Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FlSqdfHO1adfmZKJY3bGsBPY-y8.roa
File: FlSqdfHO1adfmZKJY3bGsBPY-y8.roa (raw, json)
Hash identifier: 9dRqCWSQuULpDjH/7Huj9IKbVLbgbWqeWZaZJebE4Yw=
Subject key identifier: 16:54:AA:75:F1:CE:D5:A7:5F:99:92:89:63:76:C6:B0:13:D8:FB:2F
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185789C38DC220926171F7A6A4596C9BFAE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FlSqdfHO1adfmZKJY3bGsBPY-y8.roa
Signing time: Tue 03 Jan 2023 17:09:42 +0000
ROA not before: Tue 03 Jan 2023 17:09:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 95.214.25.0/24 maxlen: 24
171.22.28.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:78:9c:38:dc:22:09:26:17:1f:7a:6a:45:96:c9:bf:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 3 17:09:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1654aa75f1ced5a75f9992896376c6b013d8fb2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b4:a7:33:c6:8e:34:d1:8a:b0:b7:73:46:83:
92:21:08:87:6e:fe:fa:b9:af:f8:fc:ba:a4:f8:5d:
bf:6d:e4:13:9b:55:1a:22:0d:0b:bc:7c:cc:20:80:
e0:98:1b:55:05:72:d9:ce:97:01:8d:fc:de:1a:cc:
69:6b:fd:4f:1f:5c:9d:9d:e9:30:97:49:74:1b:e5:
05:20:20:98:53:38:4e:c7:10:57:1d:65:de:35:06:
ca:fe:9b:58:44:8a:50:08:c5:a1:55:12:dc:18:55:
82:89:02:34:bb:70:8f:cb:f3:13:66:f6:03:d0:97:
d1:86:a6:e8:6e:e7:86:e5:a8:2b:62:3a:f0:0e:0e:
4d:81:44:1a:7c:bf:2f:88:71:12:ce:d6:56:4b:71:
52:34:1b:60:55:2a:f7:d5:4d:ef:9a:43:fb:d8:0f:
e7:b1:d1:77:52:4f:60:d4:96:be:fe:00:16:dc:ba:
76:c7:28:73:c3:e7:7c:9c:87:20:d4:f5:1d:8b:72:
b7:f3:15:18:dc:d2:5e:3f:c1:d7:d8:f0:63:69:a3:
3c:81:c9:66:3d:60:74:48:74:94:19:e1:6b:cc:83:
2d:e3:71:69:63:86:54:13:f7:a8:85:50:12:49:b3:
11:e4:21:fc:9c:f3:4a:10:05:fd:45:90:97:a8:e8:
f0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:54:AA:75:F1:CE:D5:A7:5F:99:92:89:63:76:C6:B0:13:D8:FB:2F
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/FlSqdfHO1adfmZKJY3bGsBPY-y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
171.22.28.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:39:01:44:04:ff:69:d9:52:69:53:ec:d1:db:84:5d:23:bc:
e4:23:aa:6a:46:2e:63:b3:3b:0f:ac:8d:9c:02:50:57:cb:58:
fe:4b:2c:cb:c9:2a:99:67:03:f8:8d:6c:a8:eb:ac:88:fb:b2:
cc:13:6b:f2:bd:3c:1d:e3:73:4e:ac:34:ab:01:e3:e8:d4:d3:
dd:c5:2f:26:af:5c:37:a7:79:bd:60:13:87:6b:c4:d8:1c:e7:
a5:d0:4c:18:9e:d8:c2:f7:a3:31:bc:65:88:a7:01:53:bd:a8:
df:68:e6:28:a6:83:58:33:7b:c3:05:20:1b:df:0e:03:f2:27:
14:d3:0f:90:f3:f5:e4:cb:96:c5:28:1d:1e:b9:7b:06:a4:c9:
ce:3c:a3:fd:e5:f8:1e:a5:3d:1e:04:6e:34:4d:ff:b0:2e:02:
b6:1b:ef:68:56:fb:e0:2e:c2:2b:5e:8c:1b:41:5e:41:dc:a5:
a9:70:c7:f8:e0:75:3f:be:5f:a5:83:c4:4b:8f:dd:03:b1:86:
44:5d:21:2d:32:7b:9e:64:be:5f:c0:d0:72:4d:7f:b4:c3:c0:
1e:aa:e8:2b:ec:b4:03:40:f0:2d:a2:a2:89:6b:83:32:7f:bb:
7a:44:a5:b7:45:63:fc:3d:e6:34:4c:60:c1:91:34:25:c7:d5:
cc:64:ad:bc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYV4nDjcIgkmFx96akWWyb+uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAzMTcwOTQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNjU0YWE3NWYxY2VkNWE3NWY5OTkyODk2Mzc2YzZiMDEzZDhmYjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAybSnM8aONNGKsLdzRoOSIQiHbv76
ua/4/Lqk+F2/beQTm1UaIg0LvHzMIIDgmBtVBXLZzpcBjfzeGsxpa/1PH1ydnekw
l0l0G+UFICCYUzhOxxBXHWXeNQbK/ptYRIpQCMWhVRLcGFWCiQI0u3CPy/MTZvYD
0JfRhqbobueG5agrYjrwDg5NgUQafL8viHESztZWS3FSNBtgVSr31U3vmkP72A/n
sdF3Uk9g1Ja+/gAW3Lp2xyhzw+d8nIcg1PUdi3K38xUY3NJeP8HX2PBjaaM8gclm
PWB0SHSUGeFrzIMt43FpY4ZUE/eohVASSbMR5CH8nPNKEAX9RZCXqOjw1QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBZUqnXxztWnX5mSiWN2xrAT2PsvMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRmxTcWRmSE8xYWRmbVpLSlkzYkdzQlBZLXk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABf1hkD
BABf1hoDBACrFhwDBADCqa8wDQYJKoZIhvcNAQELBQADggEBAA45AUQE/2nZUmlT
7NHbhF0jvOQjqmpGLmOzOw+sjZwCUFfLWP5LLMvJKplnA/iNbKjrrIj7sswTa/K9
PB3jc06sNKsB4+jU093FLyavXDeneb1gE4drxNgc56XQTBie2ML3ozG8ZYinAVO9
qN9o5iimg1gze8MFIBvfDgPyJxTTD5Dz9eTLlsUoHR65ewakyc48o/3l+B6lPR4E
bjRN/7AuArYb72hW++AuwitejBtBXkHcpalwx/jgdT++X6WDxEuP3QOxhkRdIS0y
e55kvl/A0HJNf7TDwB6q6CvstANA8C2ioolrgzJ/u3pEpbdFY/w95jRMYMGRNCXH
1cxkrbw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:34 2023 by rpki-client on console-ams.rpki-client.org