Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oRz29eQE14Mxhn0NZHH2O7qnIoM.roa
File: oRz29eQE14Mxhn0NZHH2O7qnIoM.roa (raw, json)
Hash identifier: MY/YCkNxZh3MgFXrA70BUY/XLiOBUOP0B+Vg9KykiUc=
Subject key identifier: A1:1C:F6:F5:E4:04:D7:83:31:86:7D:0D:64:71:F6:3B:BA:A7:22:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018578905265150D38323A7A2CF41FAB9875
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oRz29eQE14Mxhn0NZHH2O7qnIoM.roa
Signing time: Tue 03 Jan 2023 16:56:42 +0000
ROA not before: Tue 03 Jan 2023 16:56:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
45.14.164.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jan 2023 16:39:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:90:52:65:15:0d:38:32:3a:7a:2c:f4:1f:ab:98:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 3 16:56:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a11cf6f5e404d78331867d0d6471f63bbaa72283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:96:5c:b9:8d:11:5d:7f:03:8a:11:e8:09:33:
7b:f6:c3:aa:91:d7:17:23:9c:b1:14:a1:e0:e8:8d:
e7:7a:a1:04:51:8b:d4:bf:e8:aa:d5:04:47:8f:a2:
5b:d9:81:99:13:36:3a:a9:7b:ec:b9:de:46:d8:93:
1e:2a:5f:65:28:ad:8d:44:6b:76:40:d5:b4:94:59:
cb:48:3e:3a:b1:0a:95:6e:ed:34:1d:41:0f:3b:cf:
ba:66:68:c9:56:52:ca:81:99:5e:b9:1f:fd:75:07:
ab:59:b5:ce:3f:99:3b:ff:2f:cb:27:73:31:87:d8:
30:ea:d7:c3:c5:cc:83:38:bd:fb:7f:81:d4:59:e4:
a7:f5:b8:3c:73:ef:6d:1e:6d:34:e2:f2:50:07:4a:
56:f2:f7:94:c3:d2:8e:19:42:de:91:65:c3:27:4b:
7e:ab:ea:11:50:79:e6:54:47:9b:3a:e2:af:88:b4:
43:06:cc:cd:fb:43:06:67:33:d2:24:e7:1b:a2:81:
29:8c:70:e6:4f:85:a1:69:b1:17:61:67:6d:70:7f:
a0:31:4a:38:65:67:c9:45:80:fe:6d:ed:a7:24:24:
d6:04:4a:7f:be:65:98:c4:10:0e:cc:a1:34:37:2d:
53:fa:16:d6:b1:6b:c1:ed:98:31:3f:3a:04:6e:26:
43:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1C:F6:F5:E4:04:D7:83:31:86:7D:0D:64:71:F6:3B:BA:A7:22:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/oRz29eQE14Mxhn0NZHH2O7qnIoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.14.164.0/24
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
31:5f:59:ad:aa:5a:35:1d:99:3f:b4:27:8d:74:9a:2c:c8:2f:
1f:ea:1f:ad:72:75:c3:35:d0:de:3c:1e:89:89:0e:ae:67:f1:
c2:5e:8f:79:b9:0f:6e:60:88:b9:18:72:8f:e0:93:f6:4f:74:
3b:66:fa:63:b0:f5:60:cf:4d:b5:03:bc:60:42:ac:ec:d8:22:
4b:9f:fa:e4:29:68:e5:98:d8:dc:43:c9:d2:44:51:80:6f:5d:
52:71:88:2b:cc:7c:85:87:c8:24:6d:71:9a:8c:a5:89:f4:ee:
31:7e:7c:42:8d:08:25:33:76:8d:c7:26:e8:36:ba:11:53:e0:
93:e9:b5:f5:3c:76:54:06:7b:7d:e5:c5:fd:28:98:51:94:5c:
5b:36:04:63:bc:6c:20:7e:d6:92:d6:d0:00:40:7e:17:e7:74:
b3:eb:2b:d2:4a:53:47:c4:67:9f:32:f0:25:ad:88:5c:a7:28:
9a:c6:85:e9:58:4f:3a:41:61:0e:c7:9d:9a:ff:5a:8a:8d:48:
be:4e:4e:4e:e4:6c:24:32:ef:e3:4b:09:74:5b:c7:00:70:86:
3f:ba:34:eb:f0:53:6b:98:7a:1f:5e:7c:bd:c3:96:a3:1c:00:
f9:75:16:94:68:58:c7:1c:fc:8b:7e:2d:35:1a:7f:d6:e6:68:
ff:47:96:c2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYV4kFJlFQ04Mjp6LPQfq5h1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAzMTY1NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFjZjZmNWU0MDRkNzgzMzE4NjdkMGQ2NDcxZjYzYmJhYTcyMjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZZcuY0RXX8DihHoCTN79sOqkdcX
I5yxFKHg6I3neqEEUYvUv+iq1QRHj6Jb2YGZEzY6qXvsud5G2JMeKl9lKK2NRGt2
QNW0lFnLSD46sQqVbu00HUEPO8+6ZmjJVlLKgZleuR/9dQerWbXOP5k7/y/LJ3Mx
h9gw6tfDxcyDOL37f4HUWeSn9bg8c+9tHm004vJQB0pW8veUw9KOGULekWXDJ0t+
q+oRUHnmVEebOuKviLRDBszN+0MGZzPSJOcbooEpjHDmT4WhabEXYWdtcH+gMUo4
ZWfJRYD+be2nJCTWBEp/vmWYxBAOzKE0Ny1T+hbWsWvB7ZgxPzoEbiZDIwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKEc9vXkBNeDMYZ9DWRx9ju6pyKDMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvb1J6MjllUUUxNE14aG4wTlpISDJPN3FuSW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCJd14AwQA
LQ6kAwQALVHxAwQALZCZAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3
DQEBCwUAA4IBAQAxX1mtqlo1HZk/tCeNdJosyC8f6h+tcnXDNdDePB6JiQ6uZ/HC
Xo95uQ9uYIi5GHKP4JP2T3Q7ZvpjsPVgz021A7xgQqzs2CJLn/rkKWjlmNjcQ8nS
RFGAb11ScYgrzHyFh8gkbXGajKWJ9O4xfnxCjQglM3aNxyboNroRU+CT6bX1PHZU
Bnt95cX9KJhRlFxbNgRjvGwgftaS1tAAQH4X53Sz6yvSSlNHxGefMvAlrYhcpyia
xoXpWE86QWEOx52a/1qKjUi+Tk5O5GwkMu/jSwl0W8cAcIY/ujTr8FNrmHofXny9
w5ajHAD5dRaUaFjHHPyLfi01Gn/W5mj/R5bC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:43 2024 by rpki-client on console-ams.rpki-client.org