Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O9VE31fm75UO7HuDlxMhMdlui8g.roa
File: O9VE31fm75UO7HuDlxMhMdlui8g.roa (raw, json)
Hash identifier: BJFn5oJheVqrWD40ICTJN0b5RPXMLm+li9In+9dulVM=
Subject key identifier: 3B:D5:44:DF:57:E6:EF:95:0E:EC:7B:83:97:13:21:31:D9:6E:8B:C8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018949A585968F9EE9C6BB21CF46A5FDB631
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O9VE31fm75UO7HuDlxMhMdlui8g.roa
Signing time: Wed 12 Jul 2023 10:28:51 +0000
ROA not before: Wed 12 Jul 2023 10:28:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:a5:85:96:8f:9e:e9:c6:bb:21:cf:46:a5:fd:b6:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 12 10:28:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3bd544df57e6ef950eec7b8397132131d96e8bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:92:a9:28:3b:4f:92:24:e6:8b:ff:25:9d:f1:
84:db:93:9f:67:b1:cb:13:dd:ab:df:84:bc:81:f4:
6e:f1:d2:37:ab:b9:3d:33:6f:2e:88:48:e4:d9:0e:
1f:2d:bb:ab:ce:cc:01:a7:8f:23:18:01:82:d4:30:
2b:f4:ae:51:a0:b2:2d:9d:9e:f4:a2:bc:b2:a6:c2:
28:ff:02:5a:87:7f:9c:95:75:71:9b:32:09:2c:03:
57:d2:29:fd:6b:0d:47:a9:27:d5:ad:1d:c5:34:46:
0c:45:45:b3:b4:0e:1e:c9:7e:ca:a6:a0:72:18:80:
f4:8f:9c:f9:6f:84:f0:6d:7c:0d:a6:d9:b6:f0:8b:
c6:59:f7:ed:b8:fe:fe:5d:ac:51:ac:92:1c:a8:f3:
14:12:d2:56:cb:b3:84:a1:e0:25:ec:de:83:d5:94:
79:84:f1:01:42:b3:7e:29:11:5e:45:2f:e1:81:54:
30:bc:55:1f:3f:50:cb:5b:07:40:5e:e2:ae:d2:ca:
cf:e8:d8:42:b3:8f:e8:b5:d7:b6:e5:c8:79:da:ed:
32:e8:f2:12:33:56:5e:f1:b0:ee:a8:d0:e1:0b:15:
16:43:e4:47:5c:c4:97:4f:a6:d0:a8:e5:14:2f:93:
8a:50:ed:e4:da:59:49:b6:c7:cf:22:e1:56:16:32:
5a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D5:44:DF:57:E6:EF:95:0E:EC:7B:83:97:13:21:31:D9:6E:8B:C8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/O9VE31fm75UO7HuDlxMhMdlui8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.151.89.0/24
87.121.45.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
178.215.239.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
10:fe:10:73:a6:05:d6:76:9e:81:dd:62:b7:42:4e:a0:a7:6a:
d8:9c:1c:33:ab:a2:4b:66:7c:89:50:14:b2:33:22:a1:7c:69:
a3:25:91:89:2a:4d:a7:1d:c1:c5:f5:a6:77:4a:8f:45:be:cf:
b8:f6:33:11:8c:83:91:61:66:60:85:3b:da:88:94:62:22:d7:
e6:34:33:4c:c5:8e:56:dd:0f:45:1f:4e:e0:b4:78:43:cf:d5:
95:b1:2d:d2:a0:09:75:75:f9:74:1e:cb:3e:12:2c:cb:f1:79:
46:1e:11:6e:81:a4:59:0f:ac:19:4f:ca:64:ac:5c:2e:23:73:
14:ff:8e:c6:df:c0:ae:d3:f5:be:98:d9:c5:0f:bd:89:d0:05:
aa:c5:90:b6:54:d8:af:d0:c2:5d:16:8f:a3:df:12:5f:fc:d3:
c9:16:88:2b:69:fe:eb:3c:da:91:0f:39:70:b6:00:67:fd:a7:
8e:6f:fa:b6:16:eb:70:e5:e9:72:ad:91:03:a5:93:5d:ca:70:
60:ad:23:19:70:a0:af:07:d5:ef:9e:14:88:8c:4a:8f:4a:fc:
0e:10:7b:7b:1a:76:0a:95:c7:db:bb:cf:ee:3e:bd:71:6b:d4:
31:10:99:f7:82:09:55:b5:9d:b0:fa:bb:6a:fb:4e:46:32:53:
e1:e5:5f:40
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYlJpYWWj57pxrshz0al/bYxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzEyMTAyODUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ1NDRkZjU3ZTZlZjk1MGVlYzdiODM5NzEzMjEzMWQ5NmU4YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZKpKDtPkiTmi/8lnfGE25OfZ7HL
E92r34S8gfRu8dI3q7k9M28uiEjk2Q4fLburzswBp48jGAGC1DAr9K5RoLItnZ70
oryypsIo/wJah3+clXVxmzIJLANX0in9aw1HqSfVrR3FNEYMRUWztA4eyX7KpqBy
GID0j5z5b4TwbXwNptm28IvGWfftuP7+XaxRrJIcqPMUEtJWy7OEoeAl7N6D1ZR5
hPEBQrN+KRFeRS/hgVQwvFUfP1DLWwdAXuKu0srP6NhCs4/otde25ch52u0y6PIS
M1Ze8bDuqNDhCxUWQ+RHXMSXT6bQqOUUL5OKUO3k2llJtsfPIuFWFjJasQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFDvVRN9X5u+VDux7g5cTITHZbovIMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvTzlWRTMxZm03NVVPN0h1RGx4TWhNZGx1aThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwdAQCAAEwbgMEAi1fAAME
AC2XWQMEAFd5LQMEAVx3xDAMAwQAXpqhAwQCXpqgAwQAXpzvAwQBk05kAwQCqxZI
AwQAstfsAwQAstfvAwQCudhUAwQCudpUAwQAudqJAwQAudt+AwQAufywAwQCwnEk
AwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IBAQAQ/hBzpgXWdp6B3WK3Qk6gp2rYnBwz
q6JLZnyJUBSyMyKhfGmjJZGJKk2nHcHF9aZ3So9Fvs+49jMRjIORYWZghTvaiJRi
ItfmNDNMxY5W3Q9FH07gtHhDz9WVsS3SoAl1dfl0Hss+EizL8XlGHhFugaRZD6wZ
T8pkrFwuI3MU/47G38Cu0/W+mNnFD72J0AWqxZC2VNiv0MJdFo+j3xJf/NPJFogr
af7rPNqRDzlwtgBn/aeOb/q2Futw5elyrZEDpZNdynBgrSMZcKCvB9XvnhSIjEqP
SvwOEHt7GnYKlcfbu8/uPr1xa9QxEJn3gglVtZ2w+rtq+05GMlPh5V9A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:35 2023 by rpki-client on console-ams.rpki-client.org