Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UrK7uv5_ZVrQE7JFL-D2caQLhKg.roa
File: UrK7uv5_ZVrQE7JFL-D2caQLhKg.roa (raw, json)
Hash identifier: l7Gh0l8XRXtJo0ler+2oOiTpSCxKblR1c2bGOV6PxQE=
Subject key identifier: 52:B2:BB:BA:FE:7F:65:5A:D0:13:B2:45:2F:E0:F6:71:A4:0B:84:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81F3DCF23B07CEB87B859630BDC09B
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UrK7uv5_ZVrQE7JFL-D2caQLhKg.roa
Signing time: Sun 01 Jan 2023 13:25:11 +0000
ROA not before: Sun 01 Jan 2023 13:25:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57634
IP address blocks: 94.156.0.0/23 maxlen: 23
94.156.7.0/24 maxlen: 24
31.13.192.0/24 maxlen: 24
31.13.199.0/24 maxlen: 24
31.13.193.0/24 maxlen: 24
87.121.144.0/23 maxlen: 23
212.73.151.0/24 maxlen: 24
31.13.209.0/24 maxlen: 24
31.13.225.0/24 maxlen: 24
85.217.168.0/23 maxlen: 23
94.156.164.0/23 maxlen: 23
94.156.162.0/23 maxlen: 23
87.121.70.0/23 maxlen: 23
87.120.107.0/24 maxlen: 24
94.156.171.0/24 maxlen: 24
94.156.170.0/24 maxlen: 24
93.123.9.0/24 maxlen: 24
87.120.156.0/23 maxlen: 23
87.120.67.0/24 maxlen: 24
87.121.32.0/24 maxlen: 24
94.156.61.0/24 maxlen: 24
94.156.76.0/24 maxlen: 24
94.156.92.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:f3:dc:f2:3b:07:ce:b8:7b:85:96:30:bd:c0:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=52b2bbbafe7f655ad013b2452fe0f671a40b84a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:08:aa:68:d8:bc:46:3b:99:7b:11:a8:7a:43:
18:2c:95:c6:dc:5e:7c:0b:ca:19:d0:ce:0e:e5:38:
71:3b:c0:f1:fb:f6:ec:6a:e5:3c:2f:4e:3e:50:87:
42:19:7d:74:e3:1e:27:18:95:66:91:fd:05:1c:6b:
6f:71:2b:31:11:ce:76:8a:e9:a0:96:e5:55:08:70:
23:44:ca:66:97:52:20:a4:24:df:f0:0e:35:58:bf:
4d:5f:fe:97:e4:89:47:ba:99:98:6c:9a:a8:5a:fe:
f9:d7:86:e7:8a:f3:6e:16:7a:77:34:de:56:cd:70:
2e:42:2c:57:94:89:54:92:b7:f7:af:65:7f:b4:59:
c5:29:c4:2e:09:a8:89:9a:57:3e:25:b8:8f:fa:6a:
48:66:25:65:67:c3:69:e1:92:3c:58:bd:5a:95:84:
6f:e2:77:fa:17:b4:3a:5a:e2:fa:9c:9d:7d:a9:99:
cd:b2:9e:1c:b3:37:5f:08:b5:d0:65:0f:03:0e:7e:
1b:4d:12:8f:10:16:2e:82:72:b2:ef:f4:82:07:53:
bf:8e:b2:22:6d:d0:33:23:6a:8a:df:71:37:2e:39:
63:54:71:5b:26:a5:80:ee:55:a6:97:3a:95:61:66:
86:68:a0:df:ac:0d:6c:ab:d5:d5:57:6a:af:fe:3f:
58:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:B2:BB:BA:FE:7F:65:5A:D0:13:B2:45:2F:E0:F6:71:A4:0B:84:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/UrK7uv5_ZVrQE7JFL-D2caQLhKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.192.0/23
31.13.199.0/24
31.13.209.0/24
31.13.225.0/24
85.217.168.0/23
