Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/22fLrHdk-3sLlUHfCpCe_h-f2Oc.roa
File: 22fLrHdk-3sLlUHfCpCe_h-f2Oc.roa (raw, json)
Hash identifier: sIEbEZPOlQSS1XkzdkqX30eoi4+kwenG8uBwfsOOmNY=
Subject key identifier: DB:67:CB:AC:77:64:FB:7B:0B:95:41:DF:0A:90:9E:FE:1F:9F:D8:E7
Certificate issuer: /CN=f030658f16d2d88d34164592fcd4de13131f1695
Certificate serial: 018C91323E7CCB2EF602C332B22E56D818C7
Authority key identifier: F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/22fLrHdk-3sLlUHfCpCe_h-f2Oc.roa
Signing time: Fri 22 Dec 2023 11:03:58 +0000
ROA not before: Fri 22 Dec 2023 11:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 217.196.106.0/23 maxlen: 23
217.197.107.0/24 maxlen: 24
45.15.157.0/24 maxlen: 24
45.15.159.0/24 maxlen: 24
217.196.98.0/24 maxlen: 24
217.196.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:32:3e:7c:cb:2e:f6:02:c3:32:b2:2e:56:d8:18:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f030658f16d2d88d34164592fcd4de13131f1695
Validity
Not Before: Dec 22 11:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db67cbac7764fb7b0b9541df0a909efe1f9fd8e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ed:22:2b:43:3b:6e:93:4c:ef:ef:87:7f:91:
99:0e:36:f0:55:b9:ea:f1:7d:4f:ba:74:db:dc:3a:
b0:11:da:3d:2b:5d:68:0d:98:73:3f:38:44:b7:68:
6e:a7:33:3b:cc:51:15:1e:18:62:07:27:9b:e8:bc:
e1:96:17:db:8e:be:c6:a8:23:9f:98:8e:b7:b3:16:
70:e3:ec:b1:2e:ad:a9:63:55:06:41:de:93:44:d5:
61:52:97:4a:27:9c:b6:04:ba:60:ad:2c:50:1f:f8:
1a:1b:9d:e4:e2:9e:45:dc:15:c6:5b:0b:9d:1c:ef:
fc:17:a4:09:08:43:27:33:a0:9b:e2:95:c7:e7:98:
44:cb:29:54:1a:13:ac:b3:67:69:6c:54:42:e6:b1:
3b:4b:21:34:b5:b8:b1:87:4e:8e:22:6c:21:80:82:
dc:6d:41:a6:db:2e:8c:49:c5:23:9c:ec:3f:2a:13:
cb:bc:ff:1b:9b:8b:4a:bd:f1:f8:6c:38:ec:16:e0:
44:43:ae:31:63:34:8e:ea:05:3c:7c:3e:82:a8:8b:
78:cc:bc:80:dc:bd:82:9b:56:10:b3:1b:20:fd:f5:
b1:1e:47:9a:07:ee:72:26:d2:58:53:91:b8:35:b1:
02:7f:51:57:f1:eb:36:cc:d8:4d:aa:37:bd:32:45:
21:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:67:CB:AC:77:64:FB:7B:0B:95:41:DF:0A:90:9E:FE:1F:9F:D8:E7
X509v3 Authority Key Identifier:
keyid:F0:30:65:8F:16:D2:D8:8D:34:16:45:92:FC:D4:DE:13:13:1F:16:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8DBljxbS2I00FkWS_NTeExMfFpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/22fLrHdk-3sLlUHfCpCe_h-f2Oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/6693e3-89ca-44a1-a8b6-894805289cc0/1/8DBljxbS2I00FkWS_NTeExMfFpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.157.0/24
45.15.159.0/24
217.196.98.0/24
