Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa
File: DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa (raw, json)
Hash identifier: j6DAQlIrHZ/G5zzUzvo9Wy0v/FxTPSCy+BichVvWdLw=
Subject key identifier: 0D:D9:4D:F0:F3:D4:33:94:F0:43:E4:BB:4F:C6:FE:A0:DB:4E:D7:4A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C918EB742B5D39820915AC0D00EF6A13D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa
Signing time: Fri 22 Dec 2023 12:44:58 +0000
ROA not before: Fri 22 Dec 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:8e:b7:42:b5:d3:98:20:91:5a:c0:d0:0e:f6:a1:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 22 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0dd94df0f3d43394f043e4bb4fc6fea0db4ed74a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:44:f5:94:3f:9d:83:6e:e0:6a:84:d7:8a:
57:31:28:88:5c:4a:99:2f:87:39:ff:8c:3d:7a:00:
69:26:22:29:37:68:2d:1c:e2:bd:c2:2e:e6:c6:da:
42:24:12:6b:6e:2b:bf:d9:43:20:0d:1d:dd:9f:3d:
4d:78:b5:e6:91:7f:5d:9a:f3:12:6a:e0:ca:21:34:
80:c5:46:d8:8a:5a:09:60:79:9d:05:ef:7d:a2:3d:
df:b8:f9:a3:60:44:58:09:f5:4f:c9:0f:25:50:a8:
ee:83:22:52:45:36:b3:20:a1:76:a4:3e:f8:ae:aa:
08:88:bf:67:60:65:96:ab:33:ea:14:3c:2c:8b:f8:
87:9f:b6:a8:f6:85:3b:97:d9:b2:8b:77:b4:e1:79:
fe:c9:d9:47:99:d8:14:8c:ff:54:0d:8d:94:01:e2:
53:a3:3d:29:38:c8:be:49:8b:3b:84:96:c3:ac:f8:
08:7b:e9:47:4d:19:dd:59:db:f3:d4:fb:5d:6b:fb:
d3:f7:93:1f:d6:53:09:cd:3f:6e:42:ce:22:8e:a6:
2f:e8:83:24:30:48:87:19:55:a2:31:a8:6f:85:33:
08:7b:2f:9b:c5:c8:11:57:5b:2d:90:c2:32:b0:d5:
74:84:3a:c7:98:0b:26:ec:8d:3a:bd:8a:54:b1:af:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:D9:4D:F0:F3:D4:33:94:F0:43:E4:BB:4F:C6:FE:A0:DB:4E:D7:4A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DdlN8PPUM5TwQ-S7T8b-oNtO10o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
83.219.97.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:00:19:9c:5a:61:3e:f3:f5:f5:99:a3:d1:d1:cb:9a:18:06:
2e:e7:26:a3:cb:22:ce:56:91:ed:5e:12:f1:a0:a6:67:84:ef:
5f:da:90:1e:88:fa:14:f0:58:1c:19:71:33:97:c7:f8:62:bc:
d2:db:ca:ba:f7:2e:a5:6e:5a:b2:30:02:f5:19:02:96:c2:ef:
7a:13:74:0b:65:6b:a1:ab:4c:90:9e:e7:89:69:25:75:f5:45:
76:55:f2:f0:99:bf:12:71:f7:a9:4e:99:74:f5:d0:cd:92:a0:
f2:43:bf:f4:8c:11:38:f6:40:0d:bc:5a:66:6f:fb:7c:ba:f1:
3f:c2:26:0a:20:2d:cb:ac:b4:55:5d:45:2e:b3:39:ce:28:70:
6a:29:29:ee:9a:78:d2:e2:13:f6:0b:38:ec:9a:18:8b:0f:d3:
64:fa:03:4a:39:c1:08:51:6c:df:ab:ad:56:59:29:c5:05:18:
c0:41:dd:e2:ee:c3:a6:e0:ad:d9:b1:88:f3:b8:fa:5b:4b:4c:
81:73:45:9a:e6:96:a1:6b:24:36:f7:92:98:67:0a:74:61:7d:
2c:ad:0a:98:7b:9c:3e:82:68:aa:ea:a4:15:ef:65:1a:b8:0d:
ce:2a:c5:d3:22:2e:ad:2a:ea:62:0c:39:98:9a:0d:cb:bd:45:
49:59:a6:21
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYyRjrdCtdOYIJFawNAO9qE9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIyMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGQ5NGRmMGYzZDQzMzk0ZjA0M2U0YmI0ZmM2ZmVhMGRiNGVkNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNJE9ZQ/nYNu4GqE14pXMSiIXEqZ
L4c5/4w9egBpJiIpN2gtHOK9wi7mxtpCJBJrbiu/2UMgDR3dnz1NeLXmkX9dmvMS
auDKITSAxUbYiloJYHmdBe99oj3fuPmjYERYCfVPyQ8lUKjugyJSRTazIKF2pD74
rqoIiL9nYGWWqzPqFDwsi/iHn7ao9oU7l9myi3e04Xn+ydlHmdgUjP9UDY2UAeJT
oz0pOMi+SYs7hJbDrPgIe+lHTRndWdvz1Ptda/vT95Mf1lMJzT9uQs4ijqYv6IMk
MEiHGVWiMahvhTMIey+bxcgRV1stkMIysNV0hDrHmAsm7I06vYpUsa8tUwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFA3ZTfDz1DOU8EPku0/G/qDbTtdKMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRGRsTjhQUFVNNVR3US1TN1Q4Yi1vTnRPMTBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
WFoDBAAtl1kDBABT22EDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywMA0GCSqGSIb3DQEBCwUAA4IB
AQCNABmcWmE+8/X1maPR0cuaGAYu5yajyyLOVpHtXhLxoKZnhO9f2pAeiPoU8Fgc
GXEzl8f4YrzS28q69y6lblqyMAL1GQKWwu96E3QLZWuhq0yQnueJaSV19UV2VfLw
mb8ScfepTpl09dDNkqDyQ7/0jBE49kANvFpmb/t8uvE/wiYKIC3LrLRVXUUusznO
KHBqKSnumnjS4hP2CzjsmhiLD9Nk+gNKOcEIUWzfq61WWSnFBRjAQd3i7sOm4K3Z
sYjzuPpbS0yBc0Wa5pahayQ295KYZwp0YX0srQqYe5w+gmiq6qQV72UauA3OKsXT
Ii6tKupiDDmYmg3LvUVJWaYh
-----END CERTIFICATE-----
Generated at Thu Dec 28 12:37:12 2023 by rpki-client on console-ams.rpki-client.org