Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0UxGyD5_zKbQhyTFzuKF8XmbblE.roa
File: 0UxGyD5_zKbQhyTFzuKF8XmbblE.roa (raw, json)
Hash identifier: LHs8Wkebpp4f5cllbLuJhdcE5uSmY78YjrEbtV+ou5Q=
Subject key identifier: D1:4C:46:C8:3E:7F:CC:A6:D0:87:24:C5:CE:E2:85:F1:79:9B:6E:51
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B1E894BD9593246029111C3570E7FF180
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0UxGyD5_zKbQhyTFzuKF8XmbblE.roa
Signing time: Wed 11 Oct 2023 11:39:56 +0000
ROA not before: Wed 11 Oct 2023 11:39:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 94.156.2.0/24 maxlen: 24
91.92.16.0/24 maxlen: 24
87.120.192.0/23 maxlen: 24
91.92.26.0/23 maxlen: 24
91.92.27.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.123.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
94.156.152.0/24 maxlen: 24
45.8.92.0/24 maxlen: 24
94.156.154.0/23 maxlen: 24
87.121.60.0/22 maxlen: 24
91.92.67.0/24 maxlen: 24
45.139.123.0/24 maxlen: 24
94.154.160.0/23 maxlen: 24
94.154.173.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
94.156.238.0/24 maxlen: 24
87.121.146.0/23 maxlen: 24
93.123.76.0/22 maxlen: 24
141.98.5.0/24 maxlen: 24
87.121.163.0/24 maxlen: 24
93.123.80.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
94.156.178.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
94.156.180.0/23 maxlen: 24
87.121.104.0/24 maxlen: 24
93.123.24.0/24 maxlen: 24
87.121.103.0/24 maxlen: 24
93.123.26.0/23 maxlen: 24
87.121.114.0/23 maxlen: 24
93.123.112.0/22 maxlen: 24
93.123.119.0/24 maxlen: 24
5.253.58.0/23 maxlen: 24
193.25.219.0/24 maxlen: 24
5.253.56.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:1e:89:4b:d9:59:32:46:02:91:11:c3:57:0e:7f:f1:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 11 11:39:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d14c46c83e7fcca6d08724c5cee285f1799b6e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:59:cd:4d:c4:97:5d:24:f8:1a:2f:41:4b:8f:
2b:57:e3:13:58:b7:98:85:fc:32:10:99:d0:42:a3:
48:66:0d:43:21:13:e2:d8:77:ee:bb:e2:c7:2c:ec:
75:75:d3:d2:e3:71:bf:f9:b3:b3:f3:0d:cd:d6:96:
e8:18:07:dc:f4:7c:e2:32:4a:b7:8e:b8:44:d1:c9:
12:f3:60:73:3d:23:ee:f1:09:25:85:fb:47:ba:00:
22:80:9c:8d:d3:a2:09:86:96:85:4b:0f:78:30:52:
2e:ea:e2:51:05:f4:4e:f2:af:98:66:09:6b:23:fe:
06:9c:c6:8e:e9:41:74:fb:cb:1a:66:b1:d9:c5:b6:
dd:7b:a9:ff:3b:16:9d:1a:38:97:3f:ec:4e:2f:fb:
1a:27:ff:07:af:08:0f:44:54:e3:42:75:8f:fc:57:
06:b1:35:41:b5:a9:aa:c1:7b:1d:5a:11:51:be:3a:
99:1b:cd:d4:06:eb:a9:92:78:cd:ee:83:a7:c3:f1:
56:ae:0c:91:ea:c1:bd:4c:c4:e0:69:9a:c1:68:5c:
06:5d:c7:b0:19:78:9c:03:ef:41:6c:6f:12:67:77:
38:25:88:09:ee:18:a7:36:8f:c6:93:4b:12:67:48:
77:53:73:e9:15:cd:87:9b:0d:04:76:48:79:47:e4:
ef:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:4C:46:C8:3E:7F:CC:A6:D0:87:24:C5:CE:E2:85:F1:79:9B:6E:51
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/0UxGyD5_zKbQhyTFzuKF8XmbblE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0/22
45.8.92.0/24
45.139.123.0/24
87.120.192.0/23
