Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YsguFKZMDE7XfRmOPfRbWdlqszw.roa
File: YsguFKZMDE7XfRmOPfRbWdlqszw.roa (raw, json)
Hash identifier: /xOYCMwbtfTDyapaBbI4hYjaRXl5dGGYKQ0JTBXdHes=
Subject key identifier: 62:C8:2E:14:A6:4C:0C:4E:D7:7D:19:8E:3D:F4:5B:59:D9:6A:B3:3C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ADFAEF6B81C7BF8F0C489A42DC222AEA4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YsguFKZMDE7XfRmOPfRbWdlqszw.roa
Signing time: Fri 29 Sep 2023 06:45:00 +0000
ROA not before: Fri 29 Sep 2023 06:45:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.24.0/23 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
87.121.69.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:df:ae:f6:b8:1c:7b:f8:f0:c4:89:a4:2d:c2:22:ae:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 29 06:45:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=62c82e14a64c0c4ed77d198e3df45b59d96ab33c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:66:de:fd:89:85:8f:2e:4d:7c:92:aa:63:88:
db:d7:62:9d:28:0f:8b:aa:01:69:97:9f:1a:b2:24:
e1:ef:a4:56:9e:07:35:cb:f5:7b:e6:87:a5:36:ff:
b1:03:86:b0:9e:31:4c:6d:48:1d:da:de:5a:6d:37:
17:e7:e5:39:a5:6f:c8:0b:c8:f8:6a:ef:07:3f:e5:
40:9c:49:ce:b5:cc:54:9b:b6:d1:02:bc:07:17:6a:
35:2a:b2:0e:95:84:52:11:52:fe:cd:b3:23:3e:42:
0b:29:90:38:53:ea:1a:8e:22:e9:6e:ee:95:df:d3:
1a:fc:42:6d:83:78:77:30:90:19:0f:7a:26:3f:cf:
e7:ad:bd:48:29:07:74:4f:34:93:56:a8:55:57:f5:
fb:3c:26:f1:79:0d:1e:cb:92:c4:83:97:a4:be:44:
15:59:c6:43:ad:bb:34:dc:d3:ff:48:6b:4d:80:9b:
b0:28:ea:09:fa:89:ef:b0:5a:2e:d3:57:e4:40:cf:
fd:9a:7c:2d:d4:d3:73:42:b3:1a:9e:f0:6a:28:15:
56:e8:33:fc:1c:70:0f:2d:c3:ef:08:ae:68:1c:0d:
2a:a4:fa:77:03:cf:c6:e4:a3:5d:b0:df:13:fb:dc:
c4:5d:02:79:a5:e1:8f:0f:db:ca:47:01:84:0b:6f:
3c:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:C8:2E:14:A6:4C:0C:4E:D7:7D:19:8E:3D:F4:5B:59:D9:6A:B3:3C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/YsguFKZMDE7XfRmOPfRbWdlqszw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.121.45.0/24
87.121.59.0/24
87.121.69.0/24
91.92.24.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.177.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.219.126.0/24
185.252.176.0/24
194.169.174.0/24
194.180.50.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:ba:4e:66:27:ee:28:b0:f7:24:56:da:05:68:89:90:f7:59:
7a:c1:6f:45:ba:cb:48:9a:b5:c8:74:06:75:4c:d0:79:71:be:
59:b0:60:b4:73:cf:14:c2:d4:92:d2:8e:67:1d:94:48:a6:3e:
5e:7c:bd:b0:13:36:de:80:9f:a8:c8:8b:7e:22:69:9b:d4:81:
1b:c4:5a:dc:68:0d:9c:be:3c:bc:de:75:15:9b:86:70:a3:e2:
5d:98:3e:46:83:7e:72:53:86:4f:8c:6e:b1:2a:17:23:68:f6:
6e:8a:e9:ce:97:bd:25:27:89:b6:12:6e:b4:8b:77:32:6f:8f:
7d:c4:e3:c7:7b:1f:e4:dd:27:f2:da:ad:28:44:1e:c2:45:ee:
9d:59:f3:18:70:94:f8:95:9b:c3:bc:c4:b9:ff:e4:b2:d7:db:
cc:1d:2c:14:0c:7b:67:76:38:7e:99:e6:2f:2a:af:13:10:02:
14:e6:16:a2:b1:8b:59:11:ff:17:1e:29:a5:ee:d7:df:34:80:
03:3e:f5:c4:6c:3b:b9:4d:ec:4c:fb:a6:bc:ec:ec:e0:19:3c:
5f:67:af:4c:ab:06:89:4a:db:9b:0a:00:66:bb:ba:84:83:49:
59:eb:ab:17:55:8c:56:06:4c:86:89:c8:3d:3f:9f:8a:b4:2c:
6e:2a:34:4c
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYrfrva4HHv48MSJpC3CIq6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI5MDY0NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmM4MmUxNGE2NGMwYzRlZDc3ZDE5OGUzZGY0NWI1OWQ5NmFiMzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2be/YmFjy5NfJKqY4jb12KdKA+L
qgFpl58asiTh76RWngc1y/V75oelNv+xA4awnjFMbUgd2t5abTcX5+U5pW/IC8j4
au8HP+VAnEnOtcxUm7bRArwHF2o1KrIOlYRSEVL+zbMjPkILKZA4U+oajiLpbu6V
39Ma/EJtg3h3MJAZD3omP8/nrb1IKQd0TzSTVqhVV/X7PCbxeQ0ey5LEg5ekvkQV
WcZDrbs03NP/SGtNgJuwKOoJ+onvsFou01fkQM/9mnwt1NNzQrManvBqKBVW6DP8
HHAPLcPvCK5oHA0qpPp3A8/G5KNdsN8T+9zEXQJ5peGPD9vKRwGEC288GQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFGLILhSmTAxO130Zjj30W1nZarM8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWXNndUZLWk1ERTdYZlJtT1BmUmJXZGxxc3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
l1kDBABXeS0DBABXeTsDBABXeUUDBAFbXBgDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6csQMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfg
AwQAstfsAwQCudhUAwQCudpUAwQAudt+AwQAufywAwQAwqmuAwQAwrQyMA0GCSqG
SIb3DQEBCwUAA4IBAQC1uk5mJ+4osPckVtoFaImQ91l6wW9FustImrXIdAZ1TNB5
cb5ZsGC0c88UwtSS0o5nHZRIpj5efL2wEzbegJ+oyIt+Immb1IEbxFrcaA2cvjy8
3nUVm4Zwo+JdmD5Gg35yU4ZPjG6xKhcjaPZuiunOl70lJ4m2Em60i3cyb499xOPH
ex/k3Sfy2q0oRB7CRe6dWfMYcJT4lZvDvMS5/+Sy19vMHSwUDHtndjh+meYvKq8T
EAIU5haisYtZEf8XHiml7tffNIADPvXEbDu5TexM+6a87OzgGTxfZ69MqwaJStub
CgBmu7qEg0lZ66sXVYxWBkyGicg9P5+KtCxuKjRM
-----END CERTIFICATE-----
Generated at Fri Sep 29 08:40:59 2023 by rpki-client on console-ams.rpki-client.org