Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XntE7fC3mwenlVEU9GqIOGoYXz0.roa
File: XntE7fC3mwenlVEU9GqIOGoYXz0.roa (raw, json)
Hash identifier: xwwoj3PokG5XPAiGyDNoGV6KlMrFo9G82d6Rt7pqh9w=
Subject key identifier: 5E:7B:44:ED:F0:B7:9B:07:A7:95:51:14:F4:6A:88:38:6A:18:5F:3D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B93EBF7B2A42B271CC7AACEBC2DA4BDC2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XntE7fC3mwenlVEU9GqIOGoYXz0.roa
Signing time: Fri 03 Nov 2023 06:43:16 +0000
ROA not before: Fri 03 Nov 2023 06:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200105
IP address blocks: 87.121.124.0/23 maxlen: 24
81.161.230.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
45.9.156.0/24 maxlen: 24
45.139.104.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
94.154.172.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:93:eb:f7:b2:a4:2b:27:1c:c7:aa:ce:bc:2d:a4:bd:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 3 06:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e7b44edf0b79b07a7955114f46a88386a185f3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b6:84:dd:23:c6:25:90:2d:da:fa:d2:bf:d0:
df:91:08:39:0b:78:45:33:0e:cf:87:ad:36:9e:09:
ae:25:59:6a:10:1c:27:5e:81:5c:79:c7:37:a6:58:
52:e0:cf:b3:60:8c:a8:a3:ca:05:54:b1:0b:ff:52:
ad:f5:1f:19:9c:06:ad:ed:b6:ad:7b:ae:b6:ba:fb:
da:29:3f:d8:7c:e0:79:9b:fc:b1:23:35:a9:d3:9e:
79:b4:37:94:8a:3e:4c:00:48:57:fa:3e:0a:fe:c0:
63:ed:6a:c0:f5:24:58:8b:c4:ac:b2:e8:66:fc:11:
0a:c4:22:49:a6:24:71:c0:f7:c9:e4:fe:37:fe:66:
9b:09:e8:61:14:df:0c:06:83:cd:3d:bb:d8:c9:f7:
49:28:15:89:11:62:b2:62:d5:8e:c1:8e:57:4f:79:
44:64:8d:4c:68:2f:58:13:19:f0:26:42:62:9b:39:
31:a6:c4:8f:6c:26:89:dd:09:79:74:dc:0b:39:17:
58:b0:3c:9d:9b:40:36:87:00:34:e1:1a:cf:1f:45:
fc:cd:c7:63:1b:e6:2b:9b:4e:fb:26:a6:4e:91:f6:
bf:6d:52:b7:a8:42:26:ec:5c:6e:83:15:67:0c:9c:
ae:d7:ee:5a:4c:13:17:73:e7:20:92:f3:93:55:1f:
7a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:7B:44:ED:F0:B7:9B:07:A7:95:51:14:F4:6A:88:38:6A:18:5F:3D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XntE7fC3mwenlVEU9GqIOGoYXz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.156.0/24
45.129.84.0/24
45.129.86.0/24
45.139.104.0/24
81.161.230.0/24
87.121.124.0/23
87.121.220.0/24
91.200.192.0/22
94.154.172.0/24
147.78.100.0/23
178.215.226.0/24
185.246.223.0/24
Signature Algorithm: sha256WithRSAEncryption
95:d8:82:0c:0b:5e:47:c0:1e:f9:dd:0e:c2:24:ad:87:2e:67:
e1:44:f0:b2:2c:c5:26:32:83:3f:7f:ec:45:28:cf:2f:fa:12:
ca:c6:74:79:42:a2:45:04:01:a3:0a:d5:be:17:67:7f:49:1d:
bc:54:c4:f4:7e:53:b4:f1:b8:3b:73:28:4b:21:6c:91:ee:84:
af:66:84:87:f8:6b:4a:6e:54:0c:de:ac:a6:25:10:7f:2f:a4:
cd:49:d8:9c:ce:01:83:97:14:a2:70:03:dc:d0:6c:26:d2:b1:
55:a0:91:b7:54:d1:02:d1:ac:2d:78:92:39:44:5d:58:74:29:
8e:2f:8f:39:46:31:7b:92:7e:9f:6d:d6:d0:78:c9:ad:ce:ea:
03:ca:4c:06:6b:3c:8a:87:39:e6:32:c8:e1:3f:63:e2:0c:f3:
65:d9:15:76:e8:a3:92:f5:f1:47:80:4c:fd:c7:0e:82:f3:e0:
8b:c7:87:0a:e9:59:2c:d6:34:84:8a:99:20:85:b2:9f:e2:8a:
e8:ea:d4:a6:72:b0:81:ff:f8:2d:3c:c0:50:de:10:89:6c:82:
2c:8d:25:f2:20:62:5a:95:ab:38:84:d4:25:df:5f:44:79:74:
c6:80:1c:f1:23:70:e2:c2:16:eb:b0:e6:de:6f:b1:8b:37:f7:
e1:44:73:d0
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYuT6/eypCsnHMeqzrwtpL3CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTAzMDY0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTdiNDRlZGYwYjc5YjA3YTc5NTUxMTRmNDZhODgzODZhMTg1ZjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkraE3SPGJZAt2vrSv9DfkQg5C3hF
Mw7Ph602ngmuJVlqEBwnXoFcecc3plhS4M+zYIyoo8oFVLEL/1Kt9R8ZnAat7bat
e662uvvaKT/YfOB5m/yxIzWp0555tDeUij5MAEhX+j4K/sBj7WrA9SRYi8Sssuhm
/BEKxCJJpiRxwPfJ5P43/mabCehhFN8MBoPNPbvYyfdJKBWJEWKyYtWOwY5XT3lE
ZI1MaC9YExnwJkJimzkxpsSPbCaJ3Ql5dNwLORdYsDydm0A2hwA04RrPH0X8zcdj
G+Yrm077JqZOkfa/bVK3qEIm7FxugxVnDJyu1+5aTBMXc+cgkvOTVR96zwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFF57RO3wt5sHp5VRFPRqiDhqGF89MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWG50RTdmQzNtd2VubFZFVTlHcUlPR29ZWHowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQmcAwQA
LYFUAwQALYFWAwQALYtoAwQAUaHmAwQBV3l8AwQAV3ncAwQCW8jAAwQAXpqsAwQB
k05kAwQAstfiAwQAufbfMA0GCSqGSIb3DQEBCwUAA4IBAQCV2IIMC15HwB753Q7C
JK2HLmfhRPCyLMUmMoM/f+xFKM8v+hLKxnR5QqJFBAGjCtW+F2d/SR28VMT0flO0
8bg7cyhLIWyR7oSvZoSH+GtKblQM3qymJRB/L6TNSdiczgGDlxSicAPc0Gwm0rFV
oJG3VNEC0awteJI5RF1YdCmOL485RjF7kn6fbdbQeMmtzuoDykwGazyKhznmMsjh
P2PiDPNl2RV26KOS9fFHgEz9xw6C8+CLx4cK6Vks1jSEipkghbKf4oro6tSmcrCB
//gtPMBQ3hCJbIIsjSXyIGJalas4hNQl319EeXTGgBzxI3DiwhbrsObeb7GLN/fh
RHPQ
-----END CERTIFICATE-----
Generated at Mon Nov 6 13:15:58 2023 by rpki-client on console-ams.rpki-client.org