Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BkyrlMBZoMJecp3znqu2JFwd5Kw.roa
File: BkyrlMBZoMJecp3znqu2JFwd5Kw.roa (raw, json)
Hash identifier: EaLir44YHEG3OVbdfwpMXuNFSI9tfODS4s3J23LmW9c=
Subject key identifier: 06:4C:AB:94:C0:59:A0:C2:5E:72:9D:F3:9E:AB:B6:24:5C:1D:E4:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AA72E2C458E5EBFB3EE6963B5F8E2262D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BkyrlMBZoMJecp3znqu2JFwd5Kw.roa
Signing time: Mon 18 Sep 2023 07:25:35 +0000
ROA not before: Mon 18 Sep 2023 07:25:35 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 85.217.145.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:2e:2c:45:8e:5e:bf:b3:ee:69:63:b5:f8:e2:26:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 18 07:25:35 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=064cab94c059a0c25e729df39eabb6245c1de4ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:91:d3:51:41:cf:d5:f2:fe:a7:0e:af:01:2f:
53:da:ed:67:4b:02:d9:44:62:b1:9e:8c:c0:97:fa:
e6:14:c1:c2:cd:c5:01:a8:d0:97:08:bc:65:d6:c6:
b8:9b:ac:4f:48:6a:2d:8e:20:36:b3:be:6d:c0:36:
b8:72:42:b5:b3:32:53:ea:e4:02:a8:39:e7:c3:f3:
7e:1d:eb:2e:bc:86:77:a4:ba:69:bc:81:ca:5b:22:
45:da:34:9a:0f:6e:b7:3d:4f:b6:86:88:16:f8:0d:
ec:f6:d9:4d:56:99:6f:c2:68:c9:bc:7b:a4:e4:4e:
b4:a5:9b:12:8f:43:02:1b:23:79:67:51:50:96:55:
89:09:60:a0:9f:cf:9d:e4:7b:ff:24:54:36:15:6e:
7a:20:f3:28:39:6b:be:29:25:e5:53:1a:be:74:0c:
5c:62:1e:47:8e:d7:22:98:01:dc:e9:97:19:b3:c3:
b6:fd:49:82:ab:09:d9:a2:f7:13:4e:94:01:52:b7:
d0:6e:ed:d9:7a:e5:6d:7a:3b:a9:28:51:37:a6:ac:
6b:d6:ad:2b:11:af:bc:88:ed:54:6e:06:5c:cb:b2:
86:2a:f8:c5:6e:b4:1b:bd:ec:eb:48:1a:3d:c3:bd:
70:76:79:d4:76:da:51:e2:a6:ff:e6:7f:b9:ab:2b:
70:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:4C:AB:94:C0:59:A0:C2:5E:72:9D:F3:9E:AB:B6:24:5C:1D:E4:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BkyrlMBZoMJecp3znqu2JFwd5Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
79.110.50.0/24
80.76.50.0/24
85.217.145.0/24
93.123.85.0/24
176.125.252.0/24
185.222.163.0/24
193.42.34.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:48:f1:6a:ed:27:1a:ee:26:77:aa:e8:3f:be:2e:2e:f4:5e:
59:e6:e4:a5:67:77:14:91:66:1e:34:5f:5e:81:c6:1a:1a:96:
74:fe:80:a0:a3:ad:2e:a9:43:25:9c:91:80:00:dd:52:d2:0b:
bd:be:4a:e2:01:ee:0e:68:3c:b3:3e:d4:2b:ad:8f:7c:51:da:
fd:29:45:6c:e8:a3:99:9a:8d:66:d4:c2:6c:6a:ef:b8:54:b6:
f1:18:9d:e0:15:08:62:e0:0f:e0:0b:4f:a1:0c:2f:1d:bf:74:
60:09:09:06:c5:24:4e:0f:fe:7e:53:b9:d6:74:9a:4b:28:ba:
ae:cd:9e:a8:cd:23:13:98:86:d4:8e:ae:a0:5a:fd:ef:97:39:
00:ad:c5:3c:0a:04:9e:94:39:7c:f6:7f:56:14:20:76:8f:58:
b7:f6:ee:c4:17:2d:d7:e9:ae:a7:87:79:34:00:ee:9d:86:31:
bb:ce:98:d1:8a:7e:01:e7:4d:b9:75:d0:a5:7b:29:3f:59:2c:
c4:13:46:f3:ea:ff:52:1d:58:aa:27:3c:a7:a9:ec:d5:65:23:
e3:ff:ba:92:6b:11:59:32:f0:6f:d2:b3:8f:6a:09:58:2a:2d:
4b:b3:4c:80:f6:b6:0d:e5:07:69:37:9d:04:d9:ec:1a:37:f2:
39:82:30:a7
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYqnLixFjl6/s+5pY7X44iYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTE4MDcyNTM1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjRjYWI5NGMwNTlhMGMyNWU3MjlkZjM5ZWFiYjYyNDVjMWRlNGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpHTUUHP1fL+pw6vAS9T2u1nSwLZ
RGKxnozAl/rmFMHCzcUBqNCXCLxl1sa4m6xPSGotjiA2s75twDa4ckK1szJT6uQC
qDnnw/N+HesuvIZ3pLppvIHKWyJF2jSaD263PU+2hogW+A3s9tlNVplvwmjJvHuk
5E60pZsSj0MCGyN5Z1FQllWJCWCgn8+d5Hv/JFQ2FW56IPMoOWu+KSXlUxq+dAxc
Yh5HjtcimAHc6ZcZs8O2/UmCqwnZovcTTpQBUrfQbu3ZeuVtejupKFE3pqxr1q0r
Ea+8iO1UbgZcy7KGKvjFbrQbvezrSBo9w71wdnnUdtpR4qb/5n+5qytwYQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAZMq5TAWaDCXnKd856rtiRcHeSsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQmt5cmxNQlpvTUplY3Azem5xdTJKRndkNUt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVRaAwQA
T24yAwQAUEwyAwQAVdmRAwQAXXtVAwQAsH38AwQAud6jAwQAwSoiAwQAwS8/AwQA
wjD5AwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQCzSPFq7Sca7iZ3qug/vi4u9F5Z
5uSlZ3cUkWYeNF9egcYaGpZ0/oCgo60uqUMlnJGAAN1S0gu9vkriAe4OaDyzPtQr
rY98Udr9KUVs6KOZmo1m1MJsau+4VLbxGJ3gFQhi4A/gC0+hDC8dv3RgCQkGxSRO
D/5+U7nWdJpLKLquzZ6ozSMTmIbUjq6gWv3vlzkArcU8CgSelDl89n9WFCB2j1i3
9u7EFy3X6a6nh3k0AO6dhjG7zpjRin4B5025ddCleyk/WSzEE0bz6v9SHViqJzyn
qezVZSPj/7qSaxFZMvBv0rOPaglYKi1Ls0yA9rYN5QdpN50E2ewaN/I5gjCn
-----END CERTIFICATE-----
Generated at Mon Sep 18 08:57:20 2023 by rpki-client on console-ams.rpki-client.org