Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erXZyUkb9BRZlx9KMxNnFBYkUkk.roa
File: erXZyUkb9BRZlx9KMxNnFBYkUkk.roa (raw, json)
Hash identifier: 2oYC55QbD+OKoJD5se4564NyhtGnL60UMY2888NnK3o=
Subject key identifier: 7A:B5:D9:C9:49:1B:F4:14:59:97:1F:4A:33:13:67:14:16:24:52:49
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C19EF98497F9B8E4059D9D4E40461E6FA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erXZyUkb9BRZlx9KMxNnFBYkUkk.roa
Signing time: Wed 29 Nov 2023 07:16:21 +0000
ROA not before: Wed 29 Nov 2023 07:16:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:19:ef:98:49:7f:9b:8e:40:59:d9:d4:e4:04:61:e6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 29 07:16:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7ab5d9c9491bf41459971f4a3313671416245249
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:28:a1:ac:e2:42:83:9f:9a:a5:bb:11:b3:2c:
a1:b9:b9:50:b3:08:6f:4f:1c:88:1b:82:b7:d7:af:
68:63:c3:45:6a:70:c3:2c:9e:62:66:b4:12:b1:68:
89:95:6d:eb:a5:8f:e3:42:de:aa:66:97:51:15:1d:
66:c7:9d:5b:71:39:9e:f8:37:64:c2:6c:fb:61:26:
00:e3:93:bc:03:d8:bb:f8:60:f0:e6:ef:a4:f7:ca:
c1:42:66:db:27:15:1c:a1:e0:6c:58:44:bd:45:51:
17:80:73:05:86:4e:65:d2:32:f9:27:e0:d0:f5:ee:
61:3f:a8:a6:8b:fc:92:ef:e8:f6:f5:02:fb:9b:f5:
43:b1:55:af:99:74:06:a9:e5:68:ef:4a:fa:98:88:
8a:97:cd:c6:77:e2:b0:68:e8:e0:1d:a3:91:33:7d:
2a:2c:41:fa:8d:58:b9:77:6d:78:f0:e1:db:1a:78:
da:49:0f:a9:ce:0e:90:aa:6d:7f:58:71:37:09:13:
a7:d5:a6:89:ed:d3:6d:31:0b:1a:03:b0:34:90:ff:
35:c6:3c:4f:f3:54:cc:1d:42:20:f2:2c:e4:a2:e1:
77:61:de:8c:62:53:99:3a:74:48:37:02:07:f5:2e:
1b:1b:b6:2e:93:12:0d:58:c4:c4:4f:13:f9:0c:e0:
9a:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B5:D9:C9:49:1B:F4:14:59:97:1F:4A:33:13:67:14:16:24:52:49
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/erXZyUkb9BRZlx9KMxNnFBYkUkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:d5:19:3f:03:33:3f:0f:ef:de:5a:88:cb:94:dd:cd:ad:69:
d0:b0:75:03:bf:df:3f:9c:ea:ca:03:09:57:bb:ba:6c:33:6b:
be:86:c5:e1:e0:a3:25:4d:65:b9:26:5f:59:cb:9d:6e:db:de:
79:19:71:0d:e6:2e:95:8e:74:52:a1:33:de:56:b5:85:3b:bd:
7a:04:a3:55:0c:e2:dc:c3:47:44:43:18:f1:23:f8:77:b7:be:
1b:a1:52:02:94:5d:64:4c:de:4d:02:34:64:3b:bb:bc:eb:f6:
1d:dc:7f:c9:bc:d0:42:bc:9f:02:a1:b2:40:0a:41:99:4d:80:
3a:24:91:f9:f9:3f:1c:5b:db:0a:60:59:a1:1d:d1:da:80:29:
28:07:3e:3a:40:e2:6b:d7:31:03:90:5b:15:de:c3:e7:18:78:
4c:5f:64:a9:af:b9:9a:47:c2:98:f5:5f:31:73:1f:e0:b2:a7:
52:0f:a9:c4:43:a6:55:0c:93:55:0e:66:a9:10:78:6f:97:56:
03:4a:83:e8:92:f4:d5:bc:67:31:4f:83:91:a4:b9:e0:84:32:
d2:62:41:6e:d0:80:3d:91:6b:d1:29:1b:82:40:bf:4d:4b:df:
44:73:e2:68:1c:7b:82:59:d9:37:4f:d6:ae:00:71:51:50:cf:
8e:62:dc:cc
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYwZ75hJf5uOQFnZ1OQEYeb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTI5MDcxNjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWI1ZDljOTQ5MWJmNDE0NTk5NzFmNGEzMzEzNjcxNDE2MjQ1MjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiihrOJCg5+apbsRsyyhublQswhv
TxyIG4K3169oY8NFanDDLJ5iZrQSsWiJlW3rpY/jQt6qZpdRFR1mx51bcTme+Ddk
wmz7YSYA45O8A9i7+GDw5u+k98rBQmbbJxUcoeBsWES9RVEXgHMFhk5l0jL5J+DQ
9e5hP6imi/yS7+j29QL7m/VDsVWvmXQGqeVo70r6mIiKl83Gd+KwaOjgHaORM30q
LEH6jVi5d2148OHbGnjaSQ+pzg6Qqm1/WHE3CROn1aaJ7dNtMQsaA7A0kP81xjxP
81TMHUIg8izkouF3Yd6MYlOZOnRINwIH9S4bG7YukxINWMTETxP5DOCaRwIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFHq12clJG/QUWZcfSjMTZxQWJFJJMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZXJYWnlVa2I5QlJabHg5S014Tm5GQllrVWtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
WFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufbfAwQAufywAwQAwqmuMA0GCSqG
SIb3DQEBCwUAA4IBAQBt1Rk/AzM/D+/eWojLlN3NrWnQsHUDv98/nOrKAwlXu7ps
M2u+hsXh4KMlTWW5Jl9Zy51u2955GXEN5i6VjnRSoTPeVrWFO716BKNVDOLcw0dE
QxjxI/h3t74boVIClF1kTN5NAjRkO7u86/Yd3H/JvNBCvJ8CobJACkGZTYA6JJH5
+T8cW9sKYFmhHdHagCkoBz46QOJr1zEDkFsV3sPnGHhMX2Spr7maR8KY9V8xcx/g
sqdSD6nEQ6ZVDJNVDmapEHhvl1YDSoPokvTVvGcxT4ORpLnghDLSYkFu0IA9kWvR
KRuCQL9NS99Ec+JoHHuCWdk3T9auAHFRUM+OYtzM
-----END CERTIFICATE-----
Generated at Wed Nov 29 11:58:45 2023 by rpki-client on console-ams.rpki-client.org