Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8dS7g_EctK6LzA7TppXT4ex5Hos.roa
File: 8dS7g_EctK6LzA7TppXT4ex5Hos.roa (raw, json)
Hash identifier: qQJYwGBFLUcfgfxxyFqjNrIEYV1VzN3h3CK7sOnklKc=
Subject key identifier: F1:D4:BB:83:F1:1C:B4:AE:8B:CC:0E:D3:A6:95:D3:E1:EC:79:1E:8B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A1749C5C1F2DE01B507E5572B95B4FC47
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8dS7g_EctK6LzA7TppXT4ex5Hos.roa
Signing time: Mon 21 Aug 2023 08:50:25 +0000
ROA not before: Mon 21 Aug 2023 08:50:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
45.14.166.0/24 maxlen: 24
45.14.167.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:17:49:c5:c1:f2:de:01:b5:07:e5:57:2b:95:b4:fc:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 21 08:50:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1d4bb83f11cb4ae8bcc0ed3a695d3e1ec791e8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:1c:5e:84:94:d0:4d:90:7c:07:55:65:15:7c:
c7:9b:03:b2:a9:9c:28:3a:25:4a:b4:4e:94:2e:5e:
a1:7e:e3:ee:2d:5e:84:5c:4c:ae:f7:06:3b:d8:ad:
fc:5e:b1:e2:dd:65:67:52:30:33:5b:d1:01:f1:54:
1f:a7:65:30:b9:2a:ec:0e:82:e6:4e:b8:f9:d2:67:
25:0e:c1:ee:d8:51:f7:94:a9:11:04:63:19:59:99:
c0:d7:19:64:15:ac:05:45:2a:a2:a8:8d:73:45:4b:
6d:7e:b3:6a:9c:5f:1e:fe:72:b5:08:b6:cf:b6:38:
a9:1f:40:fc:8f:e3:1a:87:a8:58:a7:bd:ee:fd:46:
68:82:f6:68:41:0f:3b:e5:76:ac:1f:ab:c5:91:9a:
09:17:30:27:93:3f:37:7b:ea:6c:d5:cc:6d:c3:94:
17:11:de:fd:fb:fd:9b:46:f2:58:95:7f:15:5b:a7:
28:e0:12:f1:58:85:99:b3:f6:ed:cd:2b:a8:e0:25:
af:45:9b:25:00:28:c5:7a:e8:07:78:a2:c6:69:40:
9c:61:c7:9d:23:af:6c:70:b7:af:e3:33:25:47:03:
4f:3a:8e:de:76:16:bd:2d:ac:b9:15:c8:de:d4:4e:
2e:70:26:d8:5f:92:4b:5f:99:5f:38:ce:8b:83:a9:
96:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:D4:BB:83:F1:1C:B4:AE:8B:CC:0E:D3:A6:95:D3:E1:EC:79:1E:8B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/8dS7g_EctK6LzA7TppXT4ex5Hos.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
45.14.166.0/23
83.219.99.0/24
87.120.68.0/23
93.123.75.0/24
Signature Algorithm: sha256WithRSAEncryption
06:2d:33:1b:bd:76:32:42:87:bb:e4:83:35:0a:66:5f:0c:8b:
e6:45:bf:b0:c4:a5:58:3d:a6:9f:49:50:11:42:c9:68:58:4f:
8a:7f:f4:93:50:7d:db:03:e8:17:18:55:64:fd:a0:92:56:65:
9d:c8:9b:a8:d8:fa:70:a6:44:db:fb:b2:ff:3b:54:e9:7c:d9:
32:24:f2:f6:6a:b5:22:3d:13:0d:a8:2a:65:bc:50:1e:86:ac:
23:32:d6:a8:0b:9b:c0:29:fb:95:cf:9b:53:fb:96:6f:d8:14:
3b:7b:24:2d:5c:8f:12:86:b9:37:c7:7b:6f:45:93:42:33:fc:
41:7b:cf:fb:81:be:89:37:43:76:17:f7:0d:d0:c2:13:26:d6:
50:90:d7:d3:2e:3b:0e:20:51:b1:68:fc:0c:89:6e:2f:fd:33:
c1:2b:85:81:e8:44:da:67:6c:fe:01:dd:8f:71:ae:0f:3d:19:
7e:ce:03:8c:01:0f:ed:89:02:2f:3b:62:0a:10:a0:37:b7:b9:
6e:77:f5:c0:45:37:af:0b:bc:b2:9f:22:c1:6b:db:95:fc:00:
a9:7e:ba:e2:d6:77:cf:71:01:a8:59:67:86:74:4d:00:2a:cf:
58:3a:c2:77:29:00:83:ae:cb:cc:f0:92:c3:6e:09:fd:1f:2c:
f5:75:8a:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYoXScXB8t4BtQflVyuVtPxHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIxMDg1MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWQ0YmI4M2YxMWNiNGFlOGJjYzBlZDNhNjk1ZDNlMWVjNzkxZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhxehJTQTZB8B1VlFXzHmwOyqZwo
OiVKtE6ULl6hfuPuLV6EXEyu9wY72K38XrHi3WVnUjAzW9EB8VQfp2UwuSrsDoLm
Trj50mclDsHu2FH3lKkRBGMZWZnA1xlkFawFRSqiqI1zRUttfrNqnF8e/nK1CLbP
tjipH0D8j+Mah6hYp73u/UZogvZoQQ875XasH6vFkZoJFzAnkz83e+ps1cxtw5QX
Ed79+/2bRvJYlX8VW6co4BLxWIWZs/btzSuo4CWvRZslACjFeugHeKLGaUCcYced
I69scLev4zMlRwNPOo7edha9Lay5Fcje1E4ucCbYX5JLX5lfOM6Lg6mWiQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPHUu4PxHLSui8wO06aV0+HseR6LMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvOGRTN2dfRWN0SzZMekE3VHBwWFQ0ZXg1SG9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALQheAwQB
LQ6mAwQAU9tjAwQBV3hEAwQAXXtLMA0GCSqGSIb3DQEBCwUAA4IBAQAGLTMbvXYy
Qoe75IM1CmZfDIvmRb+wxKVYPaafSVARQsloWE+Kf/STUH3bA+gXGFVk/aCSVmWd
yJuo2PpwpkTb+7L/O1TpfNkyJPL2arUiPRMNqCplvFAehqwjMtaoC5vAKfuVz5tT
+5Zv2BQ7eyQtXI8Shrk3x3tvRZNCM/xBe8/7gb6JN0N2F/cN0MITJtZQkNfTLjsO
IFGxaPwMiW4v/TPBK4WB6ETaZ2z+Ad2Pca4PPRl+zgOMAQ/tiQIvO2IKEKA3t7lu
d/XARTevC7yynyLBa9uV/ACpfrri1nfPcQGoWWeGdE0AKs9YOsJ3KQCDrsvM8JLD
bgn9Hyz1dYo/
-----END CERTIFICATE-----
Generated at Wed Aug 23 02:44:31 2023 by rpki-client on console-ams.rpki-client.org