Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2xyMai60YaQYSbUpeQYKrEiggWc.roa
File: 2xyMai60YaQYSbUpeQYKrEiggWc.roa (raw, json)
Hash identifier: jtxBAHoG+ymFL52UsY496NlT/HinkgROd8lZunIkSkg=
Subject key identifier: DB:1C:8C:6A:2E:B4:61:A4:18:49:B5:29:79:06:0A:AC:48:A0:81:67
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A6A9798D11F9CA7888C060F8344D7E834
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2xyMai60YaQYSbUpeQYKrEiggWc.roa
Signing time: Wed 06 Sep 2023 13:03:54 +0000
ROA not before: Wed 06 Sep 2023 13:03:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
45.14.167.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:6a:97:98:d1:1f:9c:a7:88:8c:06:0f:83:44:d7:e8:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 6 13:03:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db1c8c6a2eb461a41849b52979060aac48a08167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b8:c5:3d:f3:17:2d:31:26:cc:5a:d4:c8:dc:
f9:b1:62:05:d3:f9:65:93:09:14:a2:ca:6c:9c:a9:
23:d4:f1:be:56:be:9c:0b:65:e5:3f:c8:6b:3e:67:
9f:59:29:53:b9:26:44:bd:23:04:86:0e:79:93:40:
cd:e7:81:6d:8b:9b:60:c3:f1:06:b0:a3:2e:4b:be:
31:be:2f:03:64:14:e1:5d:2f:56:43:56:ba:5c:7a:
76:82:6d:45:3f:bb:48:a7:7c:06:df:ec:3f:00:9e:
a2:1a:9d:ed:5c:d8:55:77:0d:5d:c2:1f:98:10:dc:
ab:09:5a:75:9a:4f:83:64:1a:68:d4:a6:0c:68:f6:
da:e9:78:59:64:77:2a:3c:6a:89:04:3d:42:5d:b3:
68:73:12:42:1a:46:b9:bc:7f:af:3c:f1:8c:de:a4:
40:e9:7b:c6:2e:47:16:37:3d:da:a3:25:d6:14:6f:
a9:43:f4:a2:1f:81:92:14:12:e1:2f:d9:40:02:3e:
f1:5b:07:75:b4:52:28:63:08:94:b0:61:9d:66:1f:
f5:23:42:07:67:17:96:01:9b:63:92:ef:1e:cc:e2:
92:3d:23:77:c7:87:d1:dd:8d:a5:37:7e:8b:36:99:
ed:1f:de:f2:2e:9c:c8:a1:1d:ba:b3:55:8f:b9:e1:
9c:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:1C:8C:6A:2E:B4:61:A4:18:49:B5:29:79:06:0A:AC:48:A0:81:67
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/2xyMai60YaQYSbUpeQYKrEiggWc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.167.0/24
83.219.99.0/24
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
98:68:f8:87:19:29:09:04:0e:fc:f4:80:f5:55:a0:55:9f:07:
6a:ad:b1:97:03:fd:fd:e1:ad:ae:d6:4b:47:4e:f5:f2:b0:c1:
ae:26:d0:f3:a9:44:86:ac:d2:16:93:a0:f4:75:cd:28:c2:98:
6d:d3:45:9c:8a:08:2a:7d:bc:da:11:56:2d:99:60:c0:f2:1c:
13:35:c4:4c:46:e4:e9:a5:e3:eb:5f:32:ff:b0:c1:96:04:48:
a1:cf:9b:5d:ca:7e:6d:42:88:fe:ff:bb:16:04:5b:58:aa:d8:
12:ee:1c:c6:f5:c9:c0:b9:83:d4:70:6c:c8:6d:a0:61:a5:ba:
47:1b:b5:0e:d2:56:b8:e4:6b:6d:1b:6a:1b:77:0d:33:57:b0:
2b:61:e3:db:e9:67:6e:fe:d0:13:be:b2:9b:e3:d3:ca:d3:92:
d1:05:1d:9a:d1:b7:5c:ba:7c:65:8f:be:72:9d:d3:ee:9c:c3:
5e:3a:e3:d0:cb:0d:17:b4:6e:0a:75:45:c3:c4:1d:95:17:eb:
2e:28:5f:ac:ac:79:96:56:57:61:d4:ea:31:c7:4c:88:82:64:
22:3a:99:e1:d5:c1:3e:22:af:24:b3:e4:56:f5:84:e5:64:5c:
08:24:d1:88:f2:00:30:a2:82:ec:91:12:b9:5e:b9:68:98:5b:
f0:ae:7a:17
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpql5jRH5yniIwGD4NE1+g0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTA2MTMwMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjFjOGM2YTJlYjQ2MWE0MTg0OWI1Mjk3OTA2MGFhYzQ4YTA4MTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLjFPfMXLTEmzFrUyNz5sWIF0/ll
kwkUospsnKkj1PG+Vr6cC2XlP8hrPmefWSlTuSZEvSMEhg55k0DN54Fti5tgw/EG
sKMuS74xvi8DZBThXS9WQ1a6XHp2gm1FP7tIp3wG3+w/AJ6iGp3tXNhVdw1dwh+Y
ENyrCVp1mk+DZBpo1KYMaPba6XhZZHcqPGqJBD1CXbNocxJCGka5vH+vPPGM3qRA
6XvGLkcWNz3aoyXWFG+pQ/SiH4GSFBLhL9lAAj7xWwd1tFIoYwiUsGGdZh/1I0IH
ZxeWAZtjku8ezOKSPSN3x4fR3Y2lN36LNpntH97yLpzIoR26s1WPueGc5wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNscjGoutGGkGEm1KXkGCqxIoIFnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMnh5TWFpNjBZYVFZU2JVcGVRWUtyRWlnZ1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQ6nAwQA
U9tjAwQBV3hEAwQBXXtKAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQCYaPiHGSkJ
BA789ID1VaBVnwdqrbGXA/394a2u1ktHTvXysMGuJtDzqUSGrNIWk6D0dc0owpht
00WciggqfbzaEVYtmWDA8hwTNcRMRuTppePrXzL/sMGWBEihz5tdyn5tQoj+/7sW
BFtYqtgS7hzG9cnAuYPUcGzIbaBhpbpHG7UO0la45GttG2obdw0zV7ArYePb6Wdu
/tATvrKb49PK05LRBR2a0bdcunxlj75yndPunMNeOuPQyw0XtG4KdUXDxB2VF+su
KF+srHmWVldh1Ooxx0yIgmQiOpnh1cE+Iq8ks+RW9YTlZFwIJNGI8gAwooLskRK5
XrlomFvwrnoX
-----END CERTIFICATE-----
Generated at Mon Sep 11 00:56:48 2023 by rpki-client on console-ams.rpki-client.org