Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aC4ORzqr2wF8oOby6jpND7ZRcE0.roa
File: aC4ORzqr2wF8oOby6jpND7ZRcE0.roa (raw, json)
Hash identifier: RPOVfPCEHaX42xXWYjB93W40bNpeklBuoKhNiLlGMns=
Subject key identifier: 68:2E:0E:47:3A:AB:DB:01:7C:A0:E6:F2:EA:3A:4D:0F:B6:51:70:4D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A84BFE135B462ADE137BAB1DA247BFC34
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aC4ORzqr2wF8oOby6jpND7ZRcE0.roa
Signing time: Mon 11 Sep 2023 14:58:02 +0000
ROA not before: Mon 11 Sep 2023 14:58:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 91.92.24.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.25.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
193.149.28.0/22 maxlen: 22
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.121.59.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
176.125.255.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:84:bf:e1:35:b4:62:ad:e1:37:ba:b1:da:24:7b:fc:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 11 14:58:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=682e0e473aabdb017ca0e6f2ea3a4d0fb651704d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:66:bf:92:4c:3c:6a:e0:49:49:1c:3e:35:af:
73:bc:7f:fa:99:7b:19:8e:11:ea:4a:99:c8:02:39:
b1:fc:09:b9:d0:d6:c8:35:07:41:13:18:30:22:62:
c7:b5:fc:df:34:b4:89:f1:5d:55:6c:c3:38:80:2a:
6c:ae:9e:30:c5:8d:64:91:e4:a0:4d:cb:23:60:81:
28:e6:f3:dc:22:2b:84:16:d9:48:fb:f5:e6:97:7e:
b8:65:be:35:40:5b:9b:56:10:3f:d3:4c:15:bf:28:
6a:fc:51:3c:1f:4f:38:47:cd:e9:19:21:99:9b:ee:
f0:c9:46:bd:ca:4e:ff:8c:6b:67:36:a5:ca:fa:dd:
8a:65:3b:2a:9b:77:cc:11:b6:55:2a:68:cd:77:62:
7c:3f:91:e9:dd:8b:f0:fc:0c:91:0d:f1:ee:d8:9a:
4b:1f:d9:cc:d6:dc:b4:20:24:b0:d1:36:78:21:85:
74:56:fc:f5:64:23:d5:d2:96:b6:d3:db:9b:0a:b4:
fc:9a:5e:41:ad:97:50:cb:da:ba:66:e9:01:47:09:
dc:21:4b:bd:42:11:53:f9:31:32:0a:d6:e0:72:8a:
ae:0d:e4:6c:37:ad:01:38:6f:ba:06:c1:2c:cb:e1:
24:f2:20:86:ab:ef:ef:8c:79:ac:e4:7d:57:4c:0a:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:2E:0E:47:3A:AB:DB:01:7C:A0:E6:F2:EA:3A:4D:0F:B6:51:70:4D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aC4ORzqr2wF8oOby6jpND7ZRcE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.87.0/24
87.121.59.0/24
91.92.24.0/23
93.123.116.0/24
94.154.163.0/24
176.125.255.0/24
193.149.28.0/22
Signature Algorithm: sha256WithRSAEncryption
3e:c5:27:22:b2:da:e4:f4:49:e0:03:97:69:7f:3f:04:52:84:
53:ce:92:f0:52:bb:b7:d5:67:63:d0:65:be:f1:bb:17:1e:ad:
2a:54:60:19:3e:1a:dd:26:7c:05:d3:5b:c0:fe:e1:ec:31:a7:
49:1f:55:f6:dd:cc:1e:4f:2e:83:61:67:87:14:6b:3c:ac:07:
11:cd:2b:70:23:5c:0c:69:90:15:c2:93:8f:1b:19:a0:7e:54:
58:b2:0a:eb:d3:80:9b:ef:f1:30:f7:1e:ba:9e:ad:db:e3:e4:
8d:d7:9b:4f:be:47:2e:33:a8:c1:88:0f:0f:38:7a:7f:44:58:
53:68:1e:4f:08:6c:d1:50:16:11:08:e0:ca:44:e3:3c:e7:e0:
25:10:09:9e:af:6b:e0:aa:c4:d1:25:89:34:01:f9:c6:e0:d6:
6f:8c:4c:3e:ec:31:e4:bb:59:95:ac:26:20:87:fb:5e:6e:51:
61:47:00:88:8a:f4:0b:51:4a:d2:46:b1:1e:7a:cf:80:63:a1:
41:fb:32:43:57:a4:29:4f:6f:dc:dd:35:aa:35:14:77:6c:3b:
5a:01:26:e1:b4:1e:1f:ec:b7:16:09:65:91:dc:48:5b:cf:3d:
18:db:3c:5d:38:9b:4e:e1:e3:a9:e0:c2:13:eb:86:20:e3:49:
e8:b0:5f:ee
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYqEv+E1tGKt4Te6sdoke/w0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTExMTQ1ODAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODJlMGU0NzNhYWJkYjAxN2NhMGU2ZjJlYTNhNGQwZmI2NTE3MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2a/kkw8auBJSRw+Na9zvH/6mXsZ
jhHqSpnIAjmx/Am50NbINQdBExgwImLHtfzfNLSJ8V1VbMM4gCpsrp4wxY1kkeSg
TcsjYIEo5vPcIiuEFtlI+/Xml364Zb41QFubVhA/00wVvyhq/FE8H084R83pGSGZ
m+7wyUa9yk7/jGtnNqXK+t2KZTsqm3fMEbZVKmjNd2J8P5Hp3Yvw/AyRDfHu2JpL
H9nM1ty0ICSw0TZ4IYV0Vvz1ZCPV0pa209ubCrT8ml5BrZdQy9q6ZukBRwncIUu9
QhFT+TEyCtbgcoquDeRsN60BOG+6BsEsy+Ek8iCGq+/vjHms5H1XTAoALwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGguDkc6q9sBfKDm8uo6TQ+2UXBNMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYUM0T1J6cXIyd0Y4b09ieTZqcE5EN1pSY0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAV3hXAwQA
V3k7AwQBW1wYAwQAXXt0AwQAXpqjAwQAsH3/AwQCwZUcMA0GCSqGSIb3DQEBCwUA
A4IBAQA+xScistrk9EngA5dpfz8EUoRTzpLwUru31Wdj0GW+8bsXHq0qVGAZPhrd
JnwF01vA/uHsMadJH1X23cweTy6DYWeHFGs8rAcRzStwI1wMaZAVwpOPGxmgflRY
sgrr04Cb7/Ew9x66nq3b4+SN15tPvkcuM6jBiA8POHp/RFhTaB5PCGzRUBYRCODK
ROM85+AlEAmer2vgqsTRJYk0AfnG4NZvjEw+7DHku1mVrCYgh/teblFhRwCIivQL
UUrSRrEees+AY6FB+zJDV6QpT2/c3TWqNRR3bDtaASbhtB4f7LcWCWWR3Ehbzz0Y
2zxdOJtO4eOp4MIT64Yg40nosF/u
-----END CERTIFICATE-----
Generated at Tue Sep 19 13:10:42 2023 by rpki-client on console-ams.rpki-client.org