Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JyyAfWgAb1j6R4ekDMBSxkT-HAk.roa
File: JyyAfWgAb1j6R4ekDMBSxkT-HAk.roa (raw, json)
Hash identifier: lQdYWczfoaIOJclpZFNxZQL+kI/geB4Y7vj7Xn+roG8=
Subject key identifier: 27:2C:80:7D:68:00:6F:58:FA:47:87:A4:0C:C0:52:C6:44:FE:1C:09
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187E59730DC485E56F3F9CB32516DA20023
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JyyAfWgAb1j6R4ekDMBSxkT-HAk.roa
Signing time: Thu 04 May 2023 07:08:23 +0000
ROA not before: Thu 04 May 2023 07:08:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
185.221.67.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:e5:97:30:dc:48:5e:56:f3:f9:cb:32:51:6d:a2:00:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 4 07:08:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=272c807d68006f58fa4787a40cc052c644fe1c09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e3:ca:2a:8c:bc:39:68:ce:c7:b5:c4:74:e6:
b4:df:ee:df:c2:9d:56:ac:1b:0a:42:06:41:26:cb:
57:3e:64:05:05:fa:82:5c:4e:64:1e:65:a0:06:bf:
cd:fc:81:be:56:2f:e1:47:3a:02:be:11:b0:fa:b7:
bf:62:a3:89:cf:bf:51:86:75:d0:26:53:91:4b:c8:
c1:c7:1e:d4:d6:11:27:22:d0:87:5a:6e:55:22:dd:
a6:0d:38:eb:3f:b5:f9:8c:73:d6:99:1a:b3:ed:1c:
ce:87:e2:3c:23:43:06:41:29:06:d9:de:1d:6b:5f:
88:76:84:32:87:b9:42:d7:96:48:94:51:20:35:5c:
88:aa:96:42:45:da:73:c4:5e:af:bc:eb:f1:2d:45:
94:28:80:4f:68:11:52:68:97:43:2c:b6:52:de:7d:
68:85:df:ec:b7:ac:4d:8c:51:12:c2:33:c9:97:ef:
62:bf:f9:0e:a2:52:49:19:1c:47:be:8f:15:ee:7e:
d0:72:1b:00:04:91:0d:b5:dc:f2:50:3e:2d:6d:5a:
16:16:97:ef:d1:1e:67:65:ee:b5:8c:a9:78:9b:88:
d6:21:c7:3d:4a:58:fc:8b:aa:ce:c1:95:e4:9d:2d:
ef:21:97:50:86:5e:8e:e2:65:10:ef:e7:47:19:e5:
39:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:2C:80:7D:68:00:6F:58:FA:47:87:A4:0C:C0:52:C6:44:FE:1C:09
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/JyyAfWgAb1j6R4ekDMBSxkT-HAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
87.120.87.0/24
91.92.24.0/23
171.22.19.0/24
185.221.67.0/24
193.149.28.0/22
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
93:ba:b1:06:c9:0c:82:96:e2:cc:ca:8e:38:00:11:11:84:62:
6a:db:f7:3a:8f:cb:aa:96:dd:ef:be:6a:44:b6:4b:a3:d5:81:
5a:9c:f1:95:df:95:55:ad:50:4c:c5:18:a5:de:75:86:7a:ad:
e0:fd:9c:71:94:57:df:18:a1:f3:84:4a:ae:2a:8e:91:9d:95:
29:4b:c9:7a:7d:ec:47:d1:a5:fd:78:dc:fa:c7:72:da:74:27:
f1:c6:27:84:cb:45:13:63:d9:5e:74:1e:54:bf:38:65:9a:e6:
2a:3b:ff:3b:36:ba:58:78:d5:98:ed:05:59:be:5e:b6:83:e0:
f5:bb:64:95:7b:b8:f4:bc:eb:3c:d0:20:9e:b4:d4:45:56:60:
5a:af:52:13:b7:62:1f:a7:2c:eb:f3:8b:bc:47:e5:5a:82:eb:
73:85:92:51:8a:bb:07:5e:a8:d6:5a:45:70:d4:c4:8f:f4:45:
0d:18:6c:ee:16:03:ed:15:0b:ef:6f:f0:25:97:72:59:ff:92:
40:70:fa:cb:9f:17:a7:0c:37:85:a9:76:bb:cf:99:69:15:6a:
1f:91:60:01:12:b0:a6:7f:25:db:b2:ed:c0:3d:0c:1a:76:11:
dc:96:40:cb:9b:1b:42:b8:1a:bb:4a:2c:db:24:29:2e:b8:a4:
31:c1:8a:e2
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYfllzDcSF5W8/nLMlFtogAjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTA0MDcwODIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNzJjODA3ZDY4MDA2ZjU4ZmE0Nzg3YTQwY2MwNTJjNjQ0ZmUxYzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOPKKoy8OWjOx7XEdOa03+7fwp1W
rBsKQgZBJstXPmQFBfqCXE5kHmWgBr/N/IG+Vi/hRzoCvhGw+re/YqOJz79RhnXQ
JlORS8jBxx7U1hEnItCHWm5VIt2mDTjrP7X5jHPWmRqz7RzOh+I8I0MGQSkG2d4d
a1+IdoQyh7lC15ZIlFEgNVyIqpZCRdpzxF6vvOvxLUWUKIBPaBFSaJdDLLZS3n1o
hd/st6xNjFESwjPJl+9iv/kOolJJGRxHvo8V7n7QchsABJENtdzyUD4tbVoWFpfv
0R5nZe61jKl4m4jWIcc9Slj8i6rOwZXknS3vIZdQhl6O4mUQ7+dHGeU5BQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCcsgH1oAG9Y+keHpAzAUsZE/hwJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSnl5QWZXZ0FiMWo2UjRla0RNQlN4a1QtSEFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYDpAwQA
V3hXAwQBW1wYAwQAqxYTAwQAud1DAwQCwZUcAwQAwrQyMA0GCSqGSIb3DQEBCwUA
A4IBAQCTurEGyQyCluLMyo44ABERhGJq2/c6j8uqlt3vvmpEtkuj1YFanPGV35VV
rVBMxRil3nWGeq3g/ZxxlFffGKHzhEquKo6RnZUpS8l6fexH0aX9eNz6x3LadCfx
xieEy0UTY9ledB5UvzhlmuYqO/87NrpYeNWY7QVZvl62g+D1u2SVe7j0vOs80CCe
tNRFVmBar1ITt2Ifpyzr84u8R+VagutzhZJRirsHXqjWWkVw1MSP9EUNGGzuFgPt
FQvvb/All3JZ/5JAcPrLnxenDDeFqXa7z5lpFWofkWABErCmfyXbsu3APQwadhHc
lkDLmxtCuBq7SizbJCkuuKQxwYri
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org