Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgjG8GcUf2s_CoV2w358XTlsQoY.roa
File: lgjG8GcUf2s_CoV2w358XTlsQoY.roa (raw, json)
Hash identifier: n5/cmvdf7H9Eq3CFVN4sla9CUZiFcSFB5fElgAwN0KU=
Subject key identifier: 96:08:C6:F0:67:14:7F:6B:3F:0A:85:76:C3:7E:7C:5D:39:6C:42:86
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01926983A94522BA381A1713C653F2CCC21A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgjG8GcUf2s_CoV2w358XTlsQoY.roa
Signing time: Tue 08 Oct 2024 00:24:49 +0000
ROA not before: Tue 08 Oct 2024 00:24:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.12.253.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
94.156.253.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Oct 2024 10:03:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:69:83:a9:45:22:ba:38:1a:17:13:c6:53:f2:cc:c2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 8 00:24:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9608c6f067147f6b3f0a8576c37e7c5d396c4286
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:10:12:e0:a4:c8:ea:fc:75:74:0b:0d:73:f7:
bc:63:a1:17:57:e7:06:0a:84:fb:ca:02:ac:0d:3a:
d6:14:99:f4:1a:00:37:24:e2:12:87:06:20:e7:21:
bc:79:79:44:b0:13:21:13:3c:5b:ea:3b:df:eb:75:
57:82:1d:cd:8d:15:9e:f7:61:2f:4e:8d:91:de:de:
f1:62:9b:26:d1:f2:73:64:31:ba:01:e5:bc:02:f4:
20:2b:fb:5a:3e:c2:24:b3:4e:43:e3:d2:46:41:89:
3b:37:ad:0c:bb:b3:fe:1e:88:96:d2:ad:8d:09:5a:
e1:53:9c:d7:52:70:77:89:f2:42:b1:9d:1e:16:a9:
c4:e9:c4:2b:db:08:cf:fb:f1:cf:62:e1:18:6c:38:
9f:1a:fd:bb:f6:4d:22:0d:86:8a:c5:7a:65:d1:35:
fe:ac:8b:09:a6:4c:83:be:d3:f6:4c:fc:52:08:a5:
b3:64:05:70:99:8b:99:da:0f:6b:b1:b7:45:cf:9c:
46:10:7b:75:92:99:42:3e:18:cd:76:71:da:56:20:
69:60:9c:3d:56:e4:45:93:b9:79:91:a7:1f:c8:8b:
1c:af:d9:5c:8c:c8:87:d9:af:4f:1f:a9:fb:59:79:
b5:92:ff:9e:00:80:5c:62:e6:48:53:c2:d8:fc:89:
2a:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:08:C6:F0:67:14:7F:6B:3F:0A:85:76:C3:7E:7C:5D:39:6C:42:86
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lgjG8GcUf2s_CoV2w358XTlsQoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.253.0/24
87.120.68.0/23
93.123.74.0/23
94.156.253.0/24
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
97:01:80:ee:84:0e:f3:da:c9:b5:ee:70:aa:2f:a0:9d:2b:cc:
60:48:2f:8e:b9:10:98:df:63:1b:c4:c6:1a:91:8b:5c:00:5a:
9e:d0:e4:f8:79:83:5a:9a:9c:a0:59:d0:8c:3b:fb:d5:c9:62:
29:be:43:c1:b9:22:3f:53:b7:a2:b8:9f:85:f5:1b:f2:38:30:
43:e6:cf:a9:4e:23:70:0a:33:c9:72:e6:82:c1:d4:a4:bd:59:
35:8b:5e:29:97:74:60:37:3f:75:a3:37:1a:2a:50:65:31:f4:
6e:8b:60:c2:e0:ab:ae:f5:23:99:53:da:92:8b:da:b5:46:82:
f0:b8:68:bf:84:37:85:43:43:dd:ef:82:7a:1b:74:d1:e4:c5:
90:d0:b8:c1:78:28:9d:8f:a0:5a:e8:a4:40:e3:67:c6:61:72:
93:12:b6:86:20:9f:b2:50:c5:52:be:e9:51:3c:96:05:d8:24:
33:bc:9d:9f:bc:60:48:9b:37:e3:73:8a:04:cd:1e:85:9e:2a:
5f:1a:53:50:5e:96:5a:58:d9:3a:8a:5c:1c:5b:c5:47:2a:c1:
78:fe:d1:65:80:cc:74:22:be:c7:57:cd:8b:46:35:d7:05:6e:
2a:64:9a:fd:b7:c9:db:34:f5:f3:34:34:48:70:fb:ba:2b:dc:
33:b6:41:b3
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJpg6lFIro4GhcTxlPyzMIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA4MDAyNDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjA4YzZmMDY3MTQ3ZjZiM2YwYTg1NzZjMzdlN2M1ZDM5NmM0Mjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhAS4KTI6vx1dAsNc/e8Y6EXV+cG
CoT7ygKsDTrWFJn0GgA3JOIShwYg5yG8eXlEsBMhEzxb6jvf63VXgh3NjRWe92Ev
To2R3t7xYpsm0fJzZDG6AeW8AvQgK/taPsIks05D49JGQYk7N60Mu7P+HoiW0q2N
CVrhU5zXUnB3ifJCsZ0eFqnE6cQr2wjP+/HPYuEYbDifGv279k0iDYaKxXpl0TX+
rIsJpkyDvtP2TPxSCKWzZAVwmYuZ2g9rsbdFz5xGEHt1kplCPhjNdnHaViBpYJw9
VuRFk7l5kacfyIscr9lcjMiH2a9PH6n7WXm1kv+eAIBcYuZIU8LY/IkqqQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJYIxvBnFH9rPwqFdsN+fF05bEKGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbGdqRzhHY1VmMnNfQ29WMnczNThYVGxzUW9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQz9AwQB
V3hEAwQBXXtKAwQAXpz9AwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQCXAYDuhA7z
2sm17nCqL6CdK8xgSC+OuRCY32MbxMYakYtcAFqe0OT4eYNampygWdCMO/vVyWIp
vkPBuSI/U7eiuJ+F9RvyODBD5s+pTiNwCjPJcuaCwdSkvVk1i14pl3RgNz91ozca
KlBlMfRui2DC4Kuu9SOZU9qSi9q1RoLwuGi/hDeFQ0Pd74J6G3TR5MWQ0LjBeCid
j6Ba6KRA42fGYXKTEraGIJ+yUMVSvulRPJYF2CQzvJ2fvGBImzfjc4oEzR6Fnipf
GlNQXpZaWNk6ilwcW8VHKsF4/tFlgMx0Ir7HV82LRjXXBW4qZJr9t8nbNPXzNDRI
cPu6K9wztkGz
-----END CERTIFICATE-----
Generated at Wed Oct 16 12:02:04 2024 by rpki-client on console-fra.rpki-client.org