Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU9j-pRq2jEhv-4iHT7nuWUUdv4.roa
File: lU9j-pRq2jEhv-4iHT7nuWUUdv4.roa (raw, json)
Hash identifier: yBBaUgpgLcmpsLUxpYxHJUuGxUsbCbIire1ahxyjYvs=
Subject key identifier: 95:4F:63:FA:94:6A:DA:31:21:BF:EE:22:1D:3E:E7:B9:65:14:76:FE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193E3C32EB383C9EF17E3B0B1C77A9FC626
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU9j-pRq2jEhv-4iHT7nuWUUdv4.roa
Signing time: Fri 20 Dec 2024 11:10:39 +0000
ROA not before: Fri 20 Dec 2024 11:10:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56971
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
109.206.236.0/24 maxlen: 24
194.113.37.0/24 maxlen: 24
212.87.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 31 Dec 2024 02:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e3:c3:2e:b3:83:c9:ef:17:e3:b0:b1:c7:7a:9f:c6:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 11:10:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=954f63fa946ada3121bfee221d3ee7b9651476fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7c:75:16:02:78:90:90:8e:65:47:72:28:25:
d8:66:4b:04:85:95:1e:ed:60:fa:9a:c4:0f:66:37:
1f:05:31:cf:e7:6a:62:c2:13:7a:ee:a9:32:76:3e:
01:70:80:87:b4:90:9c:ae:1f:03:a7:7f:59:9d:b0:
41:d3:20:8b:14:e8:2f:33:f3:25:76:84:b2:a3:c1:
22:82:97:fd:97:65:7a:bb:ca:07:fa:d7:00:fe:4f:
d5:55:d6:e5:2e:b8:79:74:61:9b:6b:46:b1:bf:19:
15:51:69:2f:15:b0:93:ff:8f:ba:35:2b:56:9d:6b:
f0:96:c8:f1:2b:47:c7:df:d9:63:9c:44:d6:02:10:
73:9a:d2:dc:f9:15:2e:8e:55:36:d9:19:d7:24:a4:
b4:ce:5e:76:b6:3c:12:3a:df:ba:63:bb:36:ae:ef:
93:ab:10:ee:98:19:c9:d2:e7:49:12:89:4f:c6:9d:
3e:a4:7c:54:90:d4:15:ba:b4:19:32:e3:fd:88:ae:
06:c9:2c:e0:06:c9:43:c5:08:54:e5:a2:50:49:2c:
df:05:b7:ce:f4:b8:65:2d:53:71:ec:3a:fc:ec:c3:
55:c2:17:50:3f:26:e4:13:67:1f:c3:c2:33:ab:19:
f8:54:8f:00:c6:35:09:a7:54:ce:55:a4:d3:b7:c2:
bd:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4F:63:FA:94:6A:DA:31:21:BF:EE:22:1D:3E:E7:B9:65:14:76:FE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lU9j-pRq2jEhv-4iHT7nuWUUdv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
109.206.236.0/24
194.113.37.0/24
212.87.223.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:8e:0b:0e:ec:c3:e9:a7:62:11:92:34:f1:ec:a9:ab:56:1d:
b0:33:c3:75:24:75:ac:86:99:da:fb:41:d7:2f:f2:08:80:3a:
84:de:09:2e:45:fe:5c:be:1e:f5:ce:d6:af:89:e4:3b:bd:42:
71:4d:90:10:e4:8d:d9:78:2e:83:96:ef:73:66:7e:27:17:75:
8e:ab:13:81:ec:34:88:95:13:ff:1f:a6:22:f1:0a:f4:91:f4:
08:2d:df:ac:87:c0:76:5c:d3:22:e8:b2:7b:24:66:7d:8e:46:
fb:a0:a0:5b:9a:b0:19:76:25:df:55:74:e7:eb:e3:c2:29:b9:
fa:f2:f7:52:98:b1:02:97:d4:60:9d:cd:9b:9e:c5:94:21:d2:
ad:38:e0:e0:67:5c:72:f1:fe:ec:72:14:1f:3c:00:28:3b:57:
b3:01:8d:98:6f:6c:55:77:83:be:32:04:1e:62:7d:6f:ad:79:
10:d2:a9:79:19:72:89:dd:17:76:ac:94:c8:6c:d3:e7:8d:17:
19:28:78:4f:c8:0d:69:e8:71:21:40:dd:e2:18:85:8e:6f:4c:
03:17:f3:71:c2:de:ea:17:06:99:de:5b:0a:47:b2:c1:0c:eb:
8e:c7:8d:31:d6:f8:34:be:c4:ef:10:aa:ab:e4:78:6c:77:7f:
5b:96:40:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZPjwy6zg8nvF+Owscd6n8YmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjIwMTExMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRmNjNmYTk0NmFkYTMxMjFiZmVlMjIxZDNlZTdiOTY1MTQ3NmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Xx1FgJ4kJCOZUdyKCXYZksEhZUe
7WD6msQPZjcfBTHP52piwhN67qkydj4BcICHtJCcrh8Dp39ZnbBB0yCLFOgvM/Ml
doSyo8Eigpf9l2V6u8oH+tcA/k/VVdblLrh5dGGba0axvxkVUWkvFbCT/4+6NStW
nWvwlsjxK0fH39ljnETWAhBzmtLc+RUujlU22RnXJKS0zl52tjwSOt+6Y7s2ru+T
qxDumBnJ0udJEolPxp0+pHxUkNQVurQZMuP9iK4GySzgBslDxQhU5aJQSSzfBbfO
9LhlLVNx7Dr87MNVwhdQPybkE2cfw8Izqxn4VI8AxjUJp1TOVaTTt8K9uQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJVPY/qUatoxIb/uIh0+57llFHb+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbFU5ai1wUnEyakVodi00aUhUN251V1VVZHY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVRYAwQA
LVn0AwQALVvBAwQAbc7sAwQAwnElAwQA1FffMA0GCSqGSIb3DQEBCwUAA4IBAQCe
jgsO7MPpp2IRkjTx7KmrVh2wM8N1JHWshpna+0HXL/IIgDqE3gkuRf5cvh71ztav
ieQ7vUJxTZAQ5I3ZeC6Dlu9zZn4nF3WOqxOB7DSIlRP/H6Yi8Qr0kfQILd+sh8B2
XNMi6LJ7JGZ9jkb7oKBbmrAZdiXfVXTn6+PCKbn68vdSmLECl9Rgnc2bnsWUIdKt
OODgZ1xy8f7schQfPAAoO1ezAY2Yb2xVd4O+MgQeYn1vrXkQ0ql5GXKJ3Rd2rJTI
bNPnjRcZKHhPyA1p6HEhQN3iGIWOb0wDF/Nxwt7qFwaZ3lsKR7LBDOuOx40x1vg0
vsTvEKqr5Hhsd39blkDU
-----END CERTIFICATE-----
Generated at Wed Apr 16 19:36:06 2025 by rpki-client