Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4y5Lzfd4BTSmmgOxW17OxjXWmmQ.roa
File: 4y5Lzfd4BTSmmgOxW17OxjXWmmQ.roa (raw, json)
Hash identifier: dumOR0Zu14WixGmctsRTQ5aVZ1yRIBKZ/Fuy72Qn0PY=
Subject key identifier: E3:2E:4B:CD:F7:78:05:34:A6:9A:03:B1:5B:5E:CE:C6:35:D6:9A:64
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B19EB582D9D6CBB8B7D4CED94DA16CF4E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4y5Lzfd4BTSmmgOxW17OxjXWmmQ.roa
Signing time: Tue 10 Oct 2023 14:08:55 +0000
ROA not before: Tue 10 Oct 2023 14:08:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
195.178.110.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:19:eb:58:2d:9d:6c:bb:8b:7d:4c:ed:94:da:16:cf:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 10 14:08:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e32e4bcdf7780534a69a03b15b5ecec635d69a64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:83:15:3a:6c:1c:2b:bc:95:20:6f:2f:da:85:
2d:99:5a:f3:d0:ba:91:87:68:e4:4b:67:d2:50:e7:
88:22:fb:14:cb:f3:43:72:8a:4c:66:a4:3f:ac:be:
94:56:5d:27:80:25:27:ed:21:c1:ea:6c:1d:99:2f:
68:da:16:60:55:cf:b6:36:27:53:26:ba:23:00:60:
12:93:14:f8:7f:9f:de:a2:3f:ee:af:30:89:14:56:
cd:65:36:ca:bc:bc:64:22:5d:14:58:8b:3d:14:42:
b4:8e:6d:42:0d:61:8c:de:3c:82:5c:59:0a:79:88:
ff:fd:65:61:78:ce:c1:42:e9:87:98:d3:6a:a1:b6:
33:46:3d:38:e3:2a:3e:0c:b8:bf:ea:74:91:4d:2e:
80:f9:d0:f5:f9:9d:76:64:c5:5b:cb:35:72:d7:e5:
d7:a0:c7:fb:90:98:fd:8b:33:f7:13:eb:af:c2:ff:
81:a2:dd:f3:35:c5:c0:95:a2:dd:1e:38:9b:7d:aa:
93:6a:10:63:75:2d:ea:63:cb:60:f7:39:65:d7:76:
d7:19:58:eb:48:b5:c7:33:f1:2d:46:6e:bc:bf:69:
b0:fa:24:f6:f8:83:b9:d3:21:c7:7d:e5:78:6e:f3:
94:7e:70:45:ab:d3:21:00:d0:5f:77:b3:2f:c7:1a:
05:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:2E:4B:CD:F7:78:05:34:A6:9A:03:B1:5B:5E:CE:C6:35:D6:9A:64
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/4y5Lzfd4BTSmmgOxW17OxjXWmmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.45.0/24
87.121.59.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
195.178.110.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d1:6f:34:eb:25:59:44:29:1e:72:28:1d:ab:d0:b9:c2:6f:
51:11:31:5e:2b:d0:6c:d1:ff:73:a1:aa:54:9a:f4:1f:69:a7:
0f:55:57:6a:f2:9c:0c:84:32:11:d6:af:34:57:32:18:a5:46:
9e:e9:10:39:35:75:24:e4:9d:04:be:cd:9a:ae:2e:91:93:e2:
08:8b:69:f7:cc:17:50:f2:23:9c:0a:60:d1:01:72:d0:a7:2b:
68:a8:f9:2b:02:5f:98:ec:57:17:a7:f4:59:bb:77:21:cf:1e:
c5:e6:b0:20:2e:8d:cc:65:5d:ad:b8:52:12:18:5e:16:bc:5f:
5c:b1:ac:37:df:9d:21:ee:18:84:96:d9:e5:8d:01:ca:5d:5c:
a2:6e:02:eb:27:26:4c:dd:9e:98:91:9d:b1:79:5a:3d:42:51:
88:c0:cf:a5:3f:56:7c:16:8d:d0:bd:23:16:35:68:80:40:73:
5c:39:33:a5:15:3d:77:38:a0:16:e7:72:39:e6:10:ca:95:c3:
c4:f2:d7:66:42:c6:4c:da:41:ad:a1:23:79:bf:af:7d:83:b7:
90:55:67:89:40:34:90:3a:c7:08:cd:6f:43:1c:9d:b7:a5:42:
7d:8d:85:64:5e:f0:ea:09:b1:0f:05:e5:d0:d7:19:22:3f:de:
5f:eb:2c:92
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYsZ61gtnWy7i31M7ZTaFs9OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDEwMTQwODU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzJlNGJjZGY3NzgwNTM0YTY5YTAzYjE1YjVlY2VjNjM1ZDY5YTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhIMVOmwcK7yVIG8v2oUtmVrz0LqR
h2jkS2fSUOeIIvsUy/NDcopMZqQ/rL6UVl0ngCUn7SHB6mwdmS9o2hZgVc+2NidT
JrojAGASkxT4f5/eoj/urzCJFFbNZTbKvLxkIl0UWIs9FEK0jm1CDWGM3jyCXFkK
eYj//WVheM7BQumHmNNqobYzRj044yo+DLi/6nSRTS6A+dD1+Z12ZMVbyzVy1+XX
oMf7kJj9izP3E+uvwv+Bot3zNcXAlaLdHjibfaqTahBjdS3qY8tg9zll13bXGVjr
SLXHM/EtRm68v2mw+iT2+IO50yHHfeV4bvOUfnBFq9MhANBfd7MvxxoFDwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFOMuS833eAU0ppoDsVtezsY11ppkMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNHk1THpmZDRCVFNtbWdPeFcxN094alhXbW1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
l1kDBABXeS0DBABXeTsDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQMEAl6aoAME
AF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQCudhU
AwQCudpUAwQAufywAwQAwqmuAwQAwrQyAwQAw7JuMA0GCSqGSIb3DQEBCwUAA4IB
AQBZ0W806yVZRCkecigdq9C5wm9RETFeK9Bs0f9zoapUmvQfaacPVVdq8pwMhDIR
1q80VzIYpUae6RA5NXUk5J0Evs2ari6Rk+IIi2n3zBdQ8iOcCmDRAXLQpytoqPkr
Al+Y7FcXp/RZu3chzx7F5rAgLo3MZV2tuFISGF4WvF9csaw3350h7hiEltnljQHK
XVyibgLrJyZM3Z6YkZ2xeVo9QlGIwM+lP1Z8Fo3QvSMWNWiAQHNcOTOlFT13OKAW
53I55hDKlcPE8tdmQsZM2kGtoSN5v699g7eQVWeJQDSQOscIzW9DHJ23pUJ9jYVk
XvDqCbEPBeXQ1xkiP95f6yyS
-----END CERTIFICATE-----
Generated at Mon Oct 16 12:58:13 2023 by rpki-client on console-ams.rpki-client.org