Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JSdrF5DerWSdJPt3tfmK_JzfC1s.roa
File: JSdrF5DerWSdJPt3tfmK_JzfC1s.roa (raw, json)
Hash identifier: DQ6g2sjYR1nPrg/iaWlnDTEQB3HmIjVSbTJA9baFjg0=
Subject key identifier: 25:27:6B:17:90:DE:AD:64:9D:24:FB:77:B5:F9:8A:FC:9C:DF:0B:5B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01890C3C7E22212D9834430A987F297B5D44
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JSdrF5DerWSdJPt3tfmK_JzfC1s.roa
Signing time: Fri 30 Jun 2023 12:17:18 +0000
ROA not before: Fri 30 Jun 2023 12:17:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 185.221.67.0/24 maxlen: 24
171.22.28.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:0c:3c:7e:22:21:2d:98:34:43:0a:98:7f:29:7b:5d:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 30 12:17:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=25276b1790dead649d24fb77b5f98afc9cdf0b5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ca:a5:87:2a:93:09:7b:3d:b8:99:d2:fe:9c:
c2:c9:9f:8b:ee:c7:30:a5:f9:35:a9:7b:41:64:69:
80:b0:88:53:12:d3:10:d3:c7:a3:23:8c:fb:89:46:
33:ee:0b:00:db:0a:76:2a:c1:95:6a:e5:3f:5c:ee:
ea:ed:51:a1:d3:50:f2:0d:44:6c:07:5f:fa:1d:06:
08:8e:34:d9:17:ce:e5:00:e9:d8:bf:18:78:3d:bf:
ea:4a:d1:96:46:ab:50:5d:7f:c0:d9:73:ec:46:74:
9a:97:e3:1b:49:6c:52:d6:fc:7f:c1:61:34:5a:0e:
bb:e8:d8:84:f8:31:82:11:a9:fb:55:8c:a0:bd:dc:
d9:c1:bf:09:3e:69:93:9f:97:9a:d3:f1:2a:34:a4:
ba:de:19:9f:73:01:2a:2f:e9:dd:a5:72:93:b3:6d:
ca:80:c5:51:78:09:3c:0b:4f:2d:c6:f7:29:c8:6f:
3b:85:df:17:f9:3f:11:f2:1b:f2:e4:1e:1f:cd:a4:
73:11:19:d4:4f:4a:09:36:a4:be:9c:11:0c:72:17:
a6:31:c8:ee:30:c5:12:f4:05:b5:c6:4e:7d:21:7b:
3a:78:bb:b2:ba:8c:a2:b5:a7:13:00:d4:a4:39:13:
60:67:2d:6b:f3:d4:d1:32:4f:b8:1f:a1:ad:bf:de:
c6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:27:6B:17:90:DE:AD:64:9D:24:FB:77:B5:F9:8A:FC:9C:DF:0B:5B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JSdrF5DerWSdJPt3tfmK_JzfC1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
171.22.28.0/24
185.216.70.0/24
185.221.67.0/24
194.55.227.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:bb:d2:68:94:6c:96:3e:08:53:78:1c:f3:ac:de:1a:7b:4d:
bb:b7:77:04:09:c4:3c:bb:e7:a5:c7:14:5a:ee:ad:89:12:ee:
1b:c9:da:88:bb:04:20:ae:22:8d:29:59:3d:a5:29:9d:35:1b:
b2:c8:0f:a3:1f:42:c6:2c:e9:84:46:f1:52:e7:79:6e:f3:98:
12:9e:e8:2e:ba:85:c6:84:7a:e6:c2:6f:a3:2f:e4:98:b0:5a:
66:50:1a:52:12:02:5c:79:c9:40:0b:9c:02:f7:a4:c5:75:48:
11:48:77:a2:85:e2:94:f8:56:16:5e:eb:9d:7d:b1:e5:de:72:
47:58:88:73:3e:7d:39:76:fd:e0:f4:14:3d:9d:d6:f7:0d:24:
89:7c:df:e2:d3:4f:e7:da:56:27:4b:55:20:b2:1a:bb:b3:8c:
4e:08:e3:d4:2b:c1:12:4a:90:d6:ea:3d:d7:f7:70:1c:33:3a:
d2:d0:15:77:43:84:4e:eb:68:78:17:eb:bb:f7:b8:f3:2a:3b:
b6:7e:10:42:19:f0:6f:89:a9:f1:2f:43:5d:31:68:b1:48:92:
27:1a:b0:3e:8e:10:ca:bd:45:c1:00:2c:7d:3d:2e:33:79:53:
28:28:93:7d:78:21:41:50:2a:71:43:bb:0c:cb:a2:42:3f:30:
6d:65:77:2a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYkMPH4iIS2YNEMKmH8pe11EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjMwMTIxNzE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTI3NmIxNzkwZGVhZDY0OWQyNGZiNzdiNWY5OGFmYzljZGYwYjViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMqlhyqTCXs9uJnS/pzCyZ+L7scw
pfk1qXtBZGmAsIhTEtMQ08ejI4z7iUYz7gsA2wp2KsGVauU/XO7q7VGh01DyDURs
B1/6HQYIjjTZF87lAOnYvxh4Pb/qStGWRqtQXX/A2XPsRnSal+MbSWxS1vx/wWE0
Wg676NiE+DGCEan7VYygvdzZwb8JPmmTn5ea0/EqNKS63hmfcwEqL+ndpXKTs23K
gMVReAk8C08txvcpyG87hd8X+T8R8hvy5B4fzaRzERnUT0oJNqS+nBEMchemMcju
MMUS9AW1xk59IXs6eLuyuoyitacTANSkORNgZy1r89TRMk+4H6Gtv97GzwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCUnaxeQ3q1knST7d7X5ivyc3wtbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSlNkckY1RGVyV1NkSlB0M3RmbUtfSnpmQzFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABf1hkD
BABf1hoDBACrFhwDBAC52EYDBAC53UMDBADCN+MDBADCqa8wDQYJKoZIhvcNAQEL
BQADggEBAB270miUbJY+CFN4HPOs3hp7Tbu3dwQJxDy756XHFFrurYkS7hvJ2oi7
BCCuIo0pWT2lKZ01G7LID6MfQsYs6YRG8VLneW7zmBKe6C66hcaEeubCb6Mv5Jiw
WmZQGlISAlx5yUALnAL3pMV1SBFId6KF4pT4VhZe6519seXeckdYiHM+fTl2/eD0
FD2d1vcNJIl83+LTT+faVidLVSCyGruzjE4I49QrwRJKkNbqPdf3cBwzOtLQFXdD
hE7raHgX67v3uPMqO7Z+EEIZ8G+JqfEvQ10xaLFIkicasD6OEMq9RcEALH09LjN5
Uygok314IUFQKnFDuwzLokI/MG1ldyo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org