Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JJtkQtDIvcNUftZPWyXSxUPvhXY.roa
File: JJtkQtDIvcNUftZPWyXSxUPvhXY.roa (raw, json)
Hash identifier: bYhqyccyqJ915/KrgiKabVtRPLJzxUhqc6xUJEEOqBo=
Subject key identifier: 24:9B:64:42:D0:C8:BD:C3:54:7E:D6:4F:5B:25:D2:C5:43:EF:85:76
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C57FC4A345B6B2AE8CA203AD83BA3936E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JJtkQtDIvcNUftZPWyXSxUPvhXY.roa
Signing time: Mon 11 Dec 2023 08:26:40 +0000
ROA not before: Mon 11 Dec 2023 08:26:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:fc:4a:34:5b:6b:2a:e8:ca:20:3a:d8:3b:a3:93:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 11 08:26:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=249b6442d0c8bdc3547ed64f5b25d2c543ef8576
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:21:49:1e:2c:de:d7:bc:7f:3f:c2:b0:33:79:
b9:01:72:3d:9c:c5:07:6a:f6:b1:89:c4:ee:5d:65:
de:19:12:0f:b7:e8:a1:44:68:c7:85:a0:01:8e:c9:
5e:6b:6a:63:61:40:07:4b:bd:07:dd:69:6c:97:59:
14:b9:c7:c8:3e:db:7a:cb:41:df:d3:9b:71:00:9a:
93:fe:88:a8:05:b9:47:d1:5c:29:93:b8:04:50:3e:
7e:07:6a:3c:7a:f5:16:64:7a:6e:88:ad:de:25:78:
6e:0a:79:3a:eb:53:44:79:ab:76:80:92:be:51:1b:
d2:cc:61:14:58:74:8a:ea:61:1c:64:e8:22:ef:9a:
a5:1b:6f:17:f8:7e:73:03:35:3e:f6:2c:23:8e:ac:
7c:ba:e1:ab:82:ea:30:5b:00:e1:2b:8e:dc:02:7d:
42:20:7b:fa:51:3f:89:2c:55:ca:42:fe:0e:8c:f1:
52:45:0e:5d:83:62:07:8f:56:b7:22:9b:92:32:b1:
41:ee:bb:d8:43:7f:9c:f6:f0:11:57:6f:c2:c4:97:
7b:38:94:9f:7c:25:10:2b:98:f4:17:5d:24:a9:2c:
5d:39:49:47:65:5d:ab:18:3c:d6:db:f6:85:94:68:
57:45:4e:c3:62:1a:43:c6:bf:d3:b1:fd:12:bc:f7:
00:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:9B:64:42:D0:C8:BD:C3:54:7E:D6:4F:5B:25:D2:C5:43:EF:85:76
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JJtkQtDIvcNUftZPWyXSxUPvhXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/23
185.226.175.0/24
185.252.176.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
24:29:d3:b6:da:a1:e6:12:f4:30:b5:e2:fd:66:32:59:b2:7d:
de:e7:52:1a:c9:e9:fc:bb:11:b8:b8:f5:0e:ad:af:4a:8a:15:
22:40:2e:46:23:66:b4:9f:e5:33:3a:58:4e:af:40:c5:75:f6:
cb:40:d2:a9:15:6f:e5:45:ae:f2:57:34:51:2d:3d:0b:85:11:
d4:4a:4a:4e:3d:56:fd:6b:9c:dd:31:57:25:d5:b8:c2:7c:ea:
4c:2c:6f:cd:19:cd:3f:7c:92:80:cd:d3:c2:1b:8d:bc:46:45:
c4:e9:9a:5f:48:d8:20:03:f9:88:98:9e:d8:70:22:f7:eb:e4:
69:80:75:52:d4:df:f3:96:27:8f:e6:ee:7c:77:6d:96:eb:ef:
03:63:1a:f1:b6:05:62:cc:23:ad:ef:5a:ae:40:66:2a:a3:ec:
01:19:b6:5b:51:a4:3f:7b:f3:4d:3b:cc:e5:a4:72:55:86:28:
61:ff:0e:bb:2a:37:50:3d:db:82:74:ba:c9:79:08:3b:66:46:
88:41:92:c5:c9:39:c2:da:f3:a1:6a:19:a2:71:7e:e1:bb:1d:
04:4f:7f:62:5f:f5:3c:5e:a9:f9:a5:1f:6c:c4:68:52:a3:ad:
e6:57:9c:1e:e3:d1:c0:00:c0:98:d4:36:18:a8:a3:12:69:0a:
d7:3f:b1:6e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYxX/Eo0W2sq6MogOtg7o5NuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjExMDgyNjQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDliNjQ0MmQwYzhiZGMzNTQ3ZWQ2NGY1YjI1ZDJjNTQzZWY4NTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSFJHize17x/P8KwM3m5AXI9nMUH
avaxicTuXWXeGRIPt+ihRGjHhaABjslea2pjYUAHS70H3Wlsl1kUucfIPtt6y0Hf
05txAJqT/oioBblH0Vwpk7gEUD5+B2o8evUWZHpuiK3eJXhuCnk661NEeat2gJK+
URvSzGEUWHSK6mEcZOgi75qlG28X+H5zAzU+9iwjjqx8uuGrguowWwDhK47cAn1C
IHv6UT+JLFXKQv4OjPFSRQ5dg2IHj1a3IpuSMrFB7rvYQ3+c9vARV2/CxJd7OJSf
fCUQK5j0F10kqSxdOUlHZV2rGDzW2/aFlGhXRU7DYhpDxr/Tsf0SvPcA2wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFCSbZELQyL3DVH7WT1sl0sVD74V2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSkp0a1F0REl2Y05VZnRaUFd5WFN4VVB2aFhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
WFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQBueKsAwQAueKvAwQAufywAwQAwqmuMA0GCSqGSIb3DQEB
CwUAA4IBAQAkKdO22qHmEvQwteL9ZjJZsn3e51Iayen8uxG4uPUOra9KihUiQC5G
I2a0n+UzOlhOr0DFdfbLQNKpFW/lRa7yVzRRLT0LhRHUSkpOPVb9a5zdMVcl1bjC
fOpMLG/NGc0/fJKAzdPCG428RkXE6ZpfSNggA/mImJ7YcCL36+RpgHVS1N/zlieP
5u58d22W6+8DYxrxtgVizCOt71quQGYqo+wBGbZbUaQ/e/NNO8zlpHJVhihh/w67
KjdQPduCdLrJeQg7ZkaIQZLFyTnC2vOhahmicX7hux0ET39iX/U8Xqn5pR9sxGhS
o63mV5we49HAAMCY1DYYqKMSaQrXP7Fu
-----END CERTIFICATE-----
Generated at Mon Dec 11 14:04:42 2023 by rpki-client on console-ams.rpki-client.org