Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aMGbDzahW68sR8n2prL9_tytJ5g.roa
File: aMGbDzahW68sR8n2prL9_tytJ5g.roa (raw, json)
Hash identifier: xEEaToUD1kdGmE+pVPBjRSbq6mlCTv56z1f0NYtpSAk=
Subject key identifier: 68:C1:9B:0F:36:A1:5B:AF:2C:47:C9:F6:A6:B2:FD:FE:DC:AD:27:98
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AF552319AEB64F1F9F5BD869A31ABD188
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aMGbDzahW68sR8n2prL9_tytJ5g.roa
Signing time: Tue 03 Oct 2023 11:35:19 +0000
ROA not before: Tue 03 Oct 2023 11:35:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 185.222.163.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f5:52:31:9a:eb:64:f1:f9:f5:bd:86:9a:31:ab:d1:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 3 11:35:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=68c19b0f36a15baf2c47c9f6a6b2fdfedcad2798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:56:1a:cb:92:8f:94:08:7b:6d:db:25:68:ea:
fa:98:52:78:fd:29:66:58:cd:b7:aa:a2:94:b9:23:
63:c3:ae:db:9a:58:57:cf:62:dd:fa:ea:62:d8:91:
a7:10:f4:86:96:74:b4:84:57:9a:b1:e1:8b:c0:bb:
be:65:95:88:c3:4d:9e:ee:0a:43:b9:76:a5:39:2e:
72:7c:c6:06:28:6b:72:4a:4b:7f:d4:a3:22:b6:5e:
c7:c6:f4:ba:b6:d7:5e:4d:8f:f1:46:d2:71:4b:43:
58:6f:d1:a4:4b:59:12:a2:1a:c0:02:e7:a4:30:1a:
2f:cb:39:80:82:3f:30:7c:6b:c2:24:dd:53:af:1e:
6f:76:8d:ff:1c:8e:91:d6:d5:31:bd:17:ca:89:26:
bb:fd:68:e9:9d:3d:92:cc:8f:05:6a:9a:ac:ae:3a:
ab:a9:f8:16:9a:bb:1a:d8:a3:3f:df:db:5a:44:95:
f8:0d:73:7c:cf:83:62:39:cc:2f:5d:8b:e8:cf:da:
17:6a:d9:df:e9:99:bc:cc:2e:0a:0b:8a:bf:75:de:
b1:14:b7:9f:a8:ad:14:e0:2d:c8:60:85:34:68:4e:
8d:03:a6:97:23:52:13:00:a1:55:bd:d7:d0:75:72:
34:8c:f4:63:04:08:56:63:44:d2:d6:50:a6:60:15:
88:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:C1:9B:0F:36:A1:5B:AF:2C:47:C9:F6:A6:B2:FD:FE:DC:AD:27:98
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/aMGbDzahW68sR8n2prL9_tytJ5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.90.0/24
80.76.50.0/24
185.222.163.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
82:68:bf:dc:bb:82:d6:a4:0e:fd:75:be:55:c1:9a:36:26:55:
63:e8:67:da:88:d0:dc:6e:4c:56:94:4b:89:2b:8f:b6:35:73:
fa:c1:24:7b:d1:b4:a5:7a:94:5c:75:a5:b6:91:ef:3e:d2:60:
d3:30:d1:6c:3d:a9:ed:17:ce:17:1d:ad:16:5a:86:e3:5e:96:
c1:a1:c6:8f:f0:c9:ca:3b:cf:cb:3f:fa:02:01:57:21:e1:4f:
dc:70:42:a1:bb:47:11:0a:bb:24:0b:f8:41:89:aa:80:07:51:
1a:d7:2d:ef:b3:b8:52:5f:f8:0b:65:0c:6d:46:83:93:91:d9:
87:f3:54:18:70:a5:f8:f9:14:91:9c:2c:ec:29:db:61:17:b8:
31:17:aa:6a:a8:d1:27:32:60:38:c0:ae:c2:1a:21:6a:2e:e4:
47:eb:58:73:d1:35:5c:c9:23:fa:de:b5:07:d4:23:68:bd:bb:
0c:14:ac:f2:60:3a:10:db:6c:ca:f1:aa:88:cc:6b:d8:f3:bc:
e0:74:bb:d3:2d:f7:ed:e2:02:b0:e2:21:99:65:c7:e8:c4:d7:
36:0a:dd:78:19:02:c0:38:c1:d9:fc:2b:f7:dc:7f:00:0c:de:
38:7b:e0:54:b2:f2:b0:bd:d4:b1:15:ae:31:b6:79:04:bb:30:
f9:48:d4:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYr1UjGa62Tx+fW9hpoxq9GIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDAzMTEzNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGMxOWIwZjM2YTE1YmFmMmM0N2M5ZjZhNmIyZmRmZWRjYWQyNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiVYay5KPlAh7bdslaOr6mFJ4/Slm
WM23qqKUuSNjw67bmlhXz2Ld+upi2JGnEPSGlnS0hFeaseGLwLu+ZZWIw02e7gpD
uXalOS5yfMYGKGtySkt/1KMitl7HxvS6ttdeTY/xRtJxS0NYb9GkS1kSohrAAuek
MBovyzmAgj8wfGvCJN1Trx5vdo3/HI6R1tUxvRfKiSa7/WjpnT2SzI8Fapqsrjqr
qfgWmrsa2KM/39taRJX4DXN8z4NiOcwvXYvoz9oXatnf6Zm8zC4KC4q/dd6xFLef
qK0U4C3IYIU0aE6NA6aXI1ITAKFVvdfQdXI0jPRjBAhWY0TS1lCmYBWIGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGjBmw82oVuvLEfJ9qay/f7crSeYMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYU1HYkR6YWhXNjhzUjhuMnByTDlfdHl0SjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVRaAwQA
UEwyAwQAud6jAwQAwjD7MA0GCSqGSIb3DQEBCwUAA4IBAQCCaL/cu4LWpA79db5V
wZo2JlVj6GfaiNDcbkxWlEuJK4+2NXP6wSR70bSlepRcdaW2ke8+0mDTMNFsPant
F84XHa0WWobjXpbBocaP8MnKO8/LP/oCAVch4U/ccEKhu0cRCrskC/hBiaqAB1Ea
1y3vs7hSX/gLZQxtRoOTkdmH81QYcKX4+RSRnCzsKdthF7gxF6pqqNEnMmA4wK7C
GiFqLuRH61hz0TVcySP63rUH1CNovbsMFKzyYDoQ22zK8aqIzGvY87zgdLvTLfft
4gKw4iGZZcfoxNc2Ct14GQLAOMHZ/Cv33H8ADN44e+BUsvKwvdSxFa4xtnkEuzD5
SNQs
-----END CERTIFICATE-----
Generated at Thu Oct 5 14:12:25 2023 by rpki-client on console-ams.rpki-client.org