Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa
File: 65o_9XVTlxl4JsB2j2uDsQHWeTs.roa (raw, json)
Hash identifier: gmAiywA1rC3N8rFmBH1gQ0bb7GEFi7vIZBn1kMUCoDE=
Subject key identifier: EB:9A:3F:F5:75:53:97:19:78:26:C0:76:8F:6B:83:B1:01:D6:79:3B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B5BB5B22E3CA82794FD8E278392CC2832
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa
Signing time: Mon 23 Oct 2023 08:45:16 +0000
ROA not before: Mon 23 Oct 2023 08:45:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212238
IP address blocks: 87.120.68.0/24 maxlen: 24
94.156.14.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
45.149.240.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:5b:b5:b2:2e:3c:a8:27:94:fd:8e:27:83:92:cc:28:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 23 08:45:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=eb9a3ff5755397197826c0768f6b83b101d6793b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6c:93:ba:16:78:62:37:d4:de:0d:48:4f:79:
e9:57:e6:af:ee:21:eb:7b:86:f8:f3:b8:f6:a2:39:
e8:f3:65:45:6b:ac:63:17:a6:1a:58:d5:40:93:16:
6b:5f:76:64:f3:23:13:8e:2d:d9:6c:17:42:18:e2:
cf:0d:31:2f:bf:08:58:cd:90:7e:fd:b7:1b:f6:46:
d9:f7:96:59:a1:87:8e:1c:33:c8:6b:5c:c1:54:8f:
e2:eb:d0:45:88:6d:10:c6:cd:33:31:40:1b:b0:68:
0a:59:99:4e:68:75:8a:4a:4b:18:ea:26:4d:e1:3a:
7e:00:54:0c:d6:f3:0a:a0:78:83:29:a3:66:47:53:
16:53:2b:bc:82:56:08:68:65:1f:1b:1b:de:27:e4:
65:59:a6:7f:00:7a:c0:95:d4:34:f0:e2:a3:9a:91:
1f:d8:d7:1e:82:66:48:a1:90:e5:8c:26:f2:0b:76:
b1:5d:59:b6:14:92:f7:44:69:11:b8:03:ea:c6:ea:
13:7e:1b:33:72:22:1b:4c:16:34:b3:6a:b9:57:22:
e2:8e:df:53:4f:74:7c:6d:7c:7c:8f:2d:a3:db:fc:
32:b5:27:53:54:ba:9c:b8:a1:5b:5f:90:ac:8d:d5:
50:39:0c:3a:dd:79:4a:2c:9d:e3:c4:14:f7:56:3b:
00:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:9A:3F:F5:75:53:97:19:78:26:C0:76:8F:6B:83:B1:01:D6:79:3B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/65o_9XVTlxl4JsB2j2uDsQHWeTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.240.0/24
87.120.68.0/24
94.156.14.0/24
185.218.136.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:a0:3f:31:12:ca:90:94:55:73:05:0a:61:fa:be:d4:ec:b1:
eb:7e:27:92:84:77:7d:de:4a:f6:9a:09:a3:96:54:99:13:49:
13:42:7d:fe:16:0f:16:2f:99:85:30:84:94:7d:83:38:89:18:
53:76:c1:7a:29:55:4f:d9:21:24:78:5b:62:30:bb:74:da:1b:
f5:f0:9e:67:35:bb:49:e2:3f:54:3e:39:6a:c7:5c:23:87:6a:
dc:b9:02:59:09:b7:b3:eb:fb:1c:aa:ce:2d:32:6a:4e:28:86:
93:3d:b2:d5:80:27:ca:98:98:b3:5c:ba:2a:8f:28:fd:5a:81:
9a:df:ce:1c:e0:90:89:93:2d:7d:c6:61:86:e7:e6:96:df:3c:
85:b9:2c:82:3b:0a:b6:04:7c:40:f1:ab:b2:22:af:10:0c:45:
05:07:4b:58:c9:73:0a:2f:f0:cd:70:cc:c0:30:a3:fa:52:85:
cb:c5:ef:e3:a3:d5:26:82:ba:c8:03:dd:e4:d2:1e:27:ec:85:
ad:c5:77:6b:5e:23:dc:ae:9a:1b:c6:5f:be:aa:25:21:72:f4:
2c:50:b7:89:eb:ec:58:3e:5a:05:09:d4:2f:bc:f4:40:ca:1c:
54:2b:93:91:67:bd:61:d9:df:c4:4d:29:76:3f:20:aa:9b:bf:
c8:a3:8a:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYtbtbIuPKgnlP2OJ4OSzCgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIzMDg0NTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjlhM2ZmNTc1NTM5NzE5NzgyNmMwNzY4ZjZiODNiMTAxZDY3OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2yTuhZ4YjfU3g1IT3npV+av7iHr
e4b487j2ojno82VFa6xjF6YaWNVAkxZrX3Zk8yMTji3ZbBdCGOLPDTEvvwhYzZB+
/bcb9kbZ95ZZoYeOHDPIa1zBVI/i69BFiG0Qxs0zMUAbsGgKWZlOaHWKSksY6iZN
4Tp+AFQM1vMKoHiDKaNmR1MWUyu8glYIaGUfGxveJ+RlWaZ/AHrAldQ08OKjmpEf
2NcegmZIoZDljCbyC3axXVm2FJL3RGkRuAPqxuoTfhszciIbTBY0s2q5VyLijt9T
T3R8bXx8jy2j2/wytSdTVLqcuKFbX5CsjdVQOQw63XlKLJ3jxBT3VjsAoQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOuaP/V1U5cZeCbAdo9rg7EB1nk7MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvNjVvXzlYVlRseGw0SnNCMmoydURzUUhXZVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZXwAwQA
V3hEAwQAXpwOAwQAudqIMA0GCSqGSIb3DQEBCwUAA4IBAQCPoD8xEsqQlFVzBQph
+r7U7LHrfieShHd93kr2mgmjllSZE0kTQn3+Fg8WL5mFMISUfYM4iRhTdsF6KVVP
2SEkeFtiMLt02hv18J5nNbtJ4j9UPjlqx1wjh2rcuQJZCbez6/scqs4tMmpOKIaT
PbLVgCfKmJizXLoqjyj9WoGa384c4JCJky19xmGG5+aW3zyFuSyCOwq2BHxA8auy
Iq8QDEUFB0tYyXMKL/DNcMzAMKP6UoXLxe/jo9UmgrrIA93k0h4n7IWtxXdrXiPc
rpobxl++qiUhcvQsULeJ6+xYPloFCdQvvPRAyhxUK5ORZ71h2d/ETSl2PyCqm7/I
o4oE
-----END CERTIFICATE-----
Generated at Fri Nov 24 14:44:51 2023 by rpki-client on console-ams.rpki-client.org