Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kRSvDi2xod9Uam2CSrNvfJm4I20.roa
File: kRSvDi2xod9Uam2CSrNvfJm4I20.roa (raw, json)
Hash identifier: TljXEpOQdBERgKFiO4fIGmQ2ysdG5efjeBvEg6S1HYw=
Subject key identifier: 91:14:AF:0E:2D:B1:A1:DF:54:6A:6D:82:4A:B3:6F:7C:99:B8:23:6D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193674F4C3457740E0B148219C39279712C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kRSvDi2xod9Uam2CSrNvfJm4I20.roa
Signing time: Tue 26 Nov 2024 07:11:10 +0000
ROA not before: Tue 26 Nov 2024 07:11:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16589
IP address blocks: 45.84.88.0/24 maxlen: 24
45.89.244.0/24 maxlen: 24
45.91.193.0/24 maxlen: 24
45.149.235.0/24 maxlen: 24
83.143.113.0/24 maxlen: 24
85.208.139.0/24 maxlen: 24
87.120.36.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
109.206.242.0/24 maxlen: 24
185.246.222.0/24 maxlen: 24
193.168.196.0/24 maxlen: 24
193.168.197.0/24 maxlen: 24
193.168.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 29 Nov 2024 03:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:4f:4c:34:57:74:0e:0b:14:82:19:c3:92:79:71:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 26 07:11:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9114af0e2db1a1df546a6d824ab36f7c99b8236d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ae:8d:bd:90:b7:fc:53:02:52:d8:5b:65:56:
ec:f7:29:d4:dc:90:fc:51:a9:32:cb:ff:86:70:2f:
91:f7:91:ef:d5:c3:17:93:fb:5f:14:54:96:6e:80:
60:cb:70:d7:34:ce:d8:a5:49:77:7f:67:6c:10:02:
06:7b:12:b1:18:16:26:61:d8:66:eb:7c:b0:24:cb:
cb:8f:aa:4e:65:a0:ce:10:a0:85:37:c7:ef:01:7d:
15:78:92:be:06:42:4e:a4:8d:32:47:83:06:79:70:
f3:ee:97:12:03:07:e1:00:ad:55:7e:1b:fa:e7:f3:
3a:65:44:dc:bc:71:34:dd:b0:c1:33:cc:4c:5b:e5:
4f:0a:f6:5a:c1:6c:32:9a:f7:c7:8a:db:71:5b:98:
ad:10:dc:2a:b4:5d:b8:9c:e1:8f:28:5d:07:da:bc:
4e:ff:20:d1:78:e4:cc:6e:f8:6c:fc:7c:d5:09:49:
9e:1a:b6:8d:75:84:f2:4e:3f:54:ac:18:5f:2c:fa:
5c:1d:aa:3c:39:f3:0f:79:1f:c6:3c:c3:99:a0:43:
9f:5d:37:a0:ef:6a:17:31:ce:cd:c4:46:06:25:72:
ee:79:f1:8e:dc:4a:e0:56:e8:92:7c:cf:67:5b:41:
4a:c2:40:a4:67:f1:e2:f7:b1:27:9d:4d:d6:e4:54:
f0:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:14:AF:0E:2D:B1:A1:DF:54:6A:6D:82:4A:B3:6F:7C:99:B8:23:6D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kRSvDi2xod9Uam2CSrNvfJm4I20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.88.0/24
45.89.244.0/24
45.91.193.0/24
