Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yQLrQm1ymMMG-e-iDYvX6E4EQv8.roa
File: yQLrQm1ymMMG-e-iDYvX6E4EQv8.roa (raw, json)
Hash identifier: iTbxWenIpqICeArEX8BpQU4y4rid2OBjyNgdGwTXV7g=
Subject key identifier: C9:02:EB:42:6D:72:98:C3:06:F9:EF:A2:0D:8B:D7:E8:4E:04:42:FF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018DE9A9B0AAE6997694E5A91CAD23CC89CE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yQLrQm1ymMMG-e-iDYvX6E4EQv8.roa
Signing time: Tue 27 Feb 2024 08:23:48 +0000
ROA not before: Tue 27 Feb 2024 08:23:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 45.12.255.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.84.0/22 maxlen: 24
185.226.173.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Feb 2024 06:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:a9:b0:aa:e6:99:76:94:e5:a9:1c:ad:23:cc:89:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 27 08:23:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c902eb426d7298c306f9efa20d8bd7e84e0442ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e5:ed:f6:02:2f:e0:37:65:31:ed:d6:25:ff:
79:3a:4a:20:a6:2f:b3:15:54:33:eb:fe:25:8b:84:
aa:da:0d:ce:4c:4c:27:a0:4e:2e:2f:ab:c6:0e:4d:
72:32:93:fb:d8:43:3d:e7:76:5f:ea:10:af:56:1d:
2f:50:50:32:78:7a:c4:7d:b3:1b:a9:dd:db:68:5e:
f1:1b:f1:69:0f:7b:04:79:11:80:6f:c9:22:38:8e:
eb:9b:24:62:44:5c:3c:3a:11:c9:40:d7:9a:9a:f3:
21:f9:5d:7a:19:38:1a:cd:47:c2:e8:fb:01:27:b7:
36:31:20:91:ed:91:72:52:8d:d6:a8:2b:03:9b:6a:
9d:0d:5e:a4:ec:9e:d7:07:9e:4b:06:8f:98:20:76:
02:b7:27:6c:82:7f:95:e2:c1:aa:08:1d:48:9b:9d:
4c:d1:c8:e9:63:94:ef:fa:57:86:1d:3a:4e:d6:79:
ae:57:b2:f5:52:8a:6e:77:af:40:0c:21:69:9e:8a:
c3:5d:01:a0:df:1d:92:64:9b:18:02:dc:56:3e:62:
77:3f:07:34:29:87:dc:6a:c7:09:62:8f:e3:d6:f8:
a6:24:4a:15:11:bb:77:71:27:32:6a:dc:6a:b7:15:
6a:0c:c2:a3:4e:18:96:9c:37:75:05:d5:3a:a3:6f:
c5:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:02:EB:42:6D:72:98:C3:06:F9:EF:A2:0D:8B:D7:E8:4E:04:42:FF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yQLrQm1ymMMG-e-iDYvX6E4EQv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.255.0/24
45.84.89.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.160.0/22
94.156.239.0/24
147.78.102.0/24
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.252.176.0/24
194.55.224.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:61:d5:32:fb:39:a4:71:6c:c5:7e:1f:ae:7b:d7:97:e3:65:
99:60:70:b3:54:07:0e:5e:46:99:7e:ad:b3:80:90:75:5f:49:
48:cb:ea:ca:04:f0:f0:8c:63:de:7b:50:57:a8:91:5d:c4:d6:
10:96:9c:5a:6e:99:58:e4:16:92:25:1c:f9:05:d2:d1:e1:99:
89:f3:cf:11:22:c1:45:7a:20:af:3d:a8:bf:b9:2e:1f:58:34:
88:3a:f9:e5:02:e7:d5:7f:d1:f1:24:fa:9e:68:22:43:88:d7:
61:53:37:04:39:0d:31:90:14:4a:c0:3d:d1:26:fe:28:6b:d9:
23:47:c3:fd:e1:92:64:b0:50:ce:49:33:45:72:72:8b:13:98:
8f:8b:e1:4e:bc:f1:f8:05:12:a0:83:a8:1b:42:76:d4:df:3c:
bb:0b:ed:f5:c5:c3:2c:6e:38:bc:67:02:1c:19:2c:e8:c5:32:
24:af:a1:cc:21:6d:3d:f1:dd:66:ea:3e:3f:bd:e9:ae:d7:08:
92:60:1e:75:bf:be:79:af:6b:21:8d:82:57:d5:18:c0:9b:5a:
bc:86:fb:17:5a:3e:61:cc:89:95:4b:24:0e:8a:85:bc:ad:59:
95:19:d6:c7:7a:25:e2:4b:d3:48:35:c8:8c:d5:50:45:41:be:
03:5b:b9:2c
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY3pqbCq5pl2lOWpHK0jzInOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMjI3MDgyMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTAyZWI0MjZkNzI5OGMzMDZmOWVmYTIwZDhiZDdlODRlMDQ0MmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuuXt9gIv4DdlMe3WJf95Okogpi+z
FVQz6/4li4Sq2g3OTEwnoE4uL6vGDk1yMpP72EM953Zf6hCvVh0vUFAyeHrEfbMb
qd3baF7xG/FpD3sEeRGAb8kiOI7rmyRiRFw8OhHJQNeamvMh+V16GTgazUfC6PsB
J7c2MSCR7ZFyUo3WqCsDm2qdDV6k7J7XB55LBo+YIHYCtydsgn+V4sGqCB1Im51M
0cjpY5Tv+leGHTpO1nmuV7L1Uopud69ADCFpnorDXQGg3x2SZJsYAtxWPmJ3Pwc0
KYfcascJYo/j1vimJEoVEbt3cScyatxqtxVqDMKjThiWnDd1BdU6o2/F/wIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFMkC60JtcpjDBvnvog2L1+hOBEL/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveVFMclFtMXltTU1HLWUtaURZdlg2RTRFUXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAC0M/wME
AC1UWQMEAC2XWQMEAFd4VwMEAFd5LQMEAFd53QMEAVx3xAMEAl6aoAMEAF6c7wME
AJNOZgMEAqsWSAMEALLX4AMEALLX7AMEArnYVAMEArnaVAMEALnirQMEALn8sAME
AMI34DANBgkqhkiG9w0BAQsFAAOCAQEAoWHVMvs5pHFsxX4frnvXl+NlmWBws1QH
Dl5GmX6ts4CQdV9JSMvqygTw8Ixj3ntQV6iRXcTWEJacWm6ZWOQWkiUc+QXS0eGZ
ifPPESLBRXogrz2ov7kuH1g0iDr55QLn1X/R8ST6nmgiQ4jXYVM3BDkNMZAUSsA9
0Sb+KGvZI0fD/eGSZLBQzkkzRXJyixOYj4vhTrzx+AUSoIOoG0J21N88uwvt9cXD
LG44vGcCHBks6MUyJK+hzCFtPfHdZuo+P73prtcIkmAedb++ea9rIY2CV9UYwJta
vIb7F1o+YcyJlUskDoqFvK1ZlRnWx3ol4kvTSDXIjNVQRUG+A1u5LA==
-----END CERTIFICATE-----
Generated at Wed Feb 28 08:40:47 2024 by rpki-client on console-ams.rpki-client.org