87.121.38.0/24
87.121.60.0/22
87.121.103.0-87.121.104.255
87.121.114.0/23
87.121.146.0/23
87.121.163.0/24
91.92.16.0/24
91.92.26.0/23
91.92.67.0/24
93.123.24.0/24
93.123.26.0/23
93.123.76.0-93.123.80.255
93.123.112.0/22
93.123.119.0/24
94.154.160.0/23
94.154.173.0/24
94.156.2.0/24
94.156.152.0/24
94.156.154.0/23
94.156.178.0/24
94.156.180.0/23
94.156.237.0-94.156.238.255
141.98.5.0/24
185.252.177.0/24
193.25.219.0/24
193.47.62.0/24
193.58.121.0/24
193.58.123.0/24
194.55.226.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:bc:f6:2f:98:d9:0d:da:90:1b:80:50:7e:8f:81:af:3d:65:
e2:28:ad:ad:32:b5:e3:48:ef:6c:11:e1:f5:9c:be:aa:ef:44:
62:03:72:31:f0:fb:b8:c3:39:b9:99:e0:2c:17:fb:20:be:a8:
d5:15:c2:1c:b2:2f:3b:7f:ca:76:c6:f6:73:71:f0:40:a8:a8:
25:93:21:1b:bd:56:f2:5a:8c:e2:1f:c5:79:6d:3e:a2:07:54:
41:65:7b:a8:a6:6d:4f:ca:44:1d:01:42:24:2e:63:58:a8:b2:
2b:67:44:10:a3:78:e1:e5:b2:c1:62:0a:c3:12:52:d9:97:fe:
09:c5:3d:94:ed:f8:74:e4:69:7e:7b:5a:09:be:10:d8:1b:81:
7e:31:2d:01:3c:51:07:f1:ee:8d:71:92:6a:e3:1b:fa:f2:24:
50:ad:6a:4e:64:cf:8f:91:44:61:5e:af:6e:94:13:48:db:70:
b5:52:18:e4:d9:20:55:e1:e6:de:0d:22:dd:9f:b2:07:f2:2b:
a9:f1:01:56:0d:99:20:27:c2:06:f1:8e:b0:6c:e7:c8:56:46:
66:ec:bb:ce:a2:73:35:66:7d:df:e7:3b:dc:ec:f9:1d:b5:37:
37:43:26:56:72:b0:2f:de:7c:40:96:18:7d:1c:44:a8:07:81:
63:73:12:9c
-----BEGIN CERTIFICATE-----
MIIF4TCCBMmgAwIBAgISAYseiUvZWTJGApERw1cOf/GAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDExMTEzOTU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTRjNDZjODNlN2ZjY2E2ZDA4NzI0YzVjZWUyODVmMTc5OWI2ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm1nNTcSXXST4Gi9BS48rV+MTWLeY
hfwyEJnQQqNIZg1DIRPi2Hfuu+LHLOx1ddPS43G/+bOz8w3N1pboGAfc9HziMkq3
jrhE0ckS82BzPSPu8QklhftHugAigJyN06IJhpaFSw94MFIu6uJRBfRO8q+YZglr
I/4GnMaO6UF0+8saZrHZxbbde6n/OxadGjiXP+xOL/saJ/8HrwgPRFTjQnWP/FcG
sTVBtamqwXsdWhFRvjqZG83UBuupknjN7oOnw/FWrgyR6sG9TMTgaZrBaFwGXcew
GXicA+9BbG8SZ3c4JYgJ7hinNo/Gk0sSZ0h3U3PpFc2Hmw0Edkh5R+TvLQIDAQAB
o4IC7TCCAukwHQYDVR0OBBYEFNFMRsg+f8ym0Ickxc7ihfF5m25RMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMFV4R3lENV96S2JRaHlURnp1S0Y4WG1iYmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAQYIKwYBBQUHAQcBAf8EgfEwge4wgesEAgABMIHkAwQC
Bf04AwQALQhcAwQALYt7AwQBV3jAAwQAV3kmAwQCV3k8MAwDBABXeWcDBABXeWgD
BAFXeXIDBAFXeZIDBABXeaMDBABbXBADBAFbXBoDBABbXEMDBABdexgDBAFdexow
DAMEAl17TAMEAF17UAMEAl17cAMEAF17dwMEAV6aoAMEAF6arQMEAF6cAgMEAF6c
mAMEAV6cmgMEAF6csgMEAV6ctDAMAwQAXpztAwQAXpzuAwQAjWIFAwQAufyxAwQA
wRnbAwQAwS8+AwQAwTp5AwQAwTp7AwQAwjfiAwQA1FfNMA0GCSqGSIb3DQEBCwUA
A4IBAQCivPYvmNkN2pAbgFB+j4GvPWXiKK2tMrXjSO9sEeH1nL6q70RiA3Ix8Pu4
wzm5meAsF/sgvqjVFcIcsi87f8p2xvZzcfBAqKglkyEbvVbyWoziH8V5bT6iB1RB
ZXuopm1PykQdAUIkLmNYqLIrZ0QQo3jh5bLBYgrDElLZl/4JxT2U7fh05Gl+e1oJ
vhDYG4F+MS0BPFEH8e6NcZJq4xv68iRQrWpOZM+PkURhXq9ulBNI23C1Uhjk2SBV
4ebeDSLdn7IH8iup8QFWDZkgJ8IG8Y6wbOfIVkZm7LvOonM1Zn3f5zvc7PkdtTc3
QyZWcrAv3nxAlhh9HESoB4FjcxKc
-----END CERTIFICATE-----
Generated at Thu Oct 12 06:29:17 2023 by rpki-client on console-ams.rpki-client.org