45.149.235.0/24
83.143.113.0/24
85.208.139.0/24
87.120.36.0/24
87.120.88.0/24
109.206.242.0/24
185.246.222.0/24
193.168.196.0/23
193.168.199.0/24
Signature Algorithm: sha256WithRSAEncryption
88:c6:91:9b:1b:78:6c:33:a2:c9:04:c4:03:4a:19:63:d7:0a:
71:66:1a:56:89:0f:78:e2:ac:bb:41:2f:f6:28:34:fe:10:25:
91:59:cd:24:37:e9:10:02:d4:2a:d7:04:8e:6e:6f:d8:b0:9c:
e6:63:9f:20:ab:5e:b1:97:a2:d5:41:9d:13:2f:a1:73:3b:0c:
f2:2f:59:cf:2b:f5:e5:a9:62:ba:66:6f:d0:b7:cf:69:5c:d8:
65:89:fc:e0:00:fc:94:e1:a9:5d:3a:b6:47:3c:30:c8:c0:1d:
91:db:fa:a9:4b:41:7f:9d:4a:66:49:1b:99:f3:82:bc:6c:05:
7a:ad:9c:11:96:59:ae:2e:70:f6:58:8c:ee:d0:c7:ad:f3:22:
25:d6:69:2c:0e:9d:7d:13:70:e7:d8:7a:59:7c:07:8d:70:48:
fc:33:ae:a3:64:42:08:05:3c:80:89:5b:ff:89:b4:7f:60:c9:
c1:16:01:7d:9f:d7:17:e5:b1:10:bc:59:1d:2c:b0:d8:1c:28:
3d:e6:5d:26:ba:b9:0c:0f:fb:c4:7b:0c:51:49:70:cf:b6:04:
69:be:98:89:e1:a3:44:15:4e:da:06:3e:81:1f:ee:80:64:d8:
b8:05:f9:e9:52:e3:ce:91:3a:fd:ce:8e:f1:e5:05:41:31:70:
d9:4c:ee:aa
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZNnT0w0V3QOCxSCGcOSeXEsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMTI2MDcxMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTE0YWYwZTJkYjFhMWRmNTQ2YTZkODI0YWIzNmY3Yzk5YjgyMzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq6NvZC3/FMCUthbZVbs9ynU3JD8
Uakyy/+GcC+R95Hv1cMXk/tfFFSWboBgy3DXNM7YpUl3f2dsEAIGexKxGBYmYdhm
63ywJMvLj6pOZaDOEKCFN8fvAX0VeJK+BkJOpI0yR4MGeXDz7pcSAwfhAK1Vfhv6
5/M6ZUTcvHE03bDBM8xMW+VPCvZawWwymvfHittxW5itENwqtF24nOGPKF0H2rxO
/yDReOTMbvhs/HzVCUmeGraNdYTyTj9UrBhfLPpcHao8OfMPeR/GPMOZoEOfXTeg
72oXMc7NxEYGJXLuefGO3ErgVuiSfM9nW0FKwkCkZ/Hi97EnnU3W5FTwvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJEUrw4tsaHfVGptgkqzb3yZuCNtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva1JTdkRpMnhvZDlVYW0yQ1NyTnZmSm00STIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALVRYAwQA
LVn0AwQALVvBAwQALZXrAwQAU49xAwQAVdCLAwQAV3gkAwQAV3hYAwQAbc7yAwQA
ufbeAwQBwajEAwQAwajHMA0GCSqGSIb3DQEBCwUAA4IBAQCIxpGbG3hsM6LJBMQD
Shlj1wpxZhpWiQ944qy7QS/2KDT+ECWRWc0kN+kQAtQq1wSObm/YsJzmY58gq16x
l6LVQZ0TL6FzOwzyL1nPK/XlqWK6Zm/Qt89pXNhlifzgAPyU4aldOrZHPDDIwB2R
2/qpS0F/nUpmSRuZ84K8bAV6rZwRllmuLnD2WIzu0Met8yIl1mksDp19E3Dn2HpZ
fAeNcEj8M66jZEIIBTyAiVv/ibR/YMnBFgF9n9cX5bEQvFkdLLDYHCg95l0murkM
D/vEewxRSXDPtgRpvpiJ4aNEFU7aBj6BH+6AZNi4BfnpUuPOkTr9zo7x5QVBMXDZ
TO6q
-----END CERTIFICATE-----
Generated at Sun Apr 27 17:56:06 2025 by rpki-client