Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gq5lieE9uBeyuK8NQoobO9eLA0w.roa
File: Gq5lieE9uBeyuK8NQoobO9eLA0w.roa (raw, json)
Hash identifier: oPk3EPhwm1SswHnYb0gAYrPbjlAuBpwF5pue8TahJhI=
Subject key identifier: 1A:AE:65:89:E1:3D:B8:17:B2:B8:AF:0D:42:8A:1B:3B:D7:8B:03:4C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BA49E8DA13C942129F8C390FC76F56D07
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gq5lieE9uBeyuK8NQoobO9eLA0w.roa
Signing time: Mon 06 Nov 2023 12:32:16 +0000
ROA not before: Mon 06 Nov 2023 12:32:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:a4:9e:8d:a1:3c:94:21:29:f8:c3:90:fc:76:f5:6d:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 6 12:32:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1aae6589e13db817b2b8af0d428a1b3bd78b034c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fc:ce:81:29:44:52:8b:e3:08:11:85:b4:18:
b0:fe:9e:df:fa:73:4f:84:56:4f:73:4b:d9:d5:a9:
72:37:1f:28:45:7f:1b:29:4c:05:a0:c2:5d:bc:44:
c4:68:b1:84:8b:35:18:63:5e:23:67:8d:92:9b:71:
bd:d6:48:c6:60:ea:98:81:17:41:29:16:2d:01:b3:
2a:67:11:59:99:63:db:a1:a2:8e:4a:ca:80:25:d6:
c4:2e:62:1f:33:c0:9c:c0:28:a6:f4:41:ac:23:69:
34:d1:1e:0b:6c:f5:e7:77:2e:aa:19:c0:aa:b0:24:
b4:be:4f:85:95:1d:a6:f8:96:cb:08:f1:2a:97:e6:
1d:8b:ce:8d:4d:ac:f0:7f:fd:c7:14:c4:e9:25:f6:
65:5e:0a:75:09:9c:3c:57:f5:cf:44:fd:c0:64:c2:
2d:a0:5d:ef:97:04:c8:6e:9d:3c:5b:ee:39:a2:06:
22:97:43:5a:39:ac:83:bb:02:01:9f:d1:43:a6:55:
08:b3:7d:fa:b5:4b:f2:41:0a:af:21:61:51:b1:80:
ba:bf:9a:23:46:87:af:8f:ce:38:b0:8c:ad:78:6c:
00:5e:93:c3:55:aa:bf:7a:db:bc:8c:c3:89:54:43:
6d:e3:1d:2a:f0:25:3e:8b:69:aa:37:6f:22:0f:d9:
41:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:AE:65:89:E1:3D:B8:17:B2:B8:AF:0D:42:8A:1B:3B:D7:8B:03:4C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Gq5lieE9uBeyuK8NQoobO9eLA0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.84.90.0/24
45.151.90.0/24
79.110.50.0/23
84.54.49.0/24
94.156.176.0/24
185.226.175.0/24
193.149.28.0/22
194.49.86.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:f3:60:32:a7:3b:bc:ca:71:e5:6c:65:4f:4e:18:96:ee:56:
75:78:83:77:12:89:b7:9a:89:4e:ea:25:31:8b:d2:83:21:50:
a4:2f:9a:ff:3a:da:38:13:7c:eb:41:3b:c5:16:ab:74:c0:17:
18:a9:36:19:a9:a7:4b:99:39:b4:09:4d:fc:0c:2b:5f:25:93:
cd:3c:d0:41:d0:f1:e2:33:19:ec:3c:8a:bb:93:1f:99:a4:1f:
cf:73:30:6b:b0:e2:aa:6d:3b:50:7a:51:63:ff:1f:d2:5f:1b:
0c:e6:f9:2b:0f:58:90:93:d2:ad:4b:ab:e7:f4:df:ed:3b:fa:
ac:33:63:31:1f:0c:72:61:93:59:55:72:94:c7:3b:e8:e3:6e:
90:4c:ae:23:69:7d:ea:1d:a6:a3:86:75:9b:80:a6:15:67:e2:
d5:bb:7e:62:b2:37:96:ce:d9:61:c0:a0:2a:b4:5a:a2:05:5a:
42:41:fd:68:2d:69:ec:0b:e5:d0:c5:46:29:36:18:86:0f:4e:
9e:ef:c4:0b:c0:f4:58:62:8b:dd:32:a1:8f:8f:08:45:19:c2:
ec:e7:7a:4c:59:9c:2c:6a:c5:03:6b:92:02:95:b8:33:7d:41:
30:38:eb:f4:14:c4:e9:c2:0a:0c:69:8e:56:60:61:18:e9:b3:
bb:8a:5b:51
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYukno2hPJQhKfjDkPx29W0HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTA2MTIzMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYWFlNjU4OWUxM2RiODE3YjJiOGFmMGQ0MjhhMWIzYmQ3OGIwMzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfzOgSlEUovjCBGFtBiw/p7f+nNP
hFZPc0vZ1alyNx8oRX8bKUwFoMJdvETEaLGEizUYY14jZ42Sm3G91kjGYOqYgRdB
KRYtAbMqZxFZmWPboaKOSsqAJdbELmIfM8CcwCim9EGsI2k00R4LbPXndy6qGcCq
sCS0vk+FlR2m+JbLCPEql+Ydi86NTazwf/3HFMTpJfZlXgp1CZw8V/XPRP3AZMIt
oF3vlwTIbp08W+45ogYil0NaOayDuwIBn9FDplUIs336tUvyQQqvIWFRsYC6v5oj
Roevj844sIyteGwAXpPDVaq/etu8jMOJVENt4x0q8CU+i2mqN28iD9lBdQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFBquZYnhPbgXsrivDUKKGzvXiwNMMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvR3E1bGllRTl1QmV5dUs4TlFvb2JPOWVMQTB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALQhdAwQA
LVRaAwQALZdaAwQBT24yAwQAVDYxAwQAXpywAwQAueKvAwQCwZUcAwQAwjFWAwQA
1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAu82Aypzu8ynHlbGVPThiW7lZ1eIN3Eom3
molO6iUxi9KDIVCkL5r/Oto4E3zrQTvFFqt0wBcYqTYZqadLmTm0CU38DCtfJZPN
PNBB0PHiMxnsPIq7kx+ZpB/PczBrsOKqbTtQelFj/x/SXxsM5vkrD1iQk9KtS6vn
9N/tO/qsM2MxHwxyYZNZVXKUxzvo426QTK4jaX3qHaajhnWbgKYVZ+LVu35isjeW
ztlhwKAqtFqiBVpCQf1oLWnsC+XQxUYpNhiGD06e78QLwPRYYovdMqGPjwhFGcLs
53pMWZwsasUDa5IClbgzfUEwOOv0FMTpwgoMaY5WYGEY6bO7iltR
-----END CERTIFICATE-----
Generated at Wed Nov 8 07:41:23 2023 by rpki-client on console-ams.rpki-client.org