Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ramm0OEM3IeLKynG-Jo1ERB7WD4.roa
File: ramm0OEM3IeLKynG-Jo1ERB7WD4.roa (raw, json)
Hash identifier: o3yQ9lT2Zegjaxm9QwQEpMxBDs7H6IDzyD4Vtty9GPY=
Subject key identifier: AD:A9:A6:D0:E1:0C:DC:87:8B:2B:29:C6:F8:9A:35:11:10:7B:58:3E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186EFAEAD9FF6D4C2D31EFA8BC71922EAF1
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ramm0OEM3IeLKynG-Jo1ERB7WD4.roa
Signing time: Fri 17 Mar 2023 13:07:27 +0000
ROA not before: Fri 17 Mar 2023 13:07:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 84.21.173.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Mar 2023 14:28:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:ae:ad:9f:f6:d4:c2:d3:1e:fa:8b:c7:19:22:ea:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 13:07:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ada9a6d0e10cdc878b2b29c6f89a3511107b583e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f6:92:a6:49:a7:29:a5:ad:12:af:17:78:12:
b1:2b:92:a6:79:e4:97:1b:08:02:4a:62:cb:42:33:
fc:8f:6f:69:9e:6d:7a:19:be:c7:c8:f7:5d:63:d0:
bb:70:6a:00:a3:99:53:43:7a:8b:da:9b:48:2c:80:
c9:0c:e3:77:a5:f3:e2:7d:98:d5:e9:23:45:e8:94:
2e:a8:6b:2a:e9:c7:da:79:f2:12:b9:44:6e:82:96:
b8:8c:b5:25:9c:7b:c9:c2:a3:3c:09:aa:72:e1:04:
3d:38:b5:31:70:df:44:b0:13:1f:e2:0b:6a:03:d1:
85:8e:97:74:6a:47:12:27:f1:d3:03:4c:fd:59:a7:
15:a2:13:7f:4f:22:a6:53:86:64:4a:98:0b:d7:c5:
73:8d:62:c5:f6:ec:68:89:0b:e9:fe:ac:e2:9e:0f:
90:96:87:c7:1b:6a:1a:84:0f:2c:91:3e:55:df:33:
49:e7:0a:a9:be:87:23:1f:1f:61:c2:38:d0:e4:87:
5b:6c:1f:25:36:c7:a6:e7:dc:93:1d:50:13:f7:92:
b7:6c:b3:42:21:a7:4f:bc:88:bf:68:24:63:e7:bd:
6d:d0:30:6b:9b:51:da:67:50:4d:6e:d5:cf:04:12:
ab:80:d4:e0:a3:ee:98:76:25:1f:94:1d:7e:13:9f:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:A9:A6:D0:E1:0C:DC:87:8B:2B:29:C6:F8:9A:35:11:10:7B:58:3E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ramm0OEM3IeLKynG-Jo1ERB7WD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.233.0/24
84.21.173.0/24
84.54.49.0/24
87.121.220.0/24
94.103.125.0/24
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
178.215.237.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
78:04:3a:fb:ab:af:78:26:83:b0:8a:38:91:48:d7:f7:ea:72:
a1:fc:9b:7a:bb:74:dd:f3:c7:b0:56:da:58:6d:51:cc:54:17:
76:3f:ce:3d:38:aa:47:48:a5:13:31:fe:44:d7:e1:71:61:ec:
85:25:7d:e2:25:2d:b0:30:ac:ac:28:9a:3e:87:63:ec:51:45:
32:5d:a5:7c:f6:27:9b:45:df:05:86:8c:ef:af:5c:91:11:63:
b3:fb:f4:0f:83:1e:0b:78:13:f7:31:cd:9f:69:41:33:6d:eb:
4b:13:4e:29:7a:bb:9a:eb:9f:7e:82:45:ed:60:b7:c9:a6:63:
50:bd:a2:d6:9b:79:f5:28:21:6a:74:42:ec:0c:e1:7a:0e:bc:
8c:80:fc:46:31:3c:bc:9d:2b:27:14:79:a9:4b:b2:1d:a7:07:
ec:3a:dc:5c:81:87:89:1c:e2:37:16:74:53:7e:a4:10:5b:43:
de:5d:03:dc:56:f7:60:fd:35:7b:d3:74:db:1c:ac:3d:9b:a9:
c2:42:47:e0:5e:fd:f6:41:eb:a7:4f:6f:39:82:60:f5:8b:ad:
bf:db:b9:1d:37:47:b3:bb:f6:6b:5c:15:5c:f9:82:72:1c:ae:
6e:56:e9:87:16:de:bd:86:0b:b4:ef:7d:66:85:c3:3a:e5:07:
45:4c:d0:60
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYbvrq2f9tTC0x76i8cZIurxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE3MTMwNzI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGE5YTZkMGUxMGNkYzg3OGIyYjI5YzZmODlhMzUxMTEwN2I1ODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovaSpkmnKaWtEq8XeBKxK5KmeeSX
GwgCSmLLQjP8j29pnm16Gb7HyPddY9C7cGoAo5lTQ3qL2ptILIDJDON3pfPifZjV
6SNF6JQuqGsq6cfaefISuURugpa4jLUlnHvJwqM8Capy4QQ9OLUxcN9EsBMf4gtq
A9GFjpd0akcSJ/HTA0z9WacVohN/TyKmU4ZkSpgL18VzjWLF9uxoiQvp/qzing+Q
lofHG2oahA8skT5V3zNJ5wqpvocjHx9hwjjQ5IdbbB8lNsem59yTHVAT95K3bLNC
IadPvIi/aCRj571t0DBrm1HaZ1BNbtXPBBKrgNTgo+6YdiUflB1+E5+SjwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFK2pptDhDNyHiyspxviaNREQe1g+MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcmFtbTBPRU0zSWVMS3luRy1KbzFFUkI3V0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZXpAwQA
VBWtAwQAVDYxAwQAV3ncAwQAXmd9AwQAXpqsAwQAjWIHAwQBk05kAwQAstftAwQA
wjFXMA0GCSqGSIb3DQEBCwUAA4IBAQB4BDr7q694JoOwijiRSNf36nKh/Jt6u3Td
88ewVtpYbVHMVBd2P849OKpHSKUTMf5E1+FxYeyFJX3iJS2wMKysKJo+h2PsUUUy
XaV89iebRd8Fhozvr1yREWOz+/QPgx4LeBP3Mc2faUEzbetLE04perua659+gkXt
YLfJpmNQvaLWm3n1KCFqdELsDOF6DryMgPxGMTy8nSsnFHmpS7IdpwfsOtxcgYeJ
HOI3FnRTfqQQW0PeXQPcVvdg/TV703TbHKw9m6nCQkfgXv32QeunT285gmD1i62/
27kdN0ezu/ZrXBVc+YJyHK5uVumHFt69hgu0731mhcM65QdFTNBg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org