Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/IoMxhoKQUuaX2NlC9Z12YiHmDiI.roa
File: IoMxhoKQUuaX2NlC9Z12YiHmDiI.roa (raw, json)
Hash identifier: 4tFjX0P76s1sUEWOm10r0sOiUfa3wYRQl3dSV43odcA=
Subject key identifier: 22:83:31:86:82:90:52:E6:97:D8:D9:42:F5:9D:76:62:21:E6:0E:22
Certificate issuer: /CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Certificate serial: 018E9F39208C6E1618865B294570A0606A8A
Authority key identifier: 2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/IoMxhoKQUuaX2NlC9Z12YiHmDiI.roa
Signing time: Tue 02 Apr 2024 14:31:44 +0000
ROA not before: Tue 02 Apr 2024 14:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58096
IP address blocks: 45.93.4.0/22 maxlen: 22
91.220.69.0/24 maxlen: 24
94.141.124.0/22 maxlen: 24
185.33.228.0/22 maxlen: 32
185.154.72.0/22 maxlen: 32
185.216.192.0/23 maxlen: 32
193.105.114.0/24 maxlen: 32
193.160.204.0/23 maxlen: 32
Validation: Failed, certificate revoked on Sat 19 Oct 2024 20:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9f:39:20:8c:6e:16:18:86:5b:29:45:70:a0:60:6a:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c88db81fdfbeccee75f4a9f698a3c1b3a84626e
Validity
Not Before: Apr 2 14:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22833186829052e697d8d942f59d766221e60e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:d2:d3:b8:e7:52:7c:b9:6a:84:72:ba:d1:
b7:9c:ce:b4:a5:c9:48:70:99:c2:f5:a5:c9:c0:b3:
e4:73:cb:22:f3:31:a8:77:5b:39:e8:7a:9a:c5:34:
66:4d:07:23:2c:cb:6a:e1:fa:eb:d7:4d:74:1c:e1:
e6:df:04:5d:1b:c2:2a:98:a5:ea:27:fc:dc:89:78:
05:38:bb:0d:27:fe:ef:c9:27:a4:2b:8a:fb:c5:14:
64:4e:82:6b:b1:b0:8d:12:5d:51:2a:50:45:a5:d2:
a9:4d:2b:7f:6a:60:06:7f:33:28:6b:c8:e8:56:66:
a1:a1:8c:32:77:24:01:58:6d:bd:6c:f3:64:64:ee:
59:7f:f8:94:9f:c0:fd:30:71:f2:6d:02:9a:1d:cb:
95:98:64:90:21:d4:36:86:aa:24:30:ef:99:84:45:
3b:27:de:58:d1:2e:55:bb:4e:58:84:63:ff:07:57:
1c:04:b5:e4:39:2e:e1:57:a5:4e:04:16:b3:6c:97:
e2:31:bb:b1:e3:21:21:ba:b4:00:ce:9b:ab:d9:ec:
bc:a5:15:a8:58:13:83:0b:2f:e9:ff:49:00:60:b4:
d3:af:55:d3:5e:75:4b:21:c0:76:bf:ec:ae:aa:af:
52:ae:ba:22:e8:dd:9d:67:2d:d7:d6:92:0b:ea:6c:
74:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:83:31:86:82:90:52:E6:97:D8:D9:42:F5:9D:76:62:21:E6:0E:22
X509v3 Authority Key Identifier:
keyid:2C:88:DB:81:FD:FB:EC:CE:E7:5F:4A:9F:69:8A:3C:1B:3A:84:62:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LIjbgf377M7nX0qfaYo8GzqEYm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/IoMxhoKQUuaX2NlC9Z12YiHmDiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/a8e04b-0dba-40ec-b126-f457d404ae2f/1/LIjbgf377M7nX0qfaYo8GzqEYm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.4.0/22
