Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZjWhsEUNdbuqbe0D7_WfoT3IB4.roa
File: tZjWhsEUNdbuqbe0D7_WfoT3IB4.roa (raw, json)
Hash identifier: HADXaLb5jS7GjjLZrl5cD6IhgOAkmhpG30Vcd+VcZKI=
Subject key identifier: B5:98:D6:86:C1:14:35:D6:EE:A9:B7:B4:0F:BF:D6:7E:84:F7:20:1E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ACB3D77427424D54D9D5ED309A93DBABB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZjWhsEUNdbuqbe0D7_WfoT3IB4.roa
Signing time: Mon 25 Sep 2023 07:28:37 +0000
ROA not before: Mon 25 Sep 2023 07:28:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 94.156.8.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Oct 2023 07:12:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:3d:77:42:74:24:d5:4d:9d:5e:d3:09:a9:3d:ba:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 25 07:28:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b598d686c11435d6eea9b7b40fbfd67e84f7201e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7c:05:62:7e:87:d5:aa:33:1e:c5:09:d8:a3:
34:c5:d2:24:fa:c3:51:5d:e8:c5:83:4e:3c:1b:2b:
38:42:77:3e:c3:cd:18:e0:d0:ed:c5:cc:9e:b0:82:
07:66:8a:28:35:fb:19:fd:b8:d7:4a:06:33:d9:59:
9b:a5:a4:ca:8e:94:de:82:a1:84:45:06:91:7d:92:
4b:cc:61:37:36:b2:f4:a9:39:83:52:7b:fb:70:a6:
05:1c:97:c5:33:85:5a:fd:63:af:cf:d4:a4:7e:e9:
d1:56:32:95:da:48:dd:81:ea:02:4e:9a:22:99:f4:
ec:f0:4a:f6:31:9a:48:03:ba:35:40:06:cf:e4:fe:
1f:d4:92:8a:bf:76:f6:2a:11:f3:e0:83:2d:d4:48:
f0:62:54:e3:10:77:f1:f6:06:d3:e3:ff:8e:4f:ca:
29:6c:70:94:53:91:d9:c5:69:b9:b5:8c:cb:19:a5:
d4:d4:7d:11:8a:45:2b:32:87:2c:61:fd:36:aa:66:
06:c3:a6:88:ba:1c:ef:58:78:3f:21:b6:73:c5:5c:
f1:f9:84:e7:4c:e5:b8:76:20:47:be:8e:e1:14:a2:
87:36:05:9b:a3:fa:3f:7a:e8:13:5c:df:a7:f5:be:
51:ae:a0:e2:d9:f1:6f:76:2e:25:2a:86:b9:c4:66:
5f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:98:D6:86:C1:14:35:D6:EE:A9:B7:B4:0F:BF:D6:7E:84:F7:20:1E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tZjWhsEUNdbuqbe0D7_WfoT3IB4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
94.156.8.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:26:d8:c8:4c:3b:5b:06:9a:5e:18:ef:c4:61:83:e0:ab:47:
f2:08:60:54:0f:32:2a:d1:da:e6:f2:ed:4b:1e:ea:3e:9d:b5:
44:57:5f:3d:dc:0c:80:01:a1:ba:a2:50:6b:d6:0c:77:e8:50:
44:25:f4:f0:1c:ba:72:8c:0c:de:64:ba:a7:8c:20:9b:01:2b:
55:85:3d:e6:12:5f:17:ba:95:9b:05:a7:ee:67:4b:4b:83:d6:
31:e2:7d:3c:2e:d7:a9:ee:fd:37:7f:32:2d:02:6c:19:97:ad:
e2:ff:7b:0b:6c:24:af:6d:09:f6:87:03:2a:b0:14:b3:45:ab:
5a:af:e9:23:9a:e4:a6:4c:b1:47:3a:54:a5:82:5d:62:fa:c1:
e9:18:c8:3a:74:f2:f4:28:f7:b3:40:6f:05:fa:d7:dd:75:0c:
1f:0f:84:a7:64:04:15:ed:c9:65:61:9b:fb:16:70:05:37:23:
51:8b:95:67:0e:76:33:c1:ed:f6:24:2a:25:07:e3:27:d0:2a:
98:f5:ad:51:7e:eb:40:5d:03:f2:e4:d8:48:5d:6c:37:ca:1f:
d8:c2:60:c8:98:a0:f6:e7:6c:4c:d1:80:72:9f:15:86:80:b2:
9e:46:e0:16:04:7c:23:9d:34:92:d2:9c:ee:e4:6b:35:0c:c5:
b1:05:a3:37
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYrLPXdCdCTVTZ1e0wmpPbq7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI1MDcyODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTk4ZDY4NmMxMTQzNWQ2ZWVhOWI3YjQwZmJmZDY3ZTg0ZjcyMDFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnwFYn6H1aozHsUJ2KM0xdIk+sNR
XejFg048Gys4Qnc+w80Y4NDtxcyesIIHZoooNfsZ/bjXSgYz2VmbpaTKjpTegqGE
RQaRfZJLzGE3NrL0qTmDUnv7cKYFHJfFM4Va/WOvz9SkfunRVjKV2kjdgeoCTpoi
mfTs8Er2MZpIA7o1QAbP5P4f1JKKv3b2KhHz4IMt1EjwYlTjEHfx9gbT4/+OT8op
bHCUU5HZxWm5tYzLGaXU1H0RikUrMocsYf02qmYGw6aIuhzvWHg/IbZzxVzx+YTn
TOW4diBHvo7hFKKHNgWbo/o/eugTXN+n9b5RrqDi2fFvdi4lKoa5xGZfKwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLWY1obBFDXW7qm3tA+/1n6E9yAeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdFpqV2hzRVVOZGJ1cWJlMEQ3X1dmb1QzSUI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALVhYAwQA
XpwIMA0GCSqGSIb3DQEBCwUAA4IBAQAfJtjITDtbBppeGO/EYYPgq0fyCGBUDzIq
0drm8u1LHuo+nbVEV1893AyAAaG6olBr1gx36FBEJfTwHLpyjAzeZLqnjCCbAStV
hT3mEl8XupWbBafuZ0tLg9Yx4n08Ltep7v03fzItAmwZl63i/3sLbCSvbQn2hwMq
sBSzRatar+kjmuSmTLFHOlSlgl1i+sHpGMg6dPL0KPezQG8F+tfddQwfD4SnZAQV
7cllYZv7FnAFNyNRi5VnDnYzwe32JColB+Mn0CqY9a1RfutAXQPy5NhIXWw3yh/Y
wmDImKD252xM0YBynxWGgLKeRuAWBHwjnTSS0pzu5Gs1DMWxBaM3
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:50:45 2024 by rpki-client on console-ams.rpki-client.org