Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x5dZV-ZKlTu-I6nyg0GoY4VUi0g.roa
File: x5dZV-ZKlTu-I6nyg0GoY4VUi0g.roa (raw, json)
Hash identifier: B/HNKi0Yr2/y5x5N7P9LIkD2w/oR07vKCT5Jsd7r5kM=
Subject key identifier: C7:97:59:57:E6:4A:95:3B:BE:23:A9:F2:83:41:A8:63:85:54:8B:48
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD11CBAB413952FC57273ACA49794E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x5dZV-ZKlTu-I6nyg0GoY4VUi0g.roa
Signing time: Tue 02 Jan 2024 06:29:40 +0000
ROA not before: Tue 02 Jan 2024 06:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216156
IP address blocks: 178.215.237.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
87.121.84.0/23 maxlen: 24
185.252.176.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 11:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:11:cb:ab:41:39:52:fc:57:27:3a:ca:49:79:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7975957e64a953bbe23a9f28341a86385548b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b6:1f:88:6b:d0:25:1e:c2:5d:5f:61:e4:9d:
e9:9c:4f:1d:49:0c:da:72:c5:5d:84:e6:bd:27:c3:
d3:68:dc:ef:b8:b7:9e:93:02:22:bd:21:1e:a9:90:
df:da:e4:81:00:70:45:96:6e:23:bf:1d:8a:e4:d0:
cd:da:9c:ad:21:41:d1:03:40:46:10:b9:ad:c3:52:
ae:f0:43:24:71:3f:da:fe:08:4e:bc:0f:f6:12:2c:
ba:44:ec:01:96:d6:57:5a:54:31:69:50:a9:dc:31:
66:25:5c:32:09:5c:74:58:31:e4:fa:cc:9b:61:2e:
e5:1c:e6:4d:8c:21:b0:2a:f1:ce:46:df:69:69:e4:
2f:48:12:dc:16:61:53:e3:19:b1:56:91:ae:41:34:
e7:1c:b0:90:06:80:d0:6c:13:00:a5:61:d4:8f:55:
a7:0a:c4:a4:75:f8:61:8c:d2:5b:7b:a1:66:5c:45:
c6:3c:b6:ee:57:0f:51:33:22:43:95:82:cd:53:62:
2e:00:93:41:27:7c:5d:5c:47:1f:aa:9b:e1:fc:c8:
74:99:e7:21:3c:5b:68:6d:47:2c:d6:40:d7:1e:be:
86:95:0a:76:ce:fa:76:03:50:30:e6:1d:88:25:80:
30:f2:f4:ec:9e:d4:26:eb:61:69:a5:ad:61:78:9c:
23:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:97:59:57:E6:4A:95:3B:BE:23:A9:F2:83:41:A8:63:85:54:8B:48
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/x5dZV-ZKlTu-I6nyg0GoY4VUi0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.51.0/24
87.121.84.0/23
94.156.102.0/24
141.98.6.0/24
178.215.237.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:25:c2:0f:62:10:34:93:4b:34:fd:58:e7:aa:bc:03:29:62:
e4:18:65:b5:dd:c7:84:c9:82:b1:86:27:a6:48:0f:de:8e:a8:
9a:63:89:8f:f1:e7:b5:33:e3:57:79:0d:9d:d3:d6:1f:21:c0:
32:ab:28:a1:d7:9f:cc:49:d5:72:34:69:34:14:a4:5f:72:84:
d3:16:62:57:45:f5:3f:40:e9:29:56:9c:92:2e:e9:98:48:b2:
09:d0:73:22:77:0a:73:08:df:b2:79:54:1d:50:ff:25:60:e4:
e5:ac:d2:c5:15:18:e9:1e:4c:ab:33:4f:c9:22:6f:46:97:b5:
39:9e:fb:91:00:75:9e:35:f2:0f:11:c0:e7:00:94:e7:ac:89:
6e:ac:c0:21:45:77:8a:6d:e7:23:f9:1c:48:95:76:da:b1:20:
7e:55:01:4e:d0:b5:01:fe:f0:c6:b5:6c:b8:5b:ff:3f:5e:ae:
c1:42:ca:29:b7:ec:18:48:f6:80:9c:1a:f2:b9:b2:bf:bc:bd:
43:d5:0c:69:bc:de:ae:31:b2:3f:36:15:15:ab:8b:0e:3e:8f:
24:ba:78:bd:5c:23:8a:07:48:bd:02:93:f5:ba:46:e0:0d:37:
ba:77:49:d7:94:64:d0:e3:55:d8:18:c5:7a:49:de:dc:6e:5b:
aa:5b:1e:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzI3RHLq0E5UvxXJzrKSXlOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzk3NTk1N2U2NGE5NTNiYmUyM2E5ZjI4MzQxYTg2Mzg1NTQ4YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbYfiGvQJR7CXV9h5J3pnE8dSQza
csVdhOa9J8PTaNzvuLeekwIivSEeqZDf2uSBAHBFlm4jvx2K5NDN2pytIUHRA0BG
ELmtw1Ku8EMkcT/a/ghOvA/2Eiy6ROwBltZXWlQxaVCp3DFmJVwyCVx0WDHk+syb
YS7lHOZNjCGwKvHORt9paeQvSBLcFmFT4xmxVpGuQTTnHLCQBoDQbBMApWHUj1Wn
CsSkdfhhjNJbe6FmXEXGPLbuVw9RMyJDlYLNU2IuAJNBJ3xdXEcfqpvh/Mh0mech
PFtobUcs1kDXHr6GlQp2zvp2A1Aw5h2IJYAw8vTsntQm62Fppa1heJwjQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMeXWVfmSpU7viOp8oNBqGOFVItIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveDVkWlYtWktsVHUtSTZueWcwR29ZNFZVaTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUEwzAwQB
V3lUAwQAXpxmAwQAjWIGAwQAstftAwQAufywMA0GCSqGSIb3DQEBCwUAA4IBAQBN
JcIPYhA0k0s0/VjnqrwDKWLkGGW13ceEyYKxhiemSA/ejqiaY4mP8ee1M+NXeQ2d
09YfIcAyqyih15/MSdVyNGk0FKRfcoTTFmJXRfU/QOkpVpySLumYSLIJ0HMidwpz
CN+yeVQdUP8lYOTlrNLFFRjpHkyrM0/JIm9Gl7U5nvuRAHWeNfIPEcDnAJTnrIlu
rMAhRXeKbecj+RxIlXbasSB+VQFO0LUB/vDGtWy4W/8/Xq7BQsopt+wYSPaAnBry
ubK/vL1D1QxpvN6uMbI/NhUVq4sOPo8kuni9XCOKB0i9ApP1ukbgDTe6d0nXlGTQ
41XYGMV6Sd7cbluqWx4T
-----END CERTIFICATE-----
Generated at Mon Mar 11 15:12:34 2024 by rpki-client on console-ams.rpki-client.org