91.220.69.0/24
94.141.124.0/22
185.33.228.0/22
185.154.72.0/22
185.216.192.0/23
193.105.114.0/24
193.160.204.0/23
Signature Algorithm: sha256WithRSAEncryption
09:a0:4c:bd:a2:f7:ba:5d:85:f3:06:9d:6a:d7:c6:4c:0c:d6:
6d:d8:0a:68:af:4c:4a:5e:0d:7d:31:6c:8e:bf:b0:3f:8e:2f:
ce:77:67:71:95:77:9a:5f:48:02:66:ad:bd:6d:9b:7a:d6:6a:
5c:3e:25:b1:bd:78:6c:ee:47:32:50:96:f9:6d:6d:1b:9d:92:
60:53:20:e0:ae:04:bf:14:ad:fd:ae:53:01:93:78:1d:a5:b5:
8d:20:7f:f6:f6:69:2c:58:ba:99:38:87:12:6d:8f:ea:0e:1b:
3d:68:44:92:92:c6:ac:5d:9d:60:c6:52:2b:f0:a4:3a:e7:f9:
bc:92:f9:62:7c:69:86:2e:3d:5b:39:11:5d:86:8c:9d:ac:dc:
ce:4b:45:27:16:e4:ba:65:eb:90:f5:38:59:8b:38:68:88:a5:
b3:a8:5e:02:a0:3c:c4:60:43:5c:6c:43:5f:38:83:36:fe:8b:
16:63:04:de:d0:9a:0f:fd:ce:e9:2e:df:50:14:70:29:c4:64:
fe:c4:2b:44:86:67:97:40:54:91:6b:1f:e8:c4:60:de:33:80:
a9:91:ba:1f:1a:99:b3:03:60:77:f4:fb:84:ed:2c:db:7b:22:
11:76:7c:31:af:6e:35:c0:18:27:c3:48:40:71:c0:8c:e7:51:
b0:90:db:69
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY6fOSCMbhYYhlspRXCgYGqKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjODhkYjgxZmRmYmVjY2VlNzVmNGE5ZjY5OGEzYzFiM2E4
NDYyNmUwHhcNMjQwNDAyMTQzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjgzMzE4NjgyOTA1MmU2OTdkOGQ5NDJmNTlkNzY2MjIxZTYwZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulLS07jnUny5aoRyutG3nM60pclI
cJnC9aXJwLPkc8si8zGod1s56HqaxTRmTQcjLMtq4frr1010HOHm3wRdG8IqmKXq
J/zciXgFOLsNJ/7vySekK4r7xRRkToJrsbCNEl1RKlBFpdKpTSt/amAGfzMoa8jo
VmahoYwydyQBWG29bPNkZO5Zf/iUn8D9MHHybQKaHcuVmGSQIdQ2hqokMO+ZhEU7
J95Y0S5Vu05YhGP/B1ccBLXkOS7hV6VOBBazbJfiMbux4yEhurQAzpur2ey8pRWo
WBODCy/p/0kAYLTTr1XTXnVLIcB2v+yuqq9Srroi6N2dZy3X1pIL6mx07wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFCKDMYaCkFLml9jZQvWddmIh5g4iMB8GA1UdIwQY
MBaAFCyI24H9++zO519Kn2mKPBs6hGJuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYt
ZjQ1N2Q0MDRhZTJmLzEvSW9NeGhvS1FVdWFYMk5sQzlaMTJZaUhtRGlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9hOGUwNGItMGRiYS00MGVjLWIxMjYtZjQ1N2Q0MDRhZTJm
LzEvTElqYmdmMzc3TTduWDBxZmFZbzhHenFFWW00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLV0EAwQA
W9xFAwQCXo18AwQCuSHkAwQCuZpIAwQBudjAAwQAwWlyAwQBwaDMMA0GCSqGSIb3
DQEBCwUAA4IBAQAJoEy9ove6XYXzBp1q18ZMDNZt2Apor0xKXg19MWyOv7A/ji/O
d2dxlXeaX0gCZq29bZt61mpcPiWxvXhs7kcyUJb5bW0bnZJgUyDgrgS/FK39rlMB
k3gdpbWNIH/29mksWLqZOIcSbY/qDhs9aESSksasXZ1gxlIr8KQ65/m8kvlifGmG
Lj1bORFdhoydrNzOS0UnFuS6ZeuQ9ThZizhoiKWzqF4CoDzEYENcbENfOIM2/osW
YwTe0JoP/c7pLt9QFHApxGT+xCtEhmeXQFSRax/oxGDeM4CpkbofGpmzA2B39PuE
7SzbeyIRdnwxr241wBgnw0hAccCM51GwkNtp
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:51 2025 by rpki-client