Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AXrjykOE5BhV8Ad5PqdrD7prMH8.roa
File: AXrjykOE5BhV8Ad5PqdrD7prMH8.roa (raw, json)
Hash identifier: ayIL11ODtzRbbFNADAU8WHsbCDfzyqjUnDocM076AlE=
Subject key identifier: 01:7A:E3:CA:43:84:E4:18:55:F0:07:79:3E:A7:6B:0F:BA:6B:30:7F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018798715919575B93215386217198648163
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AXrjykOE5BhV8Ad5PqdrD7prMH8.roa
Signing time: Wed 19 Apr 2023 07:36:17 +0000
ROA not before: Wed 19 Apr 2023 07:36:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 17447
IP address blocks: 2.59.255.0/24 maxlen: 24
2.59.254.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.88.0/24 maxlen: 24
93.123.118.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:98:71:59:19:57:5b:93:21:53:86:21:71:98:64:81:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 19 07:36:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=017ae3ca4384e41855f007793ea76b0fba6b307f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:c3:5b:41:66:91:de:94:7d:6c:73:a8:c4:ca:
df:da:04:ce:b6:10:fe:74:bc:55:84:c1:97:c0:18:
a0:8f:dd:0c:53:73:10:02:ff:c4:73:b7:dc:9c:bf:
49:1a:fd:0a:ad:a7:21:da:d4:5f:d2:2f:88:25:34:
71:a4:66:f3:a6:28:4d:e2:bc:5d:1e:33:96:9e:46:
02:7b:4b:14:d4:84:b3:0f:ea:52:90:e6:92:a1:36:
1b:cd:13:50:83:e3:46:6a:06:b3:65:13:de:37:46:
03:45:49:3e:04:1c:45:f7:9d:fc:32:99:ad:10:7d:
09:0c:fb:15:9a:a8:83:3c:52:ef:f3:0c:d5:ed:87:
0e:36:e6:3b:61:45:6b:98:d4:e5:f6:91:d5:93:c6:
96:d0:c3:7b:96:e1:da:f7:b4:c7:7f:a6:9d:8d:4c:
1e:b5:cf:5d:2a:4d:bd:8c:5b:07:bd:9d:4e:da:b5:
f9:52:e3:23:76:d0:99:2a:2c:23:65:f9:84:8d:71:
23:9a:f8:2c:f5:c6:d8:58:f4:de:70:0a:90:97:41:
b6:e1:c5:d7:1e:c7:5b:0c:88:91:45:f1:9d:e6:96:
66:7b:0e:86:17:47:b1:47:42:5c:54:26:c3:02:ca:
14:94:71:39:0b:6f:77:48:a1:ae:44:c2:1e:35:da:
3d:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:7A:E3:CA:43:84:E4:18:55:F0:07:79:3E:A7:6B:0F:BA:6B:30:7F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/AXrjykOE5BhV8Ad5PqdrD7prMH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.254.0/23
79.110.49.0/24
84.54.51.0/24
87.120.84.0/24
87.120.88.0/24
93.123.118.0/24
94.156.102.0/24
147.78.103.0/24
185.246.220.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:fc:a5:1e:f1:25:e7:e4:c8:46:72:bf:72:ee:f3:36:62:b6:
c4:f5:38:73:28:55:35:b2:9d:2e:0d:39:b9:91:58:a0:72:7b:
3c:fe:9d:ad:33:7a:f6:9a:82:ee:de:b1:b6:b2:77:db:a1:10:
cb:bc:be:0f:71:a4:c4:6b:49:21:09:86:c5:62:b2:b6:8e:bf:
b2:cc:60:ff:e8:0b:b4:4f:81:d1:99:c1:9b:4a:da:5c:db:69:
f9:9e:a9:f2:47:96:e8:63:37:25:09:23:8e:54:2e:63:ab:55:
fe:80:80:d1:d6:68:d7:b9:7b:c8:cd:de:7a:22:91:b3:5a:8d:
b2:37:eb:1f:ed:65:64:03:01:4a:22:a7:93:23:1e:5e:e5:84:
18:94:55:73:0f:55:4a:f1:23:ec:61:fa:93:b5:37:ca:ac:75:
d0:95:58:12:a0:5f:ad:87:51:2f:af:64:16:9a:1c:69:9f:51:
7c:19:6b:10:17:d8:b9:3e:27:45:24:94:4c:d3:81:5a:f0:7c:
f8:7c:f4:17:40:38:a5:4f:42:8f:f2:b8:69:aa:0a:97:66:b7:
6b:b1:45:f5:f2:ea:12:52:5b:19:23:f1:1a:cd:15:5c:c9:9f:
a6:c2:71:11:a5:2f:f5:6b:8e:a7:68:8c:a4:4d:03:15:b8:39:
f8:fb:c9:a5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYeYcVkZV1uTIVOGIXGYZIFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE5MDczNjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTdhZTNjYTQzODRlNDE4NTVmMDA3NzkzZWE3NmIwZmJhNmIzMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmMNbQWaR3pR9bHOoxMrf2gTOthD+
dLxVhMGXwBigj90MU3MQAv/Ec7fcnL9JGv0Krach2tRf0i+IJTRxpGbzpihN4rxd
HjOWnkYCe0sU1ISzD+pSkOaSoTYbzRNQg+NGagazZRPeN0YDRUk+BBxF9538Mpmt
EH0JDPsVmqiDPFLv8wzV7YcONuY7YUVrmNTl9pHVk8aW0MN7luHa97THf6adjUwe
tc9dKk29jFsHvZ1O2rX5UuMjdtCZKiwjZfmEjXEjmvgs9cbYWPTecAqQl0G24cXX
HsdbDIiRRfGd5pZmew6GF0exR0JcVCbDAsoUlHE5C293SKGuRMIeNdo9dQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFAF648pDhOQYVfAHeT6naw+6azB/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQVhyanlrT0U1QmhWOEFkNVBxZHJEN3ByTUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQBAjv+AwQA
T24xAwQAVDYzAwQAV3hUAwQAV3hYAwQAXXt2AwQAXpxmAwQAk05nAwQAufbcMA0G
CSqGSIb3DQEBCwUAA4IBAQA6/KUe8SXn5MhGcr9y7vM2YrbE9ThzKFU1sp0uDTm5
kVigcns8/p2tM3r2moLu3rG2snfboRDLvL4PcaTEa0khCYbFYrK2jr+yzGD/6Au0
T4HRmcGbStpc22n5nqnyR5boYzclCSOOVC5jq1X+gIDR1mjXuXvIzd56IpGzWo2y
N+sf7WVkAwFKIqeTIx5e5YQYlFVzD1VK8SPsYfqTtTfKrHXQlVgSoF+th1Evr2QW
mhxpn1F8GWsQF9i5PidFJJRM04Fa8Hz4fPQXQDilT0KP8rhpqgqXZrdrsUX18uoS
UlsZI/EazRVcyZ+mwnERpS/1a46naIykTQMVuDn4+8ml
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:33 2023 by rpki-client on console-ams.rpki-client.org