Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0J0Qymql27CtEcW-4q2aVBkNNpU.roa
File: 0J0Qymql27CtEcW-4q2aVBkNNpU.roa (raw, json)
Hash identifier: lYbVq5Gk35iDAzJLQL4doETJb3bUYrVijWO62kCHtAk=
Subject key identifier: D0:9D:10:CA:6A:A5:DB:B0:AD:11:C5:BE:E2:AD:9A:54:19:0D:36:95
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018756D1CB964DE6B4D8C1457475613AB708
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0J0Qymql27CtEcW-4q2aVBkNNpU.roa
Signing time: Thu 06 Apr 2023 13:46:42 +0000
ROA not before: Thu 06 Apr 2023 13:46:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
194.49.87.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:56:d1:cb:96:4d:e6:b4:d8:c1:45:74:75:61:3a:b7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 13:46:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d09d10ca6aa5dbb0ad11c5bee2ad9a54190d3695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:bb:a8:e6:62:fc:f3:2a:56:b2:a8:b7:fe:
51:86:05:de:c2:b3:34:a4:ef:0a:78:8c:52:cc:50:
7f:7f:9d:e0:48:9c:5c:f1:e3:63:ee:55:0b:3e:c8:
cf:88:54:df:0c:07:40:d6:6c:00:4c:9b:f2:f2:40:
69:ec:42:3b:ba:3b:db:62:dc:2d:50:1e:a5:26:e0:
cf:4a:7b:5a:a0:ac:bf:94:3d:61:f1:2c:79:27:73:
50:a3:13:bb:7c:12:42:93:06:26:2a:57:91:28:61:
da:67:ba:01:c4:95:83:47:88:4e:79:d3:30:2f:20:
2c:b4:c8:b5:ac:33:f4:6c:3d:8e:52:9c:4c:55:ab:
38:96:88:b9:36:9a:5b:69:c4:0f:5c:8d:70:4c:a1:
94:55:24:a0:da:58:c7:c9:cd:84:80:39:81:3a:5e:
5b:d0:51:33:e2:5c:37:eb:cb:98:93:bb:60:66:9b:
1a:9f:78:e4:a2:31:d1:8e:75:f6:05:08:79:27:fe:
f5:2a:79:07:e5:ad:02:06:89:dd:34:70:01:68:92:
ec:9a:b8:b7:df:d4:aa:dc:ba:7e:28:f5:50:ea:78:
c0:54:13:5b:81:00:9c:a2:75:79:95:0f:fb:db:7a:
29:a1:cc:1d:bb:aa:b8:b0:6b:78:81:92:74:f8:f4:
71:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9D:10:CA:6A:A5:DB:B0:AD:11:C5:BE:E2:AD:9A:54:19:0D:36:95
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0J0Qymql27CtEcW-4q2aVBkNNpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.19.0/24
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.221.64.0/24
193.25.217.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
90:7f:ac:86:d3:17:31:ee:89:ab:e3:51:26:3f:5b:42:80:0c:
a1:d2:2e:6e:89:fb:36:19:8c:2a:56:c2:fe:ce:61:30:5c:98:
42:16:33:c7:37:2e:59:09:7c:70:e6:31:5d:0a:4f:f1:15:52:
56:88:b6:61:3c:64:82:1a:e7:22:8c:f4:2c:ae:70:42:8a:50:
28:b8:e0:cb:3a:9d:d7:65:ab:b3:4a:d2:cf:7b:ba:81:b8:9b:
50:a0:c5:e8:d6:6f:1a:16:f7:7e:2e:fd:32:3e:fc:1e:9b:cd:
f6:21:1a:48:e5:cf:da:df:04:82:23:5e:ba:9a:e3:b8:0c:3c:
88:13:28:b5:76:81:cb:1b:89:99:ff:e1:8c:f9:5a:61:7e:20:
4e:ec:16:98:fa:e8:5a:11:dc:7f:6c:8e:56:c3:ce:74:1d:b6:
b4:96:53:f1:16:e6:c0:fe:f2:58:64:65:5c:93:84:fe:6b:34:
bf:b7:93:a8:1c:1e:d0:cd:18:fb:6a:68:9f:2a:e9:7f:53:05:
ce:57:84:13:cd:0c:99:02:c9:d3:c6:90:4a:80:47:12:32:fb:
97:46:0b:d9:6b:08:ac:94:0a:4b:7e:99:a3:c7:44:dc:ab:16:
fd:0e:5b:12:24:90:d3:98:4b:26:7a:53:bc:98:f7:12:84:4d:
4d:4f:98:89
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAYdW0cuWTea02MFFdHVhOrcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDA2MTM0NjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDlkMTBjYTZhYTVkYmIwYWQxMWM1YmVlMmFkOWE1NDE5MGQzNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVi7qOZi/PMqVrKot/5RhgXewrM0
pO8KeIxSzFB/f53gSJxc8eNj7lULPsjPiFTfDAdA1mwATJvy8kBp7EI7ujvbYtwt
UB6lJuDPSntaoKy/lD1h8Sx5J3NQoxO7fBJCkwYmKleRKGHaZ7oBxJWDR4hOedMw
LyAstMi1rDP0bD2OUpxMVas4loi5NppbacQPXI1wTKGUVSSg2ljHyc2EgDmBOl5b
0FEz4lw368uYk7tgZpsan3jkojHRjnX2BQh5J/71KnkH5a0CBondNHABaJLsmri3
39Sq3Lp+KPVQ6njAVBNbgQCconV5lQ/723opocwdu6q4sGt4gZJ0+PRxUQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFNCdEMpqpduwrRHFvuKtmlQZDTaVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEowUXltcWwyN0N0RWNXLTRxMmFWQmtOTnBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAt
gOkDBAAtlekDBAAtl1kDBABSc9EDBABUNjEDBAFXeEADBABXedwDBAFcd8QDBABe
Z30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAKsWEwMEAqsWSAME
AbLX7AMEArnYVAMEArnaVAMEALnaiQMEALnbfgMEALndQAMEAMEZ2QMEAMIxVzAN
BgkqhkiG9w0BAQsFAAOCAQEAkH+shtMXMe6Jq+NRJj9bQoAModIubon7NhmMKlbC
/s5hMFyYQhYzxzcuWQl8cOYxXQpP8RVSVoi2YTxkghrnIoz0LK5wQopQKLjgyzqd
12Wrs0rSz3u6gbibUKDF6NZvGhb3fi79Mj78HpvN9iEaSOXP2t8EgiNeuprjuAw8
iBMotXaByxuJmf/hjPlaYX4gTuwWmProWhHcf2yOVsPOdB22tJZT8RbmwP7yWGRl
XJOE/ms0v7eTqBwe0M0Y+2ponyrpf1MFzleEE80MmQLJ08aQSoBHEjL7l0YL2WsI
rJQKS36Zo8dE3KsW/Q5bEiSQ05hLJnpTvJj3EoRNTU+YiQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:30 2023 by rpki-client on console-ams.rpki-client.org