Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CGqNTi7Ly9FFmEexKJ8zNlwIPhQ.roa
File: CGqNTi7Ly9FFmEexKJ8zNlwIPhQ.roa (raw, json)
Hash identifier: Ewu6Sqitl/JRn03dYk1O9guKzxqdYPSL/+SC64602y8=
Subject key identifier: 08:6A:8D:4E:2E:CB:CB:D1:45:98:47:B1:28:9F:33:36:5C:08:3E:14
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B84BCA20050D9C073B0B656A3E0DA7D57
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CGqNTi7Ly9FFmEexKJ8zNlwIPhQ.roa
Signing time: Tue 31 Oct 2023 07:57:16 +0000
ROA not before: Tue 31 Oct 2023 07:57:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:bc:a2:00:50:d9:c0:73:b0:b6:56:a3:e0:da:7d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 31 07:57:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=086a8d4e2ecbcbd1459847b1289f33365c083e14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7f:27:47:84:24:e4:97:eb:bf:c4:6e:26:e5:
31:1a:aa:2f:6f:22:13:6f:60:4f:08:13:87:97:ff:
c4:f5:f7:bb:fa:ad:9c:94:d8:9f:65:76:4f:bc:18:
c1:21:0c:1b:b2:e8:3f:23:6a:d3:13:e3:58:8e:c1:
90:8b:84:4d:24:42:47:5d:f1:75:76:20:70:c3:96:
b1:85:d1:89:b0:ba:d9:c0:4e:d1:f6:2d:16:2f:af:
8e:61:7b:c7:7a:50:ca:08:a4:a2:96:00:a2:d6:f1:
ba:2e:67:af:79:84:e5:0f:d9:b3:09:4e:4b:b8:c1:
03:77:9a:ec:e5:5e:a5:a7:8a:06:93:64:88:99:b1:
d0:2f:35:0a:c8:12:36:41:aa:01:e3:70:3a:2b:3a:
33:86:2b:8d:b7:1e:5a:89:a9:9e:ee:d0:16:1b:66:
aa:a9:47:f2:61:c9:ba:49:5f:64:bb:5e:87:d0:3d:
d4:c2:0d:c0:ff:42:b5:af:66:4d:fc:f6:79:39:5c:
11:ab:19:21:99:0f:ac:3a:2f:a7:f2:32:8a:83:58:
f3:e5:fa:33:74:10:1a:bb:ae:60:f3:98:90:e2:fb:
72:64:b3:0f:af:a8:3a:54:7b:fa:6a:81:a8:17:a3:
ba:e2:db:44:74:ae:f7:75:13:b1:44:52:c2:86:05:
9e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6A:8D:4E:2E:CB:CB:D1:45:98:47:B1:28:9F:33:36:5C:08:3E:14
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/CGqNTi7Ly9FFmEexKJ8zNlwIPhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.151.90.0/24
79.110.50.0/23
84.54.49.0/24
85.217.145.0/24
94.156.176.0/24
185.226.175.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
86:af:45:72:30:aa:e9:24:6d:1f:46:22:69:92:fa:5c:46:51:
d3:4d:72:c3:8f:f3:67:e1:5b:6e:5e:71:fb:42:7e:4e:9c:94:
18:a0:5c:7d:94:9f:80:6b:41:0d:29:23:52:7d:ed:8a:de:0b:
68:b0:b3:2e:d9:36:70:1e:14:08:81:8d:35:15:9c:69:bd:8c:
f9:eb:5f:74:8a:ca:54:48:da:d4:70:a9:55:85:bf:a5:7d:0d:
57:fc:09:de:67:56:75:3b:d9:4e:a6:e4:93:f3:50:bb:75:8f:
09:90:4d:d7:2b:8f:8f:67:e0:52:cf:43:53:db:f8:b1:84:59:
50:84:2e:46:3a:14:bb:a9:46:48:74:f3:7c:c6:f9:20:c2:6a:
f2:87:de:5a:c8:12:03:22:81:88:7f:0e:16:9a:08:c8:ef:fd:
3c:64:39:24:4b:d2:ab:96:0b:c1:b5:07:43:36:de:57:9a:d5:
cc:8c:2f:61:57:28:82:3b:38:08:c4:6b:bd:6c:e6:85:56:83:
b4:ac:70:23:c8:9d:95:c1:2a:9a:f7:c1:14:b1:71:79:41:25:
2e:bd:92:64:4e:17:9d:60:a9:79:5b:10:09:e3:3b:3b:e2:30:
c5:f2:67:55:25:28:da:ba:40:60:9f:c3:aa:51:e1:86:cd:92:
a8:37:b6:9d
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYuEvKIAUNnAc7C2VqPg2n1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDMxMDc1NzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODZhOGQ0ZTJlY2JjYmQxNDU5ODQ3YjEyODlmMzMzNjVjMDgzZTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArX8nR4Qk5Jfrv8RuJuUxGqovbyIT
b2BPCBOHl//E9fe7+q2clNifZXZPvBjBIQwbsug/I2rTE+NYjsGQi4RNJEJHXfF1
diBww5axhdGJsLrZwE7R9i0WL6+OYXvHelDKCKSilgCi1vG6LmeveYTlD9mzCU5L
uMEDd5rs5V6lp4oGk2SImbHQLzUKyBI2QaoB43A6KzozhiuNtx5aiame7tAWG2aq
qUfyYcm6SV9ku16H0D3Uwg3A/0K1r2ZN/PZ5OVwRqxkhmQ+sOi+n8jKKg1jz5foz
dBAau65g85iQ4vtyZLMPr6g6VHv6aoGoF6O64ttEdK73dROxRFLChgWeywIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFAhqjU4uy8vRRZhHsSifMzZcCD4UMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ0dxTlRpN0x5OUZGbUVleEtKOHpObHdJUGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALVRaAwQA
LZdaAwQBT24yAwQAVDYxAwQAVdmRAwQAXpywAwQAueKvAwQCwZUcAwQAwjFWAwQA
1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQCGr0VyMKrpJG0fRiJpkvpcRlHTTXLDj/Nn
4VtuXnH7Qn5OnJQYoFx9lJ+Aa0ENKSNSfe2K3gtosLMu2TZwHhQIgY01FZxpvYz5
6190ispUSNrUcKlVhb+lfQ1X/AneZ1Z1O9lOpuST81C7dY8JkE3XK4+PZ+BSz0NT
2/ixhFlQhC5GOhS7qUZIdPN8xvkgwmryh95ayBIDIoGIfw4WmgjI7/08ZDkkS9Kr
lgvBtQdDNt5XmtXMjC9hVyiCOzgIxGu9bOaFVoO0rHAjyJ2VwSqa98EUsXF5QSUu
vZJkThedYKl5WxAJ4zs74jDF8mdVJSjaukBgn8OqUeGGzZKoN7ad
-----END CERTIFICATE-----
Generated at Fri Nov 3 15:18:00 2023 by rpki-client on console-ams.rpki-client.org