Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n-XO1sowfw5LGm6jMvNHEjnliYA.roa
File: n-XO1sowfw5LGm6jMvNHEjnliYA.roa (raw, json)
Hash identifier: v6fMjuKYT0f7ik5cBhwP49P0jmQY1JOTU9OMRc3hxjc=
Subject key identifier: 9F:E5:CE:D6:CA:30:7F:0E:4B:1A:6E:A3:32:F3:47:12:39:E5:89:80
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191365A7D5EB4DFB396A9FACD05FBF7CAC4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n-XO1sowfw5LGm6jMvNHEjnliYA.roa
Signing time: Fri 09 Aug 2024 08:56:25 +0000
ROA not before: Fri 09 Aug 2024 08:56:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 45.128.96.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
87.120.33.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
94.156.2.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
94.156.113.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
193.58.120.0/24 maxlen: 24
194.31.204.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Sep 2024 13:13:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:36:5a:7d:5e:b4:df:b3:96:a9:fa:cd:05:fb:f7:ca:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 9 08:56:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9fe5ced6ca307f0e4b1a6ea332f3471239e58980
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:13:43:0d:76:6b:d3:fa:07:00:e5:82:e9:09:
a0:3e:63:6e:99:e3:dd:02:f9:78:86:df:53:a2:de:
24:09:75:39:fb:fc:f6:c8:2f:29:e8:3b:fb:47:83:
cd:8e:67:67:d6:c3:d6:db:c1:ce:8e:aa:f4:74:c3:
5a:7e:c3:2c:0d:9a:3e:96:fe:c6:06:9f:e3:9c:d8:
2a:64:b8:fe:ef:9c:45:33:79:8e:1d:82:89:1c:a0:
33:4e:8b:60:20:58:c1:67:8c:c0:d5:a7:68:17:1a:
93:e0:fe:4c:02:9d:b8:ab:61:37:61:e3:bb:e4:81:
7b:e6:e6:a1:8d:9e:75:ab:51:6e:c2:73:6f:c0:a2:
29:9c:94:e7:40:17:a7:6f:e6:a6:40:f7:00:9a:e8:
a6:54:be:24:fe:94:e3:45:9f:13:5e:72:bd:00:da:
be:af:a4:7f:d2:9d:22:f7:8f:7c:9b:f3:6f:eb:15:
7e:ae:a8:2e:6f:c9:43:b5:5d:ca:67:99:4f:72:b4:
52:b7:4a:da:93:73:d5:61:a1:22:f7:f4:a2:1f:4c:
1d:fc:48:ce:c8:37:3e:0e:c9:75:39:de:a9:49:b8:
31:84:c6:da:28:b9:f7:83:92:a4:b3:2d:39:45:30:
38:a9:30:06:ed:ad:50:0f:bd:df:35:b3:0e:21:d5:
66:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:E5:CE:D6:CA:30:7F:0E:4B:1A:6E:A3:32:F3:47:12:39:E5:89:80
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n-XO1sowfw5LGm6jMvNHEjnliYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.96.0/24
84.54.51.0/24
87.120.33.0/24
87.121.38.0/24
87.121.45.0/24
87.121.58.0/24
91.92.16.0/24
94.103.127.0/24
94.156.2.0/24
94.156.79.0/24
94.156.113.0/24
141.98.4.0/24
193.58.120.0/24
194.31.204.0/24
Signature Algorithm: sha256WithRSAEncryption
69:30:f2:88:47:d6:04:2e:bd:4d:d4:3e:dd:83:1c:e8:4d:37:
29:ac:85:68:b8:7e:14:b9:17:43:e1:11:29:00:9d:7a:03:a0:
74:93:82:9b:36:e2:7d:60:4a:5b:ae:af:b2:fc:47:ae:3d:dd:
40:ec:b3:32:b3:6b:0d:20:49:e8:86:df:9b:cc:60:98:5c:0e:
db:21:4a:79:e7:52:0c:30:ed:39:43:b6:b4:b6:0a:b9:4c:d4:
00:ea:e6:4a:42:b3:85:b8:91:93:b5:57:11:9e:9c:29:eb:43:
c0:88:10:d7:ee:5c:1b:c7:54:d9:65:43:4e:ec:c0:f0:f1:76:
40:28:e3:f6:46:bf:ad:67:eb:37:af:d9:40:cd:64:60:97:1c:
19:55:02:59:53:5d:f4:db:2c:04:fb:69:b7:22:32:75:f8:00:
6a:54:c6:74:ff:c6:3b:23:e9:21:64:af:fb:f8:46:2d:a1:9f:
c7:18:8d:15:cb:37:51:f7:e9:a6:b3:0d:ac:96:2d:e8:12:4c:
cc:c0:39:dd:c1:b0:0f:d4:03:5b:77:7f:f6:43:39:92:5e:bc:
a0:3c:af:a3:1b:99:cf:97:e5:2f:14:c8:5d:7a:a6:06:73:70:
92:7a:0c:fd:3d:29:8a:39:c4:81:61:8b:e8:fc:ad:1c:a8:6c:
5d:15:1c:b7
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZE2Wn1etN+zlqn6zQX798rEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODA5MDg1NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmU1Y2VkNmNhMzA3ZjBlNGIxYTZlYTMzMmYzNDcxMjM5ZTU4OTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BNDDXZr0/oHAOWC6QmgPmNumePd
Avl4ht9Tot4kCXU5+/z2yC8p6Dv7R4PNjmdn1sPW28HOjqr0dMNafsMsDZo+lv7G
Bp/jnNgqZLj+75xFM3mOHYKJHKAzTotgIFjBZ4zA1adoFxqT4P5MAp24q2E3YeO7
5IF75uahjZ51q1FuwnNvwKIpnJTnQBenb+amQPcAmuimVL4k/pTjRZ8TXnK9ANq+
r6R/0p0i9498m/Nv6xV+rqgub8lDtV3KZ5lPcrRSt0rak3PVYaEi9/SiH0wd/EjO
yDc+Dsl1Od6pSbgxhMbaKLn3g5Kksy05RTA4qTAG7a1QD73fNbMOIdVmCQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFJ/lztbKMH8OSxpuozLzRxI55YmAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbi1YTzFzb3dmdzVMR202ak12TkhFam5saVlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQALYBgAwQA
VDYzAwQAV3ghAwQAV3kmAwQAV3ktAwQAV3k6AwQAW1wQAwQAXmd/AwQAXpwCAwQA
XpxPAwQAXpxxAwQAjWIEAwQAwTp4AwQAwh/MMA0GCSqGSIb3DQEBCwUAA4IBAQBp
MPKIR9YELr1N1D7dgxzoTTcprIVouH4UuRdD4REpAJ16A6B0k4KbNuJ9YEpbrq+y
/EeuPd1A7LMys2sNIEnoht+bzGCYXA7bIUp551IMMO05Q7a0tgq5TNQA6uZKQrOF
uJGTtVcRnpwp60PAiBDX7lwbx1TZZUNO7MDw8XZAKOP2Rr+tZ+s3r9lAzWRglxwZ
VQJZU1302ywE+2m3IjJ1+ABqVMZ0/8Y7I+khZK/7+EYtoZ/HGI0VyzdR9+mmsw2s
li3oEkzMwDndwbAP1ANbd3/2QzmSXrygPK+jG5nPl+UvFMhdeqYGc3CSegz9PSmK
OcSBYYvo/K0cqGxdFRy3
-----END CERTIFICATE-----
Generated at Tue Sep 24 16:53:35 2024 by rpki-client on console-fra.rpki-client.org