Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3RYmlQ9LCwUOwJN8xGu6q6eafgQ.roa
File: 3RYmlQ9LCwUOwJN8xGu6q6eafgQ.roa (raw, json)
Hash identifier: v/s25Zh1wGdwu+mje6cFnxB/9D0gim9oeRIiteMg8Pc=
Subject key identifier: DD:16:26:95:0F:4B:0B:05:0E:C0:93:7C:C4:6B:BA:AB:A7:9A:7E:04
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187A431381FFB8F75D5CFBB6D7D417192E2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3RYmlQ9LCwUOwJN8xGu6q6eafgQ.roa
Signing time: Fri 21 Apr 2023 14:21:41 +0000
ROA not before: Fri 21 Apr 2023 14:21:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 171.22.28.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a4:31:38:1f:fb:8f:75:d5:cf:bb:6d:7d:41:71:92:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 21 14:21:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=dd1626950f4b0b050ec0937cc46bbaaba79a7e04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:de:13:2a:e0:6f:7f:93:12:f7:c0:87:02:df:
fc:0d:94:be:b8:bc:f8:da:b6:49:a5:1d:6d:12:9b:
b5:27:47:58:9d:b6:0d:09:bb:3c:42:6c:20:09:36:
1f:36:40:a8:50:e1:8e:0b:6d:ad:3d:2b:c0:f1:37:
59:92:8e:de:d2:b1:5d:18:42:b3:03:29:e4:fd:90:
95:1b:68:59:a2:81:10:3d:95:6e:78:52:58:a3:68:
ab:34:e5:99:d5:a6:af:c9:81:4f:5e:24:8f:5d:d2:
ca:a7:0c:71:55:de:07:f5:ab:f1:4d:86:54:a2:89:
76:9d:56:66:53:d7:14:9c:24:3c:b7:89:21:64:46:
99:95:d8:70:f5:34:84:38:ce:99:3b:e9:19:79:2b:
b5:f7:76:de:0a:4f:c6:64:4c:5e:17:a0:b5:54:fb:
41:6b:19:c1:38:93:57:8b:3c:c8:f2:a5:43:28:56:
2d:39:f9:97:65:67:e2:6e:25:92:2b:51:94:19:ae:
e3:b6:c4:d0:e2:78:6a:25:f2:82:53:89:21:c7:32:
61:44:b2:8e:01:b8:61:28:92:a0:13:5f:82:26:f0:
01:ce:db:5d:9a:5e:79:a9:7f:38:94:52:dd:2f:6b:
d0:ca:77:5d:8e:ce:07:f4:74:5a:9a:38:57:d0:97:
7e:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:16:26:95:0F:4B:0B:05:0E:C0:93:7C:C4:6B:BA:AB:A7:9A:7E:04
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3RYmlQ9LCwUOwJN8xGu6q6eafgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
171.22.28.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
77:7c:07:cb:8e:88:61:51:1a:70:85:33:e0:7f:63:00:a2:49:
8c:99:87:cb:ca:32:bb:42:83:a6:d6:b9:55:ba:57:39:ab:f3:
2b:68:39:19:45:71:e3:91:ca:62:9e:af:50:ab:05:38:a1:c3:
f0:5c:c2:85:ab:9f:5c:b8:e9:31:1e:02:74:b1:d5:e9:57:f5:
22:17:4a:c4:43:68:4d:ad:47:51:76:21:52:0e:1b:53:05:f1:
5b:12:98:73:a9:3b:2c:bd:86:ac:7b:f9:46:60:dc:ee:b0:fb:
42:d3:67:23:fd:57:20:01:86:b5:7c:be:39:59:cf:03:6e:73:
ca:e2:94:35:9f:59:37:fd:83:d5:7b:b6:9c:ab:fd:ec:5d:9b:
95:d0:23:87:13:2d:b8:7c:b3:52:c5:6f:7c:c6:12:dd:30:e8:
48:b9:c9:1d:65:46:a2:c9:35:69:17:81:6c:f4:e6:a7:a6:b9:
dd:6f:af:13:32:2e:ee:97:4c:4c:8c:57:82:4d:68:04:ae:59:
cd:cc:ec:64:b7:9c:5e:95:ea:a7:d6:63:e1:ca:1c:bb:eb:a0:
35:fe:ec:69:2b:4d:8b:5e:c3:19:4b:71:ca:b6:dc:c0:84:44:
d4:80:ab:cf:35:bd:63:af:04:dc:a5:b7:f5:07:05:63:d6:13:
cc:27:78:81
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYekMTgf+4911c+7bX1BcZLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDIxMTQyMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDE2MjY5NTBmNGIwYjA1MGVjMDkzN2NjNDZiYmFhYmE3OWE3ZTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm94TKuBvf5MS98CHAt/8DZS+uLz4
2rZJpR1tEpu1J0dYnbYNCbs8QmwgCTYfNkCoUOGOC22tPSvA8TdZko7e0rFdGEKz
Aynk/ZCVG2hZooEQPZVueFJYo2irNOWZ1aavyYFPXiSPXdLKpwxxVd4H9avxTYZU
ool2nVZmU9cUnCQ8t4khZEaZldhw9TSEOM6ZO+kZeSu193beCk/GZExeF6C1VPtB
axnBOJNXizzI8qVDKFYtOfmXZWfibiWSK1GUGa7jtsTQ4nhqJfKCU4khxzJhRLKO
AbhhKJKgE1+CJvABzttdml55qX84lFLdL2vQynddjs4H9HRamjhX0Jd+kQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFN0WJpUPSwsFDsCTfMRruqunmn4EMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM1JZbWxROUxDd1VPd0pOOHhHdTZxNmVhZmdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABf1hkD
BABf1hoDBACrFhwDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAHd8B8uOiGFRGnCF
M+B/YwCiSYyZh8vKMrtCg6bWuVW6Vzmr8ytoORlFceORymKer1CrBTihw/BcwoWr
n1y46TEeAnSx1elX9SIXSsRDaE2tR1F2IVIOG1MF8VsSmHOpOyy9hqx7+UZg3O6w
+0LTZyP9VyABhrV8vjlZzwNuc8rilDWfWTf9g9V7tpyr/exdm5XQI4cTLbh8s1LF
b3zGEt0w6Ei5yR1lRqLJNWkXgWz05qemud1vrxMyLu6XTEyMV4JNaASuWc3M7GS3
nF6V6qfWY+HKHLvroDX+7GkrTYtewxlLccq23MCERNSAq881vWOvBNylt/UHBWPW
E8wneIE=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-ams.rpki-client.org