Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyYgbQ6OsUQeFZ9vj4BVKIEALvk.roa
File: lyYgbQ6OsUQeFZ9vj4BVKIEALvk.roa (raw, json)
Hash identifier: sbBZ2nbNXRjO5AAxCX3gHCb2kL2QeOKq6Qg1A5ZFUPY=
Subject key identifier: 97:26:20:6D:0E:8E:B1:44:1E:15:9F:6F:8F:80:55:28:81:00:2E:F9
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01926C6A82525AB5CB894826C4D8E321CB9A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyYgbQ6OsUQeFZ9vj4BVKIEALvk.roa
Signing time: Tue 08 Oct 2024 13:56:12 +0000
ROA not before: Tue 08 Oct 2024 13:56:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1
IP address blocks: 45.141.158.0/24 maxlen: 24
85.217.192.0/24 maxlen: 32
85.217.193.0/24 maxlen: 32
85.217.194.0/24 maxlen: 32
85.217.195.0/24 maxlen: 32
85.217.196.0/23 maxlen: 32
85.217.198.0/24 maxlen: 32
85.217.199.0/24 maxlen: 32
85.217.200.0/22 maxlen: 32
85.217.204.0/22 maxlen: 32
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
2a00:1728:18::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 08 Oct 2024 14:38:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:6a:82:52:5a:b5:cb:89:48:26:c4:d8:e3:21:cb:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 8 13:56:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9726206d0e8eb1441e159f6f8f80552881002ef9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:7d:88:73:d0:9b:e3:f6:f7:de:b3:ef:55:f8:
7e:28:3f:23:bf:15:78:fa:c3:06:ee:a3:c9:21:77:
3e:39:88:0e:44:af:3b:55:c0:1d:1b:b9:25:f7:32:
b4:31:45:8d:a1:cf:c5:24:a7:ac:ab:c8:4b:19:34:
35:35:cf:b6:30:cc:c7:86:e3:fd:92:07:72:57:77:
78:59:8b:76:ec:2d:ae:c9:cc:ad:53:2f:34:bd:c6:
52:5d:0b:1b:fc:68:55:e5:09:bf:f7:68:ea:46:b3:
1c:1e:5c:42:80:d8:ce:11:fb:78:bf:95:95:0c:23:
29:c0:e7:48:5f:df:4a:7b:9b:ad:59:f3:06:2a:b1:
58:9f:c2:ba:16:d8:0a:a2:83:05:cf:e5:3d:f1:74:
7d:fe:f5:c7:3b:e9:63:fe:b2:e6:90:ce:d1:cf:69:
ec:b7:33:3f:c3:f2:85:f7:49:74:a1:61:e1:05:63:
1a:8a:7f:a8:85:81:9f:70:37:e7:48:f7:eb:54:b0:
b2:9f:f9:e9:7c:e4:42:bc:12:e6:49:3f:68:1a:5a:
d7:d9:d5:d8:f4:1c:83:3f:af:f3:e0:97:8c:cd:e7:
3c:21:20:d5:26:d2:67:be:3d:8d:5a:d1:1a:6e:ae:
00:5c:f3:ff:55:70:10:b0:b4:6f:2c:dc:67:a3:76:
55:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:26:20:6D:0E:8E:B1:44:1E:15:9F:6F:8F:80:55:28:81:00:2E:F9
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/lyYgbQ6OsUQeFZ9vj4BVKIEALvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
85.217.192.0/20
87.121.124.0/23
87.121.162.0/24
147.78.100.0/24
IPv6:
2a00:1728:18::/48
Signature Algorithm: sha256WithRSAEncryption
5a:0b:0d:c2:7f:bd:c2:c6:08:7c:0c:f9:b0:b8:27:52:8a:d0:
b7:cc:0e:ca:bb:8a:27:cf:7c:a9:d8:cb:8c:e2:ed:2a:e5:cd:
cf:31:e9:8e:88:ab:b0:70:2e:1a:40:63:a7:44:d3:c8:df:18:
d8:75:9d:0f:e7:01:79:14:9a:a2:96:00:31:62:04:d8:c7:71:
d4:46:60:89:65:87:87:5d:65:99:59:f3:4a:09:c6:96:24:f4:
8e:bc:34:b1:49:44:39:e9:62:da:f5:75:0d:01:d5:bb:08:45:
5a:e4:1f:54:90:4d:ad:a8:18:d7:ec:25:96:10:16:b0:e8:31:
20:a8:54:01:3d:d5:8f:1e:8d:86:6b:68:d8:b5:f5:d1:e1:46:
6f:c3:0a:27:c2:4e:f1:e3:77:b9:d2:69:12:6c:1c:c9:e9:15:
00:ad:fc:02:9e:a8:0d:1c:36:6f:8b:7c:50:a4:a5:ad:db:16:
9f:c3:4a:d8:13:70:5e:aa:3e:be:ab:65:f4:e8:d9:f1:51:b8:
f6:14:ca:0a:83:80:2e:20:a1:a0:7e:26:d8:96:89:60:2f:fb:
ed:a7:06:8c:03:4a:60:d8:8e:5c:a8:b3:38:ba:8f:3e:bb:12:
a6:40:38:98:18:21:b6:bb:23:63:6a:1d:a9:c3:a6:1c:78:72:
9d:84:f1:57
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZJsaoJSWrXLiUgmxNjjIcuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDA4MTM1NjEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzI2MjA2ZDBlOGViMTQ0MWUxNTlmNmY4ZjgwNTUyODgxMDAyZWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6X2Ic9Cb4/b33rPvVfh+KD8jvxV4
+sMG7qPJIXc+OYgORK87VcAdG7kl9zK0MUWNoc/FJKesq8hLGTQ1Nc+2MMzHhuP9
kgdyV3d4WYt27C2uycytUy80vcZSXQsb/GhV5Qm/92jqRrMcHlxCgNjOEft4v5WV
DCMpwOdIX99Ke5utWfMGKrFYn8K6FtgKooMFz+U98XR9/vXHO+lj/rLmkM7Rz2ns
tzM/w/KF90l0oWHhBWMain+ohYGfcDfnSPfrVLCyn/npfORCvBLmST9oGlrX2dXY
9ByDP6/z4JeMzec8ISDVJtJnvj2NWtEabq4AXPP/VXAQsLRvLNxno3ZViQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJcmIG0OjrFEHhWfb4+AVSiBAC75MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbHlZZ2JRNk9zVVFlRlo5dmo0QlZLSUVBTHZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALY2eAwQE
VdnAAwQBV3l8AwQAV3miAwQAk05kMA8EAgACMAkDBwAqABcoABgwDQYJKoZIhvcN
AQELBQADggEBAFoLDcJ/vcLGCHwM+bC4J1KK0LfMDsq7iifPfKnYy4zi7Srlzc8x
6Y6Iq7BwLhpAY6dE08jfGNh1nQ/nAXkUmqKWADFiBNjHcdRGYIllh4ddZZlZ80oJ
xpYk9I68NLFJRDnpYtr1dQ0B1bsIRVrkH1SQTa2oGNfsJZYQFrDoMSCoVAE91Y8e
jYZraNi19dHhRm/DCifCTvHjd7nSaRJsHMnpFQCt/AKeqA0cNm+LfFCkpa3bFp/D
StgTcF6qPr6rZfTo2fFRuPYUygqDgC4goaB+JtiWiWAv++2nBowDSmDYjlyoszi6
jz67EqZAOJgYIba7I2NqHanDphx4cp2E8Vc=
-----END CERTIFICATE-----
Generated at Tue Oct 8 20:56:09 2024 by rpki-client on console-fra.rpki-client.org