Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhXn-gtAOT23rpjVK8fzOpM7oFk.roa
File: rhXn-gtAOT23rpjVK8fzOpM7oFk.roa (raw, json)
Hash identifier: NZYkDooyyW61FPuPhPpJMjbsG2JRj29j+jvFEMXRMkU=
Subject key identifier: AE:15:E7:FA:0B:40:39:3D:B7:AE:98:D5:2B:C7:F3:3A:93:3B:A0:59
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F2CD14589287AF6402F678BE51951E95D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhXn-gtAOT23rpjVK8fzOpM7oFk.roa
Signing time: Tue 30 Apr 2024 02:24:23 +0000
ROA not before: Tue 30 Apr 2024 02:24:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 45.81.240.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
193.148.253.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 12:12:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2c:d1:45:89:28:7a:f6:40:2f:67:8b:e5:19:51:e9:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 30 02:24:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae15e7fa0b40393db7ae98d52bc7f33a933ba059
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1c:46:19:b1:8d:f2:6f:d9:0a:c4:a5:74:da:
92:38:c3:c9:35:d4:c8:93:9f:03:06:b2:8f:71:d1:
09:6c:c3:26:61:1e:4a:2e:85:fb:43:fd:bc:51:9b:
f1:3e:ab:b5:91:1d:6b:b2:6d:00:d5:c8:2c:c1:12:
f6:23:3f:f7:34:1b:55:b5:e6:da:18:00:63:c6:0d:
a0:ac:29:71:b2:1f:d7:de:7d:ad:0e:9d:c5:52:e4:
46:06:bc:6b:2a:c5:cc:ff:6b:fc:ac:2f:ce:6f:c6:
3c:2e:31:36:20:c1:09:f0:13:ac:e2:7d:e4:63:8b:
a9:67:97:d3:3f:dd:7d:7b:f8:26:e8:dc:5e:fe:1f:
90:e9:54:2f:e2:d7:b1:50:ef:5f:75:bf:3b:d6:e6:
b5:32:7f:0b:5e:fc:ac:77:f4:81:94:b9:79:9e:c3:
c4:9b:43:7c:51:6f:a3:45:e3:0d:8e:a6:21:ec:85:
47:bb:c3:90:fb:c1:ca:30:73:ce:33:5a:0a:96:7f:
7a:dd:88:fb:8f:be:cc:45:3d:31:70:14:60:5a:d6:
60:18:ef:17:54:8d:db:c1:ca:22:f2:cd:be:c9:00:
37:56:87:e1:a3:45:fd:34:1a:da:3d:8b:b6:db:41:
34:e1:a1:6e:07:3c:47:fc:41:be:b3:4d:ba:2b:90:
83:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:15:E7:FA:0B:40:39:3D:B7:AE:98:D5:2B:C7:F3:3A:93:3B:A0:59
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhXn-gtAOT23rpjVK8fzOpM7oFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
87.120.68.0/23
87.121.60.0/24
185.252.160.0/23
193.148.253.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
37:0b:41:f9:6c:71:6e:c2:7c:a8:7d:1f:4c:60:b2:56:0b:25:
47:82:88:53:b9:b6:98:57:51:c7:a1:37:f2:9d:5b:f4:be:c2:
84:a4:4c:47:0d:99:00:c8:d3:27:56:e4:b1:d2:63:52:5d:8e:
6a:5a:34:1e:d9:72:12:4c:0c:cd:0b:97:31:72:75:00:dc:cf:
d2:a9:57:5a:0c:9b:47:bf:0e:b1:25:a0:0b:6e:f8:ed:68:07:
c4:8d:4e:c2:85:74:b0:5c:ef:17:55:51:8d:78:50:32:90:eb:
2f:3b:67:26:a8:9c:39:62:d6:b7:5c:d0:02:7a:6b:ff:cb:06:
81:6a:83:34:07:e8:d5:9b:1a:18:92:b8:6c:dd:b1:27:ad:54:
95:41:ba:8a:15:8c:d0:a6:d9:e0:80:90:59:c3:71:3b:4b:40:
c7:ab:f8:0b:81:4a:85:a2:0e:8c:fa:46:bb:b0:67:89:a4:8c:
a1:22:aa:80:57:b2:1d:d5:0e:f0:fa:41:73:02:e5:90:55:db:
f0:f8:45:7e:4d:e8:ce:02:34:30:e9:d0:9c:ca:94:97:f5:ab:
86:f4:1d:98:d1:02:0a:97:b0:85:b3:29:94:04:36:70:71:39:
bd:9d:2f:e8:b9:77:65:18:9e:e3:4d:5c:3a:b4:23:36:7c:9d:
87:da:ae:8c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY8s0UWJKHr2QC9ni+UZUeldMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDMwMDIyNDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE1ZTdmYTBiNDAzOTNkYjdhZTk4ZDUyYmM3ZjMzYTkzM2JhMDU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBxGGbGN8m/ZCsSldNqSOMPJNdTI
k58DBrKPcdEJbMMmYR5KLoX7Q/28UZvxPqu1kR1rsm0A1cgswRL2Iz/3NBtVteba
GABjxg2grClxsh/X3n2tDp3FUuRGBrxrKsXM/2v8rC/Ob8Y8LjE2IMEJ8BOs4n3k
Y4upZ5fTP919e/gm6Nxe/h+Q6VQv4texUO9fdb871ua1Mn8LXvysd/SBlLl5nsPE
m0N8UW+jReMNjqYh7IVHu8OQ+8HKMHPOM1oKln963Yj7j77MRT0xcBRgWtZgGO8X
VI3bwcoi8s2+yQA3Vofho0X9NBraPYu220E04aFuBzxH/EG+s026K5CDNQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFK4V5/oLQDk9t66Y1SvH8zqTO6BZMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcmhYbi1ndEFPVDIzcnBqVks4ZnpPcE03b0ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVHwAwQB
V3hEAwQAV3k8AwQBufygAwQAwZT9AwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQA3
C0H5bHFuwnyofR9MYLJWCyVHgohTubaYV1HHoTfynVv0vsKEpExHDZkAyNMnVuSx
0mNSXY5qWjQe2XISTAzNC5cxcnUA3M/SqVdaDJtHvw6xJaALbvjtaAfEjU7ChXSw
XO8XVVGNeFAykOsvO2cmqJw5Yta3XNACemv/ywaBaoM0B+jVmxoYkrhs3bEnrVSV
QbqKFYzQptnggJBZw3E7S0DHq/gLgUqFog6M+ka7sGeJpIyhIqqAV7Id1Q7w+kFz
AuWQVdvw+EV+TejOAjQw6dCcypSX9auG9B2Y0QIKl7CFsymUBDZwcTm9nS/ouXdl
GJ7jTVw6tCM2fJ2H2q6M
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:20 2024 by rpki-client on console-fra.rpki-client.org