Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lQ2SDXfogCMTlYA0ZwUsZ0X7_1Y.roa
File: lQ2SDXfogCMTlYA0ZwUsZ0X7_1Y.roa (raw, json)
Hash identifier: himJPwBT6V7T+U3TAqi3hKQgXWtcU0RzwfaZ3F7V4t4=
Subject key identifier: 95:0D:92:0D:77:E8:80:23:13:95:80:34:67:05:2C:67:45:FB:FF:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD0EA8808AF4260616223DCEA40C8F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lQ2SDXfogCMTlYA0ZwUsZ0X7_1Y.roa
Signing time: Tue 02 Jan 2024 06:29:39 +0000
ROA not before: Tue 02 Jan 2024 06:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 95.214.27.0/24 maxlen: 24
87.120.68.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
45.149.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jan 2024 14:24:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:0e:a8:80:8a:f4:26:06:16:22:3d:ce:a4:0c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=950d920d77e880231395803467052c6745fbff56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:78:fc:27:de:30:4f:13:c4:2a:4d:fc:d7:
22:c1:9d:af:cb:28:23:13:ff:d7:b8:fa:ea:06:fa:
d0:04:c2:fa:09:d7:bd:92:44:d6:18:95:73:ab:5a:
fe:37:0f:3c:38:92:1a:6d:f7:1c:0b:d8:81:4c:da:
78:5f:89:c0:f6:59:27:8f:3a:de:66:41:db:27:7c:
c6:cc:74:ab:83:5f:cd:46:50:0d:07:81:18:46:1e:
13:09:83:a5:c7:3d:18:c5:92:ce:cc:ed:e5:eb:9c:
80:f6:cf:de:1c:71:a8:2c:ea:d4:62:96:69:c4:ee:
00:74:76:06:2e:3f:a9:81:ed:d8:a6:3e:4e:25:19:
41:b0:b5:b2:8c:95:21:48:c2:cb:57:6c:e4:25:5c:
39:86:8e:b6:d2:46:03:8d:60:ca:08:26:30:52:f6:
ef:e7:e4:79:1a:c7:ac:c4:d6:d7:9e:5e:fa:b5:90:
2e:74:a3:80:70:79:df:3e:70:91:70:89:98:e2:31:
c0:e8:70:8d:76:4f:bc:39:3b:7e:b0:8b:7b:78:d0:
2f:fc:c9:96:a5:00:a0:33:a9:08:e0:4a:44:5a:c8:
f6:84:3a:85:ed:da:c7:02:8e:54:ce:cc:ae:c5:a8:
45:7d:b3:18:16:c5:75:82:b0:ba:b3:e0:d6:21:7f:
e0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:0D:92:0D:77:E8:80:23:13:95:80:34:67:05:2C:67:45:FB:FF:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lQ2SDXfogCMTlYA0ZwUsZ0X7_1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
94.156.14.0/24
95.214.27.0/24
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:06:9d:7a:67:19:84:90:fe:2e:9a:7d:05:8f:a7:5f:af:f2:
1f:63:d1:b0:44:15:9c:5d:85:27:4d:d1:e9:9e:a3:8f:c9:36:
5c:d0:ac:ac:9e:58:39:d7:1b:f0:95:51:91:25:c7:c1:6f:7f:
97:18:6c:8f:ab:65:1e:7a:4c:c5:63:0d:39:1f:ab:57:b0:0b:
a2:f5:df:85:97:2f:17:4c:c1:da:44:04:92:19:fe:a7:75:45:
f3:a2:32:02:6d:9b:6e:00:2d:92:dc:58:6d:a5:20:b1:6b:1b:
9a:39:58:6e:8d:80:30:ac:c6:6b:b7:f6:92:c2:c0:2d:9c:78:
ff:fe:f4:bb:e3:b0:29:65:e0:83:46:63:4d:16:90:f7:69:77:
83:54:f2:7c:9b:c3:5b:50:03:d0:39:08:97:bc:be:35:d8:a7:
64:85:a7:84:bd:9f:70:d7:f8:41:c2:b3:ff:eb:12:c2:02:7f:
6c:c6:6b:9c:78:fb:0b:b7:e8:89:fe:a3:23:36:20:24:a2:1b:
1d:e4:93:c7:71:bd:fa:ca:41:ea:d5:30:ac:8b:ec:16:12:81:
ad:7c:48:bd:08:28:1e:03:46:31:58:de:9a:d6:a6:ef:bc:2a:
50:56:94:66:11:45:d3:b9:5a:f5:f0:26:55:3c:dc:93:5e:ed:
b6:72:34:0e
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3Q6ogIr0JgYWIj3OpAyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTBkOTIwZDc3ZTg4MDIzMTM5NTgwMzQ2NzA1MmM2NzQ1ZmJmZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6J4/CfeME8TxCpN/NciwZ2vyygj
E//XuPrqBvrQBML6Cde9kkTWGJVzq1r+Nw88OJIabfccC9iBTNp4X4nA9lknjzre
ZkHbJ3zGzHSrg1/NRlANB4EYRh4TCYOlxz0YxZLOzO3l65yA9s/eHHGoLOrUYpZp
xO4AdHYGLj+pge3Ypj5OJRlBsLWyjJUhSMLLV2zkJVw5ho620kYDjWDKCCYwUvbv
5+R5GsesxNbXnl76tZAudKOAcHnfPnCRcImY4jHA6HCNdk+8OTt+sIt7eNAv/MmW
pQCgM6kI4EpEWsj2hDqF7drHAo5UzsyuxahFfbMYFsV1grC6s+DWIX/gywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJUNkg136IAjE5WANGcFLGdF+/9WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbFEyU0RYZm9nQ01UbFlBMFp3VXNaMFg3XzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZXwAwQA
V3hEAwQAXpwOAwQAX9YbAwQAudqIMA0GCSqGSIb3DQEBCwUAA4IBAQCPBp16ZxmE
kP4umn0Fj6dfr/IfY9GwRBWcXYUnTdHpnqOPyTZc0Kysnlg51xvwlVGRJcfBb3+X
GGyPq2UeekzFYw05H6tXsAui9d+Fly8XTMHaRASSGf6ndUXzojICbZtuAC2S3Fht
pSCxaxuaOVhujYAwrMZrt/aSwsAtnHj//vS747ApZeCDRmNNFpD3aXeDVPJ8m8Nb
UAPQOQiXvL412KdkhaeEvZ9w1/hBwrP/6xLCAn9sxmucePsLt+iJ/qMjNiAkohsd
5JPHcb36ykHq1TCsi+wWEoGtfEi9CCgeA0YxWN6a1qbvvCpQVpRmEUXTuVr18CZV
PNyTXu22cjQO
-----END CERTIFICATE-----
Generated at Fri Jan 12 19:10:38 2024 by rpki-client on console-ams.rpki-client.org