Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vkF2PXHGAPzbCGUHtsjq0LRS1l4.roa
File: vkF2PXHGAPzbCGUHtsjq0LRS1l4.roa (raw, json)
Hash identifier: MLtYitfLJuzTi7+xmdfxbDi0e22dZGFukqQHyuAbvp8=
Subject key identifier: BE:41:76:3D:71:C6:00:FC:DB:08:65:07:B6:C8:EA:D0:B4:52:D6:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191FF6AB5B10B20D6B3D9570A0905E5D417
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vkF2PXHGAPzbCGUHtsjq0LRS1l4.roa
Signing time: Tue 17 Sep 2024 09:57:49 +0000
ROA not before: Tue 17 Sep 2024 09:57:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.66.228.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
45.88.90.0/24 maxlen: 24
45.149.241.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
93.123.39.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.37.41.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 16:22:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:6a:b5:b1:0b:20:d6:b3:d9:57:0a:09:05:e5:d4:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 09:57:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be41763d71c600fcdb086507b6c8ead0b452d65e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c0:4a:bb:82:1f:78:19:51:7a:cb:73:d2:82:
5a:c0:2f:fc:94:e0:51:1a:69:6b:f2:65:b2:8e:9e:
38:73:ac:05:b5:47:1e:17:91:b8:71:18:ca:63:fd:
10:c3:f2:e2:c4:07:d9:0a:dd:fa:ba:34:8a:2e:50:
84:02:92:f8:fe:36:9a:ad:ae:9c:62:d6:de:41:e6:
b9:5a:3f:94:d6:4e:3b:9c:5c:f3:0b:c8:b8:21:05:
c1:b2:bb:0f:02:37:71:36:88:5e:2c:54:c1:d5:b8:
8d:99:7c:57:5d:ee:1c:b2:c0:2d:0d:10:25:5e:94:
96:4e:d5:eb:ed:11:61:17:e1:ca:74:24:86:6d:a2:
a3:06:74:b1:ee:8b:a3:ad:f6:f8:75:64:a8:f3:1f:
b8:3a:43:ef:e9:13:9c:f3:3b:e3:88:9a:4b:24:73:
0d:6a:09:4a:cc:29:08:61:10:8a:a6:da:74:3e:52:
78:31:b9:09:81:57:55:e7:65:13:56:fa:ed:59:89:
66:bf:ec:80:8e:48:7b:1b:63:a8:51:d0:68:3e:40:
c1:39:dd:68:a6:79:aa:d8:3c:79:bb:d8:3a:45:3e:
ff:85:69:27:0c:ff:f2:f0:56:74:6e:65:7e:24:db:
b5:f5:4f:c1:02:01:cf:2a:fb:db:69:14:e5:eb:b8:
99:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:41:76:3D:71:C6:00:FC:DB:08:65:07:B6:C8:EA:D0:B4:52:D6:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/vkF2PXHGAPzbCGUHtsjq0LRS1l4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.228.0/24
45.88.88.0/24
45.88.90.0/24
45.149.241.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
92.119.196.0/23
93.123.39.0/24
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.103.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.37.41.0/24
193.222.96.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:4d:b0:d0:b3:b9:a7:a6:fd:4a:ac:62:be:ec:87:08:f6:98:
75:2d:69:a5:f5:77:78:1f:39:15:b5:50:63:e8:b1:cb:3d:46:
79:ea:c5:45:04:e5:08:69:bb:65:ab:ee:e6:b2:1a:29:35:d5:
45:73:5a:f8:e3:95:14:19:99:d2:0c:e0:17:34:03:05:0f:a8:
03:b2:6e:08:bc:2b:ff:28:3d:d1:4a:a9:14:ed:5d:fa:19:3f:
b1:ec:d5:b7:87:4b:15:78:e2:75:20:c9:3d:22:3b:0d:a9:69:
2b:5b:a4:39:70:40:00:ad:db:6e:a7:ca:da:4b:cf:98:71:e0:
82:2a:26:09:e1:a7:42:cc:02:d3:8b:ee:6b:81:4b:b4:1f:4a:
c8:65:47:c6:d4:c8:e2:b9:08:e1:20:c5:3e:ce:b1:4a:86:37:
7c:6b:96:a9:49:91:eb:ce:64:b8:08:60:d7:49:69:96:1c:74:
20:5f:b1:77:53:ac:b8:49:70:e7:d0:b9:2f:b9:39:1e:b0:26:
05:16:c8:d4:23:c7:0f:2a:70:dc:97:21:31:18:79:0e:60:07:
c8:e9:da:ed:4a:09:74:cd:eb:c4:94:1c:cf:40:eb:d1:8e:e0:
5a:04:85:b4:ea:77:6a:a8:70:a8:7c:95:c7:42:e6:ea:af:b3:
d8:46:a4:a1
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZH/arWxCyDWs9lXCgkF5dQXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MDk1NzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTQxNzYzZDcxYzYwMGZjZGIwODY1MDdiNmM4ZWFkMGI0NTJkNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28BKu4IfeBlRestz0oJawC/8lOBR
Gmlr8mWyjp44c6wFtUceF5G4cRjKY/0Qw/LixAfZCt36ujSKLlCEApL4/jaara6c
YtbeQea5Wj+U1k47nFzzC8i4IQXBsrsPAjdxNoheLFTB1biNmXxXXe4cssAtDRAl
XpSWTtXr7RFhF+HKdCSGbaKjBnSx7oujrfb4dWSo8x+4OkPv6ROc8zvjiJpLJHMN
aglKzCkIYRCKptp0PlJ4MbkJgVdV52UTVvrtWYlmv+yAjkh7G2OoUdBoPkDBOd1o
pnmq2Dx5u9g6RT7/hWknDP/y8FZ0bmV+JNu19U/BAgHPKvvbaRTl67iZ5QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFL5Bdj1xxgD82whlB7bI6tC0UtZeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdmtGMlBYSEdBUHpiQ0dVSHRzanEwTFJTMWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt
QuQDBAAtWFgDBAAtWFoDBAAtlfEDBAAtl1kDBAAtl1sDBABT22EDBABUNjADBABX
eFcDBABXeF0DBABXeS0DBAFcd8QDBABdeycDBAJemqADBABenAsDBACNYgEDBACT
TmcDBAKrFkgDBAK52FQDBAK52lQDBADBJSkDBADB3mADBADCMPswDQYJKoZIhvcN
AQELBQADggEBACxNsNCzuaem/UqsYr7shwj2mHUtaaX1d3gfORW1UGPoscs9Rnnq
xUUE5Qhpu2Wr7uayGik11UVzWvjjlRQZmdIM4Bc0AwUPqAOybgi8K/8oPdFKqRTt
XfoZP7Hs1beHSxV44nUgyT0iOw2paStbpDlwQACt226nytpLz5hx4IIqJgnhp0LM
AtOL7muBS7QfSshlR8bUyOK5COEgxT7OsUqGN3xrlqlJkevOZLgIYNdJaZYcdCBf
sXdTrLhJcOfQuS+5OR6wJgUWyNQjxw8qcNyXITEYeQ5gB8jp2u1KCXTN68SUHM9A
69GO4FoEhbTqd2qocKh8lcdC5uqvs9hGpKE=
-----END CERTIFICATE-----
Generated at Tue Sep 17 21:03:17 2024 by rpki-client on console-ams.rpki-client.org