Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KZ7IXGYlG4opX3TSmdxQD3_0-Ss.roa
File: KZ7IXGYlG4opX3TSmdxQD3_0-Ss.roa (raw, json)
Hash identifier: Xskla4FeEh3rt0X6dzcKaNz0G4dLNVX8WFwZ6YA9qA0=
Subject key identifier: 29:9E:C8:5C:66:25:1B:8A:29:5F:74:D2:99:DC:50:0F:7F:F4:F9:2B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C8656750BB50AA13306B697B93A1FEBBB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KZ7IXGYlG4opX3TSmdxQD3_0-Ss.roa
Signing time: Wed 20 Dec 2023 08:27:42 +0000
ROA not before: Wed 20 Dec 2023 08:27:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 2.59.255.0/24 maxlen: 24
185.218.84.0/22 maxlen: 24
94.156.10.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:56:75:0b:b5:0a:a1:33:06:b6:97:b9:3a:1f:eb:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 20 08:27:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=299ec85c66251b8a295f74d299dc500f7ff4f92b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:aa:ac:f9:e5:29:1f:b7:6f:a7:7a:cb:e8:e1:
5f:b8:1d:9b:2b:c9:35:61:ae:e7:7f:e4:03:bf:23:
bc:9c:6e:b4:75:0a:5d:29:fd:14:32:14:57:25:9f:
3b:fd:62:0e:7c:c6:cc:b5:86:f8:54:62:e0:ea:d5:
81:3d:bd:6b:03:ec:7a:a5:7d:a6:43:6e:c9:dd:06:
bf:89:8f:5c:bf:2c:0d:03:e1:06:e0:28:14:30:02:
e4:b4:e2:eb:d1:70:a1:6d:5e:bb:05:14:b4:4c:f4:
61:44:ba:1a:f7:51:ee:bf:e1:8f:95:cd:f6:4d:68:
d6:d6:1a:88:0c:eb:a4:5d:33:60:2a:81:15:89:96:
14:bc:08:b2:92:a8:4b:bc:28:e5:cb:73:6b:55:c2:
13:62:28:14:c2:5a:49:c5:ee:ff:d3:60:a4:b1:ba:
26:02:cb:8c:8d:33:ff:82:7d:b3:b6:89:e0:09:0e:
d6:f5:94:b5:c8:ab:3d:e0:0f:b2:1c:d7:e3:d1:55:
fd:85:1b:7c:de:d4:6d:84:88:79:ed:12:8c:c9:19:
67:2e:d5:e9:68:3c:0c:ef:74:f7:10:22:bc:22:79:
09:a0:6a:a1:1f:39:a9:8a:59:1a:c9:9f:dd:42:0b:
10:ec:e4:5d:04:5d:36:24:98:5b:40:89:42:0c:da:
44:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:9E:C8:5C:66:25:1B:8A:29:5F:74:D2:99:DC:50:0F:7F:F4:F9:2B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/KZ7IXGYlG4opX3TSmdxQD3_0-Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.255.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.10.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
194.180.36.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:69:a2:20:ba:a3:15:2f:71:53:bc:0b:6e:f9:e3:33:a1:c9:
54:3e:a2:aa:8f:5c:b8:53:c7:57:8e:8c:48:05:68:af:ca:b4:
23:02:98:d9:ff:be:53:15:0d:b9:0b:2c:b6:31:f8:4b:c5:60:
49:8e:63:54:0d:d5:d3:bf:41:30:63:96:1e:63:14:5e:e2:04:
3e:21:7e:49:f3:d7:7e:8b:5b:d6:10:66:b5:fb:72:8b:53:e3:
9b:27:11:28:8f:d2:e1:14:47:38:82:7c:b6:ea:1e:0f:6c:b0:
52:72:94:3a:e2:6a:01:83:b7:1e:0b:19:73:21:5e:ab:52:51:
cd:47:5a:fa:d8:c0:cb:b5:6f:dc:2f:bb:db:a3:ea:f4:51:ee:
31:b7:49:62:a9:2d:0a:c9:69:de:c9:e5:f5:55:9b:1f:b1:bb:
4e:9b:d3:42:13:02:69:d7:10:8d:6f:d4:88:33:b6:35:9f:4b:
0f:e9:0f:86:19:ec:18:7d:c3:d5:00:96:c5:92:3a:26:d0:35:
0e:97:2d:e8:8f:72:47:68:21:fe:36:0a:f5:3c:63:6b:8e:1a:
35:73:b3:98:3a:0a:21:c1:c9:a9:0a:47:41:f6:7d:19:23:2e:
4b:d5:c2:5d:86:71:4a:41:b7:9b:20:6a:7a:48:ce:db:52:15:
f8:ce:27:a3
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYyGVnULtQqhMwa2l7k6H+u7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIwMDgyNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTllYzg1YzY2MjUxYjhhMjk1Zjc0ZDI5OWRjNTAwZjdmZjRmOTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaqs+eUpH7dvp3rL6OFfuB2bK8k1
Ya7nf+QDvyO8nG60dQpdKf0UMhRXJZ87/WIOfMbMtYb4VGLg6tWBPb1rA+x6pX2m
Q27J3Qa/iY9cvywNA+EG4CgUMALktOLr0XChbV67BRS0TPRhRLoa91Huv+GPlc32
TWjW1hqIDOukXTNgKoEViZYUvAiykqhLvCjly3NrVcITYigUwlpJxe7/02Cksbom
AsuMjTP/gn2ztongCQ7W9ZS1yKs94A+yHNfj0VX9hRt83tRthIh57RKMyRlnLtXp
aDwM73T3ECK8InkJoGqhHzmpilkayZ/dQgsQ7ORdBF02JJhbQIlCDNpE6QIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFCmeyFxmJRuKKV900pncUA9/9PkrMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvS1o3SVhHWWxHNG9wWDNUU21keFFEM18wLVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAC
O/8DBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABde3QwDAME
AF6aoQMEAl6aoAMEAF6cCgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywAwQAwrQkMA0GCSqG
SIb3DQEBCwUAA4IBAQCMaaIguqMVL3FTvAtu+eMzoclUPqKqj1y4U8dXjoxIBWiv
yrQjApjZ/75TFQ25Cyy2MfhLxWBJjmNUDdXTv0EwY5YeYxRe4gQ+IX5J89d+i1vW
EGa1+3KLU+ObJxEoj9LhFEc4gny26h4PbLBScpQ64moBg7ceCxlzIV6rUlHNR1r6
2MDLtW/cL7vbo+r0Ue4xt0liqS0KyWneyeX1VZsfsbtOm9NCEwJp1xCNb9SIM7Y1
n0sP6Q+GGewYfcPVAJbFkjom0DUOly3oj3JHaCH+Ngr1PGNrjho1c7OYOgohwcmp
CkdB9n0ZIy5L1cJdhnFKQbebIGp6SM7bUhX4ziej
-----END CERTIFICATE-----
Generated at Thu Dec 21 08:18:04 2023 by rpki-client on console-ams.rpki-client.org