Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oo58aVBKkFYqGGHqQx-w_f737s.roa
File: 1-oo58aVBKkFYqGGHqQx-w_f737s.roa (raw, json)
Hash identifier: +x23G+pnlSrEY7IRH3xoO+ozXeqrkLKf5oVlLpxwS9I=
Subject key identifier: FA:8A:39:F1:A5:41:2A:41:58:A8:61:87:A9:0C:7E:C3:F7:FB:DF:BB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ACB3D76983472437EABA65538EAC69CC9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oo58aVBKkFYqGGHqQx-w_f737s.roa
Signing time: Mon 25 Sep 2023 07:28:37 +0000
ROA not before: Mon 25 Sep 2023 07:28:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
94.156.177.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:3d:76:98:34:72:43:7e:ab:a6:55:38:ea:c6:9c:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 25 07:28:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fa8a39f1a5412a4158a86187a90c7ec3f7fbdfbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:1c:69:09:cd:cd:5e:9a:11:34:95:8a:b1:59:
21:8f:0a:73:69:66:08:f3:9d:82:02:c0:a8:e3:64:
e8:eb:44:78:f3:3f:67:d9:78:08:c9:8f:46:35:1e:
3a:ef:cc:c1:70:49:0e:ca:8f:0a:83:16:bc:cf:87:
dd:3d:22:c9:f0:e9:5d:03:c6:57:d2:2f:72:3a:67:
d1:b5:8b:d5:72:02:5e:a2:d3:ce:f7:49:8a:03:46:
9a:48:27:e1:ff:fa:6a:20:18:90:34:ed:21:49:a3:
ae:64:8f:eb:ea:a9:c3:49:40:69:a7:be:00:b7:7c:
4e:95:dc:09:b7:92:fc:34:25:3e:bd:82:3c:ff:e7:
8f:60:b3:95:d3:06:69:52:ff:57:78:bd:59:c1:41:
9d:96:82:25:bb:46:bc:93:c3:4a:2d:fd:98:87:21:
ae:3e:47:d0:c4:00:36:c2:ec:9a:c0:17:fc:ab:8b:
2c:ad:82:00:69:a0:07:ab:6b:18:a9:59:f8:89:51:
0b:db:83:c5:f5:08:a4:89:4b:de:fe:7b:07:88:c6:
37:bd:8e:03:9f:7f:fe:39:a1:27:56:72:22:81:d8:
0b:db:1a:fd:d2:64:da:d5:20:01:0f:c5:3e:cf:da:
87:b8:ce:b0:30:72:06:b0:11:b4:f2:96:71:76:65:
ce:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8A:39:F1:A5:41:2A:41:58:A8:61:87:A9:0C:7E:C3:F7:FB:DF:BB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-oo58aVBKkFYqGGHqQx-w_f737s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.177.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
87:de:04:b1:e6:58:f0:ef:90:5a:95:66:bc:ff:d1:a7:e3:d9:
48:21:51:0b:5a:35:00:8f:f4:6a:5a:b0:6d:43:d1:0d:0d:4e:
25:17:91:c9:68:2a:54:9f:b4:4d:b6:89:50:cd:3f:43:b1:25:
5e:f1:fc:3a:ae:3a:0b:44:47:53:91:00:d7:14:f7:df:e7:ba:
cd:7c:bc:77:ba:94:cd:d9:8d:60:db:53:c8:a4:fb:2e:66:09:
26:fc:0c:51:42:bf:16:86:8d:a1:66:4e:ee:bb:74:b0:e9:4c:
0d:49:95:8f:07:43:0e:67:d7:e1:fa:93:cb:62:62:5a:91:94:
76:fd:1d:76:0d:f7:cb:6a:d3:3a:e3:8b:a5:df:55:ae:07:07:
08:35:2a:09:a7:9b:40:43:45:70:9a:e0:60:1b:60:20:a2:3c:
62:ce:cf:ba:25:98:5d:5a:71:71:29:a9:4a:a1:1f:63:f4:8a:
80:06:b8:74:2d:d0:55:52:52:ae:5f:8f:e3:99:87:20:e8:e5:
39:81:a5:41:59:f5:c6:cf:cb:1a:f3:a8:d0:43:39:a6:bb:83:
66:f1:38:e0:9a:d7:68:0e:99:f2:13:e9:61:a4:3b:5a:d3:4b:
bb:1f:00:36:f0:61:94:39:be:5c:2f:d5:a5:83:d2:85:ef:07:
30:db:42:b0
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgISAYrLPXaYNHJDfqumVTjqxpzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI1MDcyODM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYThhMzlmMWE1NDEyYTQxNThhODYxODdhOTBjN2VjM2Y3ZmJkZmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshxpCc3NXpoRNJWKsVkhjwpzaWYI
852CAsCo42To60R48z9n2XgIyY9GNR4678zBcEkOyo8Kgxa8z4fdPSLJ8OldA8ZX
0i9yOmfRtYvVcgJeotPO90mKA0aaSCfh//pqIBiQNO0hSaOuZI/r6qnDSUBpp74A
t3xOldwJt5L8NCU+vYI8/+ePYLOV0wZpUv9XeL1ZwUGdloIlu0a8k8NKLf2YhyGu
PkfQxAA2wuyawBf8q4ssrYIAaaAHq2sYqVn4iVEL24PF9QikiUve/nsHiMY3vY4D
n3/+OaEnVnIigdgL2xr90mTa1SABD8U+z9qHuM6wMHIGsBG08pZxdmXOrwIDAQAB
o4ICkTCCAo0wHQYDVR0OBBYEFPqKOfGlQSpBWKhhh6kMfsP3+9+7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1vbzU4YVZCS2tGWXFHR0hxUXgtd19mNzM3cy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCBpQYIKwYBBQUHAQcBAf8EgZUwgZIwgY8EAgABMIGIAwQA
LZdZAwQAV3hXAwQAV3ktAwQAV3k7AwQBW1wYAwQBXHfEAwQAXXt0MAwDBABemqED
BAJemqADBABenE4DBABenLEDBABenO8wDAMEApNOZAMEAJNOZgMEAqsWSAMEALLX
4AMEALLX7AMEArnYVAMEArnaVAMEALnbfgMEAMKprgMEAMK0MjANBgkqhkiG9w0B
AQsFAAOCAQEAh94EseZY8O+QWpVmvP/Rp+PZSCFRC1o1AI/0alqwbUPRDQ1OJReR
yWgqVJ+0TbaJUM0/Q7ElXvH8Oq46C0RHU5EA1xT33+e6zXy8d7qUzdmNYNtTyKT7
LmYJJvwMUUK/FoaNoWZO7rt0sOlMDUmVjwdDDmfX4fqTy2JiWpGUdv0ddg33y2rT
OuOLpd9VrgcHCDUqCaebQENFcJrgYBtgIKI8Ys7PuiWYXVpxcSmpSqEfY/SKgAa4
dC3QVVJSrl+P45mHIOjlOYGlQVn1xs/LGvOo0EM5pruDZvE44JrXaA6Z8hPpYaQ7
WtNLux8ANvBhlDm+XC/VpYPShe8HMNtCsA==
-----END CERTIFICATE-----
Generated at Mon Sep 25 08:30:01 2023 by rpki-client on console-ams.rpki-client.org