Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xvhz7JMgrdA02cObfp_oFDdY2d0.roa
File: Xvhz7JMgrdA02cObfp_oFDdY2d0.roa (raw, json)
Hash identifier: 4D0oYo/hgWKw71BKIS1V+DnZ8wUhgdpBlJhpw2Vb6GM=
Subject key identifier: 5E:F8:73:EC:93:20:AD:D0:34:D9:C3:9B:7E:9F:E8:14:37:58:D9:DD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C918EB7CC4DD1764740BBA571C457D857
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xvhz7JMgrdA02cObfp_oFDdY2d0.roa
Signing time: Fri 22 Dec 2023 12:44:58 +0000
ROA not before: Fri 22 Dec 2023 12:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 81.161.230.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.225.75.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:91:8e:b7:cc:4d:d1:76:47:40:bb:a5:71:c4:57:d8:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 22 12:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ef873ec9320add034d9c39b7e9fe8143758d9dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:7e:3f:f4:51:5a:6e:48:44:0a:9d:d5:08:40:
3a:66:1c:aa:f0:5c:83:78:31:d0:9f:82:71:6f:94:
8d:06:db:3c:dc:c9:23:13:b4:a4:bc:cb:ae:7c:bf:
d9:12:ee:af:a4:ef:4a:0d:cf:bc:c0:96:70:0b:e9:
d4:81:8e:fd:95:66:87:7c:65:e0:b4:bd:9e:fd:b8:
7c:83:f6:7d:21:9d:6c:17:06:d2:d2:0a:e4:d4:36:
06:5d:02:17:74:e1:6e:96:c8:1f:50:79:2a:61:55:
f2:e2:74:ae:7e:72:42:35:97:63:5e:17:25:40:65:
90:17:ce:90:57:3a:c3:43:af:7d:c5:2f:8a:bb:f8:
00:e3:f8:ae:57:ec:76:f3:73:5d:d4:e0:03:3f:a6:
6e:7e:25:5b:7c:38:36:90:bb:91:f8:14:40:a1:1d:
37:8d:a8:29:f0:01:5a:72:a7:db:41:3a:ad:84:9c:
70:52:8d:59:79:f9:a8:21:78:52:4a:45:f3:ee:a9:
5c:8c:8f:b0:59:84:4c:18:c7:ed:7e:ba:6c:63:c7:
51:3a:1b:d2:3b:fa:3e:e8:55:06:38:a7:05:7e:9c:
d8:f0:9f:4d:29:a3:68:1d:0d:23:f1:5e:f8:2a:79:
e9:5e:f1:d9:e1:42:2d:f6:79:bf:b2:18:04:21:f5:
29:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F8:73:EC:93:20:AD:D0:34:D9:C3:9B:7E:9F:E8:14:37:58:D9:DD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Xvhz7JMgrdA02cObfp_oFDdY2d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.129.86.0/24
81.161.230.0/24
85.31.47.0/24
87.120.166.0/24
87.121.44.0/24
87.121.46.0/24
94.156.8.0/24
94.156.79.0/24
178.215.239.0/24
185.221.64.0/24
185.225.75.0/24
Signature Algorithm: sha256WithRSAEncryption
56:26:fa:83:c3:5f:1e:34:04:5a:de:11:f5:6f:c0:37:11:13:
b4:72:2e:dc:28:b0:d2:2a:1c:2c:20:08:b3:29:be:7d:de:02:
2e:10:20:b5:ce:48:2d:81:8e:06:e9:c5:26:3b:b9:e0:3b:55:
99:d4:35:a6:3d:54:ad:ef:76:69:d4:0a:26:36:f3:36:40:68:
19:b4:c2:e1:95:63:bd:39:63:95:fe:8f:ec:cf:94:65:76:34:
51:fc:7d:7f:8d:fa:e4:0a:bf:e3:e4:30:24:b1:d4:01:29:d7:
fa:5e:76:0f:1e:1b:21:c6:9a:c7:a5:ed:63:da:07:79:d8:54:
51:d2:ef:7c:1d:04:0a:73:93:79:e0:31:17:72:b7:ae:3b:02:
97:15:fe:16:32:3d:6f:a6:a8:20:21:cf:b8:97:48:41:96:20:
85:a2:e9:bd:f9:51:41:1e:3c:7f:52:97:ed:0e:ac:03:ec:4b:
85:52:24:a0:9a:32:05:fd:da:a6:64:49:f2:e2:6c:53:c1:f4:
85:8a:89:16:10:38:c8:b8:4a:a5:28:54:92:17:4b:b8:cb:62:
f9:ab:79:e3:28:3e:78:59:e0:90:e4:57:55:e6:85:fd:8d:04:
ed:14:54:50:da:dd:a6:22:d7:34:e5:d6:38:e8:d4:08:64:bc:
95:e8:58:27
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYyRjrfMTdF2R0C7pXHEV9hXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjIyMTI0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWY4NzNlYzkzMjBhZGQwMzRkOWMzOWI3ZTlmZTgxNDM3NThkOWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtX4/9FFabkhECp3VCEA6Zhyq8FyD
eDHQn4Jxb5SNBts83MkjE7SkvMuufL/ZEu6vpO9KDc+8wJZwC+nUgY79lWaHfGXg
tL2e/bh8g/Z9IZ1sFwbS0grk1DYGXQIXdOFulsgfUHkqYVXy4nSufnJCNZdjXhcl
QGWQF86QVzrDQ699xS+Ku/gA4/iuV+x283Nd1OADP6ZufiVbfDg2kLuR+BRAoR03
jagp8AFacqfbQTqthJxwUo1ZefmoIXhSSkXz7qlcjI+wWYRMGMftfrpsY8dROhvS
O/o+6FUGOKcFfpzY8J9NKaNoHQ0j8V74KnnpXvHZ4UIt9nm/shgEIfUpUQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFF74c+yTIK3QNNnDm36f6BQ3WNndMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWHZoejdKTWdyZEEwMmNPYmZwX29GRGRZMmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALYDpAwQA
LYFWAwQAUaHmAwQAVR8vAwQAV3imAwQAV3ksAwQAV3kuAwQAXpwIAwQAXpxPAwQA
stfvAwQAud1AAwQAueFLMA0GCSqGSIb3DQEBCwUAA4IBAQBWJvqDw18eNARa3hH1
b8A3ERO0ci7cKLDSKhwsIAizKb593gIuECC1zkgtgY4G6cUmO7ngO1WZ1DWmPVSt
73Zp1AomNvM2QGgZtMLhlWO9OWOV/o/sz5RldjRR/H1/jfrkCr/j5DAksdQBKdf6
XnYPHhshxprHpe1j2gd52FRR0u98HQQKc5N54DEXcreuOwKXFf4WMj1vpqggIc+4
l0hBliCFoum9+VFBHjx/UpftDqwD7EuFUiSgmjIF/dqmZEny4mxTwfSFiokWEDjI
uEqlKFSSF0u4y2L5q3njKD54WeCQ5FdV5oX9jQTtFFRQ2t2mItc05dY46NQIZLyV
6Fgn
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:11 2024 by rpki-client on console-ams.rpki-client.org