Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGh5lgt070xKAOFZsJ9bIpd2JEs.roa
File: lGh5lgt070xKAOFZsJ9bIpd2JEs.roa (raw, json)
Hash identifier: +SLw/iwB81oyFqdpwx6iGGZVzkja2s7Ay/dU5Z2lIhM=
Subject key identifier: 94:68:79:96:0B:74:EF:4C:4A:00:E1:59:B0:9F:5B:22:97:76:24:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CFB47447953B5F69156FD63DC780D2AED
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGh5lgt070xKAOFZsJ9bIpd2JEs.roa
Signing time: Fri 12 Jan 2024 01:26:40 +0000
ROA not before: Fri 12 Jan 2024 01:26:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199865
IP address blocks: 93.123.16.0/24 maxlen: 24
93.123.22.0/24 maxlen: 24
45.144.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 20 Jan 2024 11:54:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:fb:47:44:79:53:b5:f6:91:56:fd:63:dc:78:0d:2a:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 12 01:26:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=946879960b74ef4c4a00e159b09f5b229776244b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:84:64:9c:b0:9e:cc:57:1a:eb:41:a6:79:
c0:a3:74:98:f9:e1:36:19:7b:46:7b:16:40:f1:b7:
36:fd:d3:77:d7:cb:38:17:76:84:6a:51:67:07:da:
f8:1f:f0:b7:ce:b0:2c:98:b4:75:51:55:0a:9e:cf:
c2:10:82:42:f5:43:0d:1b:d1:a9:c4:9a:2f:e8:83:
c7:30:ce:57:f2:14:51:5e:c6:7b:c9:71:a1:eb:f5:
47:8a:7d:8d:46:e6:93:02:e3:82:bb:47:6a:90:f2:
09:2b:c8:54:1f:30:3a:39:42:ec:c4:ec:60:e0:cc:
27:d4:34:f4:23:a6:cf:72:9e:ef:90:8c:b4:9d:4f:
8e:dc:43:5b:56:96:7a:a6:0f:2e:05:c7:dc:08:95:
0b:98:63:6c:e5:4f:00:86:c4:6d:3d:5a:d7:57:8c:
8f:04:9c:27:eb:84:3b:c9:5e:86:51:66:f1:71:2e:
35:bf:ef:a8:ff:9c:dd:09:8d:be:d4:a5:02:04:0a:
ef:76:dd:74:75:f2:e5:3e:ad:80:f0:fc:2d:5b:f2:
8d:d0:c8:53:ef:35:01:89:67:43:d3:d3:cf:f3:60:
44:5d:fe:bc:e3:10:06:15:06:c2:db:4c:46:9c:4f:
cb:80:08:56:74:7e:9b:21:2c:06:38:71:0f:dc:13:
d1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:68:79:96:0B:74:EF:4C:4A:00:E1:59:B0:9F:5B:22:97:76:24:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lGh5lgt070xKAOFZsJ9bIpd2JEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.155.0/24
93.123.16.0/24
93.123.22.0/24
Signature Algorithm: sha256WithRSAEncryption
65:c7:bf:ca:20:63:b9:4f:87:f4:80:41:f0:c5:cb:eb:6b:7f:
7d:33:d6:49:12:44:3b:60:88:cc:72:19:a2:88:cd:94:99:21:
01:2a:54:69:02:ed:24:e4:c1:bd:c6:84:6f:08:c0:91:38:b9:
6c:3d:a4:8b:c1:59:96:50:e5:92:5d:a9:1d:cf:6f:c3:e6:b6:
2b:4b:0c:b8:87:b0:4d:ee:91:c1:59:28:38:c3:ba:1d:07:48:
de:f7:11:a2:89:42:36:c6:7d:cb:ea:ab:6f:bc:39:cd:47:3c:
d8:f7:10:49:30:c4:a5:0f:6e:8a:ae:a9:7d:99:4b:ef:fc:20:
4e:53:84:5f:5a:fb:d4:b8:6b:3f:85:6e:6e:46:24:7e:28:d7:
9d:04:d3:2c:6e:04:f9:65:c7:93:26:5a:6b:4b:95:97:49:28:
91:53:76:eb:ba:13:ac:5b:2d:06:cc:24:6c:cb:69:7a:81:64:
54:aa:76:5a:fb:e0:2c:f8:18:02:c5:21:8d:3a:f7:8d:8a:c5:
87:c7:78:55:0e:a4:17:3e:8b:cc:a1:9c:c7:3a:2f:fa:b5:b9:
bd:23:d6:75:fe:e7:d7:e4:79:2f:82:5a:be:d5:ef:21:7e:96:
47:c9:91:28:00:80:48:00:9b:96:a4:4d:f6:98:c1:8f:26:c0:
78:4c:8b:6f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYz7R0R5U7X2kVb9Y9x4DSrtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTEyMDEyNjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDY4Nzk5NjBiNzRlZjRjNGEwMGUxNTliMDlmNWIyMjk3NzYyNDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd6EZJywnsxXGutBpnnAo3SY+eE2
GXtGexZA8bc2/dN318s4F3aEalFnB9r4H/C3zrAsmLR1UVUKns/CEIJC9UMNG9Gp
xJov6IPHMM5X8hRRXsZ7yXGh6/VHin2NRuaTAuOCu0dqkPIJK8hUHzA6OULsxOxg
4Mwn1DT0I6bPcp7vkIy0nU+O3ENbVpZ6pg8uBcfcCJULmGNs5U8AhsRtPVrXV4yP
BJwn64Q7yV6GUWbxcS41v++o/5zdCY2+1KUCBArvdt10dfLlPq2A8PwtW/KN0MhT
7zUBiWdD09PP82BEXf684xAGFQbC20xGnE/LgAhWdH6bISwGOHEP3BPROQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJRoeZYLdO9MSgDhWbCfWyKXdiRLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbEdoNWxndDA3MHhLQU9GWnNKOWJJcGQySkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZCbAwQA
XXsQAwQAXXsWMA0GCSqGSIb3DQEBCwUAA4IBAQBlx7/KIGO5T4f0gEHwxcvra399
M9ZJEkQ7YIjMchmiiM2UmSEBKlRpAu0k5MG9xoRvCMCROLlsPaSLwVmWUOWSXakd
z2/D5rYrSwy4h7BN7pHBWSg4w7odB0je9xGiiUI2xn3L6qtvvDnNRzzY9xBJMMSl
D26Krql9mUvv/CBOU4RfWvvUuGs/hW5uRiR+KNedBNMsbgT5ZceTJlprS5WXSSiR
U3bruhOsWy0GzCRsy2l6gWRUqnZa++As+BgCxSGNOveNisWHx3hVDqQXPovMoZzH
Oi/6tbm9I9Z1/ufX5Hkvglq+1e8hfpZHyZEoAIBIAJuWpE32mMGPJsB4TItv
-----END CERTIFICATE-----
Generated at Sat Jan 20 15:30:02 2024 by rpki-client on console-ams.rpki-client.org