Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n4UhKLS-KJAsQtRmwnMljJgg5r4.roa
File: n4UhKLS-KJAsQtRmwnMljJgg5r4.roa (raw, json)
Hash identifier: ID1wLZfogkcZyiF6MiYfGmeQcsrcQlSfYvCTIgfu09Y=
Subject key identifier: 9F:85:21:28:B4:BE:28:90:2C:42:D4:66:C2:73:25:8C:98:20:E6:BE
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B1DF1504B291ED44E243FC03E1FA58F3D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n4UhKLS-KJAsQtRmwnMljJgg5r4.roa
Signing time: Wed 11 Oct 2023 08:53:55 +0000
ROA not before: Wed 11 Oct 2023 08:53:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/23 maxlen: 24
91.92.27.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
185.147.100.0/22 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.76.0/22 maxlen: 24
141.98.5.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.119.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Oct 2023 11:39:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1d:f1:50:4b:29:1e:d4:4e:24:3f:c0:3e:1f:a5:8f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 11 08:53:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f852128b4be28902c42d466c273258c9820e6be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:68:96:1e:09:71:fc:c8:6d:b5:15:91:8b:6a:
bc:24:d6:97:49:be:6d:3a:b7:66:21:04:e5:f3:0a:
57:61:6f:74:2e:f2:ad:d9:30:ed:c4:f7:49:e8:2d:
de:81:7f:c1:8c:5b:00:34:ce:be:86:b2:7a:0c:dd:
c8:e4:fd:d4:c5:35:81:37:7d:f6:c8:7f:9f:15:ba:
6b:1a:40:6b:23:d4:74:d2:e0:9b:40:79:d3:57:70:
31:53:65:fc:1d:07:6b:dd:af:fe:24:57:ac:49:74:
ee:7a:58:46:16:2a:b0:e7:46:b8:a9:a5:7c:0c:ea:
a5:a6:95:30:e0:c9:ad:77:92:68:54:44:59:e7:4d:
6f:f6:5f:0f:7d:e9:73:2a:38:de:35:c5:6c:95:fe:
72:91:9d:a4:e9:1c:db:ed:1d:1e:e6:3c:e3:52:bc:
1d:d0:44:f1:e6:21:5f:c1:27:64:53:8c:b1:cd:b5:
a1:88:06:6e:00:c6:6d:55:f4:0f:bc:44:9d:aa:04:
af:b1:c2:b4:55:55:15:94:2a:f7:2b:84:63:ec:6b:
32:1a:d8:94:b4:7f:b4:ea:37:3f:bf:3d:38:a9:f3:
07:83:15:e4:0d:b1:d4:34:78:27:ef:ed:18:ec:5e:
a5:66:16:61:99:44:a2:6c:11:0b:ed:79:ab:ad:d7:
62:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:85:21:28:B4:BE:28:90:2C:42:D4:66:C2:73:25:8C:98:20:E6:BE
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/n4UhKLS-KJAsQtRmwnMljJgg5r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
45.8.92.0/24
45.139.123.0/24
87.120.192.0/23
87.121.38.0/24
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.178.0/24
94.156.180.0/23
94.156.237.0-94.156.238.255
141.98.5.0/24
185.147.100.0/22
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:06:7e:71:87:fc:c1:29:9d:ba:f1:89:51:ee:77:d1:5d:cd:
c6:68:15:ce:fb:a5:1e:76:27:64:15:76:6f:08:9a:3a:b3:27:
89:7a:e1:cd:a1:f8:a2:9f:5c:41:51:f7:2f:cc:c4:31:db:d5:
3f:77:60:76:39:04:85:ae:a9:73:eb:26:2a:6d:ed:d7:66:db:
ef:8b:8b:72:ff:f7:bf:80:41:a7:47:15:db:41:26:78:50:a6:
46:c3:ed:4e:21:b8:3e:3b:f0:9c:39:95:6a:04:3a:8b:0a:ac:
e1:ae:9e:68:2d:02:17:d9:36:c8:c8:48:63:f1:ef:ca:4f:68:
b4:4f:5c:2f:a4:67:62:9b:07:89:b7:ed:df:32:fb:cb:38:dd:
33:e7:71:3f:af:e3:62:d2:4c:9a:32:7f:66:6a:16:f0:90:cc:
b2:8e:75:78:fa:83:f1:bf:ad:8c:b4:3f:70:90:07:16:0f:81:
71:01:c1:85:58:b5:59:bf:78:02:be:9f:1c:83:1d:91:e8:d0:
c4:d8:76:89:0a:f6:f9:3d:52:e9:25:a1:e6:cb:9c:bd:96:41:
0e:e1:02:10:2d:65:c5:d2:b6:ba:1e:63:45:cf:30:c0:67:41:
21:1b:b5:23:50:41:41:d5:9b:38:52:81:bb:ec:01:d5:22:f7:
e6:4e:62:b2
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYsd8VBLKR7UTiQ/wD4fpY89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDExMDg1MzU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjg1MjEyOGI0YmUyODkwMmM0MmQ0NjZjMjczMjU4Yzk4MjBlNmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2iWHglx/MhttRWRi2q8JNaXSb5t
OrdmIQTl8wpXYW90LvKt2TDtxPdJ6C3egX/BjFsANM6+hrJ6DN3I5P3UxTWBN332
yH+fFbprGkBrI9R00uCbQHnTV3AxU2X8HQdr3a/+JFesSXTuelhGFiqw50a4qaV8
DOqlppUw4Mmtd5JoVERZ501v9l8PfelzKjjeNcVslf5ykZ2k6Rzb7R0e5jzjUrwd
0ETx5iFfwSdkU4yxzbWhiAZuAMZtVfQPvESdqgSvscK0VVUVlCr3K4Rj7GsyGtiU
tH+06jc/vz04qfMHgxXkDbHUNHgn7+0Y7F6lZhZhmUSibBEL7XmrrddiQQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFJ+FISi0viiQLELUZsJzJYyYIOa+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbjRVaEtMUy1LSkFzUXRSbXduTWxqSmdnNXI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQC
Bf04AwQALQhcAwQALYt7AwQBV3jAAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBAFbXBoDBABbXEMDBABdexgDBAFdexow
DAMEAl17TAMEAF17UAMEAl17cAMEAF17dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6c
mAMEAV6cmgMEAF6csgMEAV6ctDAMAwQAXpztAwQAXpzuAwQAjWIFAwQCuZNkAwQA
ufyxAwQAwRnbAwQAwS8+AwQAwTp5AwQAwTp7AwQAwjfiAwQA1FfNMA0GCSqGSIb3
DQEBCwUAA4IBAQCNBn5xh/zBKZ268YlR7nfRXc3GaBXO+6UedidkFXZvCJo6syeJ
euHNofiin1xBUfcvzMQx29U/d2B2OQSFrqlz6yYqbe3XZtvvi4ty//e/gEGnRxXb
QSZ4UKZGw+1OIbg+O/CcOZVqBDqLCqzhrp5oLQIX2TbIyEhj8e/KT2i0T1wvpGdi
mweJt+3fMvvLON0z53E/r+Ni0kyaMn9mahbwkMyyjnV4+oPxv62MtD9wkAcWD4Fx
AcGFWLVZv3gCvp8cgx2R6NDE2HaJCvb5PVLpJaHmy5y9lkEO4QIQLWXF0ra6HmNF
zzDAZ0EhG7UjUEFB1Zs4UoG77AHVIvfmTmKy
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org