Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nTxpnnENqKjHy3ZBIxj64VtARo8.roa
File: nTxpnnENqKjHy3ZBIxj64VtARo8.roa (raw, json)
Hash identifier: WVNdh+b6wuGg1A6Qp4DeOOtU5HDcKvTsBjALYI/C0+4=
Subject key identifier: 9D:3C:69:9E:71:0D:A8:A8:C7:CB:76:41:23:18:FA:E1:5B:40:46:8F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EBD520497289C27F951526D637F542A15
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nTxpnnENqKjHy3ZBIxj64VtARo8.roa
Signing time: Mon 08 Apr 2024 10:47:32 +0000
ROA not before: Mon 08 Apr 2024 10:47:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47757
IP address blocks: 45.149.241.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 30 Apr 2024 05:42:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:bd:52:04:97:28:9c:27:f9:51:52:6d:63:7f:54:2a:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 8 10:47:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d3c699e710da8a8c7cb76412318fae15b40468f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a3:a6:88:49:29:f3:a4:55:f7:93:00:67:4b:
fb:a4:96:c9:95:a6:ce:80:ef:4a:2b:6f:ee:5b:c6:
18:ca:d1:18:c3:7a:00:41:82:d4:7d:9e:c8:fa:78:
2c:df:d7:71:d3:b4:0e:17:63:01:6a:41:fa:40:c2:
e4:13:8d:9b:22:52:cc:49:4f:84:97:4a:cf:99:de:
34:92:f5:82:5d:3b:b3:4f:73:7e:98:41:53:dd:2d:
fa:82:81:6d:f7:f7:0e:8d:67:0c:55:2d:3c:b4:8f:
e7:db:33:b6:aa:c3:b0:f2:b2:dd:6b:fd:83:2e:b3:
76:6e:bb:c8:25:3a:f8:5d:a2:e3:a8:42:28:ef:ae:
28:33:db:b8:7d:be:1d:61:4b:7b:d3:e1:69:69:de:
09:f7:a5:64:a2:06:76:d1:1f:17:db:fb:80:3d:df:
33:33:2a:5d:2c:31:43:65:72:69:36:b4:2d:d4:d4:
5f:f3:08:f5:99:3f:56:33:10:7a:87:93:0c:1c:a9:
ce:46:01:99:0f:87:f7:3a:c4:96:74:0e:49:80:32:
5f:a5:df:15:a9:f3:1b:1d:54:a4:fa:a1:79:a6:e9:
9f:53:0c:bc:0f:43:7c:15:4c:53:1e:39:29:f7:f1:
09:b0:a7:b3:9b:f1:5d:44:86:96:b5:b8:a7:a6:d4:
8a:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:3C:69:9E:71:0D:A8:A8:C7:CB:76:41:23:18:FA:E1:5B:40:46:8F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nTxpnnENqKjHy3ZBIxj64VtARo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.241.0/24
171.22.17.0/24
194.48.248.0/24
Signature Algorithm: sha256WithRSAEncryption
58:6c:31:ee:9a:f1:1d:d3:fe:9f:12:69:59:ab:a3:56:2d:d5:
0f:55:56:ea:44:0c:b0:14:00:c5:86:83:5c:d1:69:61:14:e4:
df:62:43:00:a4:8d:8b:65:fe:3e:e2:d1:26:5a:fe:05:61:cc:
0f:c3:5f:88:46:cd:0b:a1:47:b2:04:97:b0:25:6a:03:3a:59:
bb:64:ed:6f:0e:48:ad:95:b6:da:3a:49:67:4f:64:4a:7a:04:
26:96:3c:ec:8e:50:14:94:f2:1f:bb:af:e4:b7:5d:20:18:38:
24:a5:f9:d6:17:b4:b4:37:7b:44:00:1f:5d:1e:89:9b:58:c2:
eb:54:9e:c7:75:49:a9:15:a6:56:11:5c:94:7b:29:46:01:d5:
60:17:a6:79:7f:e7:b2:18:ee:4f:1a:54:f6:9d:7a:0c:63:92:
d7:8e:70:1c:c6:d3:e4:6a:d5:a9:de:36:8a:ca:61:b3:dc:f8:
46:6d:c3:63:db:45:25:c6:c2:b4:20:c7:1c:da:38:27:db:b1:
f7:18:9d:9d:88:f1:bd:59:94:90:47:6c:e1:f4:77:56:8e:aa:
6e:66:0e:e3:18:c0:5b:69:86:05:72:eb:42:4a:60:3f:6e:b7:
50:02:e0:f2:4b:f5:b8:b9:1d:3a:d7:76:3a:90:1c:8c:f3:b4:
61:b3:57:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY69UgSXKJwn+VFSbWN/VCoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA4MTA0NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDNjNjk5ZTcxMGRhOGE4YzdjYjc2NDEyMzE4ZmFlMTViNDA0NjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwaOmiEkp86RV95MAZ0v7pJbJlabO
gO9KK2/uW8YYytEYw3oAQYLUfZ7I+ngs39dx07QOF2MBakH6QMLkE42bIlLMSU+E
l0rPmd40kvWCXTuzT3N+mEFT3S36goFt9/cOjWcMVS08tI/n2zO2qsOw8rLda/2D
LrN2brvIJTr4XaLjqEIo764oM9u4fb4dYUt70+Fpad4J96VkogZ20R8X2/uAPd8z
MypdLDFDZXJpNrQt1NRf8wj1mT9WMxB6h5MMHKnORgGZD4f3OsSWdA5JgDJfpd8V
qfMbHVSk+qF5pumfUwy8D0N8FUxTHjkp9/EJsKezm/FdRIaWtbinptSK8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJ08aZ5xDaiox8t2QSMY+uFbQEaPMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvblR4cG5uRU5xS2pIeTNaQkl4ajY0VnRBUm84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZXxAwQA
qxYRAwQAwjD4MA0GCSqGSIb3DQEBCwUAA4IBAQBYbDHumvEd0/6fEmlZq6NWLdUP
VVbqRAywFADFhoNc0WlhFOTfYkMApI2LZf4+4tEmWv4FYcwPw1+IRs0LoUeyBJew
JWoDOlm7ZO1vDkitlbbaOklnT2RKegQmljzsjlAUlPIfu6/kt10gGDgkpfnWF7S0
N3tEAB9dHombWMLrVJ7HdUmpFaZWEVyUeylGAdVgF6Z5f+eyGO5PGlT2nXoMY5LX
jnAcxtPkatWp3jaKymGz3PhGbcNj20UlxsK0IMcc2jgn27H3GJ2diPG9WZSQR2zh
9HdWjqpuZg7jGMBbaYYFcutCSmA/brdQAuDyS/W4uR0613Y6kByM87Rhs1eB
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:18 2024 by rpki-client on console-fra.rpki-client.org