Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa
File: I7e4OqTW4cLbDX0z8XaOBLfoau0.roa (raw, json)
Hash identifier: rgoNiXsgtVzuyKRMKLhF+2J95ZJEUQawXkHQRFhStlU=
Subject key identifier: 23:B7:B8:3A:A4:D6:E1:C2:DB:0D:7D:33:F1:76:8E:04:B7:E8:6A:ED
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93F7DB9DB5610DC9151AFAA196135FDA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa
Signing time: Fri 03 Nov 2023 06:56:16 +0000
ROA not before: Fri 03 Nov 2023 06:56:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201749
IP address blocks: 194.55.226.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
83.171.204.0/22 maxlen: 24
45.139.105.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:f7:db:9d:b5:61:0d:c9:15:1a:fa:a1:96:13:5f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:56:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23b7b83aa4d6e1c2db0d7d33f1768e04b7e86aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9f:51:0f:26:33:18:88:6d:1a:e5:89:67:3b:
96:e5:7b:d8:bc:38:c1:95:af:83:2a:53:c6:2c:29:
0a:f3:bf:3c:97:2c:9e:dd:21:ea:17:76:01:f0:24:
94:cd:10:5c:e8:29:0d:84:d0:02:9b:19:9b:20:5c:
9b:1f:48:08:d8:be:9f:b9:ff:12:f7:e7:a4:a8:5d:
04:d6:61:01:34:16:9b:7f:71:bd:f4:a1:95:0d:6e:
a2:02:f7:31:70:98:21:c6:55:55:90:69:13:ba:d7:
90:df:04:45:a5:5f:4c:b6:42:93:96:25:20:ff:b7:
9d:99:32:7c:92:e9:d9:e9:4e:ea:e8:c0:ff:d4:31:
7a:81:13:db:00:38:e4:48:57:c3:58:d7:bf:9e:b4:
3c:26:d1:12:60:2d:4d:1c:ea:18:35:6d:2d:d5:f4:
7e:ea:b4:c0:59:01:a1:8a:47:31:63:e4:a3:ec:13:
02:48:bd:df:66:27:83:d6:c4:74:cf:0e:65:dc:ff:
85:ce:27:13:78:9f:5e:6e:9e:c3:92:e7:db:3d:07:
08:66:4e:de:8c:a6:16:b7:4c:37:d8:cb:98:3c:c9:
1f:28:45:e4:89:11:d9:81:bb:8a:06:c9:c0:6b:06:
52:a5:bf:c9:60:5e:4b:74:96:58:49:44:0b:2b:73:
3b:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B7:B8:3A:A4:D6:E1:C2:DB:0D:7D:33:F1:76:8E:04:B7:E8:6A:ED
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/I7e4OqTW4cLbDX0z8XaOBLfoau0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.105.0/24
80.76.50.0/24
83.171.204.0/22
87.120.87.0/24
176.125.255.0/24
194.49.87.0/24
194.55.226.0/24
Signature Algorithm: sha256WithRSAEncryption
57:1c:5f:7d:ad:bb:53:66:da:cd:6c:cd:80:f3:01:53:3c:d4:
30:33:a7:e5:7b:6f:fa:d8:de:16:10:1a:40:e7:6d:f3:7e:f7:
23:f3:ed:7f:1b:16:7f:21:0b:ec:df:d8:41:17:10:21:e4:85:
36:2f:e1:a4:a8:2c:a1:d7:15:91:0b:c8:7c:13:91:c5:78:80:
37:b4:a3:ba:60:4b:89:df:0b:60:ae:51:69:4f:0c:5a:50:52:
dc:79:02:5d:af:db:91:51:47:23:d9:31:21:a3:74:f3:13:18:
55:0e:32:1f:05:6e:61:4d:99:f0:d2:15:54:6f:d3:2f:bc:84:
43:71:73:fe:38:67:76:bd:e5:c9:bb:c5:90:ac:e3:e8:69:ed:
b2:01:ea:51:29:3f:26:16:e4:72:d0:4b:fe:5d:c1:6c:fa:00:
9c:75:01:64:41:c0:fa:3e:39:36:30:b5:50:18:08:9f:66:ea:
c1:b4:84:bf:b9:42:d0:a2:97:88:b7:60:26:87:7d:c8:bf:40:
a1:d7:68:07:47:c1:2e:87:b2:9a:36:a6:39:93:27:45:d7:f9:
04:4b:fb:89:41:72:9b:d9:74:71:1e:cc:f7:8d:aa:a4:81:b9:
83:d9:86:52:e4:3a:e2:0c:8a:fd:e2:45:53:e4:52:39:60:b5:
21:7c:bd:e3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYuT99udtWENyRUa+qGWE1/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDY1NjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2I3YjgzYWE0ZDZlMWMyZGIwZDdkMzNmMTc2OGUwNGI3ZTg2YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZ9RDyYzGIhtGuWJZzuW5XvYvDjB
la+DKlPGLCkK8788lyye3SHqF3YB8CSUzRBc6CkNhNACmxmbIFybH0gI2L6fuf8S
9+ekqF0E1mEBNBabf3G99KGVDW6iAvcxcJghxlVVkGkTuteQ3wRFpV9MtkKTliUg
/7edmTJ8kunZ6U7q6MD/1DF6gRPbADjkSFfDWNe/nrQ8JtESYC1NHOoYNW0t1fR+
6rTAWQGhikcxY+Sj7BMCSL3fZieD1sR0zw5l3P+FzicTeJ9ebp7DkufbPQcIZk7e
jKYWt0w32MuYPMkfKEXkiRHZgbuKBsnAawZSpb/JYF5LdJZYSUQLK3M70wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCO3uDqk1uHC2w19M/F2jgS36GrtMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSTdlNE9xVFc0Y0xiRFgwejhYYU9CTGZvYXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYtpAwQA
UEwyAwQCU6vMAwQAV3hXAwQAsH3/AwQAwjFXAwQAwjfiMA0GCSqGSIb3DQEBCwUA
A4IBAQBXHF99rbtTZtrNbM2A8wFTPNQwM6fle2/62N4WEBpA523zfvcj8+1/GxZ/
IQvs39hBFxAh5IU2L+GkqCyh1xWRC8h8E5HFeIA3tKO6YEuJ3wtgrlFpTwxaUFLc
eQJdr9uRUUcj2TEho3TzExhVDjIfBW5hTZnw0hVUb9MvvIRDcXP+OGd2veXJu8WQ
rOPoae2yAepRKT8mFuRy0Ev+XcFs+gCcdQFkQcD6Pjk2MLVQGAifZurBtIS/uULQ
opeIt2Amh33Iv0Ch12gHR8Euh7KaNqY5kydF1/kES/uJQXKb2XRxHsz3jaqkgbmD
2YZS5DriDIr94kVT5FI5YLUhfL3j
-----END CERTIFICATE-----
Generated at Thu Nov 9 18:05:33 2023 by rpki-client on console-ams.rpki-client.org