Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZTUYcHgD9NejSgFlIaK1m--Bb1Y.roa
File: ZTUYcHgD9NejSgFlIaK1m--Bb1Y.roa (raw, json)
Hash identifier: nVJnz8M8COARyKEwOPBhrbQRruxhOnQKlGoIi8cTLmo=
Subject key identifier: 65:35:18:70:78:03:F4:D7:A3:4A:01:65:21:A2:B5:9B:EF:81:6F:56
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018ACB780E8F16E2D1AF24A919909F131F4C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZTUYcHgD9NejSgFlIaK1m--Bb1Y.roa
Signing time: Mon 25 Sep 2023 08:32:37 +0000
ROA not before: Mon 25 Sep 2023 08:32:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cb:78:0e:8f:16:e2:d1:af:24:a9:19:90:9f:13:1f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 25 08:32:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=653518707803f4d7a34a016521a2b59bef816f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3d:a2:fe:2a:95:b7:44:a1:e4:39:ca:9e:ec:
2c:4c:9b:f6:00:6b:b3:12:bb:af:04:19:fd:96:dc:
bf:ef:ef:e2:f4:53:74:6d:a9:19:dc:ec:63:4c:fb:
01:cc:e8:3f:0a:28:44:fa:1e:d1:22:84:1b:aa:75:
54:72:b3:35:6f:cc:7d:ab:72:30:a4:d5:c3:48:ba:
b0:33:07:58:bd:7c:5f:71:91:2b:52:3a:3c:9e:63:
fb:86:a0:c0:d0:d3:8d:78:53:6f:c2:35:e0:c8:12:
99:4a:8e:04:fd:47:7c:94:38:8d:3a:d0:dd:e8:8f:
87:e4:f7:e4:18:7f:b7:e0:88:b7:3d:33:d3:69:c0:
84:8f:b1:ef:d9:bc:6f:54:c6:9c:12:49:41:92:bf:
b6:8f:64:3e:a7:35:cc:0b:d4:c9:27:a7:0f:4b:46:
b7:be:88:8d:c5:93:ce:0d:1d:03:0a:0e:93:e4:66:
74:a5:82:73:e1:f5:5e:fb:17:dc:07:d0:89:f2:4b:
f7:64:6f:b9:47:76:a5:58:e2:9f:94:63:6f:70:bb:
13:37:da:d9:85:06:6c:42:97:29:02:24:f3:8c:d8:
a0:49:f6:36:bc:48:d9:cf:49:14:73:96:fb:89:76:
b4:a2:63:36:3e:a6:d2:4a:fe:6e:87:a5:ec:d5:81:
6f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:35:18:70:78:03:F4:D7:A3:4A:01:65:21:A2:B5:9B:EF:81:6F:56
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZTUYcHgD9NejSgFlIaK1m--Bb1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.90.0/24
94.154.163.0/24
176.125.255.0/24
185.226.175.0/24
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:5a:c2:8d:6d:c5:a8:88:1e:64:99:17:f7:a4:87:e9:c3:a7:
28:d5:be:6d:6b:f7:51:db:21:93:7b:a0:32:d9:77:77:a4:51:
e1:0f:67:af:8c:c8:eb:b0:70:f1:c2:7b:57:70:2b:58:70:e0:
30:cf:52:a7:61:c9:8d:3f:2d:a3:a2:69:3a:83:f8:ce:28:a6:
5b:6b:92:b4:64:9f:e1:38:70:f9:38:41:68:be:2a:34:fe:77:
3a:84:17:6a:0a:8d:4b:1e:c5:ed:2a:42:17:2d:57:37:73:70:
22:08:5e:a2:5b:44:b2:0c:7c:e7:b1:0c:6c:7f:33:f5:ec:95:
ef:53:7d:09:e0:9f:94:18:b4:f9:e8:81:73:75:1c:30:81:c5:
79:3f:cf:2c:c7:7e:dd:a0:33:bd:4c:f2:c7:63:1b:ea:32:98:
ca:71:01:c0:ee:3c:49:34:15:03:50:cc:56:32:bf:3c:b0:27:
a6:5a:d4:14:97:71:e1:c1:15:40:1a:b2:39:23:3f:b0:0f:08:
46:46:0c:e6:fc:29:4d:ac:e2:03:c9:04:0f:0d:82:b3:65:c7:
95:5c:8e:ff:19:d0:f1:ab:e6:5a:dc:e1:8c:6b:fa:b9:c6:3e:
be:f3:70:14:22:61:d1:db:c5:99:02:7e:f0:ec:5b:4f:97:b6:
dc:dc:e2:15
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYrLeA6PFuLRrySpGZCfEx9MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI1MDgzMjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM1MTg3MDc4MDNmNGQ3YTM0YTAxNjUyMWEyYjU5YmVmODE2ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjj2i/iqVt0Sh5DnKnuwsTJv2AGuz
EruvBBn9lty/7+/i9FN0bakZ3OxjTPsBzOg/CihE+h7RIoQbqnVUcrM1b8x9q3Iw
pNXDSLqwMwdYvXxfcZErUjo8nmP7hqDA0NONeFNvwjXgyBKZSo4E/Ud8lDiNOtDd
6I+H5PfkGH+34Ii3PTPTacCEj7Hv2bxvVMacEklBkr+2j2Q+pzXMC9TJJ6cPS0a3
voiNxZPODR0DCg6T5GZ0pYJz4fVe+xfcB9CJ8kv3ZG+5R3alWOKflGNvcLsTN9rZ
hQZsQpcpAiTzjNigSfY2vEjZz0kUc5b7iXa0omM2PqbSSv5uh6Xs1YFvywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGU1GHB4A/TXo0oBZSGitZvvgW9WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlRVWWNIZ0Q5TmVqU2dGbElhSzFtLS1CYjFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZdaAwQA
XpqjAwQAsH3/AwQAueKvAwQCwZUcMA0GCSqGSIb3DQEBCwUAA4IBAQBaWsKNbcWo
iB5kmRf3pIfpw6co1b5ta/dR2yGTe6Ay2Xd3pFHhD2evjMjrsHDxwntXcCtYcOAw
z1KnYcmNPy2jomk6g/jOKKZba5K0ZJ/hOHD5OEFovio0/nc6hBdqCo1LHsXtKkIX
LVc3c3AiCF6iW0SyDHznsQxsfzP17JXvU30J4J+UGLT56IFzdRwwgcV5P88sx37d
oDO9TPLHYxvqMpjKcQHA7jxJNBUDUMxWMr88sCemWtQUl3HhwRVAGrI5Iz+wDwhG
Rgzm/ClNrOIDyQQPDYKzZceVXI7/GdDxq+Za3OGMa/q5xj6+83AUImHR28WZAn7w
7FtPl7bc3OIV
-----END CERTIFICATE-----
Generated at Fri Sep 29 06:49:59 2023 by rpki-client on console-ams.rpki-client.org