Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0P3tnHN8T0tsbh0Psrnm8_jtE1Q.roa
File: 0P3tnHN8T0tsbh0Psrnm8_jtE1Q.roa (raw, json)
Hash identifier: SyqbaJGm2pKx8KTM+Jsf0m067FR7/JT5wh9nGPNDfYM=
Subject key identifier: D0:FD:ED:9C:73:7C:4F:4B:6C:6E:1D:0F:B2:B9:E6:F3:F8:ED:13:54
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93E84C93CEB7577A286F37D0F9D1EE06
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0P3tnHN8T0tsbh0Psrnm8_jtE1Q.roa
Signing time: Fri 03 Nov 2023 06:39:16 +0000
ROA not before: Fri 03 Nov 2023 06:39:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200105
IP address blocks: 87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
185.246.223.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:e8:4c:93:ce:b7:57:7a:28:6f:37:d0:f9:d1:ee:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:39:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d0fded9c737c4f4b6c6e1d0fb2b9e6f3f8ed1354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:61:3c:90:e3:30:0c:65:d9:ce:3b:f1:b9:61:
a2:ad:e1:a6:9c:f6:29:f5:36:81:84:6c:bc:36:2e:
23:95:45:2f:3c:9e:62:0b:d8:e5:6f:c8:f8:d2:2c:
4e:9b:2e:96:2c:80:7d:cc:e3:f0:a7:48:63:9f:57:
c9:5e:a6:d0:60:52:9c:13:1f:3c:2e:48:c6:2a:f3:
30:64:de:5c:e3:00:29:18:1b:ad:ea:e0:c3:73:96:
e3:cd:76:90:c6:80:fb:36:79:bc:8f:bf:5c:a2:af:
14:d0:88:aa:d9:04:be:a6:33:28:ac:8e:a0:cd:36:
ad:69:c8:77:14:0a:3d:2e:e4:da:2c:8f:1c:9b:1c:
00:32:70:1c:38:64:cd:6c:f1:a3:ad:ff:bb:b0:a5:
b2:36:40:85:3c:5c:b0:44:fb:48:17:f3:6a:4d:e9:
1e:65:6e:cc:af:0b:12:d5:ee:bd:64:0d:7e:0e:59:
c4:f1:6e:5a:57:7d:82:b5:22:ea:91:95:51:06:22:
3d:54:b3:5b:14:a6:d4:0b:90:ed:7c:cf:5c:6c:de:
35:2a:90:4d:77:56:6c:80:df:0d:07:c1:6d:e6:f3:
0f:b1:b1:12:13:d3:2e:53:a2:1e:4e:52:26:cb:81:
f4:00:1f:d7:ca:6d:99:66:be:7c:be:ce:d8:01:00:
bf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:FD:ED:9C:73:7C:4F:4B:6C:6E:1D:0F:B2:B9:E6:F3:F8:ED:13:54
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0P3tnHN8T0tsbh0Psrnm8_jtE1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.66.228.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
81.161.230.0/24
87.121.124.0/23
87.121.220.0/24
91.200.192.0/22
94.154.172.0/24
147.78.100.0/23
178.215.226.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
56:0f:5c:8c:ce:58:c7:26:a6:f2:7f:53:6a:f7:a0:61:28:97:
e3:c3:77:d3:73:aa:99:7b:d6:46:ed:b9:4a:a2:98:de:0c:d3:
cc:8b:bd:0b:aa:23:24:4c:81:f5:12:f8:91:f1:dd:8b:df:cf:
52:a8:d8:0e:86:fe:a2:06:5d:0b:eb:3e:c5:f7:3f:6d:c1:a8:
9b:6d:94:62:69:54:b5:02:c8:bd:c6:46:44:09:86:f8:21:0f:
f7:e4:70:3a:9d:1d:44:3d:99:8f:c4:a8:29:0b:33:27:42:33:
23:c6:6f:7c:0f:3b:10:ed:6b:cd:03:18:da:49:ed:a5:3c:79:
24:03:17:c9:24:c6:fb:d9:fb:00:c0:7d:29:ba:3f:41:0e:e2:
04:9f:6a:d7:9e:70:41:bb:c2:c9:b1:00:f9:59:c6:30:ad:9f:
a8:73:f5:58:be:e2:fe:65:a3:4c:f0:fd:b8:d6:22:d1:47:aa:
17:a1:89:d1:fe:78:37:2c:f6:a0:71:17:3c:4c:a2:e4:de:da:
7d:57:3f:32:16:9e:11:73:50:23:92:8e:27:26:11:03:6e:6f:
5b:78:31:67:1c:4d:a2:89:b3:8f:de:f5:05:9e:1f:29:8c:96:
42:69:d9:c0:cd:aa:0e:ae:48:7d:a7:f0:7a:dc:77:c2:1d:d9:
48:b9:ab:2a
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYuT6EyTzrdXeihvN9D50e4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDYzOTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGZkZWQ5YzczN2M0ZjRiNmM2ZTFkMGZiMmI5ZTZmM2Y4ZWQxMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGE8kOMwDGXZzjvxuWGireGmnPYp
9TaBhGy8Ni4jlUUvPJ5iC9jlb8j40ixOmy6WLIB9zOPwp0hjn1fJXqbQYFKcEx88
LkjGKvMwZN5c4wApGBut6uDDc5bjzXaQxoD7Nnm8j79coq8U0Iiq2QS+pjMorI6g
zTatach3FAo9LuTaLI8cmxwAMnAcOGTNbPGjrf+7sKWyNkCFPFywRPtIF/NqTeke
ZW7MrwsS1e69ZA1+DlnE8W5aV32CtSLqkZVRBiI9VLNbFKbUC5DtfM9cbN41KpBN
d1ZsgN8NB8Ft5vMPsbESE9MuU6IeTlImy4H0AB/Xym2ZZr58vs7YAQC/SwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFND97ZxzfE9LbG4dD7K55vP47RNUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMFAzdG5ITjhUMHRzYmgwUHNybm04X2p0RTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALQmcAwQA
LULkAwQALYFUAwQALYFWAwQALYtoAwQAUaHmAwQBV3l8AwQAV3ncAwQCW8jAAwQA
XpqsAwQBk05kAwQAstfiAwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQBWD1yMzljH
Jqbyf1Nq96BhKJfjw3fTc6qZe9ZG7blKopjeDNPMi70LqiMkTIH1EviR8d2L389S
qNgOhv6iBl0L6z7F9z9twaibbZRiaVS1Asi9xkZECYb4IQ/35HA6nR1EPZmPxKgp
CzMnQjMjxm98DzsQ7WvNAxjaSe2lPHkkAxfJJMb72fsAwH0puj9BDuIEn2rXnnBB
u8LJsQD5WcYwrZ+oc/VYvuL+ZaNM8P241iLRR6oXoYnR/ng3LPagcRc8TKLk3tp9
Vz8yFp4Rc1Ajko4nJhEDbm9beDFnHE2iibOP3vUFnh8pjJZCadnAzaoOrkh9p/B6
3HfCHdlIuasq
-----END CERTIFICATE-----
Generated at Fri Nov 3 07:34:12 2023 by rpki-client on console-fra.rpki-client.org