Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XobKGgUADsV2Yh7mqDkEcPZM3-A.roa
File: XobKGgUADsV2Yh7mqDkEcPZM3-A.roa (raw, json)
Hash identifier: gepk42Rv8PLyc+fr3AaNkY6HrmnNZCaFPlJolvcAOaU=
Subject key identifier: 5E:86:CA:1A:05:00:0E:C5:76:62:1E:E6:A8:39:04:70:F6:4C:DF:E0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A5772056B3CD0D616EC600A2A1AB9B049
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XobKGgUADsV2Yh7mqDkEcPZM3-A.roa
Signing time: Sat 02 Sep 2023 19:50:04 +0000
ROA not before: Sat 02 Sep 2023 19:50:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201749
IP address blocks: 83.171.204.0/22 maxlen: 24
45.139.105.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:57:72:05:6b:3c:d0:d6:16:ec:60:0a:2a:1a:b9:b0:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 2 19:50:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e86ca1a05000ec576621ee6a8390470f64cdfe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:bc:d3:f7:63:4a:7c:84:f2:32:4b:31:ad:48:
ca:ac:e3:84:57:10:d6:df:9d:13:30:8b:10:d4:0e:
2b:d3:bf:ee:9b:7a:14:7b:3c:4c:25:0b:28:29:ff:
91:80:2a:46:ce:69:49:ff:c5:6d:c5:2f:d2:2b:4a:
75:34:6a:b1:61:1d:06:52:85:f7:f1:ab:50:3e:46:
9b:c4:3d:53:d6:a3:32:4d:86:37:35:ee:48:88:c9:
b1:b6:d1:7c:24:75:84:78:cc:30:cc:fd:63:57:bb:
2a:66:3e:72:da:ac:c3:8c:92:53:20:d0:39:7a:89:
e3:0a:3b:98:7b:f9:25:41:ad:0e:b7:c4:45:f7:9f:
0b:b1:df:fe:1b:99:a2:01:06:83:96:6e:f6:0a:ec:
3a:be:6d:a5:c3:84:62:6d:ad:94:df:49:c9:a4:37:
77:ca:74:e3:5b:35:27:3f:07:01:fd:d4:55:22:1c:
12:2f:56:54:53:68:3b:e4:30:be:b8:7e:ec:29:82:
3d:84:bc:6a:cb:d3:8d:db:a4:37:0d:f3:30:9f:c9:
32:3b:b4:a1:ca:4c:6e:64:41:3b:52:aa:72:db:90:
4a:08:aa:34:66:0d:4f:56:e5:ac:00:c0:2d:60:c9:
04:f5:15:98:3a:9f:d1:9a:85:c8:0a:ed:e0:6f:94:
5d:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:86:CA:1A:05:00:0E:C5:76:62:1E:E6:A8:39:04:70:F6:4C:DF:E0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XobKGgUADsV2Yh7mqDkEcPZM3-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.105.0/24
83.171.204.0/22
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
91:79:57:a0:8e:1e:3d:79:c2:fe:7c:a6:44:04:e8:ad:61:34:
74:fc:bc:4b:72:65:eb:d7:96:74:95:a5:28:31:c5:76:06:9f:
d1:d6:08:eb:80:ff:51:22:45:97:ad:8e:1e:0b:c6:ef:73:8f:
4c:51:4a:20:bb:71:74:58:11:a9:cd:2c:35:3e:2a:20:03:fc:
06:04:86:7d:be:7c:0c:db:42:15:15:69:77:f0:e9:d7:2a:a7:
67:96:dc:70:ee:97:fe:97:8a:09:16:b5:a5:bc:b0:75:5c:b3:
90:1c:2f:41:a2:52:43:51:61:a7:dc:5a:a8:5b:e4:fa:50:2b:
4d:28:ca:dd:75:6d:45:45:0c:86:4a:6f:37:06:2f:27:3f:ac:
24:58:4a:c3:41:e1:83:5e:5b:24:75:5a:5a:77:8a:10:33:61:
b3:9b:5e:42:84:f6:89:9b:13:f2:77:2e:64:1d:7c:6a:5b:1a:
76:ee:c2:36:16:53:83:26:09:41:00:fc:5f:e7:3b:9b:a0:78:
5f:36:d3:c2:8c:e4:58:34:4d:5f:9b:82:90:a3:63:4f:b5:9b:
61:5a:42:7a:5a:71:45:8a:9d:ad:06:6e:ce:ae:62:14:fc:30:
a0:b1:a4:d7:a5:98:9a:c8:da:f4:40:58:de:15:20:eb:b6:54:
7f:12:ca:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYpXcgVrPNDWFuxgCioaubBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTAyMTk1MDA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTg2Y2ExYTA1MDAwZWM1NzY2MjFlZTZhODM5MDQ3MGY2NGNkZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7zT92NKfITyMksxrUjKrOOEVxDW
350TMIsQ1A4r07/um3oUezxMJQsoKf+RgCpGzmlJ/8VtxS/SK0p1NGqxYR0GUoX3
8atQPkabxD1T1qMyTYY3Ne5IiMmxttF8JHWEeMwwzP1jV7sqZj5y2qzDjJJTINA5
eonjCjuYe/klQa0Ot8RF958Lsd/+G5miAQaDlm72Cuw6vm2lw4Riba2U30nJpDd3
ynTjWzUnPwcB/dRVIhwSL1ZUU2g75DC+uH7sKYI9hLxqy9ON26Q3DfMwn8kyO7Sh
ykxuZEE7Uqpy25BKCKo0Zg1PVuWsAMAtYMkE9RWYOp/RmoXICu3gb5RdOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF6GyhoFAA7FdmIe5qg5BHD2TN/gMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWG9iS0dnVUFEc1YyWWg3bXFEa0VjUFpNMy1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALYtpAwQC
U6vMAwQAwjFXMA0GCSqGSIb3DQEBCwUAA4IBAQCReVegjh49ecL+fKZEBOitYTR0
/LxLcmXr15Z0laUoMcV2Bp/R1gjrgP9RIkWXrY4eC8bvc49MUUogu3F0WBGpzSw1
PiogA/wGBIZ9vnwM20IVFWl38OnXKqdnltxw7pf+l4oJFrWlvLB1XLOQHC9BolJD
UWGn3FqoW+T6UCtNKMrddW1FRQyGSm83Bi8nP6wkWErDQeGDXlskdVpad4oQM2Gz
m15ChPaJmxPydy5kHXxqWxp27sI2FlODJglBAPxf5zuboHhfNtPCjORYNE1fm4KQ
o2NPtZthWkJ6WnFFip2tBm7OrmIU/DCgsaTXpZiayNr0QFjeFSDrtlR/Esp6
-----END CERTIFICATE-----
Generated at Fri Nov 3 07:34:12 2023 by rpki-client on console-fra.rpki-client.org