Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZP9iHxIIbzMOikwxguC46359yM.roa
File: lZP9iHxIIbzMOikwxguC46359yM.roa (raw, json)
Hash identifier: yyOU012AjXbVUbaKnWZ/zMsh/+NcPbIQbqzd5DJQKCU=
Subject key identifier: 95:93:FD:88:7C:48:21:BC:CC:3A:29:30:C6:0B:82:E3:AD:F9:F7:23
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 0187108CAB7B3EBF3B342F0443946DF46A10
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZP9iHxIIbzMOikwxguC46359yM.roa
Signing time: Thu 23 Mar 2023 22:17:47 +0000
ROA not before: Thu 23 Mar 2023 22:17:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 52000
IP address blocks: 178.20.28.0/22 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
83.97.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Mar 2023 21:07:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:10:8c:ab:7b:3e:bf:3b:34:2f:04:43:94:6d:f4:6a:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 23 22:17:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9593fd887c4821bccc3a2930c60b82e3adf9f723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ff:fd:67:91:4a:74:26:e4:bb:64:2a:6f:53:
de:73:82:a1:95:93:c8:ca:a2:15:c2:d7:a6:56:e7:
cf:e5:d5:94:5d:67:ff:15:ef:28:ed:3b:01:e2:c3:
30:da:17:01:d6:c6:e4:d6:dd:b5:15:dd:d3:ec:78:
c3:9b:1a:2a:f9:aa:0d:d6:de:cf:2d:93:3c:ae:5f:
b0:38:1b:29:ee:b7:ff:bb:75:c0:44:39:85:52:51:
41:af:d8:e4:3b:40:d7:3b:3d:9b:5c:c8:92:59:9f:
07:a6:a8:b1:12:e3:c5:2e:55:c1:05:18:6c:25:6f:
f5:41:f5:eb:b3:89:f8:b7:52:35:b4:7f:e7:dd:b9:
77:c0:7b:ee:74:a3:26:5e:99:82:da:c8:ac:06:58:
7f:30:f6:94:66:4a:5c:eb:38:75:8c:e3:4f:29:2c:
53:0c:74:3b:e9:df:0f:e1:b5:1e:6b:2a:9b:16:99:
23:68:bf:31:33:98:d8:78:83:b8:77:52:9a:9d:26:
83:d0:07:05:62:8c:e4:71:16:58:a4:85:5e:40:54:
cf:e9:28:1a:3e:27:e2:e3:05:f7:30:17:f3:b6:c9:
e9:81:b7:fe:84:cc:7a:43:6c:49:5d:f7:30:6d:0f:
30:82:bb:6f:b8:e6:02:38:b6:4c:57:1a:a2:77:98:
53:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:93:FD:88:7C:48:21:BC:CC:3A:29:30:C6:0B:82:E3:AD:F9:F7:23
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/lZP9iHxIIbzMOikwxguC46359yM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.21.0-45.159.22.255
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
178.20.28.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:3a:f8:5a:c4:a1:11:9c:79:4f:c8:02:4e:17:1f:e0:fc:e0:
57:9a:4d:2f:c4:b5:68:c8:bb:7e:88:f2:d2:b8:98:91:c8:cc:
fb:21:21:ed:8f:13:0c:14:18:f6:a5:6f:67:96:f8:04:25:74:
f3:45:8d:29:f3:49:21:0c:28:10:b0:16:c7:52:e1:30:0e:10:
c4:95:3a:43:ff:f5:1e:5d:e0:41:3c:83:5f:1b:5a:6f:fa:51:
8d:7f:5a:3f:51:fc:9f:1a:97:1d:61:94:3c:b0:20:77:ab:b6:
04:7a:5e:0f:8a:2d:81:3a:84:bb:88:bf:3b:97:e2:b7:ea:6d:
bb:72:14:0e:67:c7:2e:0b:52:50:83:01:03:9e:d1:25:19:a1:
50:21:b6:d7:e2:f9:cc:4d:af:44:98:f5:6e:d6:d6:e3:11:24:
f5:cc:96:97:c2:a6:d5:53:a5:c3:cb:c5:f3:d1:29:ca:2b:34:
11:94:e5:63:83:da:00:d9:4c:65:4b:b7:7b:89:b3:91:1e:88:
71:39:cd:64:f6:d4:17:a3:41:0b:81:92:8a:d2:81:c8:be:c3:
ab:46:2e:e9:0f:d8:f3:3c:f2:cd:94:eb:10:d6:15:ff:68:9e:
9e:22:5a:88:8d:18:47:38:73:21:01:c5:a4:33:62:25:3d:e7:
33:da:ab:f7
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYcQjKt7Pr87NC8EQ5Rt9GoQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzIzMjIxNzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkzZmQ4ODdjNDgyMWJjY2MzYTI5MzBjNjBiODJlM2FkZjlmNzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf/9Z5FKdCbku2Qqb1Pec4KhlZPI
yqIVwtemVufP5dWUXWf/Fe8o7TsB4sMw2hcB1sbk1t21Fd3T7HjDmxoq+aoN1t7P
LZM8rl+wOBsp7rf/u3XARDmFUlFBr9jkO0DXOz2bXMiSWZ8HpqixEuPFLlXBBRhs
JW/1QfXrs4n4t1I1tH/n3bl3wHvudKMmXpmC2sisBlh/MPaUZkpc6zh1jONPKSxT
DHQ76d8P4bUeayqbFpkjaL8xM5jYeIO4d1KanSaD0AcFYozkcRZYpIVeQFTP6Sga
Pifi4wX3MBfztsnpgbf+hMx6Q2xJXfcwbQ8wgrtvuOYCOLZMVxqid5hTwQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJWT/Yh8SCG8zDopMMYLguOt+fcjMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvbFpQOWlIeElJYnpNT2lrd3hndUM0NjM1OXlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAAtnxUD
BAAtnxYDBAJTYXQDBABY2i0DBABY2i8DBAKyFBwwDQYJKoZIhvcNAQELBQADggEB
AAw6+FrEoRGceU/IAk4XH+D84FeaTS/EtWjIu36I8tK4mJHIzPshIe2PEwwUGPal
b2eW+AQldPNFjSnzSSEMKBCwFsdS4TAOEMSVOkP/9R5d4EE8g18bWm/6UY1/Wj9R
/J8alx1hlDywIHertgR6Xg+KLYE6hLuIvzuX4rfqbbtyFA5nxy4LUlCDAQOe0SUZ
oVAhttfi+cxNr0SY9W7W1uMRJPXMlpfCptVTpcPLxfPRKcorNBGU5WOD2gDZTGVL
t3uJs5EeiHE5zWT21BejQQuBkorSgci+w6tGLukP2PM88s2U6xDWFf9onp4iWoiN
GEc4cyEBxaQzYiU95zPaq/c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:37 2024 by rpki-client on console-fra.rpki-client.org