Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0K8jOG4FOl0Gdn5rLGqstqxHwEE.roa
File: 0K8jOG4FOl0Gdn5rLGqstqxHwEE.roa (raw, json)
Hash identifier: Kp28lbidD9wcEdJHUULNvKunyNc0JSWPTzQDxJmHacw=
Subject key identifier: D0:AF:23:38:6E:05:3A:5D:06:76:7E:6B:2C:6A:AC:B6:AC:47:C0:41
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AA75FD6A0910AC667D09B96ACE73D99D9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0K8jOG4FOl0Gdn5rLGqstqxHwEE.roa
Signing time: Mon 18 Sep 2023 08:19:50 +0000
ROA not before: Mon 18 Sep 2023 08:19:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.217.145.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:5f:d6:a0:91:0a:c6:67:d0:9b:96:ac:e7:3d:99:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 18 08:19:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0af23386e053a5d06767e6b2c6aacb6ac47c041
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:62:aa:a1:71:1e:04:d6:19:40:ac:0c:20:70:
f6:fd:c1:66:a0:70:8d:68:9d:f0:00:b7:b8:21:4a:
fe:57:a9:68:4d:dc:1b:4d:79:72:92:88:c1:ed:51:
ac:a5:bd:57:10:9b:1b:c2:01:69:11:93:e2:35:90:
83:61:38:33:d0:ca:5e:46:1f:88:3a:41:f6:5a:03:
9e:e9:f7:ad:14:7c:28:fc:e2:27:9e:b6:f2:ae:e4:
b3:0e:52:2e:5d:66:07:1f:66:3f:91:78:ba:fe:be:
34:6a:02:17:c8:f4:23:51:3d:41:83:ea:a7:9e:82:
6b:a3:4f:09:68:97:42:b5:64:b0:90:be:d2:67:5e:
61:c2:23:c0:61:a9:f4:fa:86:c5:29:e1:9e:65:04:
4f:65:53:17:07:d6:7d:84:d3:f0:f3:3a:f2:0b:84:
25:22:b5:ea:8f:88:ea:7d:2f:75:c1:0c:81:f4:92:
4e:d0:a3:29:ed:c1:65:39:f3:76:a5:ac:b9:d7:f2:
14:e3:71:d1:d4:6e:c9:2d:52:88:43:15:26:02:66:
7d:96:84:98:de:46:73:92:40:df:ac:01:89:ad:97:
31:d7:8a:65:34:f4:f5:11:ff:da:34:11:47:02:1f:
89:a0:c4:6b:b2:a5:b2:4f:cf:07:ce:c8:52:ae:b8:
24:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:AF:23:38:6E:05:3A:5D:06:76:7E:6B:2C:6A:AC:B6:AC:47:C0:41
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0K8jOG4FOl0Gdn5rLGqstqxHwEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
79.110.50.0/24
80.76.50.0/24
85.217.145.0/24
93.123.85.0/24
176.125.252.0/24
185.222.163.0/24
193.42.34.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
55:58:10:ad:4e:59:44:3b:3c:35:ef:4d:a6:f4:9e:40:05:6a:
02:8a:be:24:bb:9f:b5:1f:8e:cb:7f:e1:c2:b2:59:ec:2f:ee:
b4:4f:c9:da:ed:41:fe:24:38:f6:d7:dc:21:1f:44:9c:4e:1b:
c7:85:8e:23:de:71:39:13:45:40:ad:23:33:b4:b3:57:9b:25:
36:c0:7b:bd:89:e0:42:6e:2e:c8:21:b4:6c:21:08:5f:b1:05:
f2:0f:14:8b:1a:b1:29:56:98:28:f2:e7:b2:17:d7:b2:13:b8:
2d:85:f4:a4:3d:97:8c:2e:8a:70:67:a1:95:73:eb:a5:f8:40:
d1:ed:9a:02:e3:bc:4f:15:c0:58:76:8a:cf:e9:c2:66:bf:fa:
2e:70:62:2e:42:d5:3f:96:c4:91:15:9d:63:a9:58:7d:b7:e8:
2f:10:6f:db:da:e0:69:14:dc:73:9c:3e:d1:42:8c:38:1c:d7:
19:65:76:58:37:13:19:9b:2b:c5:02:36:56:11:16:0c:02:e2:
cd:56:08:6c:af:9f:f8:56:19:e4:40:94:0b:51:42:9f:eb:6d:
69:14:fb:10:2d:d2:cb:20:cb:cf:c2:1e:ab:d0:4d:44:6d:0b:
3e:0d:ec:8a:d9:6d:c0:d8:0d:61:b3:56:00:00:3e:25:d7:ad:
6d:40:4e:a9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYqnX9agkQrGZ9CblqznPZnZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE4MDgxOTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGFmMjMzODZlMDUzYTVkMDY3NjdlNmIyYzZhYWNiNmFjNDdjMDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWKqoXEeBNYZQKwMIHD2/cFmoHCN
aJ3wALe4IUr+V6loTdwbTXlykojB7VGspb1XEJsbwgFpEZPiNZCDYTgz0MpeRh+I
OkH2WgOe6fetFHwo/OInnrbyruSzDlIuXWYHH2Y/kXi6/r40agIXyPQjUT1Bg+qn
noJro08JaJdCtWSwkL7SZ15hwiPAYan0+obFKeGeZQRPZVMXB9Z9hNPw8zryC4Ql
IrXqj4jqfS91wQyB9JJO0KMp7cFlOfN2pay51/IU43HR1G7JLVKIQxUmAmZ9loSY
3kZzkkDfrAGJrZcx14plNPT1Ef/aNBFHAh+JoMRrsqWyT88HzshSrrgk9QIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFNCvIzhuBTpdBnZ+ayxqrLasR8BBMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMEs4ak9HNEZPbDBHZG41ckxHcXN0cXhId0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVRaAwQA
T24yAwQAUEwyAwQAVdmRAwQAXXtVAwQAsH38AwQAud6jAwQAwSoiAwQAwjD5AwQA
wjD7MA0GCSqGSIb3DQEBCwUAA4IBAQBVWBCtTllEOzw1702m9J5ABWoCir4ku5+1
H47Lf+HCslnsL+60T8na7UH+JDj219whH0ScThvHhY4j3nE5E0VArSMztLNXmyU2
wHu9ieBCbi7IIbRsIQhfsQXyDxSLGrEpVpgo8ueyF9eyE7gthfSkPZeMLopwZ6GV
c+ul+EDR7ZoC47xPFcBYdorP6cJmv/oucGIuQtU/lsSRFZ1jqVh9t+gvEG/b2uBp
FNxznD7RQow4HNcZZXZYNxMZmyvFAjZWERYMAuLNVghsr5/4VhnkQJQLUUKf621p
FPsQLdLLIMvPwh6r0E1EbQs+DeyK2W3A2A1hs1YAAD4l161tQE6p
-----END CERTIFICATE-----
Generated at Mon Sep 18 13:39:40 2023 by rpki-client on console-ams.rpki-client.org