Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xZV79M4rrlsfsuZ2wpp2hmfB2Hs.roa
File: xZV79M4rrlsfsuZ2wpp2hmfB2Hs.roa (raw, json)
Hash identifier: 89h1NKmE4MDDKnK5AyrFY9MZRXRQypBwDffjT4Sg1iU=
Subject key identifier: C5:95:7B:F4:CE:2B:AE:5B:1F:B2:E6:76:C2:9A:76:86:67:C1:D8:7B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0192B35AFD5B9E6DC99C729CF60640B6364F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xZV79M4rrlsfsuZ2wpp2hmfB2Hs.roa
Signing time: Tue 22 Oct 2024 08:32:17 +0000
ROA not before: Tue 22 Oct 2024 08:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.14.164.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.90.88.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
45.151.91.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.93.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.124.0/23 maxlen: 24
87.121.162.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.11.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
193.222.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 12:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:5a:fd:5b:9e:6d:c9:9c:72:9c:f6:06:40:b6:36:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 22 08:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c5957bf4ce2bae5b1fb2e676c29a768667c1d87b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:3c:3d:c3:44:52:51:eb:f4:6f:1b:f8:89:6c:
48:49:a9:11:03:9e:9f:cd:7e:52:cc:7f:46:1a:1f:
75:1d:72:2c:b0:e0:3b:8b:ac:74:d7:61:e8:f9:0f:
a2:ca:23:00:3e:c9:0b:42:e9:e5:a9:79:2a:9e:ef:
6c:71:92:b3:05:0d:6d:06:07:c1:c6:57:9e:11:c8:
22:6c:6f:cf:58:fd:47:29:77:8c:e5:42:2a:5c:f6:
0c:7f:a9:04:e7:aa:42:50:c1:89:a2:5c:e4:e9:63:
ec:6c:62:0f:a5:b4:a7:86:5b:0a:9d:a9:6d:dc:e2:
df:85:64:0d:35:5b:4e:ea:42:4c:78:f9:ab:c6:4a:
d9:ae:21:d2:18:86:bc:61:c6:4f:4e:08:bb:49:0d:
c1:82:61:e2:9b:60:c6:2b:8e:88:a9:92:91:5f:8f:
00:ab:1c:44:4c:26:fb:0b:9c:ab:31:dd:aa:65:56:
1c:91:16:cb:3a:e0:35:9b:e0:81:8a:f9:91:e5:25:
f4:85:78:c1:c7:ce:b6:c3:db:09:76:21:1c:b7:4f:
40:e0:43:05:3d:58:43:ac:3d:5d:4d:1f:bf:2f:f3:
3c:50:51:e8:33:8e:bc:b5:b0:10:0f:9a:b0:d6:4f:
66:5f:28:25:4f:bc:21:10:c7:11:ac:77:e2:08:20:
96:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:95:7B:F4:CE:2B:AE:5B:1F:B2:E6:76:C2:9A:76:86:67:C1:D8:7B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xZV79M4rrlsfsuZ2wpp2hmfB2Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.164.0/24
45.66.228.0/24
45.90.88.0/24
45.139.106.0/24
45.141.158.0/24
45.151.89.0/24
45.151.91.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.93.0/24
87.121.45.0/24
