Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZdcQxrTi63BADCzYKoyZ413Ffrs.roa
File: ZdcQxrTi63BADCzYKoyZ413Ffrs.roa (raw, json)
Hash identifier: nwvo3H0gZ9veKkzrQZJid2g5Mnqk7ko+9BvG2JOmbW4=
Subject key identifier: 65:D7:10:C6:B4:E2:EB:70:40:0C:2C:D8:2A:8C:99:E3:5D:C5:7E:BB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018697D0252A7917846E0285998B78BFDB04
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZdcQxrTi63BADCzYKoyZ413Ffrs.roa
Signing time: Tue 28 Feb 2023 11:37:25 +0000
ROA not before: Tue 28 Feb 2023 11:37:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
45.81.241.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:97:d0:25:2a:79:17:84:6e:02:85:99:8b:78:bf:db:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 28 11:37:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d710c6b4e2eb70400c2cd82a8c99e35dc57ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ae:a4:b4:ca:9c:5f:1a:c0:43:df:b0:47:f8:
5b:10:17:03:59:bb:cd:57:01:8d:2b:1c:e9:98:ea:
73:6b:4e:20:a3:13:4d:ec:11:db:e3:02:9e:e9:b6:
0c:1b:40:b3:22:ed:29:50:9a:2d:cc:96:a4:83:a0:
07:6a:dc:eb:90:be:ff:9b:36:3e:ca:69:7a:ec:63:
e7:e4:82:81:96:b4:00:7f:c4:cc:dc:b8:1b:9a:00:
3f:b7:54:49:4d:0e:c6:36:c4:79:a0:2c:bb:14:7c:
b2:31:70:de:87:59:e1:26:78:58:e3:e8:ad:13:3f:
68:62:43:94:08:45:b5:87:94:d0:fa:d2:94:8c:0c:
16:00:e4:5f:04:27:01:56:a6:41:03:e8:9f:cc:e1:
24:fa:56:2b:e2:b9:57:c9:cc:49:6c:81:43:98:a8:
54:33:7a:ec:68:fd:62:15:0f:61:c3:e1:0b:fe:d3:
dd:a2:60:48:4a:b0:9e:80:36:5b:a7:ca:cf:ff:62:
89:23:72:16:ed:eb:ef:ed:e4:b5:db:1c:e6:c9:ff:
b1:17:63:38:6f:93:3c:7f:9f:2c:5e:c1:3b:d3:f9:
6e:7a:d9:45:16:db:21:5e:8a:61:9c:83:24:88:e6:
73:3c:02:fa:0c:11:cb:b3:ae:13:00:0e:fc:af:09:
b4:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D7:10:C6:B4:E2:EB:70:40:0C:2C:D8:2A:8C:99:E3:5D:C5:7E:BB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZdcQxrTi63BADCzYKoyZ413Ffrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.241.0/24
45.151.89.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
45:56:35:74:b0:e9:10:35:eb:26:77:e9:66:e3:ba:dd:81:68:
87:a6:c2:44:98:d6:d6:5c:27:03:d3:dc:2e:3b:1f:29:2f:3a:
ac:e9:1d:8b:92:ae:35:f2:f6:af:e4:96:00:38:c1:05:6f:4e:
32:73:71:b4:36:a8:9b:2d:98:2d:c7:74:14:d9:1d:ad:45:03:
9a:06:73:2f:bc:b4:e2:24:71:c4:4b:c6:df:00:7f:8f:53:34:
73:8c:ac:91:17:53:d0:de:2b:bb:20:b6:01:64:c4:4d:24:1f:
10:a4:18:f0:a5:49:24:73:75:33:48:2d:61:68:1f:f6:80:af:
0b:c4:83:37:77:bb:4c:f1:a9:23:d5:27:75:d2:68:fa:81:e3:
cf:e1:57:e8:11:df:4f:b1:73:e4:e2:03:0f:f8:96:bf:de:83:
61:11:04:78:7b:95:da:85:f2:b2:e7:29:04:1f:bd:c0:18:4e:
0e:2e:6c:ff:88:cb:7e:a0:72:91:a4:9b:a4:23:d1:52:fd:bf:
93:18:cf:a9:05:9b:f4:d7:61:5e:7b:74:99:da:0b:5b:38:84:
eb:fd:20:18:08:31:f1:c9:43:91:0a:3e:e0:70:b3:1b:64:a3:
37:8d:18:8b:f6:63:7d:1f:30:9f:8d:b3:6c:7c:35:a9:fe:98:
99:69:ab:2d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYaX0CUqeReEbgKFmYt4v9sEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMjI4MTEzNzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ3MTBjNmI0ZTJlYjcwNDAwYzJjZDgyYThjOTllMzVkYzU3ZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg66ktMqcXxrAQ9+wR/hbEBcDWbvN
VwGNKxzpmOpza04goxNN7BHb4wKe6bYMG0CzIu0pUJotzJakg6AHatzrkL7/mzY+
yml67GPn5IKBlrQAf8TM3LgbmgA/t1RJTQ7GNsR5oCy7FHyyMXDeh1nhJnhY4+it
Ez9oYkOUCEW1h5TQ+tKUjAwWAORfBCcBVqZBA+ifzOEk+lYr4rlXycxJbIFDmKhU
M3rsaP1iFQ9hw+EL/tPdomBISrCegDZbp8rP/2KJI3IW7evv7eS12xzmyf+xF2M4
b5M8f58sXsE70/luetlFFtshXophnIMkiOZzPAL6DBHLs64TAA78rwm0twIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGXXEMa04utwQAws2CqMmeNdxX67MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWmRjUXhyVGk2M0JBREN6WUtveVo0MTNGZnJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALVHxAwQA
LZdZAwQBV3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgDBACy1+wD
BAK52FQDBAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQELBQADggEB
AEVWNXSw6RA16yZ36Wbjut2BaIemwkSY1tZcJwPT3C47HykvOqzpHYuSrjXy9q/k
lgA4wQVvTjJzcbQ2qJstmC3HdBTZHa1FA5oGcy+8tOIkccRLxt8Af49TNHOMrJEX
U9DeK7sgtgFkxE0kHxCkGPClSSRzdTNILWFoH/aArwvEgzd3u0zxqSPVJ3XSaPqB
48/hV+gR30+xc+TiAw/4lr/eg2ERBHh7ldqF8rLnKQQfvcAYTg4ubP+Iy36gcpGk
m6Qj0VL9v5MYz6kFm/TXYV57dJnaC1s4hOv9IBgIMfHJQ5EKPuBwsxtkozeNGIv2
Y30fMJ+Ns2x8Nan+mJlpqy0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org