:57:19:69:c4:03:43:72:9c:25:0a:5c:e2:e0:
22:87:48:57:c3:cf:fc:b0:e5:7f:90:d1:1d:ee:3c:22:8d:28:
9a:b6:85:2b:5b:cc:05:a6:c1:25:34:c5:26:d7:97:a8:97:d3:
ae:14:ba:f9:75:d5:03:df:fd:17:79:b7:07:42:d5:6d:f7:d4:
1c:4f:92:f7:dd:2b:fb:74:f9:95:5d:37:04:a1:2a:1a:82:e9:
0d:d0:9c:81:a5:02:14:d4:51:2f:1e:de:8c:b8:5d:fb:df:48:
62:98:46:19:12:a4:74:e7:5a:d8:90:07:42:0c:2a:6c:15:58:
c7:00:d4:b0:cd:12:1d:55:8f:e0:16:9e:a7:b5:e9:75:4d:f1:
d1:3f:bf:57:14:bc:85:e1:ae:c5:bc:b5:22:3d:f2:ac:e6:19:
9b:94:ee:a5:17:78:d5:89:bd:9e:95:4d:e0:52:e5:d2:e5:0f:
81:b0:9f:17:98:2b:1f:d8:a7:6a:6d:71:59:cf:68:5e:83:53:
fb:4d:e4:59:ea:ba:83:ea:5e:04:a2:6e:f5:f2:90:be:d0:81:
74:d5:c4:6c:d0:71:b1:e2:91:11:d6:a4:f3:2b:fa:56:bb:4f:
6f:92:69:ef
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZJR1SwugjX6npPH+J62AE6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDAzMTAwMjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDM5Y2RlNjk2ZDY3N2EzYzMxYjFjMDliOTk4M2EwNWI4OGE3MzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WSXNEtZ7l38SUu2mHTb7Z6asZZN
c+t/8ul7+QugwZ0LBr6xVPzpJVhKksz4C/6eYXEk//jfBOpVzss0bw8SS1WqFi0O
emqbF/RvedIK93P31qsGGLWIH4cVI24m25ziB+7Lg3xEgANsFltnG5hO+PLlzdVh
5cufYV63srBDaE5aH9CAbIRSdC2WXzc05pbMDPxNg2rOq4mPnDtIDzIVPxaiv5uV
V2zXPB0Um3e/cKjOpkD3ilGdboKISRcryVjL72VHoCtOPbWRsU7xva2+ZaQZvo9T
PHTkDoMz7EeGlrLfBItj3G/zXgXN7QEZ9LgnPP9Bw7xrCS6hx4thJevTdwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFJQ5zeaW1nejwxscCbmYOgW4inOOMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbERuTjVwYldkNlBER3h3SnVaZzZCYmlLYzQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAJYuCAwQA
LZXzAwQAT249AwQAU9tiAwQBVdmQAwQAk05mAwQAstfjAwQBueFKAwQAwSMSAwQC
wZUcAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAQwE0xzNU57QeXyi6Ii/91bPca
zJSgslcZacQDQ3KcJQpc4uAih0hXw8/8sOV/kNEd7jwijSiatoUrW8wFpsElNMUm
15eol9OuFLr5ddUD3/0XebcHQtVt99QcT5L33Sv7dPmVXTcEoSoagukN0JyBpQIU
1FEvHt6MuF3730himEYZEqR051rYkAdCDCpsFVjHANSwzRIdVY/gFp6ntel1TfHR
P79XFLyF4a7FvLUiPfKs5hmblO6lF3jVib2elU3gUuXS5Q+BsJ8XmCsf2KdqbXFZ
z2heg1P7TeRZ6rqD6l4Eom718pC+0IF01cRs0HGx4pER1qTzK/pWu09vkmnv
-----END CERTIFICATE-----
Generated at Sun Nov 10 22:35:44 2024 by rpki-client on console-ams.rpki-client.org