Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RwvdCRLrtSePvIWr3csRTpj0Hk0.roa
File: RwvdCRLrtSePvIWr3csRTpj0Hk0.roa (raw, json)
Hash identifier: 5p9oIZ6coMVV3AF9MVL03eStyMYjIDbjTtnQSCoS34k=
Subject key identifier: 47:0B:DD:09:12:EB:B5:27:8F:BC:85:AB:DD:CB:11:4E:98:F4:1E:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01878023C935DCB43CB4EE2874B171382D13
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RwvdCRLrtSePvIWr3csRTpj0Hk0.roa
Signing time: Fri 14 Apr 2023 14:20:41 +0000
ROA not before: Fri 14 Apr 2023 14:20:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 185.221.67.0/24 maxlen: 24
91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:23:c9:35:dc:b4:3c:b4:ee:28:74:b1:71:38:2d:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 14 14:20:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=470bdd0912ebb5278fbc85abddcb114e98f41e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d3:69:ef:bb:d4:b5:72:84:01:8b:f9:48:24:
b9:0f:b7:2f:50:82:1d:66:2c:fb:0e:d7:00:10:26:
36:2d:28:ea:bb:b2:40:41:bd:61:d1:b7:7a:30:3d:
48:9c:c5:95:3c:bb:52:2a:ea:70:91:e7:25:9d:20:
84:ea:a7:16:b0:3e:96:34:6c:1b:8f:01:fd:50:fb:
88:5c:28:c9:eb:af:eb:12:77:05:bf:80:56:32:b6:
69:bf:c2:15:76:fa:3f:29:03:5f:f2:4e:93:77:50:
a9:03:6d:da:66:c0:bc:dd:eb:24:3b:55:c0:56:c6:
e2:58:93:b7:26:c5:79:2b:1c:14:87:87:67:ad:a2:
b9:82:51:0d:84:f1:65:de:21:c9:a3:65:e7:db:22:
0e:b8:72:15:9a:b2:2e:ad:f5:6a:b7:62:0d:86:da:
81:a2:d2:44:e6:de:29:37:c9:ec:29:a8:42:f4:2c:
b2:56:1d:02:e2:d0:14:19:1f:b0:21:c4:f8:83:5b:
8b:6a:ec:f9:b9:68:10:b7:6e:1a:32:30:45:bc:aa:
92:99:ca:88:bd:ec:66:a7:8a:93:45:90:e7:2e:eb:
c5:d5:31:2e:d2:20:44:e1:19:0d:9d:cd:c4:f3:bd:
79:c4:bd:7a:79:f7:59:8b:84:5e:87:60:60:e5:02:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:0B:DD:09:12:EB:B5:27:8F:BC:85:AB:DD:CB:11:4E:98:F4:1E:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/RwvdCRLrtSePvIWr3csRTpj0Hk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.24.0/23
171.22.19.0/24
185.221.67.0/24
193.149.28.0/22
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:02:b5:27:43:90:eb:59:70:0d:d4:c2:ba:98:56:5f:37:d9:
97:69:58:0f:c9:2d:7e:f1:b7:6b:0b:bc:c3:12:1b:21:2e:2b:
65:32:74:25:f9:81:03:b9:5e:91:24:e8:d1:41:ec:da:6f:db:
ea:19:11:61:7a:b6:b2:7f:f9:7f:54:1a:6f:3f:59:58:e3:29:
28:f9:92:72:77:45:06:d4:61:18:65:82:bb:e0:fb:d9:1a:00:
7f:2f:8c:4f:d5:86:68:a4:8a:f5:90:fc:df:2d:9d:5a:1b:54:
09:7f:7d:2d:2c:41:41:2c:d9:36:64:68:49:40:f3:b3:94:36:
ec:8c:f7:a0:b1:2a:2e:2c:71:27:64:a3:ef:84:42:c4:ad:0e:
95:a8:2c:13:c7:7c:7b:f7:6f:b3:cf:3d:a2:03:cd:27:37:dd:
55:67:b6:b4:48:3c:de:57:02:33:13:74:75:0e:d1:ae:3a:c6:
64:df:b2:29:44:93:f3:42:10:32:f8:98:25:e7:af:8e:c2:1d:
07:50:e9:c2:01:84:5b:61:42:b4:4e:b6:38:ea:d2:e6:f4:b3:
48:42:48:cc:55:b2:e2:68:89:7a:5e:64:a8:f2:03:bb:3a:4c:
5f:95:6c:b4:f5:ec:28:b8:c9:8c:99:e0:f2:12:78:d4:2b:fa:
fa:27:17:ac
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYeAI8k13LQ8tO4odLFxOC0TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDE0MTQyMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzBiZGQwOTEyZWJiNTI3OGZiYzg1YWJkZGNiMTE0ZTk4ZjQxZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidNp77vUtXKEAYv5SCS5D7cvUIId
Ziz7DtcAECY2LSjqu7JAQb1h0bd6MD1InMWVPLtSKupwkeclnSCE6qcWsD6WNGwb
jwH9UPuIXCjJ66/rEncFv4BWMrZpv8IVdvo/KQNf8k6Td1CpA23aZsC83eskO1XA
VsbiWJO3JsV5KxwUh4dnraK5glENhPFl3iHJo2Xn2yIOuHIVmrIurfVqt2INhtqB
otJE5t4pN8nsKahC9CyyVh0C4tAUGR+wIcT4g1uLauz5uWgQt24aMjBFvKqSmcqI
vexmp4qTRZDnLuvF1TEu0iBE4RkNnc3E8715xL16efdZi4Reh2Bg5QKAbwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEcL3QkS67Unj7yFq93LEU6Y9B5NMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvUnd2ZENSTHJ0U2VQdklXcjNjc1JUcGowSGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBW1wYAwQA
qxYTAwQAud1DAwQCwZUcAwQAwrQyMA0GCSqGSIb3DQEBCwUAA4IBAQCfArUnQ5Dr
WXAN1MK6mFZfN9mXaVgPyS1+8bdrC7zDEhshLitlMnQl+YEDuV6RJOjRQezab9vq
GRFherayf/l/VBpvP1lY4yko+ZJyd0UG1GEYZYK74PvZGgB/L4xP1YZopIr1kPzf
LZ1aG1QJf30tLEFBLNk2ZGhJQPOzlDbsjPegsSouLHEnZKPvhELErQ6VqCwTx3x7
92+zzz2iA80nN91VZ7a0SDzeVwIzE3R1DtGuOsZk37IpRJPzQhAy+Jgl56+Owh0H
UOnCAYRbYUK0TrY46tLm9LNIQkjMVbLiaIl6XmSo8gO7OkxflWy09ewouMmMmeDy
EnjUK/r6Jxes
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org