Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5iBeyNaiCfoADX-uneBb9IIJl4.roa
File: I5iBeyNaiCfoADX-uneBb9IIJl4.roa (raw, json)
Hash identifier: KQ0AvCzLD8GYJ4DP6vDzFCXyLo25QASGkBl+EwMPlic=
Subject key identifier: 23:98:81:7B:23:5A:88:27:E8:00:35:FE:BA:77:81:6F:D2:08:26:5E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B4BEC675DA019FF77C2E2300CAEC87301
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5iBeyNaiCfoADX-uneBb9IIJl4.roa
Signing time: Fri 20 Oct 2023 07:11:06 +0000
ROA not before: Fri 20 Oct 2023 07:11:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 84.54.49.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.49.86.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:4b:ec:67:5d:a0:19:ff:77:c2:e2:30:0c:ae:c8:73:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 20 07:11:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2398817b235a8827e80035feba77816fd208265e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b2:01:fe:0c:ce:b3:29:4a:54:86:bc:10:2f:
2e:00:de:1a:05:4c:6e:43:80:09:c6:41:b9:09:b5:
36:34:50:e7:47:2d:67:61:24:25:8a:13:89:f7:10:
1c:dc:6b:6f:34:1d:b6:20:7b:f8:45:7c:1e:83:a7:
ca:0e:b9:9f:a3:96:a1:a4:89:67:ba:a3:76:7e:a3:
c6:6b:57:f5:db:dc:0d:60:d3:aa:25:82:07:67:cb:
94:43:a9:10:79:8b:41:c0:d2:ff:f9:d2:6c:24:c9:
f4:12:a4:88:3f:38:3c:8b:23:1e:90:94:4c:c9:83:
dc:a1:a7:6e:b7:6d:96:0a:37:7d:b8:38:5b:66:4e:
f4:07:1d:61:93:35:57:c9:67:68:c1:c6:a2:20:33:
07:20:0b:54:4f:a9:3a:ff:b9:bf:ec:9b:44:92:d2:
ea:2b:b9:4f:74:e3:a5:e8:e1:57:96:2c:3e:82:1a:
66:ec:4b:ba:02:a7:67:ba:f2:ca:90:b3:1c:c4:17:
db:4f:a0:a8:5f:60:03:ef:a8:7d:ff:83:a1:58:85:
71:83:18:ab:7a:5b:92:84:c9:60:da:6b:0b:0c:c8:
41:b5:f7:72:92:ae:c1:37:ae:9a:d5:13:c1:3d:2a:
ea:a6:70:f5:c0:0e:a9:d2:7c:cb:14:02:d7:92:53:
9c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:98:81:7B:23:5A:88:27:E8:00:35:FE:BA:77:81:6F:D2:08:26:5E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I5iBeyNaiCfoADX-uneBb9IIJl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
45.151.90.0/24
84.54.49.0/24
85.217.145.0/24
87.120.87.0/24
94.154.163.0/24
176.125.255.0/24
193.149.28.0/22
194.49.86.0/24
Signature Algorithm: sha256WithRSAEncryption
21:36:1d:3b:44:9f:cc:6f:44:81:a2:9a:68:16:17:8e:f9:ae:
74:b6:d1:4a:11:fa:c9:e8:04:82:38:03:d3:7a:55:b2:45:76:
72:91:4b:84:9e:8b:80:3b:e3:07:7f:12:c9:83:9a:37:10:b4:
21:70:b2:9f:aa:be:9c:4c:f0:ec:d5:75:4d:f6:a1:b7:fb:ec:
90:b5:eb:b0:47:29:b3:58:8c:d6:f2:4a:d2:8c:74:49:71:15:
ee:f4:b7:ae:ea:03:1d:db:7b:78:69:43:e8:a6:ab:ef:b3:79:
76:57:2b:63:4f:c3:ad:9d:17:0e:19:c7:ac:5e:14:c5:97:c6:
79:b9:62:7f:bd:14:be:8c:5f:79:db:65:da:99:62:1d:66:1f:
29:4b:da:86:de:61:bd:73:53:0c:d1:f5:32:8c:99:85:ee:20:
bc:4c:57:19:5b:a0:67:31:60:9d:64:62:9e:55:1b:0a:3b:3b:
da:42:37:59:69:dd:0f:07:82:f0:91:67:99:94:19:11:21:59:
9a:bd:3d:93:ab:5a:2a:24:e1:49:6e:2f:aa:5f:0a:20:18:1a:
b9:29:ad:35:a5:d1:31:52:06:bb:03:f7:df:4f:75:14:69:86:
5d:00:3f:e7:ed:7a:7c:c6:45:1c:6e:df:33:ab:22:54:1b:89:
df:b9:88:f8
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYtL7GddoBn/d8LiMAyuyHMBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDIwMDcxMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk4ODE3YjIzNWE4ODI3ZTgwMDM1ZmViYTc3ODE2ZmQyMDgyNjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLIB/gzOsylKVIa8EC8uAN4aBUxu
Q4AJxkG5CbU2NFDnRy1nYSQlihOJ9xAc3GtvNB22IHv4RXweg6fKDrmfo5ahpIln
uqN2fqPGa1f129wNYNOqJYIHZ8uUQ6kQeYtBwNL/+dJsJMn0EqSIPzg8iyMekJRM
yYPcoadut22WCjd9uDhbZk70Bx1hkzVXyWdowcaiIDMHIAtUT6k6/7m/7JtEktLq
K7lPdOOl6OFXliw+ghpm7Eu6AqdnuvLKkLMcxBfbT6CoX2AD76h9/4OhWIVxgxir
eluShMlg2msLDMhBtfdykq7BN66a1RPBPSrqpnD1wA6p0nzLFALXklOcKwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFCOYgXsjWogn6AA1/rp3gW/SCCZeMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTVpQmV5TmFpQ2ZvQURYLXVuZUJiOUlJSmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVRaAwQA
LZdaAwQAVDYxAwQAVdmRAwQAV3hXAwQAXpqjAwQAsH3/AwQCwZUcAwQAwjFWMA0G
CSqGSIb3DQEBCwUAA4IBAQAhNh07RJ/Mb0SBoppoFheO+a50ttFKEfrJ6ASCOAPT
elWyRXZykUuEnouAO+MHfxLJg5o3ELQhcLKfqr6cTPDs1XVN9qG3++yQteuwRymz
WIzW8krSjHRJcRXu9Leu6gMd23t4aUPopqvvs3l2VytjT8OtnRcOGcesXhTFl8Z5
uWJ/vRS+jF9522XamWIdZh8pS9qG3mG9c1MM0fUyjJmF7iC8TFcZW6BnMWCdZGKe
VRsKOzvaQjdZad0PB4LwkWeZlBkRIVmavT2Tq1oqJOFJbi+qXwogGBq5Ka01pdEx
Uga7A/ffT3UUaYZdAD/n7Xp8xkUcbt8zqyJUG4nfuYj4
-----END CERTIFICATE-----
Generated at Fri Oct 20 10:36:09 2023 by rpki-client on console-ams.rpki-client.org