Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XroqHJznk5IyaiWG4oTknMEq-F0.roa
File: XroqHJznk5IyaiWG4oTknMEq-F0.roa (raw, json)
Hash identifier: 8mU8StXpSIyDKoMDazrPVvpysQb0TJoDlubRxYXd4o8=
Subject key identifier: 5E:BA:2A:1C:9C:E7:93:92:32:6A:25:86:E2:84:E4:9C:C1:2A:F8:5D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0186EFF91EAAFBFA3AE176C09A18D0A2F2C3
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XroqHJznk5IyaiWG4oTknMEq-F0.roa
Signing time: Fri 17 Mar 2023 14:28:46 +0000
ROA not before: Fri 17 Mar 2023 14:28:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208485
IP address blocks: 84.21.173.0/24 maxlen: 24
84.54.49.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
45.91.192.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
194.49.87.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:ef:f9:1e:aa:fb:fa:3a:e1:76:c0:9a:18:d0:a2:f2:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 17 14:28:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eba2a1c9ce79392326a2586e284e49cc12af85d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:74:ae:9b:1d:d5:a7:ee:24:91:4b:c1:0f:ee:
4e:72:6a:f1:f4:ec:83:32:73:b1:8e:8e:65:24:72:
40:0c:bc:54:c0:47:ad:4a:16:aa:68:7a:4a:18:49:
b9:33:bd:fc:84:3e:c1:e8:f3:c3:22:d4:2f:1f:97:
52:48:3e:b3:22:a4:35:2c:c5:00:46:96:c0:3f:f1:
99:a2:69:ff:4c:15:24:b8:1b:4f:ef:bf:62:62:13:
08:3a:93:72:cb:5e:93:aa:7b:b6:01:51:99:a4:03:
bc:2e:c2:43:02:c1:96:cc:af:17:f6:ed:6d:8b:fb:
3c:ec:0e:7f:8f:03:61:7e:0f:ca:65:f2:6e:9a:a9:
0a:8b:91:32:0e:cd:fa:24:d9:71:40:d1:dd:67:d5:
3f:e9:55:dd:da:90:37:a0:30:40:8b:b7:f5:12:0c:
d6:75:bc:ab:4d:4c:52:05:27:c1:b9:05:f4:c5:8b:
95:d6:fc:87:3d:da:c6:e6:54:68:7f:84:75:42:05:
a3:74:ac:c9:e5:e1:14:e3:65:9a:39:a9:97:c0:2c:
3e:a6:a9:a8:29:5a:76:a5:1c:7c:99:aa:76:e8:97:
01:0b:19:cf:ee:df:6a:a7:10:f1:ac:4d:e2:12:42:
88:eb:4a:00:de:fc:99:40:84:c8:49:6c:4d:7c:52:
ac:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BA:2A:1C:9C:E7:93:92:32:6A:25:86:E2:84:E4:9C:C1:2A:F8:5D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XroqHJznk5IyaiWG4oTknMEq-F0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.192.0/24
45.149.233.0/24
84.21.173.0/24
84.54.49.0/24
87.121.220.0/24
94.103.125.0/24
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
178.215.237.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
70:58:cf:b5:3c:7d:80:08:28:d3:75:57:28:97:c4:12:a5:5a:
26:59:7c:cc:1d:2f:e9:60:a6:3f:bb:b1:72:1d:56:90:ff:32:
cb:db:b9:6c:6d:74:62:25:f8:90:2f:23:0c:79:45:b8:7a:dc:
87:e9:5f:47:8e:71:7c:04:7e:01:91:f7:4a:97:45:8d:12:b5:
29:3e:1a:ba:1d:ce:51:44:6f:d5:5d:9b:c9:0f:44:3a:83:8f:
1a:74:d5:57:b8:f1:d5:9d:39:dd:5e:b6:82:d4:67:4c:19:9b:
b8:ce:a1:7b:0d:9c:d4:e0:ed:32:b4:0f:37:a2:19:66:c7:05:
19:21:d4:0c:ee:e8:86:0a:f7:49:70:15:c4:d9:74:04:d7:30:
f4:3e:7b:59:82:53:33:1d:f7:97:7a:69:50:5f:7e:64:49:d8:
14:64:34:e0:97:6e:81:d4:22:71:db:90:4f:4d:a7:e4:64:16:
1b:fd:0f:df:12:11:4e:a0:95:15:a9:e2:ea:d1:c0:6b:ef:f6:
4b:2e:1b:79:9a:fc:50:95:74:6d:77:a3:a2:63:99:46:73:e0:
b9:7c:91:40:28:8b:cf:8d:e7:9d:21:e3:93:e4:0a:53:90:25:
53:da:5f:96:ad:bb:ef:7b:29:77:6b:ae:57:9f:93:b7:45:a8:
69:dd:c0:6b
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYbv+R6q+/o64XbAmhjQovLDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzE3MTQyODQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWJhMmExYzljZTc5MzkyMzI2YTI1ODZlMjg0ZTQ5Y2MxMmFmODVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxnSumx3Vp+4kkUvBD+5Ocmrx9OyD
MnOxjo5lJHJADLxUwEetShaqaHpKGEm5M738hD7B6PPDItQvH5dSSD6zIqQ1LMUA
RpbAP/GZomn/TBUkuBtP779iYhMIOpNyy16Tqnu2AVGZpAO8LsJDAsGWzK8X9u1t
i/s87A5/jwNhfg/KZfJumqkKi5EyDs36JNlxQNHdZ9U/6VXd2pA3oDBAi7f1EgzW
dbyrTUxSBSfBuQX0xYuV1vyHPdrG5lRof4R1QgWjdKzJ5eEU42WaOamXwCw+pqmo
KVp2pRx8map26JcBCxnP7t9qpxDxrE3iEkKI60oA3vyZQITISWxNfFKsGQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFF66Khyc55OSMmolhuKE5JzBKvhdMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWHJvcUhKem5rNUl5YWlXRzRvVGtuTUVxLUYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQALVvAAwQA
LZXpAwQAVBWtAwQAVDYxAwQAV3ncAwQAXmd9AwQAXpqsAwQAjWIHAwQBk05kAwQA
stftAwQAwjFXMA0GCSqGSIb3DQEBCwUAA4IBAQBwWM+1PH2ACCjTdVcol8QSpVom
WXzMHS/pYKY/u7FyHVaQ/zLL27lsbXRiJfiQLyMMeUW4etyH6V9HjnF8BH4BkfdK
l0WNErUpPhq6Hc5RRG/VXZvJD0Q6g48adNVXuPHVnTndXraC1GdMGZu4zqF7DZzU
4O0ytA83ohlmxwUZIdQM7uiGCvdJcBXE2XQE1zD0PntZglMzHfeXemlQX35kSdgU
ZDTgl26B1CJx25BPTafkZBYb/Q/fEhFOoJUVqeLq0cBr7/ZLLht5mvxQlXRtd6Oi
Y5lGc+C5fJFAKIvPjeedIeOT5ApTkCVT2l+Wrbvveyl3a65Xn5O3Rahp3cBr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org