Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bQfc5l0B4Fx6ZntHMj4hjvbTZq0.roa
File: bQfc5l0B4Fx6ZntHMj4hjvbTZq0.roa (raw, json)
Hash identifier: pOJCnOlswnXaipnbpSryKcx2hjzxQ3UFizHp7Ey1wls=
Subject key identifier: 6D:07:DC:E6:5D:01:E0:5C:7A:66:7B:47:32:3E:21:8E:F6:D3:66:AD
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01877A9ADA5D98B30AECB2413B7488BDAE7F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bQfc5l0B4Fx6ZntHMj4hjvbTZq0.roa
Signing time: Thu 13 Apr 2023 12:33:01 +0000
ROA not before: Thu 13 Apr 2023 12:33:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
84.54.49.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
45.149.233.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
94.103.125.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
82.115.209.0/24 maxlen: 24
194.49.87.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.25.217.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:9a:da:5d:98:b3:0a:ec:b2:41:3b:74:88:bd:ae:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 13 12:33:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6d07dce65d01e05c7a667b47323e218ef6d366ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:97:c8:b9:e1:d6:ab:ca:4c:48:0d:8c:31:f2:
6c:57:77:a6:56:2f:9b:83:2d:3f:92:e7:46:4e:db:
df:a3:0c:89:2a:87:78:12:5e:d3:65:f3:86:e2:74:
fb:27:bc:67:3e:b5:a1:ac:d3:f4:94:3f:df:b4:f3:
02:a8:c2:eb:c5:50:ce:ff:76:1a:c1:d7:3d:bb:8a:
9d:05:09:e8:b9:d9:18:59:90:d9:55:65:dc:53:e4:
68:69:70:b4:35:4f:f2:05:7c:ad:4b:44:e1:b4:55:
e3:b5:36:7b:1e:b3:c6:95:b3:4d:f2:26:e7:0a:8b:
c5:da:8d:94:a1:ea:0f:77:53:1b:21:be:1a:94:c2:
f8:21:bd:be:c4:6c:76:47:78:26:f4:8b:f5:b6:84:
66:50:bf:f0:a3:a4:5f:75:b1:35:b1:e6:f0:69:f6:
23:fa:16:34:47:c5:5b:6b:54:69:6a:0e:e5:32:e5:
b2:d2:35:e1:c4:12:4b:a7:d6:86:74:1b:b4:9d:c3:
3b:82:ea:66:0b:ef:42:e5:13:b3:61:5a:f3:1b:33:
91:27:24:aa:06:e2:ce:74:d1:25:af:50:e3:f1:f9:
aa:b4:4e:96:81:ad:65:e9:e5:8b:a3:20:9f:c8:79:
7a:9c:5d:fe:a2:ca:40:31:dc:87:dc:07:e5:2b:4a:
c3:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:07:DC:E6:5D:01:E0:5C:7A:66:7B:47:32:3E:21:8E:F6:D3:66:AD
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bQfc5l0B4Fx6ZntHMj4hjvbTZq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
45.149.233.0/24
45.151.89.0/24
82.115.209.0/24
84.54.49.0/24
87.120.64.0/23
87.121.220.0/24
92.119.196.0/23
94.103.125.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
141.98.7.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/23
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
193.25.217.0/24
194.49.87.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:4c:31:c7:15:72:7a:d7:83:0c:71:f4:4f:c3:86:2d:09:d6:
1f:42:81:3b:91:28:63:88:03:3c:45:26:59:6a:7d:c8:a6:d4:
bb:11:41:c4:e7:37:eb:90:db:99:9f:d4:d4:04:3f:21:c6:26:
14:f9:2e:7a:25:41:c9:bb:46:ab:87:36:38:43:45:28:89:b5:
74:90:f0:7d:bf:8b:14:a1:66:09:66:4c:2f:e5:31:3a:80:dc:
85:74:81:5b:55:60:24:ca:06:60:34:92:b7:fb:08:56:21:84:
b4:f0:e4:81:7a:92:8c:5c:87:70:5c:2d:b6:23:8a:37:aa:43:
c1:ec:57:09:1f:0f:6d:d3:7a:f3:09:5d:a1:8c:39:06:fc:bb:
36:aa:f9:d9:05:d7:c2:5d:28:fd:83:48:5d:83:0f:41:10:4f:
8e:1b:f7:e7:96:76:27:b0:0f:02:56:9d:aa:b1:e3:56:e5:dc:
cd:99:d2:1a:0b:51:3c:b8:d6:0d:f4:eb:76:ae:c2:0c:3f:7e:
b3:15:a5:c9:ec:0a:54:a6:07:44:c5:54:f3:d7:c6:34:e0:bf:
48:b1:73:8b:db:8c:37:75:17:fe:49:3e:4c:1d:4f:4e:8e:56:
df:30:9f:ed:e0:e7:cd:20:da:1a:28:16:49:a4:08:fd:5e:d0:
79:b0:19:6c
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYd6mtpdmLMK7LJBO3SIva5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEzMTIzMzAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDA3ZGNlNjVkMDFlMDVjN2E2NjdiNDczMjNlMjE4ZWY2ZDM2NmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5fIueHWq8pMSA2MMfJsV3emVi+b
gy0/kudGTtvfowyJKod4El7TZfOG4nT7J7xnPrWhrNP0lD/ftPMCqMLrxVDO/3Ya
wdc9u4qdBQnoudkYWZDZVWXcU+RoaXC0NU/yBXytS0ThtFXjtTZ7HrPGlbNN8ibn
CovF2o2UoeoPd1MbIb4alML4Ib2+xGx2R3gm9Iv1toRmUL/wo6RfdbE1sebwafYj
+hY0R8Vba1Rpag7lMuWy0jXhxBJLp9aGdBu0ncM7gupmC+9C5ROzYVrzGzORJySq
BuLOdNElr1Dj8fmqtE6Wga1l6eWLoyCfyHl6nF3+ospAMdyH3AflK0rDAwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFG0H3OZdAeBcemZ7RzI+IY7202atMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYlFmYzVsMEI0Rng2Wm50SE1qNGhqdmJUWnEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAAt
gOkDBAAtlekDBAAtl1kDBABSc9EDBABUNjEDBAFXeEADBABXedwDBAFcd8QDBABe
Z30wDAMEAF6aoQMEAl6aoAMEAF6arAMEAI1iBwMEAZNOZAMEAqsWSAMEAbLX7AME
ArnYVAMEArnaVAMEALnaiQMEALnbfgMEAMEZ2QMEAMIxVzANBgkqhkiG9w0BAQsF
AAOCAQEAnEwxxxVyeteDDHH0T8OGLQnWH0KBO5EoY4gDPEUmWWp9yKbUuxFBxOc3
65DbmZ/U1AQ/IcYmFPkueiVBybtGq4c2OENFKIm1dJDwfb+LFKFmCWZML+UxOoDc
hXSBW1VgJMoGYDSSt/sIViGEtPDkgXqSjFyHcFwttiOKN6pDwexXCR8PbdN68wld
oYw5Bvy7Nqr52QXXwl0o/YNIXYMPQRBPjhv355Z2J7APAladqrHjVuXczZnSGgtR
PLjWDfTrdq7CDD9+sxWlyewKVKYHRMVU89fGNOC/SLFzi9uMN3UX/kk+TB1PTo5W
3zCf7eDnzSDaGigWSaQI/V7QebAZbA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:39 2023 by rpki-client on console-ams.rpki-client.org