Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QpXnTvr0hQmtqgWaZO4qJyMv_hE.roa
File: QpXnTvr0hQmtqgWaZO4qJyMv_hE.roa (raw, json)
Hash identifier: ECR5GNqXvv12CPX793v5qdMAROmhkRvErrh3n24cC9g=
Subject key identifier: 42:95:E7:4E:FA:F4:85:09:AD:AA:05:9A:64:EE:2A:27:23:2F:FE:11
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186987985679B1F32187DCB5A727412FF76
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QpXnTvr0hQmtqgWaZO4qJyMv_hE.roa
Signing time: Tue 28 Feb 2023 14:42:26 +0000
ROA not before: Tue 28 Feb 2023 14:42:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:98:79:85:67:9b:1f:32:18:7d:cb:5a:72:74:12:ff:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 28 14:42:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4295e74efaf48509adaa059a64ee2a27232ffe11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:38:1a:7a:c7:9e:14:1e:30:dc:b1:bd:9b:c9:
ed:6e:3a:3b:2d:0c:be:e4:17:90:ab:87:ab:0f:21:
c2:d2:c8:30:20:e6:f4:e0:16:8a:22:fd:d4:49:37:
04:ba:ac:de:cf:67:60:e4:90:d0:c3:f6:e3:d1:16:
0a:37:a9:3f:2d:41:af:4e:dc:c1:f3:32:8e:0d:70:
9d:a6:22:83:84:80:d3:2a:70:0b:83:54:85:4f:1e:
46:af:3d:be:54:c3:05:eb:55:d6:ee:c1:1f:26:90:
ff:f1:77:df:7e:c6:97:24:ec:9a:3c:38:13:63:1d:
a3:a4:a7:f3:77:1e:d9:21:b2:b1:ee:26:f1:b9:5a:
97:95:68:a6:eb:19:be:76:cd:4e:c3:ec:af:6a:09:
2f:e4:47:78:9a:f4:ca:99:64:98:65:e3:89:d6:f2:
70:c7:af:73:4c:5d:93:34:18:ad:f9:8d:be:32:01:
77:49:a3:44:c4:fc:ec:50:05:50:c2:a9:8b:2e:2c:
31:61:8a:a6:98:c9:a5:8c:86:16:37:da:5c:eb:60:
1a:b9:b2:4d:21:f8:84:af:79:5a:83:1e:68:a1:26:
53:5c:47:db:da:d6:06:a0:b9:cb:48:da:4b:a9:b7:
2d:9a:7c:71:38:48:a2:48:b0:3b:34:73:5e:26:af:
09:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:95:E7:4E:FA:F4:85:09:AD:AA:05:9A:64:EE:2A:27:23:2F:FE:11
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/QpXnTvr0hQmtqgWaZO4qJyMv_hE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
50:ed:5c:22:c3:3b:6b:0b:96:69:03:43:a0:1a:bb:74:ff:21:
71:e9:5c:9e:fa:4f:78:03:6b:2a:da:19:74:43:38:ad:51:42:
26:b6:cb:6a:cc:d4:45:02:7c:bc:1a:8b:06:f9:c9:fb:45:f6:
1b:ee:f6:ef:06:78:b1:ef:27:19:77:82:31:b8:85:a8:12:e2:
c3:58:d1:01:73:0f:7c:db:60:cf:9b:90:67:eb:8b:f8:9c:7a:
17:b1:84:84:bc:f7:3d:dc:d3:bb:eb:f2:68:6c:0a:13:1a:7c:
62:96:a7:b4:c4:7f:e0:55:d0:e8:3a:a3:96:fa:1b:90:94:96:
cd:d0:c0:0d:80:87:6c:c6:7c:49:07:75:c2:a4:92:ed:6a:c5:
fa:cc:0c:73:9e:d6:46:9e:31:18:71:34:21:c4:3b:2b:6f:f5:
74:76:04:08:3c:a0:04:68:ba:0c:70:4f:b0:fb:e2:16:fc:fd:
4a:49:8f:4c:c1:5c:5c:02:ac:5b:65:a8:0a:85:3b:e2:37:ed:
59:8c:d0:c5:ba:c3:28:0c:f3:63:e9:45:67:1d:fd:73:0a:d3:
95:9f:87:e6:5f:d5:e7:05:16:d9:47:5b:3b:d0:04:f8:df:e8:
3a:e2:ae:77:72:98:5e:82:55:96:0a:eb:9c:26:c3:25:ca:92:
99:1c:99:ec
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYaYeYVnmx8yGH3LWnJ0Ev92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjI4MTQ0MjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Mjk1ZTc0ZWZhZjQ4NTA5YWRhYTA1OWE2NGVlMmEyNzIzMmZmZTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DgaeseeFB4w3LG9m8ntbjo7LQy+
5BeQq4erDyHC0sgwIOb04BaKIv3USTcEuqzez2dg5JDQw/bj0RYKN6k/LUGvTtzB
8zKODXCdpiKDhIDTKnALg1SFTx5Grz2+VMMF61XW7sEfJpD/8XfffsaXJOyaPDgT
Yx2jpKfzdx7ZIbKx7ibxuVqXlWim6xm+ds1Ow+yvagkv5Ed4mvTKmWSYZeOJ1vJw
x69zTF2TNBit+Y2+MgF3SaNExPzsUAVQwqmLLiwxYYqmmMmljIYWN9pc62AaubJN
IfiEr3lagx5ooSZTXEfb2tYGoLnLSNpLqbctmnxxOEiiSLA7NHNeJq8JkwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFEKV50769IUJraoFmmTuKicjL/4RMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUXBYblR2cjBoUW10cWdXYVpPNHFKeU12X2hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3DQEBCwUA
A4IBAQBQ7VwiwztrC5ZpA0OgGrt0/yFx6Vye+k94A2sq2hl0QzitUUImtstqzNRF
Any8GosG+cn7RfYb7vbvBnix7ycZd4IxuIWoEuLDWNEBcw9822DPm5Bn64v4nHoX
sYSEvPc93NO76/JobAoTGnxilqe0xH/gVdDoOqOW+huQlJbN0MANgIdsxnxJB3XC
pJLtasX6zAxzntZGnjEYcTQhxDsrb/V0dgQIPKAEaLoMcE+w++IW/P1KSY9MwVxc
AqxbZagKhTviN+1ZjNDFusMoDPNj6UVnHf1zCtOVn4fmX9XnBRbZR1s70AT43+g6
4q53cpheglWWCuucJsMlypKZHJns
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:36 2023 by rpki-client on console-ams.rpki-client.org