Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rERlfAFG5U8JY2kRqQqu8ypChZY.roa
File: rERlfAFG5U8JY2kRqQqu8ypChZY.roa (raw, json)
Hash identifier: x8y1GcHEiM1kv2QCq9k9GAmKfgwDquueBZUbH5GJS/o=
Subject key identifier: AC:44:65:7C:01:46:E5:4F:09:63:69:11:A9:0A:AE:F3:2A:42:85:96
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81DCEA78435F409CBA55B8EB545F82
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rERlfAFG5U8JY2kRqQqu8ypChZY.roa
Signing time: Sun 01 Jan 2023 13:25:05 +0000
ROA not before: Sun 01 Jan 2023 13:25:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29030
IP address blocks: 94.156.20.0/22 maxlen: 22
87.121.152.0/21 maxlen: 21
31.13.200.0/21 maxlen: 21
94.156.244.0/24 maxlen: 24
87.121.65.0/24 maxlen: 24
94.156.199.0/24 maxlen: 24
94.156.197.0/24 maxlen: 24
94.156.195.0/24 maxlen: 24
94.156.196.0/24 maxlen: 24
94.156.198.0/24 maxlen: 24
94.156.194.0/24 maxlen: 24
94.156.208.0/21 maxlen: 21
87.121.24.0/22 maxlen: 24
31.13.242.0/23 maxlen: 23
87.121.8.0/21 maxlen: 21
Validation: Failed, certificate revoked on Fri 29 Sep 2023 12:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:dc:ea:78:43:5f:40:9c:ba:55:b8:eb:54:5f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ac44657c0146e54f09636911a90aaef32a428596
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:9e:c1:bc:5b:5e:8c:72:fd:5a:92:9b:e1:52:
65:22:51:04:a4:8b:6f:8e:b3:07:2c:48:e6:8e:53:
0f:e3:aa:6b:67:ed:4a:69:eb:0e:52:9e:f6:31:51:
ce:17:0f:c6:05:b3:f2:f1:1a:70:c5:ce:51:84:ff:
1d:86:d5:ab:d4:8d:5b:be:a3:6e:57:9a:94:78:46:
fc:d5:8f:2b:1f:d4:8e:71:81:21:e7:9b:9a:dc:1b:
9d:97:78:e8:4a:31:a8:fc:58:6d:46:6b:8b:c0:43:
b5:b3:70:90:66:a2:6e:6c:f5:c5:99:0b:34:5e:75:
1f:46:e6:ab:c9:c2:f0:fa:ca:e2:4a:2a:a0:16:06:
ce:f6:72:37:cf:14:7c:23:17:45:bb:52:49:58:bd:
7c:57:a5:a7:6d:e4:5e:d4:9c:89:ed:24:12:fb:95:
a8:dc:3f:ca:b6:46:25:c5:5c:f5:b3:5c:c9:21:e8:
3b:90:d9:e0:77:d4:20:c3:88:3c:92:7b:28:86:c5:
4d:93:c9:c9:89:3e:99:d2:01:e0:51:a4:f3:e3:54:
0d:80:24:82:32:9b:ce:8c:69:9d:b2:96:b6:f0:3b:
71:2d:41:f4:bc:29:f0:5a:cc:3d:0c:d2:52:40:b4:
2b:d9:7b:bd:ea:8e:47:7a:44:36:65:49:f9:44:d5:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:44:65:7C:01:46:E5:4F:09:63:69:11:A9:0A:AE:F3:2A:42:85:96
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rERlfAFG5U8JY2kRqQqu8ypChZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.200.0/21