217.196.103.0/24
217.196.106.0/23
217.197.107.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:d3:e3:e1:cf:dc:ba:54:74:56:26:2d:23:39:12:59:3d:dc:
3c:07:1e:23:3f:7d:ef:7b:45:ff:2f:0b:d3:eb:46:11:68:5f:
a5:8a:93:21:56:d7:6f:02:b3:0f:3d:37:7e:37:c0:87:6c:bd:
70:62:be:8c:70:54:f2:45:4f:48:44:b6:bd:7f:88:9f:7c:15:
34:12:72:dc:c4:81:82:ef:98:e9:e4:41:26:68:65:d5:31:aa:
d1:9c:c7:6a:b8:67:35:93:49:26:fb:4a:3a:42:f0:5f:f4:7a:
8b:19:f8:80:18:e5:85:85:99:23:7c:5a:4e:80:3d:18:16:d3:
88:f8:f5:0f:61:a9:5d:50:cc:fe:a8:3c:81:16:b4:b0:13:59:
c9:0e:4e:bb:83:0b:bf:6c:ec:b8:dc:6b:6a:c4:1f:b8:96:74:
96:ab:48:b5:77:55:ed:13:c0:ba:20:15:51:b3:1c:14:38:01:
3f:cb:b7:32:78:5b:14:29:18:ec:89:29:25:a5:03:a5:93:cb:
65:f7:35:76:5e:e8:03:cb:d3:84:20:f7:6f:bb:52:29:6c:6d:
76:f4:0b:39:7c:c5:78:3e:c1:a4:24:92:2b:7b:91:d6:f7:1e:
7a:08:24:17:a3:77:94:0b:61:78:9f:90:f7:7b:fa:af:b6:d4:
f2:bd:7b:98
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYyRMj58yy72AsMysi5W2BjHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMzA2NThmMTZkMmQ4OGQzNDE2NDU5MmZjZDRkZTEzMTMx
ZjE2OTUwHhcNMjMxMjIyMTEwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjY3Y2JhYzc3NjRmYjdiMGI5NTQxZGYwYTkwOWVmZTFmOWZkOGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhu0iK0M7bpNM7++Hf5GZDjbwVbnq
8X1PunTb3DqwEdo9K11oDZhzPzhEt2hupzM7zFEVHhhiByeb6Lzhlhfbjr7GqCOf
mI63sxZw4+yxLq2pY1UGQd6TRNVhUpdKJ5y2BLpgrSxQH/gaG53k4p5F3BXGWwud
HO/8F6QJCEMnM6Cb4pXH55hEyylUGhOss2dpbFRC5rE7SyE0tbixh06OImwhgILc
bUGm2y6MScUjnOw/KhPLvP8bm4tKvfH4bDjsFuBEQ64xYzSO6gU8fD6CqIt4zLyA
3L2Cm1YQsxsg/fWxHkeaB+5yJtJYU5G4NbECf1FX8es2zNhNqje9MkUhbwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNtny6x3ZPt7C5VB3wqQnv4fn9jnMB8GA1UdIwQY
MBaAFPAwZY8W0tiNNBZFkvzU3hMTHxaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYt
ODk0ODA1Mjg5Y2MwLzEvMjJmTHJIZGstM3NMbFVIZkNwQ2VfaC1mMk9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi82NjkzZTMtODljYS00NGExLWE4YjYtODk0ODA1Mjg5Y2Mw
LzEvOERCbGp4YlMySTAwRmtXU19OVGVFeE1mRnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ+dAwQA
LQ+fAwQA2cRiAwQA2cRnAwQB2cRqAwQA2cVrMA0GCSqGSIb3DQEBCwUAA4IBAQBa
0+Phz9y6VHRWJi0jORJZPdw8Bx4jP33ve0X/LwvT60YRaF+lipMhVtdvArMPPTd+
N8CHbL1wYr6McFTyRU9IRLa9f4iffBU0EnLcxIGC75jp5EEmaGXVMarRnMdquGc1
k0km+0o6QvBf9HqLGfiAGOWFhZkjfFpOgD0YFtOI+PUPYaldUMz+qDyBFrSwE1nJ
Dk67gwu/bOy43GtqxB+4lnSWq0i1d1XtE8C6IBVRsxwUOAE/y7cyeFsUKRjsiSkl
pQOlk8tl9zV2XugDy9OEIPdvu1IpbG129As5fMV4PsGkJJIre5HW9x56CCQXo3eU
C2F4n5D3e/qvttTyvXuY
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:48 2024 by rpki-client on console-ams.rpki-client.org