Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/i22EN1pshPLOv5p-w5ob6Nh57Lk.roa
File: i22EN1pshPLOv5p-w5ob6Nh57Lk.roa (raw, json)
Hash identifier: 57YH2JTlBOGzzAvq1jXSznvVUjMt3sPcDXCt7pJnXD4=
Subject key identifier: 8B:6D:84:37:5A:6C:84:F2:CE:BF:9A:7E:C3:9A:1B:E8:D8:79:EC:B9
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018D2B9A57D1B1E454622861D3158EBC2BC0
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/i22EN1pshPLOv5p-w5ob6Nh57Lk.roa
Signing time: Sun 21 Jan 2024 10:39:11 +0000
ROA not before: Sun 21 Jan 2024 10:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 147.45.34.0/24 maxlen: 24
147.45.35.0/24 maxlen: 24
147.45.65.0/24 maxlen: 24
147.45.192.0/24 maxlen: 24
147.45.193.0/24 maxlen: 24
193.233.16.0/24 maxlen: 24
193.233.30.0/24 maxlen: 24
193.233.61.0/24 maxlen: 24
193.233.85.0/24 maxlen: 24
193.233.171.0/24 maxlen: 24
193.233.175.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jan 2024 12:50:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:2b:9a:57:d1:b1:e4:54:62:28:61:d3:15:8e:bc:2b:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 21 10:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b6d84375a6c84f2cebf9a7ec39a1be8d879ecb9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:14:53:4f:ea:39:bf:0e:b1:db:90:cd:6d:
1b:58:b9:87:14:9c:50:e9:78:1a:8c:75:30:35:16:
d4:6c:b3:53:75:fd:01:d3:78:1a:26:e8:1a:47:8f:
be:eb:30:35:ca:a7:b0:54:81:4f:8e:b0:a2:88:63:
b9:df:5f:5a:b3:4d:82:c4:d2:98:84:e7:a7:77:88:
57:25:8a:1c:09:5b:5d:65:2a:05:f6:79:93:95:8d:
68:05:33:ab:31:9b:c7:a5:86:ce:29:e3:7a:a4:f4:
ca:5c:09:96:7d:68:44:00:aa:a6:7f:ea:06:d1:7c:
43:06:e7:66:8b:5b:35:cc:a3:a6:61:66:96:9d:a7:
18:1b:55:9f:a1:a6:85:16:b9:04:fe:0e:95:74:36:
29:b0:68:72:a0:5b:63:41:36:7b:e7:1d:0f:e4:87:
16:0d:e1:bd:ca:5a:be:c0:4b:1d:4b:ea:42:b3:4d:
20:bb:9a:f1:89:d0:ba:91:e2:05:8c:4a:2f:65:c4:
11:e7:71:14:66:79:1d:9f:d8:60:6f:78:c3:9f:99:
d2:93:09:ad:d4:a6:f1:2d:b5:54:52:56:dd:6f:e7:
01:41:ab:5e:1a:67:99:36:26:45:4a:66:31:4b:7e:
91:0d:13:b7:86:13:bc:ce:07:f2:1f:ca:6a:21:83:
40:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6D:84:37:5A:6C:84:F2:CE:BF:9A:7E:C3:9A:1B:E8:D8:79:EC:B9
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/i22EN1pshPLOv5p-w5ob6Nh57Lk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.34.0/23
147.45.65.0/24
147.45.192.0/23
193.233.16.0/24
193.233.30.0/24
193.233.61.0/24
193.233.85.0/24
193.233.171.0/24
193.233.175.0/24
193.233.197.0/24
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
90:f5:9d:8d:b8:64:b7:9d:31:70:75:a0:e2:09:a5:2d:8b:a9:
4e:08:21:7f:a1:3b:6f:4b:f9:95:67:b2:48:fb:42:de:49:b6:
74:01:61:27:66:da:27:7e:b5:1d:0f:72:c1:4e:9c:10:3b:38:
b1:88:d0:1b:ad:89:3f:26:d2:4c:e7:f2:a3:d3:03:94:26:c6:
dd:a0:f5:2f:3a:8e:8c:fe:3a:d8:28:56:37:98:4c:68:ea:80:
be:2f:bd:59:76:7c:33:a4:04:be:e3:87:97:ab:e4:16:84:89:
6a:29:5f:2d:90:80:6c:eb:60:34:83:4b:4c:64:7b:d5:e9:63:
69:e9:aa:1b:38:57:46:fb:06:05:97:4d:2d:78:92:4a:07:d6:
d6:ce:15:e4:e7:df:f5:b1:26:36:55:c4:8d:f8:50:a4:34:cf:
a0:0b:39:b5:2d:15:d0:17:cb:4f:38:2f:d7:b0:25:50:a5:4c:
80:4a:cb:81:bf:77:ab:8e:8c:eb:ff:c2:f5:61:d1:ce:40:1b:
a1:21:5d:1d:01:a4:25:d3:56:1e:39:a0:68:9c:a4:10:31:bd:
eb:4a:2f:35:9d:58:fc:6b:4a:bd:39:17:68:9e:01:7d:bb:3b:
4d:44:0a:b3:26:de:69:58:be:38:1e:8c:4f:6f:e3:f2:17:bb:
d9:10:5d:dd
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAY0rmlfRseRUYihh0xWOvCvAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwMTIxMTAzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjZkODQzNzVhNmM4NGYyY2ViZjlhN2VjMzlhMWJlOGQ4NzllY2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaEUU0/qOb8OsduQzW0bWLmHFJxQ
6XgajHUwNRbUbLNTdf0B03gaJugaR4++6zA1yqewVIFPjrCiiGO5319as02CxNKY
hOend4hXJYocCVtdZSoF9nmTlY1oBTOrMZvHpYbOKeN6pPTKXAmWfWhEAKqmf+oG
0XxDBudmi1s1zKOmYWaWnacYG1WfoaaFFrkE/g6VdDYpsGhyoFtjQTZ75x0P5IcW
DeG9ylq+wEsdS+pCs00gu5rxidC6keIFjEovZcQR53EUZnkdn9hgb3jDn5nSkwmt
1KbxLbVUUlbdb+cBQateGmeZNiZFSmYxS36RDRO3hhO8zgfyH8pqIYNA5wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFItthDdabITyzr+afsOaG+jYeey5MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvaTIyRU4xcHNoUExPdjVwLXc1b2I2Tmg1N0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBky0iAwQA
ky1BAwQBky3AAwQAwekQAwQAwekeAwQAwek9AwQAwelVAwQAwemrAwQAwemvAwQA
wenFAwQAwenqMA0GCSqGSIb3DQEBCwUAA4IBAQCQ9Z2NuGS3nTFwdaDiCaUti6lO
CCF/oTtvS/mVZ7JI+0LeSbZ0AWEnZtonfrUdD3LBTpwQOzixiNAbrYk/JtJM5/Kj
0wOUJsbdoPUvOo6M/jrYKFY3mExo6oC+L71ZdnwzpAS+44eXq+QWhIlqKV8tkIBs
62A0g0tMZHvV6WNp6aobOFdG+wYFl00teJJKB9bWzhXk59/1sSY2VcSN+FCkNM+g
Czm1LRXQF8tPOC/XsCVQpUyASsuBv3erjozr/8L1YdHOQBuhIV0dAaQl01YeOaBo
nKQQMb3rSi81nVj8a0q9ORdongF9uztNRAqzJt5pWL44HoxPb+PyF7vZEF3d
-----END CERTIFICATE-----
Generated at Wed Jan 24 16:46:11 2024 by rpki-client on console-ams.rpki-client.org