87.121.124.0/23
87.121.162.0/24
92.119.196.0/23
94.154.160.0/22
94.156.11.0/24
141.98.1.0/24
147.78.100.0/24
171.22.72.0/22
185.216.84.0/22
185.218.84.0/22
193.222.96.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:f0:ac:ef:83:6c:91:d9:40:13:b3:6b:a5:27:2a:1e:c4:37:
79:31:5d:44:ed:17:d4:5b:db:ba:04:f7:6b:33:98:05:14:6b:
b4:c0:93:8a:98:09:dd:b7:02:57:d9:51:4d:e8:aa:8b:27:cf:
2a:8b:86:3d:56:7c:e8:d5:61:ce:c5:cb:6b:7e:5e:28:3d:cf:
93:75:8f:b6:3b:a5:03:e2:99:64:bd:93:57:c7:34:6b:60:d4:
5e:6a:0a:82:72:19:3b:fa:43:03:80:60:b8:4c:a4:37:64:02:
87:70:46:eb:58:69:e8:3e:20:4d:aa:0c:36:5d:82:68:ad:1b:
f7:c5:e1:32:37:cc:dc:19:ca:b8:ba:82:ca:a5:3e:a5:2a:07:
53:79:29:d1:28:d3:59:1a:4a:fe:0e:5f:19:70:5b:95:cd:cc:
b4:62:b2:e6:50:48:06:32:d8:eb:35:5e:98:cf:0c:65:98:aa:
89:b7:21:90:a2:d7:cb:cd:48:c7:64:49:e1:15:2b:38:22:b0:
17:e6:e1:d5:5a:0a:cf:b5:bb:92:52:d8:f9:3e:de:92:2b:0a:
df:1e:7c:8b:cc:53:f7:a3:35:5b:9c:34:d0:ca:d3:9c:cf:64:
39:98:b7:57:37:09:e7:40:b6:06:bb:c3:b1:c0:1d:b5:26:b6:
8f:a5:0e:a6
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZKzWv1bnm3JnHKc9gZAtjZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMDIyMDgzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk1N2JmNGNlMmJhZTViMWZiMmU2NzZjMjlhNzY4NjY3YzFkODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyDw9w0RSUev0bxv4iWxISakRA56f
zX5SzH9GGh91HXIssOA7i6x012Ho+Q+iyiMAPskLQunlqXkqnu9scZKzBQ1tBgfB
xleeEcgibG/PWP1HKXeM5UIqXPYMf6kE56pCUMGJolzk6WPsbGIPpbSnhlsKnalt
3OLfhWQNNVtO6kJMePmrxkrZriHSGIa8YcZPTgi7SQ3BgmHim2DGK46IqZKRX48A
qxxETCb7C5yrMd2qZVYckRbLOuA1m+CBivmR5SX0hXjBx862w9sJdiEct09A4EMF
PVhDrD1dTR+/L/M8UFHoM468tbAQD5qw1k9mXyglT7whEMcRrHfiCCCW3QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFMWVe/TOK65bH7LmdsKadoZnwdh7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveFpWNzlNNHJybHNmc3VaMndwcDJobWZCMkhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAt
DqQDBAAtQuQDBAAtWlgDBAAti2oDBAAtjZ4DBAAtl1kDBAAtl1sDBABT22EDBABU
NjADBABXeFcDBABXeF0DBABXeS0DBAFXeXwDBABXeaIDBAFcd8QDBAJemqADBABe
nAsDBACNYgEDBACTTmQDBAKrFkgDBAK52FQDBAK52lQDBADB3mAwDQYJKoZIhvcN
AQELBQADggEBAF7wrO+DbJHZQBOza6UnKh7EN3kxXUTtF9Rb27oE92szmAUUa7TA
k4qYCd23AlfZUU3oqosnzyqLhj1WfOjVYc7Fy2t+Xig9z5N1j7Y7pQPimWS9k1fH
NGtg1F5qCoJyGTv6QwOAYLhMpDdkAodwRutYaeg+IE2qDDZdgmitG/fF4TI3zNwZ
yri6gsqlPqUqB1N5KdEo01kaSv4OXxlwW5XNzLRisuZQSAYy2Os1XpjPDGWYqom3
IZCi18vNSMdkSeEVKzgisBfm4dVaCs+1u5JS2Pk+3pIrCt8efIvMU/ejNVucNNDK
05zPZDmYt1c3CedAtga7w7HAHbUmto+lDqY=
-----END CERTIFICATE-----
Generated at Thu Oct 24 16:00:44 2024 by rpki-client on console-ams.rpki-client.org