Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m6sbJ119bHsXZXXFYFyD6Das3Us.roa
File: m6sbJ119bHsXZXXFYFyD6Das3Us.roa (raw, json)
Hash identifier: WE1t/sl0/Fin0myEfzj6Xm5jv7BnGrZ9WLV55TfXB1E=
Subject key identifier: 9B:AB:1B:27:5D:7D:6C:7B:17:65:75:C5:60:5C:83:E8:36:AC:DD:4B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E2C7F67E5FB846F45864A4763BDD01E25
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m6sbJ119bHsXZXXFYFyD6Das3Us.roa
Signing time: Mon 11 Mar 2024 07:52:10 +0000
ROA not before: Mon 11 Mar 2024 07:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147186
IP address blocks: 82.115.208.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 14:10:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2c:7f:67:e5:fb:84:6f:45:86:4a:47:63:bd:d0:1e:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 11 07:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9bab1b275d7d6c7b176575c5605c83e836acdd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:0f:88:60:36:9e:ed:a8:ff:3b:0d:7c:e1:f6:
e2:56:84:e9:fd:69:b1:14:fe:bd:98:12:bd:87:ee:
11:74:63:51:ff:62:99:37:92:1b:6d:57:69:c9:bb:
58:e3:ff:73:97:d9:e8:f0:d0:8b:1f:45:91:a7:b1:
76:b0:d7:cd:2b:4e:97:4a:e6:8e:6a:09:07:e0:ff:
c4:92:c1:ca:7b:11:8b:3b:dc:64:c2:bc:aa:8c:b4:
b9:55:ee:cb:11:91:84:b0:47:1e:3b:12:8c:30:e4:
b1:b1:cc:a6:5d:bf:06:e4:d4:b0:d7:c0:6b:21:29:
b7:af:ac:e1:fb:7d:ac:91:c8:b4:ac:a7:60:e4:18:
3c:92:b9:3b:22:49:93:c9:00:c9:ad:c2:0c:cf:76:
78:8e:44:a7:48:0b:e6:fa:31:65:54:19:2a:5a:38:
41:bb:b1:82:94:e3:8f:a7:1f:b5:ac:20:89:8b:da:
66:15:06:6e:f7:2d:a3:b4:56:39:b0:95:76:5f:b4:
03:b2:b5:db:ba:ca:da:06:6e:05:bc:97:c5:31:df:
73:65:0e:8a:1e:4f:c6:ef:f6:c0:41:08:37:31:15:
71:8d:93:4b:b6:95:2a:64:a2:72:9a:cb:24:56:65:
bf:09:fd:c4:5f:37:57:4b:d9:a3:1f:4a:54:c5:7b:
93:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AB:1B:27:5D:7D:6C:7B:17:65:75:C5:60:5C:83:E8:36:AC:DD:4B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/m6sbJ119bHsXZXXFYFyD6Das3Us.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.208.0/24
94.154.161.0/24
171.22.31.0/24
Signature Algorithm: sha256WithRSAEncryption
35:01:05:8e:9c:1f:0b:2e:63:68:e9:03:db:bc:0f:33:27:3a:
27:31:ea:d4:3a:c3:74:8c:0f:20:11:a3:18:d3:fb:2b:8b:5d:
d6:de:20:60:74:8d:b8:17:df:78:1b:ea:9c:ef:02:4c:dc:1d:
b9:bc:b6:f6:40:6c:45:49:9a:37:90:d2:7c:fb:08:a9:58:10:
6b:29:7a:89:5e:1d:06:cf:ec:5d:49:ca:86:a6:88:ce:d9:f6:
3d:92:13:35:85:6d:e0:08:e3:98:f6:75:ed:f5:c2:e8:e4:aa:
94:29:ee:e5:6c:52:d1:d7:e8:e2:26:39:5b:90:b2:f2:45:e2:
ea:3a:5e:63:64:7c:77:50:bf:c0:a6:92:be:c8:90:99:ee:9d:
08:ea:0f:28:3e:c1:8a:93:22:cc:6c:cc:18:da:aa:4b:16:6d:
f2:9b:1b:bf:f7:c4:0d:07:38:92:73:0b:ee:16:32:92:11:fe:
fb:ff:8a:6b:0e:a7:58:1f:af:34:7e:d4:ec:3f:6e:73:88:61:
f8:96:41:1a:5b:25:74:0b:7f:93:ff:53:f5:80:6b:34:2a:03:
9e:51:9e:0c:ad:73:3b:46:a8:7f:5d:4f:77:1a:30:e7:60:93:
af:0a:c3:bf:25:64:ba:1c:11:e1:45:1f:1c:44:28:ee:3a:5d:
f2:74:91:84
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY4sf2fl+4RvRYZKR2O90B4lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzExMDc1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmFiMWIyNzVkN2Q2YzdiMTc2NTc1YzU2MDVjODNlODM2YWNkZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuA+IYDae7aj/Ow184fbiVoTp/Wmx
FP69mBK9h+4RdGNR/2KZN5IbbVdpybtY4/9zl9no8NCLH0WRp7F2sNfNK06XSuaO
agkH4P/EksHKexGLO9xkwryqjLS5Ve7LEZGEsEceOxKMMOSxscymXb8G5NSw18Br
ISm3r6zh+32skci0rKdg5Bg8krk7IkmTyQDJrcIMz3Z4jkSnSAvm+jFlVBkqWjhB
u7GClOOPpx+1rCCJi9pmFQZu9y2jtFY5sJV2X7QDsrXbusraBm4FvJfFMd9zZQ6K
Hk/G7/bAQQg3MRVxjZNLtpUqZKJymsskVmW/Cf3EXzdXS9mjH0pUxXuTWwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJurGyddfWx7F2V1xWBcg+g2rN1LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbTZzYkoxMTliSHNYWlhYRllGeUQ2RGFzM1VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUnPQAwQA
XpqhAwQAqxYfMA0GCSqGSIb3DQEBCwUAA4IBAQA1AQWOnB8LLmNo6QPbvA8zJzon
MerUOsN0jA8gEaMY0/sri13W3iBgdI24F994G+qc7wJM3B25vLb2QGxFSZo3kNJ8
+wipWBBrKXqJXh0Gz+xdScqGpojO2fY9khM1hW3gCOOY9nXt9cLo5KqUKe7lbFLR
1+jiJjlbkLLyReLqOl5jZHx3UL/AppK+yJCZ7p0I6g8oPsGKkyLMbMwY2qpLFm3y
mxu/98QNBziScwvuFjKSEf77/4prDqdYH680ftTsP25ziGH4lkEaWyV0C3+T/1P1
gGs0KgOeUZ4MrXM7Rqh/XU93GjDnYJOvCsO/JWS6HBHhRR8cRCjuOl3ydJGE
-----END CERTIFICATE-----
Generated at Thu Mar 21 18:22:40 2024 by rpki-client on console-ams.rpki-client.org