87.120.67.0/24
87.120.107.0/24
87.120.156.0/23
87.121.32.0/24
87.121.70.0/23
87.121.144.0/23
93.123.9.0/24
94.156.0.0/23
94.156.7.0/24
94.156.61.0/24
94.156.76.0/24
94.156.92.0/24
94.156.162.0-94.156.165.255
94.156.170.0/23
212.73.151.0/24
Signature Algorithm: sha256WithRSAEncryption
85:78:a1:58:66:1c:9d:b0:57:50:44:f1:5c:81:99:54:67:41:
a7:27:36:9e:a0:90:76:ed:e6:43:d9:d5:a7:17:7e:33:93:51:
dd:32:06:d7:24:f4:07:27:30:4c:b0:ca:71:dc:a4:b1:d4:a6:
da:25:95:34:c0:48:fa:72:d2:d6:7d:01:7b:01:1b:57:6d:a5:
ce:45:34:9b:d4:11:ff:27:d6:a7:b6:1c:f8:fd:75:d0:2f:63:
8a:56:83:04:2c:c9:8e:27:e7:b8:6d:a8:33:56:73:86:eb:86:
a2:b9:ee:37:4d:53:fd:25:b4:38:d0:14:f6:f0:5a:02:4f:74:
76:d9:4e:b1:18:1b:3c:9e:31:aa:ea:11:c7:77:aa:67:37:43:
99:ff:de:d2:ab:d1:bf:17:66:27:53:28:18:af:c2:28:ae:4a:
e6:bd:8f:e2:1d:83:4b:d0:a6:65:7f:3a:a0:d6:b2:5b:ec:a6:
31:0f:c0:9c:89:e9:0e:88:6d:39:73:ad:1f:aa:a5:c0:3c:ec:
83:a9:b3:23:9a:95:08:3f:85:96:6a:05:04:2d:f4:8c:c2:7c:
7e:f3:0a:2e:37:5b:e5:2d:a7:1d:0a:e6:ad:4e:5b:2b:1b:be:
a6:b0:ec:46:a1:e8:4a:25:58:85:58:b8:07:13:b5:2a:56:81:
ca:e6:75:63
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYVtgfPc8jsHzrh7hZYwvcCbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MmIyYmJiYWZlN2Y2NTVhZDAxM2IyNDUyZmUwZjY3MWE0MGI4NGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigiqaNi8RjuZexGoekMYLJXG3F58
C8oZ0M4O5ThxO8Dx+/bsauU8L04+UIdCGX104x4nGJVmkf0FHGtvcSsxEc52iumg
luVVCHAjRMpml1IgpCTf8A41WL9NX/6X5IlHupmYbJqoWv7514bnivNuFnp3NN5W
zXAuQixXlIlUkrf3r2V/tFnFKcQuCaiJmlc+JbiP+mpIZiVlZ8Np4ZI8WL1alYRv
4nf6F7Q6WuL6nJ19qZnNsp4cszdfCLXQZQ8DDn4bTRKPEBYugnKy7/SCB1O/jrIi
bdAzI2qK33E3LjljVHFbJqWA7lWmlzqVYWaGaKDfrA1sq9XVV2qv/j9YlwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFFKyu7r+f2Va0BOyRS/g9nGkC4SoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVXJLN3V2NV9aVnJRRTdKRkwtRDJjYVFMaEtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAEf
DcADBAAfDccDBAAfDdEDBAAfDeEDBAFV2agDBABXeEMDBABXeGsDBAFXeJwDBABX
eSADBAFXeUYDBAFXeZADBABdewkDBAFenAADBABenAcDBABenD0DBABenEwDBABe
nFwwDAMEAV6cogMEAV6cpAMEAV6cqgMEANRJlzANBgkqhkiG9w0BAQsFAAOCAQEA
hXihWGYcnbBXUETxXIGZVGdBpyc2nqCQdu3mQ9nVpxd+M5NR3TIG1yT0BycwTLDK
cdyksdSm2iWVNMBI+nLS1n0BewEbV22lzkU0m9QR/yfWp7Yc+P110C9jilaDBCzJ
jifnuG2oM1ZzhuuGornuN01T/SW0ONAU9vBaAk90dtlOsRgbPJ4xquoRx3eqZzdD
mf/e0qvRvxdmJ1MoGK/CKK5K5r2P4h2DS9CmZX86oNayW+ymMQ/AnInpDohtOXOt
H6qlwDzsg6mzI5qVCD+FlmoFBC30jMJ8fvMKLjdb5S2nHQrmrU5bKxu+prDsRqHo
SiVYhVi4BxO1KlaByuZ1Yw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:47 2024 by rpki-client on console-fra.rpki-client.org