Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YHVLm_G0qUQDDhi9BJdaxW8mrbU.roa
File: YHVLm_G0qUQDDhi9BJdaxW8mrbU.roa (raw, json)
Hash identifier: fsgwdCNR+hN5eI+HwDFqp31h1XAAQs0KfpbjEtLLb9U=
Subject key identifier: 60:75:4B:9B:F1:B4:A9:44:03:0E:18:BD:04:97:5A:C5:6F:26:AD:B5
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01898C0CA4D45ABD1620133D4F2D46FD989D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YHVLm_G0qUQDDhi9BJdaxW8mrbU.roa
Signing time: Tue 25 Jul 2023 07:56:26 +0000
ROA not before: Tue 25 Jul 2023 07:56:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:0c:a4:d4:5a:bd:16:20:13:3d:4f:2d:46:fd:98:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 07:56:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=60754b9bf1b4a944030e18bd04975ac56f26adb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:1b:de:a3:73:f0:5a:65:73:56:07:ef:b2:6c:
32:3d:6a:88:55:c5:32:39:de:41:e8:9d:91:37:1f:
ee:21:b4:25:ac:2c:d4:31:ac:43:90:9a:bb:ba:29:
36:3f:8f:2d:4b:66:0e:11:37:92:e1:43:21:07:f1:
f2:c3:a0:7c:8c:f6:57:19:18:bd:f0:17:44:8c:8b:
d0:b5:38:77:5f:7a:f0:e3:5d:d7:8e:51:88:24:4d:
e9:d0:ce:fa:ea:cf:4a:85:8e:5c:d1:27:fa:b9:f7:
f2:09:9b:ea:d8:28:2d:9e:58:de:42:d6:6b:c2:95:
90:0c:a1:21:45:6e:95:ac:ee:f3:b7:8b:89:da:09:
86:52:76:8a:76:7f:08:f9:82:a0:3a:fb:44:66:45:
6a:c9:f9:eb:5c:02:48:21:aa:83:a6:fc:44:21:47:
1a:e7:b5:cd:c1:ed:51:01:ee:ed:21:c5:3c:1e:11:
c6:c9:f1:24:c0:90:cb:19:0c:35:ed:e3:d0:60:75:
7d:f3:64:bf:06:8b:0f:12:5b:ae:e7:23:dc:7c:3d:
95:bf:9f:d2:6b:cc:f8:19:7f:6e:fd:85:b6:3e:e7:
f8:88:10:14:c4:6d:06:3b:94:fe:36:96:69:f4:ff:
0c:99:ff:95:25:52:2a:ea:50:8f:5c:d4:f6:bf:01:
64:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:75:4B:9B:F1:B4:A9:44:03:0E:18:BD:04:97:5A:C5:6F:26:AD:B5
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YHVLm_G0qUQDDhi9BJdaxW8mrbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.151.89.0/24
87.121.45.0/24
92.119.196.0/23
93.123.85.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
178.215.239.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:ce:f1:59:45:e8:4e:41:95:16:d8:1e:ae:36:f8:d8:a9:31:
af:6e:c3:e1:50:4d:5c:4a:c1:36:28:21:74:97:8d:4b:16:8d:
7e:70:75:ab:a4:84:be:92:e0:d3:1d:17:8f:03:9b:fb:01:93:
df:e4:17:4a:98:8e:73:cf:c6:0c:d1:ee:a3:90:18:c2:f1:c6:
eb:36:b1:03:8b:cc:42:e8:32:82:f1:be:db:75:6f:bc:a0:18:
81:58:15:a5:e8:b8:c7:70:fd:ce:89:11:8b:9f:37:86:68:f7:
0f:27:35:41:ba:5b:45:48:b3:b4:15:69:06:4f:89:1d:16:3e:
da:2e:f3:6b:8d:d1:35:7e:22:97:f4:0f:18:8c:00:a8:de:90:
ce:53:c0:a6:dc:4e:6a:80:d9:6d:d7:09:a0:ce:78:f9:8e:55:
42:5d:52:26:1a:10:30:d9:d1:b8:bd:1b:af:5f:d7:f1:dd:e4:
cd:d5:65:5f:35:bf:51:df:21:d7:3f:03:42:d5:80:57:59:07:
24:c4:b2:18:fc:a4:34:1b:a5:bd:6e:d6:f2:25:13:6d:9f:34:
eb:14:f6:bd:72:24:91:be:6f:65:7c:8b:d4:b0:c2:dc:9e:01:
58:e3:e7:f4:32:e6:4e:95:c5:ec:82:32:0d:99:74:04:66:7c:
85:4a:b9:a1
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYmMDKTUWr0WIBM9Ty1G/ZidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI1MDc1NjI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDc1NGI5YmYxYjRhOTQ0MDMwZTE4YmQwNDk3NWFjNTZmMjZhZGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRveo3PwWmVzVgfvsmwyPWqIVcUy
Od5B6J2RNx/uIbQlrCzUMaxDkJq7uik2P48tS2YOETeS4UMhB/Hyw6B8jPZXGRi9
8BdEjIvQtTh3X3rw413XjlGIJE3p0M766s9KhY5c0Sf6uffyCZvq2CgtnljeQtZr
wpWQDKEhRW6VrO7zt4uJ2gmGUnaKdn8I+YKgOvtEZkVqyfnrXAJIIaqDpvxEIUca
57XNwe1RAe7tIcU8HhHGyfEkwJDLGQw17ePQYHV982S/BosPEluu5yPcfD2Vv5/S
a8z4GX9u/YW2Puf4iBAUxG0GO5T+NpZp9P8Mmf+VJVIq6lCPXNT2vwFklQIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFGB1S5vxtKlEAw4YvQSXWsVvJq21MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWUhWTG1fRzBxVVFERGhpOUJKZGF4VzhtcmJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAIt
XwADBAAtl1kDBABXeS0DBAFcd8QDBABde1UwDAMEAF6aoQMEAl6aoAMEAF6c7zAM
AwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQAstfvAwQCudhUAwQCudpU
AwQAudqJAwQAudt+AwQAufywAwQCwnEkAwQAwqmuMA0GCSqGSIb3DQEBCwUAA4IB
AQBuzvFZRehOQZUW2B6uNvjYqTGvbsPhUE1cSsE2KCF0l41LFo1+cHWrpIS+kuDT
HRePA5v7AZPf5BdKmI5zz8YM0e6jkBjC8cbrNrEDi8xC6DKC8b7bdW+8oBiBWBWl
6LjHcP3OiRGLnzeGaPcPJzVBultFSLO0FWkGT4kdFj7aLvNrjdE1fiKX9A8YjACo
3pDOU8Cm3E5qgNlt1wmgznj5jlVCXVImGhAw2dG4vRuvX9fx3eTN1WVfNb9R3yHX
PwNC1YBXWQckxLIY/KQ0G6W9btbyJRNtnzTrFPa9ciSRvm9lfIvUsMLcngFY4+f0
MuZOlcXsgjINmXQEZnyFSrmh
-----END CERTIFICATE-----
Generated at Tue Jul 25 11:28:57 2023 by rpki-client on console-ams.rpki-client.org