Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nh4dNmTQv-6egSCcStONCcMKY-Q.roa
File: nh4dNmTQv-6egSCcStONCcMKY-Q.roa (raw, json)
Hash identifier: WbrEiudRrrd3oJqmQHYYKUpPE4Sd7VA8bDxiw9sVbO4=
Subject key identifier: 9E:1E:1D:36:64:D0:BF:EE:9E:81:20:9C:4A:D3:8D:09:C3:0A:63:E4
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018E31E921D9FC187C734D02D94636D80D91
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nh4dNmTQv-6egSCcStONCcMKY-Q.roa
Signing time: Tue 12 Mar 2024 09:05:45 +0000
ROA not before: Tue 12 Mar 2024 09:05:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.14.166.0/24 maxlen: 24
93.123.74.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 02:18:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:31:e9:21:d9:fc:18:7c:73:4d:02:d9:46:36:d8:0d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 12 09:05:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9e1e1d3664d0bfee9e81209c4ad38d09c30a63e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:bf:47:04:f4:c3:52:a7:cf:24:0f:4a:af:4e:
65:15:60:e1:cb:13:36:d5:69:a2:c9:a6:97:db:20:
3f:7a:25:d7:7e:68:ea:e1:86:e3:e4:6c:e0:69:d7:
91:4b:90:21:e0:97:90:1f:64:13:3c:35:87:a3:57:
a5:11:8e:2d:87:2e:84:88:98:29:dd:ad:54:17:da:
95:8c:89:36:d0:a3:8b:c8:9f:2f:7e:c2:1f:1e:41:
37:16:cc:50:c2:3a:f5:c2:a2:89:4a:ef:e8:d7:84:
fe:f6:91:07:66:4c:56:e9:0c:a8:8c:04:47:be:03:
5e:82:b1:1b:06:39:d7:bf:27:41:19:78:c2:3f:78:
8d:a0:d1:71:ee:21:06:ed:00:da:c1:0f:ca:75:2c:
f8:7c:8b:b3:f1:e2:e7:ff:d8:40:8d:cf:97:ac:ec:
43:73:aa:a3:9e:bb:7c:d4:1b:0e:cc:ea:d9:79:ed:
34:f0:f2:24:80:38:22:4c:90:c7:fb:10:2b:69:93:
79:31:75:5d:78:2f:f5:e1:35:ff:6e:e2:eb:14:66:
f7:fc:4d:7d:f7:b0:00:41:ed:04:a3:98:ea:7e:f4:
ab:bf:79:68:62:99:2e:30:12:19:3b:4b:ea:6f:74:
13:40:c3:1a:d8:c5:d9:f4:41:49:4f:a8:bb:37:28:
3c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1E:1D:36:64:D0:BF:EE:9E:81:20:9C:4A:D3:8D:09:C3:0A:63:E4
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/nh4dNmTQv-6egSCcStONCcMKY-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.166.0/24
93.123.74.0/24
93.123.119.0/24
185.252.163.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:c4:df:2a:09:ab:85:14:f1:a7:83:70:49:82:8c:0f:fe:86:
ec:d0:96:fc:35:73:be:d9:8f:f0:d2:c8:eb:11:55:2a:04:a6:
ce:e4:2c:c0:d2:07:dd:d5:73:50:92:f2:5b:d7:90:ad:9f:15:
7a:ad:7d:67:74:e1:90:12:41:ec:0a:73:d9:54:d3:0b:51:9f:
50:68:2a:bc:89:95:ce:26:d0:5a:46:ee:c2:6b:a9:79:87:78:
32:18:4d:2b:4a:85:b7:f9:25:46:cd:97:b3:46:4c:af:4f:ed:
aa:8f:2c:69:4b:a8:7d:bc:e9:b6:80:84:4a:2f:fc:58:4c:0f:
a4:75:9d:ba:a5:35:14:ae:5b:c8:fe:50:5d:ea:a9:76:4c:8c:
49:1a:f5:bf:dc:f3:e9:97:87:f9:8e:36:cf:cc:c3:33:a7:93:
79:9e:04:17:86:5c:d2:d1:4a:c5:7e:ce:96:6e:5d:99:3c:fc:
fe:de:9f:6b:92:28:39:92:c5:d3:14:98:59:f9:7b:f9:44:64:
c4:68:6d:76:2d:d6:32:69:d8:cd:f5:c6:c5:de:dc:43:ca:38:
77:71:1c:06:f0:a4:24:f6:62:f2:0a:47:17:83:2b:9e:5b:72:
82:e5:50:3c:53:84:7f:70:21:aa:8e:42:ee:73:5d:dc:f3:e2:
7a:80:83:7f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4x6SHZ/Bh8c00C2UY22A2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMzEyMDkwNTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFlMWQzNjY0ZDBiZmVlOWU4MTIwOWM0YWQzOGQwOWMzMGE2M2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz79HBPTDUqfPJA9Kr05lFWDhyxM2
1WmiyaaX2yA/eiXXfmjq4Ybj5GzgadeRS5Ah4JeQH2QTPDWHo1elEY4thy6EiJgp
3a1UF9qVjIk20KOLyJ8vfsIfHkE3FsxQwjr1wqKJSu/o14T+9pEHZkxW6QyojARH
vgNegrEbBjnXvydBGXjCP3iNoNFx7iEG7QDawQ/KdSz4fIuz8eLn/9hAjc+XrOxD
c6qjnrt81BsOzOrZee008PIkgDgiTJDH+xAraZN5MXVdeC/14TX/buLrFGb3/E19
97AAQe0Eo5jqfvSrv3loYpkuMBIZO0vqb3QTQMMa2MXZ9EFJT6i7Nyg8tQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ4eHTZk0L/unoEgnErTjQnDCmPkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvbmg0ZE5tVFF2LTZlZ1NDY1N0T05DY01LWS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ6mAwQA
XXtKAwQAXXt3AwQAufyjAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQAvxN8qCauF
FPGng3BJgowP/obs0Jb8NXO+2Y/w0sjrEVUqBKbO5CzA0gfd1XNQkvJb15CtnxV6
rX1ndOGQEkHsCnPZVNMLUZ9QaCq8iZXOJtBaRu7Ca6l5h3gyGE0rSoW3+SVGzZez
RkyvT+2qjyxpS6h9vOm2gIRKL/xYTA+kdZ26pTUUrlvI/lBd6ql2TIxJGvW/3PPp
l4f5jjbPzMMzp5N5ngQXhlzS0UrFfs6Wbl2ZPPz+3p9rkig5ksXTFJhZ+Xv5RGTE
aG12LdYyadjN9cbF3txDyjh3cRwG8KQk9mLyCkcXgyueW3KC5VA8U4R/cCGqjkLu
c13c8+J6gIN/
-----END CERTIFICATE-----
Generated at Mon Mar 25 03:55:16 2024 by rpki-client on console-ams.rpki-client.org