Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EXcKznvYR9L9AfKNmYJpW8sgbew.roa
File: EXcKznvYR9L9AfKNmYJpW8sgbew.roa (raw, json)
Hash identifier: tyIXxWEbeAb7+/BqJ5Jc1x92OXyO4IjL+sDYPPaMOZk=
Subject key identifier: 11:77:0A:CE:7B:D8:47:D2:FD:01:F2:8D:99:82:69:5B:CB:20:6D:EC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0188330EE9ED940CA95EDC4263CCECCF5A84
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EXcKznvYR9L9AfKNmYJpW8sgbew.roa
Signing time: Fri 19 May 2023 08:09:55 +0000
ROA not before: Fri 19 May 2023 08:09:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 94.156.6.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
87.121.47.0/24 maxlen: 24
193.42.33.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:33:0e:e9:ed:94:0c:a9:5e:dc:42:63:cc:ec:cf:5a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 19 08:09:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=11770ace7bd847d2fd01f28d9982695bcb206dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:8e:9c:2d:a3:29:f5:62:52:75:f6:64:34:90:
0c:b8:5a:67:06:fe:8a:44:fa:27:a2:87:0b:af:04:
36:b4:4b:60:db:47:c0:fe:2a:67:18:84:be:5c:37:
d9:f4:a4:96:71:a1:6f:bb:3a:dd:dd:c3:e7:d9:69:
12:8b:13:fc:22:bd:eb:e0:de:2f:4d:05:22:89:a0:
a6:34:7d:70:c5:be:27:a4:cb:47:cc:a0:47:51:f7:
db:31:a8:78:4c:45:22:32:3d:a3:b1:e2:cb:33:c8:
09:c5:0d:17:ea:61:72:48:e2:a0:94:93:e7:66:c8:
68:5a:8c:e2:da:26:72:85:fd:4d:b7:d9:e2:41:66:
62:67:92:f5:ea:22:79:2a:4b:7c:86:79:3a:a9:44:
10:6c:50:c7:df:4a:46:d7:c4:c9:ea:ec:82:07:05:
a4:59:ac:3f:a3:36:c0:9d:ec:59:ed:a3:a1:c8:47:
97:ce:13:1c:fe:b9:50:ee:fc:40:d1:33:73:37:50:
6b:77:d3:91:77:03:26:bd:a6:28:4a:99:10:23:d7:
8a:57:9b:07:b0:8f:6a:a1:a8:77:4d:b6:cc:22:e6:
47:0b:50:d5:5d:08:a2:ba:02:3d:65:f5:aa:b2:21:
fd:5d:a7:48:fb:9e:44:e8:dd:fd:d5:61:39:ae:89:
3e:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:77:0A:CE:7B:D8:47:D2:FD:01:F2:8D:99:82:69:5B:CB:20:6D:EC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EXcKznvYR9L9AfKNmYJpW8sgbew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.51.0/24
87.121.47.0/24
94.156.6.0/24
185.216.68.0/24
193.42.33.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:36:0c:6d:4e:7d:34:d5:10:7e:f2:64:67:11:c4:cd:c5:55:
a4:03:5e:3b:98:57:4b:73:ed:12:ad:2f:85:39:9c:6c:99:6a:
52:4d:bf:de:55:2a:f1:8e:e7:5c:00:95:36:4a:b0:d8:2b:42:
4c:e6:0a:c7:6c:dd:93:d5:59:b6:0b:a7:97:3a:e2:63:a6:b7:
95:7a:e6:ea:bb:fe:fe:96:c5:33:78:af:f1:50:22:4a:62:d1:
aa:29:a7:84:fc:da:08:90:24:89:e9:9f:c7:e4:43:00:60:3c:
5a:38:35:68:e2:5a:14:0c:05:ad:57:3a:25:94:77:b5:95:50:
3b:a6:0b:e0:1d:8f:45:5f:cf:80:9d:7f:36:63:1d:21:d7:a1:
55:4d:3f:2b:d4:6a:23:70:fb:77:e5:84:59:e8:e8:17:c5:62:
3b:c1:80:67:9b:ec:49:f6:06:57:04:eb:87:dd:80:76:3f:9e:
eb:52:28:d8:20:47:6f:4e:83:22:c2:30:46:9d:3d:93:60:f2:
7b:0d:0b:46:aa:da:1f:bc:49:41:75:37:10:94:b8:50:9e:96:
36:80:d2:d2:50:c3:9c:45:e5:7d:3d:ae:a5:5f:c7:dc:73:ae:
8e:bb:49:05:07:2f:af:27:4c:ef:d1:bd:02:d3:09:7b:66:df:
b1:6e:d9:4f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgzDuntlAypXtxCY8zsz1qEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTE5MDgwOTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc3MGFjZTdiZDg0N2QyZmQwMWYyOGQ5OTgyNjk1YmNiMjA2ZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApI6cLaMp9WJSdfZkNJAMuFpnBv6K
RPonoocLrwQ2tEtg20fA/ipnGIS+XDfZ9KSWcaFvuzrd3cPn2WkSixP8Ir3r4N4v
TQUiiaCmNH1wxb4npMtHzKBHUffbMah4TEUiMj2jseLLM8gJxQ0X6mFySOKglJPn
ZshoWozi2iZyhf1Nt9niQWZiZ5L16iJ5Kkt8hnk6qUQQbFDH30pG18TJ6uyCBwWk
Waw/ozbAnexZ7aOhyEeXzhMc/rlQ7vxA0TNzN1Brd9ORdwMmvaYoSpkQI9eKV5sH
sI9qoah3TbbMIuZHC1DVXQiiugI9ZfWqsiH9XadI+55E6N391WE5rok+tQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBF3Cs572EfS/QHyjZmCaVvLIG3sMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRVhjS3pudllSOUw5QWZLTm1ZSnBXOHNnYmV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT24wAwQA
T24zAwQAV3kvAwQAXpwGAwQAudhEAwQAwSohMA0GCSqGSIb3DQEBCwUAA4IBAQCd
NgxtTn001RB+8mRnEcTNxVWkA147mFdLc+0SrS+FOZxsmWpSTb/eVSrxjudcAJU2
SrDYK0JM5grHbN2T1Vm2C6eXOuJjpreVeubqu/7+lsUzeK/xUCJKYtGqKaeE/NoI
kCSJ6Z/H5EMAYDxaODVo4loUDAWtVzollHe1lVA7pgvgHY9FX8+AnX82Yx0h16FV
TT8r1GojcPt35YRZ6OgXxWI7wYBnm+xJ9gZXBOuH3YB2P57rUijYIEdvToMiwjBG
nT2TYPJ7DQtGqtofvElBdTcQlLhQnpY2gNLSUMOcReV9Pa6lX8fcc66Ou0kFBy+v
J0zv0b0C0wl7Zt+xbtlP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org