31.13.242.0/23
87.121.8.0/21
87.121.24.0/22
87.121.65.0/24
87.121.152.0/21
94.156.20.0/22
94.156.194.0-94.156.199.255
94.156.208.0/21
94.156.244.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:4b:41:ae:30:df:c2:c7:15:61:a9:72:17:3e:cb:1e:41:08:
ef:cd:ce:72:fb:ad:34:b8:8b:3e:70:48:39:08:28:a9:c0:6f:
bd:15:45:62:4e:f3:32:0e:f1:66:45:6c:c9:1a:df:12:ef:be:
6a:3e:ca:d6:07:c8:cb:8c:94:b1:6c:1b:cb:75:3f:29:d9:f7:
ab:df:0c:0e:d5:0c:c0:88:c3:86:b5:99:cc:98:3f:f1:dc:4d:
99:ec:3b:2c:0d:8d:45:40:a2:2e:27:9e:af:2d:e3:22:ef:32:
7b:de:c4:0a:cd:b3:62:70:d4:92:b0:6e:14:94:28:f5:b7:78:
20:f6:78:c4:8e:63:c6:0d:26:7b:18:f2:ab:e0:f7:35:42:d2:
a3:1d:e2:80:1a:f9:e7:ea:15:3b:07:46:17:64:fa:db:40:25:
ae:d5:f1:5c:62:35:55:8a:e1:90:8b:8e:8e:aa:dd:00:28:2e:
78:59:28:60:f0:6f:92:25:6b:e8:94:7a:19:f8:19:a7:17:3a:
2d:ae:63:11:b5:e6:11:a8:65:69:da:94:4b:33:ce:b5:f9:eb:
aa:c4:ad:38:40:aa:17:c8:5d:14:f9:05:28:24:09:e6:23:5c:
87:54:56:a0:9d:a8:5d:26:36:11:bf:b4:27:49:89:30:31:45:
76:d3:0c:12
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYVtgdzqeENfQJy6VbjrVF+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQ0NjU3YzAxNDZlNTRmMDk2MzY5MTFhOTBhYWVmMzJhNDI4NTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkZ7BvFtejHL9WpKb4VJlIlEEpItv
jrMHLEjmjlMP46prZ+1KaesOUp72MVHOFw/GBbPy8Rpwxc5RhP8dhtWr1I1bvqNu
V5qUeEb81Y8rH9SOcYEh55ua3Budl3joSjGo/FhtRmuLwEO1s3CQZqJubPXFmQs0
XnUfRuarycLw+sriSiqgFgbO9nI3zxR8IxdFu1JJWL18V6WnbeRe1JyJ7SQS+5Wo
3D/KtkYlxVz1s1zJIeg7kNngd9Qgw4g8knsohsVNk8nJiT6Z0gHgUaTz41QNgCSC
MpvOjGmdspa28DtxLUH0vCnwWsw9DNJSQLQr2Xu96o5HekQ2ZUn5RNV2pQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFKxEZXwBRuVPCWNpEakKrvMqQoWWMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvckVSbGZBRkc1VThKWTJrUnFRcXU4eXBDaFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQDHw3IAwQB
Hw3yAwQDV3kIAwQCV3kYAwQAV3lBAwQDV3mYAwQCXpwUMAwDBAFenMIDBANenMAD
BANenNADBABenPQwDQYJKoZIhvcNAQELBQADggEBAAtLQa4w38LHFWGpchc+yx5B
CO/NznL7rTS4iz5wSDkIKKnAb70VRWJO8zIO8WZFbMka3xLvvmo+ytYHyMuMlLFs
G8t1PynZ96vfDA7VDMCIw4a1mcyYP/HcTZnsOywNjUVAoi4nnq8t4yLvMnvexArN
s2Jw1JKwbhSUKPW3eCD2eMSOY8YNJnsY8qvg9zVC0qMd4oAa+efqFTsHRhdk+ttA
Ja7V8VxiNVWK4ZCLjo6q3QAoLnhZKGDwb5Ila+iUehn4GacXOi2uYxG15hGoZWna
lEszzrX566rErThAqhfIXRT5BSgkCeYjXIdUVqCdqF0mNhG/tCdJiTAxRXbTDBI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:44 2024 by rpki-client on console-ams.rpki-client.org