Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa
File: 5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa (raw, json)
Hash identifier: 16SVOvtUvUqpxAb5f5BYZJ4MWQpMoT2UosIjKVG2xgs=
Subject key identifier: E4:C0:18:E2:8D:B7:98:5F:C9:93:45:53:54:EF:0C:E2:10:0C:B1:94
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D82087B9767C9D4DCCD407FBA17890B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa
Signing time: Sun 01 Jan 2023 13:25:16 +0000
ROA not before: Sun 01 Jan 2023 13:25:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:82:08:7b:97:67:c9:d4:dc:cd:40:7f:ba:17:89:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e4c018e28db7985fc993455354ef0ce2100cb194
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a0:ec:11:c2:35:9d:cc:55:26:78:bd:f6:a6:
d3:62:4c:86:08:42:07:79:c8:29:fd:43:47:4a:69:
00:46:a0:55:c6:67:ca:a8:d7:57:78:09:cf:7a:da:
6b:9f:af:77:cc:8a:5d:70:ef:00:dc:f9:57:6b:35:
f1:8e:77:d2:f2:62:1e:d5:5f:eb:a7:34:83:90:fc:
0a:43:ef:29:64:d2:64:06:97:e7:b4:b5:09:a0:35:
7c:42:7b:86:b8:c6:0a:bb:97:1a:ee:c4:22:23:4c:
19:d2:db:f4:f8:bf:0e:34:bf:eb:b3:e4:26:72:29:
5d:83:0f:04:9e:a2:12:c5:6c:97:9b:ae:c7:eb:3a:
dc:63:4c:b1:2f:ba:8f:42:de:a1:11:c3:73:42:ee:
63:7b:b2:32:a1:bb:fe:67:a5:a3:04:54:ec:08:09:
c6:27:01:16:1d:09:3d:98:f3:a3:a2:69:3d:be:3f:
44:31:a8:ee:73:73:89:6a:ed:82:dc:d8:d8:31:da:
e5:2c:b8:57:26:cc:07:96:61:ba:a3:ff:36:61:e8:
84:65:d3:02:40:ad:e8:61:f1:67:7d:a4:43:ea:21:
4e:5b:99:cb:33:28:26:ac:ca:e1:69:bf:d3:43:30:
7b:04:4e:37:55:f1:66:8b:07:d0:46:82:26:5a:4e:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:C0:18:E2:8D:B7:98:5F:C9:93:45:53:54:EF:0C:E2:10:0C:B1:94
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/5MAY4o23mF_Jk0VTVO8M4hAMsZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
59:91:c0:b3:29:1c:1f:71:6e:e2:3f:ad:22:25:9b:d2:a0:ab:
bb:b0:c9:9a:fa:a7:68:b4:fd:7f:45:44:8a:e0:96:43:3c:43:
12:a8:99:a6:94:64:a9:9a:bf:be:f0:40:da:25:55:bf:c0:0f:
cd:62:0b:15:94:39:11:5e:b1:49:82:6d:2b:a9:8d:31:1d:b1:
12:96:f7:90:1c:88:19:d7:62:92:44:2b:df:0d:df:01:e1:59:
a3:77:e9:e8:7c:ac:9f:88:c0:48:1b:b6:49:ec:2b:a2:18:a6:
ad:ac:70:7e:06:2b:06:b7:34:05:65:bd:c8:fb:10:6f:e5:8b:
f0:72:4f:e1:31:46:c8:7f:8d:43:02:d4:14:06:63:55:8f:ca:
78:cc:6a:ef:aa:16:f0:f2:3c:72:3d:01:76:f6:13:71:1e:79:
01:f6:1f:88:fa:2d:b9:e9:57:a8:a0:c6:c1:46:05:12:91:9e:
e6:7e:a7:82:22:fd:2d:41:f3:c9:31:4c:ed:32:3e:27:b5:6b:
e3:f5:7f:e1:82:34:74:ec:48:db:62:ca:e0:dd:3e:22:af:67:
b4:dc:72:62:8c:d8:c0:c8:30:c1:47:55:39:c6:4a:cc:ae:6c:
fa:96:cf:ca:07:f6:3c:20:a7:93:14:77:2c:4b:b8:6b:92:70:
e9:85:05:0b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVtggh7l2fJ1NzNQH+6F4kLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGMwMThlMjhkYjc5ODVmYzk5MzQ1NTM1NGVmMGNlMjEwMGNiMTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46DsEcI1ncxVJni99qbTYkyGCEIH
ecgp/UNHSmkARqBVxmfKqNdXeAnPetprn693zIpdcO8A3PlXazXxjnfS8mIe1V/r
pzSDkPwKQ+8pZNJkBpfntLUJoDV8QnuGuMYKu5ca7sQiI0wZ0tv0+L8ONL/rs+Qm
cildgw8EnqISxWyXm67H6zrcY0yxL7qPQt6hEcNzQu5je7Iyobv+Z6WjBFTsCAnG
JwEWHQk9mPOjomk9vj9EMajuc3OJau2C3NjYMdrlLLhXJswHlmG6o/82YeiEZdMC
QK3oYfFnfaRD6iFOW5nLMygmrMrhab/TQzB7BE43VfFmiwfQRoImWk63oQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFOTAGOKNt5hfyZNFU1TvDOIQDLGUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNU1BWTRvMjNtRl9KazBWVFZPOE00aEFNc1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3DQEBCwUA
A4IBAQBZkcCzKRwfcW7iP60iJZvSoKu7sMma+qdotP1/RUSK4JZDPEMSqJmmlGSp
mr++8EDaJVW/wA/NYgsVlDkRXrFJgm0rqY0xHbESlveQHIgZ12KSRCvfDd8B4Vmj
d+nofKyfiMBIG7ZJ7CuiGKatrHB+BisGtzQFZb3I+xBv5Yvwck/hMUbIf41DAtQU
BmNVj8p4zGrvqhbw8jxyPQF29hNxHnkB9h+I+i256VeooMbBRgUSkZ7mfqeCIv0t
QfPJMUztMj4ntWvj9X/hgjR07EjbYsrg3T4ir2e03HJijNjAyDDBR1U5xkrMrmz6
ls/KB/Y8IKeTFHcsS7hrknDphQUL
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:31 2023 by rpki-client on console-ams.rpki-client.org