Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K0Xc_c2Vh0tzGP9aLVVz6WoQx_I.roa
File: K0Xc_c2Vh0tzGP9aLVVz6WoQx_I.roa (raw, json)
Hash identifier: 7QOK1HKBgBtVG2+Ryp3ewzPk168VGIlwozvarZcZcU4=
Subject key identifier: 2B:45:DC:FD:CD:95:87:4B:73:18:FF:5A:2D:55:73:E9:6A:10:C7:F2
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01899775334DE66A93A816E5D6E9E53DB87A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K0Xc_c2Vh0tzGP9aLVVz6WoQx_I.roa
Signing time: Thu 27 Jul 2023 13:06:27 +0000
ROA not before: Thu 27 Jul 2023 13:06:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211760
IP address blocks: 185.221.67.0/24 maxlen: 24
171.22.28.0/24 maxlen: 24
95.214.26.0/24 maxlen: 24
95.214.25.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:97:75:33:4d:e6:6a:93:a8:16:e5:d6:e9:e5:3d:b8:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 27 13:06:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b45dcfdcd95874b7318ff5a2d5573e96a10c7f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:eb:2a:96:ab:62:dd:12:a2:69:5a:48:56:16:
6b:54:b3:c2:c0:fe:75:80:93:12:b1:02:f4:3c:75:
15:a7:8f:9d:44:53:7a:db:c7:00:c5:9c:04:5b:d5:
19:6a:1b:56:54:b5:a5:81:bb:9d:91:6d:b9:2e:6d:
88:39:2b:15:e1:d2:71:8e:47:93:86:be:a9:21:35:
ef:7e:5c:46:00:89:81:75:df:9f:87:38:0a:4b:1b:
41:1e:2f:09:a6:1e:e0:a0:5e:22:54:f1:d1:b0:3c:
57:73:b6:c0:00:df:4c:8d:81:55:20:9e:31:43:1a:
a1:96:d5:73:ad:7b:da:0b:c7:4c:81:e0:33:78:6e:
b9:4d:97:77:1a:f9:4e:32:99:48:f3:5a:f5:31:d9:
4c:48:25:ca:f6:71:f4:c3:69:cc:2c:7b:0c:b5:42:
4b:fa:b3:ce:a9:fc:a4:c5:3b:46:1e:57:df:b9:f1:
26:b6:89:d9:94:7a:25:de:0a:56:99:f4:2c:96:62:
0f:f9:bc:1b:2d:90:4e:67:5c:c4:5e:e8:be:41:1c:
9c:35:ca:c9:63:2b:bc:ed:10:b3:44:5b:7d:b8:b4:
75:9c:72:31:d6:d5:72:cd:ee:b9:cd:20:96:c0:f5:
df:2f:7e:d0:1c:c6:ec:48:6d:14:cb:d4:c8:fd:f1:
33:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:45:DC:FD:CD:95:87:4B:73:18:FF:5A:2D:55:73:E9:6A:10:C7:F2
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/K0Xc_c2Vh0tzGP9aLVVz6WoQx_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.25.0-95.214.26.255
171.22.28.0/24
185.216.70.0/24
185.221.67.0/24
194.169.175.0/24
Signature Algorithm: sha256WithRSAEncryption
90:6e:bf:b8:8c:37:ba:9e:22:05:f0:40:25:f6:8e:60:72:a0:
ac:c1:7f:66:38:63:38:61:a0:9f:92:7b:b7:6d:f1:b5:d5:bd:
e6:a0:66:2b:30:64:37:10:5d:9e:d4:ef:49:34:68:7e:a7:e7:
c8:bb:ea:a7:41:10:5d:df:a7:a6:39:8a:f8:dd:eb:e8:90:a0:
34:14:74:28:30:0d:0a:7e:84:39:bc:9f:79:67:50:c9:1d:0c:
d8:06:eb:47:7c:3a:45:00:e3:83:83:2e:05:f7:08:3f:55:1a:
74:36:84:32:c7:47:c7:0e:03:3e:2b:55:a6:e2:57:fe:10:78:
b2:69:4e:1f:0f:6a:86:96:a0:16:a2:fe:e0:a9:fa:d8:93:d3:
1c:ef:08:2c:a5:31:ae:81:ab:a0:3f:3d:75:33:4e:44:ad:27:
d9:36:54:f8:fc:5b:af:38:1a:a8:21:f3:4e:8e:58:f0:49:94:
fa:24:5e:a8:e3:da:38:76:61:8a:1d:4c:cf:11:de:69:03:bb:
b9:d7:a9:63:8c:0b:b6:c7:b9:b6:d2:ad:14:59:fc:71:6a:d0:
3b:47:ae:fe:b2:14:5f:ce:26:a2:76:39:c9:bb:60:2b:71:b9:
70:51:0b:80:9b:c6:97:86:16:a1:af:3e:43:ac:e4:0d:ba:b6:
17:0c:4b:b8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYmXdTNN5mqTqBbl1unlPbh6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI3MTMwNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjQ1ZGNmZGNkOTU4NzRiNzMxOGZmNWEyZDU1NzNlOTZhMTBjN2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+sqlqti3RKiaVpIVhZrVLPCwP51
gJMSsQL0PHUVp4+dRFN628cAxZwEW9UZahtWVLWlgbudkW25Lm2IOSsV4dJxjkeT
hr6pITXvflxGAImBdd+fhzgKSxtBHi8Jph7goF4iVPHRsDxXc7bAAN9MjYFVIJ4x
QxqhltVzrXvaC8dMgeAzeG65TZd3GvlOMplI81r1MdlMSCXK9nH0w2nMLHsMtUJL
+rPOqfykxTtGHlffufEmtonZlHol3gpWmfQslmIP+bwbLZBOZ1zEXui+QRycNcrJ
Yyu87RCzRFt9uLR1nHIx1tVyze65zSCWwPXfL37QHMbsSG0Uy9TI/fEzywIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCtF3P3NlYdLcxj/Wi1Vc+lqEMfyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSzBYY19jMlZoMHR6R1A5YUxWVno2V29ReF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABf1hkD
BABf1hoDBACrFhwDBAC52EYDBAC53UMDBADCqa8wDQYJKoZIhvcNAQELBQADggEB
AJBuv7iMN7qeIgXwQCX2jmByoKzBf2Y4YzhhoJ+Se7dt8bXVveagZiswZDcQXZ7U
70k0aH6n58i76qdBEF3fp6Y5ivjd6+iQoDQUdCgwDQp+hDm8n3lnUMkdDNgG60d8
OkUA44ODLgX3CD9VGnQ2hDLHR8cOAz4rVabiV/4QeLJpTh8PaoaWoBai/uCp+tiT
0xzvCCylMa6Bq6A/PXUzTkStJ9k2VPj8W684Gqgh806OWPBJlPokXqjj2jh2YYod
TM8R3mkDu7nXqWOMC7bHubbSrRRZ/HFq0DtHrv6yFF/OJqJ2Ocm7YCtxuXBRC4Cb
xpeGFqGvPkOs5A26thcMS7g=
-----END CERTIFICATE-----
Generated at Wed Aug 23 21:35:30 2023 by rpki-client on console-ams.rpki-client.org