Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mR527N41TSOT9C246K5X4gNU97s.roa
File: mR527N41TSOT9C246K5X4gNU97s.roa (raw, json)
Hash identifier: kB6xDxg9EE/YNsH9lAzCU1EDSsIvuAaJuISRGTUvP70=
Subject key identifier: 99:1E:76:EC:DE:35:4D:23:93:F4:2D:B8:E8:AE:57:E2:03:54:F7:BB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D8BDCC2390B7B673E40AB173AFE145F32
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mR527N41TSOT9C246K5X4gNU97s.roa
Signing time: Fri 09 Feb 2024 03:15:17 +0000
ROA not before: Fri 09 Feb 2024 03:15:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 31.13.211.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.120.192.0/23 maxlen: 24
87.121.146.0/24 maxlen: 24
87.121.147.0/24 maxlen: 24
91.92.26.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.100.0/24 maxlen: 24
93.123.101.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 13 Feb 2024 01:27:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8b:dc:c2:39:0b:7b:67:3e:40:ab:17:3a:fe:14:5f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 9 03:15:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=991e76ecde354d2393f42db8e8ae57e20354f7bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7a:19:38:e1:25:0d:5a:d3:c7:3d:60:fe:67:
90:14:bc:de:30:97:4a:44:84:82:d7:5f:41:41:48:
8b:78:6e:fd:30:90:62:55:fb:9d:d1:77:84:e1:1f:
8b:a8:b5:f0:dc:27:dc:44:71:d1:2b:69:b1:ed:a0:
40:8b:e1:35:ff:ba:46:3b:90:4f:28:03:91:bf:65:
48:fb:25:93:c9:f1:11:48:48:af:76:91:f9:63:79:
93:ac:1c:43:17:4c:a2:e2:ef:55:23:3b:73:9c:24:
a3:3e:89:eb:ff:37:7c:cb:e2:9a:5a:a7:49:36:83:
31:c3:44:1a:7a:a5:2b:73:e5:be:f1:bf:8d:49:41:
64:05:ad:3d:03:21:05:e7:c3:8a:af:5b:9c:43:f5:
d1:ef:d1:53:ac:e8:7f:e4:ad:f6:1f:e9:96:d3:39:
a1:7d:8a:49:fe:e6:9c:78:0c:d8:7b:86:8b:e4:e1:
ab:4f:32:98:e9:67:1c:b5:ea:19:41:97:3b:a9:0c:
30:8d:e7:c9:ba:18:d2:8f:14:39:b1:4f:19:ff:f8:
79:3b:3a:f6:5d:db:85:de:7b:3a:8e:0c:8e:6a:61:
bb:60:b6:9d:fe:74:73:86:bb:ec:2f:7a:c1:d6:c7:
10:12:36:68:5b:a4:fd:cd:f7:de:0e:85:29:5c:ce:
18:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:1E:76:EC:DE:35:4D:23:93:F4:2D:B8:E8:AE:57:E2:03:54:F7:BB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/mR527N41TSOT9C246K5X4gNU97s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.211.0/24
45.8.94.0/24
87.120.68.0/23
87.120.192.0/23
87.121.146.0/23
91.92.26.0/24
93.123.74.0/23
93.123.100.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:77:44:df:68:5e:2a:89:34:82:75:bd:c4:71:5f:d1:d1:de:
79:f6:37:e0:d7:a6:6f:15:79:f9:3f:40:9e:84:84:80:1e:d7:
3c:6e:8a:31:05:05:45:02:ab:f7:57:5f:4d:be:63:fb:3e:bb:
d6:a6:ad:df:29:f1:7b:ad:b8:f9:58:ed:b0:ed:32:c7:14:6f:
1a:7c:15:f7:90:a5:16:fd:34:ca:21:bd:a8:ab:af:60:0c:ee:
5b:c2:a2:84:55:28:9c:fb:92:ee:4b:63:f7:75:b0:45:5e:42:
32:1e:8b:b7:be:ac:9e:0c:7c:d8:62:e2:a1:3d:75:47:ba:8a:
7d:2d:0d:21:71:88:58:6c:b0:dc:d4:98:62:86:22:d5:b8:c7:
f7:65:43:31:95:2b:b7:99:3b:5b:dc:03:b8:b7:5b:05:71:1a:
50:a6:ff:af:ab:24:48:74:db:60:87:9b:53:80:aa:fd:5c:6b:
51:83:0e:67:95:6a:75:7f:43:fb:9e:6b:74:3a:47:38:00:c1:
b7:7d:7e:7a:27:a7:ed:3d:d4:4a:bd:8a:69:4d:24:00:75:9c:
a0:b5:0c:36:b8:49:d2:9e:6c:c1:0d:38:e5:f2:2b:56:09:81:
19:10:e2:df:86:85:c8:b7:b2:de:9f:c1:ce:82:32:bb:09:b7:
f1:f6:a2:62
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY2L3MI5C3tnPkCrFzr+FF8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjA5MDMxNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTFlNzZlY2RlMzU0ZDIzOTNmNDJkYjhlOGFlNTdlMjAzNTRmN2JiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXoZOOElDVrTxz1g/meQFLzeMJdK
RISC119BQUiLeG79MJBiVfud0XeE4R+LqLXw3CfcRHHRK2mx7aBAi+E1/7pGO5BP
KAORv2VI+yWTyfERSEivdpH5Y3mTrBxDF0yi4u9VIztznCSjPonr/zd8y+KaWqdJ
NoMxw0QaeqUrc+W+8b+NSUFkBa09AyEF58OKr1ucQ/XR79FTrOh/5K32H+mW0zmh
fYpJ/uaceAzYe4aL5OGrTzKY6WccteoZQZc7qQwwjefJuhjSjxQ5sU8Z//h5Ozr2
XduF3ns6jgyOamG7YLad/nRzhrvsL3rB1scQEjZoW6T9zffeDoUpXM4YxQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFJkeduzeNU0jk/QtuOiuV+IDVPe7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbVI1MjdONDFUU09UOUMyNDZLNVg0Z05VOTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAHw3TAwQA
LQheAwQBV3hEAwQBV3jAAwQBV3mSAwQAW1waAwQBXXtKAwQBXXtkAwQBufygMA0G
CSqGSIb3DQEBCwUAA4IBAQArd0TfaF4qiTSCdb3EcV/R0d559jfg16ZvFXn5P0Ce
hISAHtc8booxBQVFAqv3V19NvmP7PrvWpq3fKfF7rbj5WO2w7TLHFG8afBX3kKUW
/TTKIb2oq69gDO5bwqKEVSic+5LuS2P3dbBFXkIyHou3vqyeDHzYYuKhPXVHuop9
LQ0hcYhYbLDc1JhihiLVuMf3ZUMxlSu3mTtb3AO4t1sFcRpQpv+vqyRIdNtgh5tT
gKr9XGtRgw5nlWp1f0P7nmt0Okc4AMG3fX56J6ftPdRKvYppTSQAdZygtQw2uEnS
nmzBDTjl8itWCYEZEOLfhoXIt7Len8HOgjK7Cbfx9qJi
-----END CERTIFICATE-----
Generated at Tue Feb 13 04:42:52 2024 by rpki-client on console-ams.rpki-client.org