Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f0BYPQQpbxlFplUirxAflJRZ3_8.roa
File: f0BYPQQpbxlFplUirxAflJRZ3_8.roa (raw, json)
Hash identifier: 73/J1ci875NMKEB8pWFsH02rU2BVh2k4Hc0cKPGeA+Y=
Subject key identifier: 7F:40:58:3D:04:29:6F:19:45:A6:55:22:AF:10:1F:94:94:59:DF:FF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CB499F79BEF2BCD38ED193F77F0A357A8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f0BYPQQpbxlFplUirxAflJRZ3_8.roa
Signing time: Fri 29 Dec 2023 08:03:58 +0000
ROA not before: Fri 29 Dec 2023 08:03:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207459
IP address blocks: 45.12.255.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
193.149.29.0/24 maxlen: 24
193.149.30.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.149.31.0/24 maxlen: 24
193.149.28.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
212.115.41.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
194.180.36.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:b4:99:f7:9b:ef:2b:cd:38:ed:19:3f:77:f0:a3:57:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 29 08:03:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f40583d04296f1945a65522af101f949459dfff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:02:75:2c:95:c0:c5:8f:8f:c8:94:86:c5:bd:
a0:92:a4:21:cd:5a:e4:aa:b9:46:58:a0:80:62:9e:
4b:ec:8d:94:c9:b1:2f:4b:ea:0b:10:16:6b:1a:ae:
ca:ba:40:41:7d:ca:82:1d:14:61:17:2f:6e:c3:f7:
4a:9b:0d:01:f0:f3:6a:7f:bc:23:a3:6b:70:78:a6:
b3:c9:66:47:ad:2a:bf:51:9d:01:d2:fd:eb:4f:a2:
a3:89:fe:18:a9:51:3d:5d:32:9c:52:38:3e:38:ca:
8e:d5:8f:0a:a5:fa:b2:25:04:b0:ac:48:4e:f0:6c:
79:1d:5d:8f:f0:f3:43:81:83:01:81:22:0f:5d:d1:
b1:0a:fc:62:d8:fb:d1:5b:73:50:5d:24:4d:df:06:
a9:ec:42:80:5a:9e:ff:5c:59:19:e6:23:b8:46:eb:
ae:82:ea:86:ef:30:d9:ed:8f:c5:2d:82:86:7c:7f:
ed:32:a6:73:37:f7:5b:30:aa:40:d0:41:ee:6b:73:
2c:53:40:8d:6e:cc:14:b1:93:ff:4c:69:73:93:86:
a7:31:55:c1:00:17:c3:6d:89:5a:36:f2:f7:43:2e:
14:87:e6:09:75:1f:98:87:a2:ef:02:43:41:d8:9a:
9c:b8:e0:45:4a:d8:ac:0f:c1:75:37:6b:98:71:55:
92:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:40:58:3D:04:29:6F:19:45:A6:55:22:AF:10:1F:94:94:59:DF:FF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/f0BYPQQpbxlFplUirxAflJRZ3_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.93.0/24
45.12.255.0/24
45.66.228.0/24
45.151.90.0/24
79.110.50.0/24
87.121.105.0/24
94.156.176.0/24
185.226.175.0/24
193.37.47.0/24
193.149.28.0/22
194.180.36.0/24
212.115.41.0/24
Signature Algorithm: sha256WithRSAEncryption
11:dc:19:22:68:6b:1e:b0:12:62:79:06:48:85:93:fc:3c:42:
c5:fa:1e:73:7c:e0:64:2d:e0:7f:14:74:eb:76:a3:20:81:f1:
7c:5e:98:66:47:6e:e1:39:a0:32:7e:db:25:70:1b:13:62:71:
1a:94:fe:6e:07:2c:7e:da:b3:06:8c:f7:e1:4b:59:33:b4:68:
c5:54:1c:da:98:e0:4a:27:4f:64:85:ca:62:30:6a:39:2d:62:
b2:c6:e4:47:66:29:31:fd:76:68:76:a8:86:41:0b:e4:6f:37:
9d:86:34:2a:d1:f4:85:07:11:de:44:5f:83:34:01:ba:fc:3e:
94:1d:42:8c:33:25:46:ee:58:06:0f:d9:3a:83:1b:fa:30:be:
b3:56:38:b3:56:f3:62:17:a4:cd:7c:5c:b3:c9:1c:17:c7:f8:
99:c0:58:78:f2:4b:a2:07:07:df:77:f3:92:15:e1:3a:50:d0:
59:09:6c:3f:1f:b0:19:cc:58:16:b1:1a:6d:9d:1c:ae:f2:1d:
63:ad:ca:2c:d7:2e:38:35:c1:3a:f3:a7:31:e1:dd:13:99:b7:
14:a3:1a:f4:c4:45:d8:49:24:ad:99:bf:db:5b:7f:ab:fc:05:
35:5b:e6:28:b5:b5:d7:4b:b0:32:8f:cf:aa:9f:04:0c:5a:29:
7f:4e:64:1b
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYy0mfeb7yvNOO0ZP3fwo1eoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjI5MDgwMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjQwNTgzZDA0Mjk2ZjE5NDVhNjU1MjJhZjEwMWY5NDk0NTlkZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwJ1LJXAxY+PyJSGxb2gkqQhzVrk
qrlGWKCAYp5L7I2UybEvS+oLEBZrGq7KukBBfcqCHRRhFy9uw/dKmw0B8PNqf7wj
o2tweKazyWZHrSq/UZ0B0v3rT6Kjif4YqVE9XTKcUjg+OMqO1Y8KpfqyJQSwrEhO
8Gx5HV2P8PNDgYMBgSIPXdGxCvxi2PvRW3NQXSRN3wap7EKAWp7/XFkZ5iO4Ruuu
guqG7zDZ7Y/FLYKGfH/tMqZzN/dbMKpA0EHua3MsU0CNbswUsZP/TGlzk4anMVXB
ABfDbYlaNvL3Qy4Uh+YJdR+Yh6LvAkNB2JqcuOBFStisD8F1N2uYcVWSEQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFH9AWD0EKW8ZRaZVIq8QH5SUWd//MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZjBCWVBRUXBieGxGcGxVaXJ4QWZsSlJaM184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQALQhdAwQA
LQz/AwQALULkAwQALZdaAwQAT24yAwQAV3lpAwQAXpywAwQAueKvAwQAwSUvAwQC
wZUcAwQAwrQkAwQA1HMpMA0GCSqGSIb3DQEBCwUAA4IBAQAR3BkiaGsesBJieQZI
hZP8PELF+h5zfOBkLeB/FHTrdqMggfF8XphmR27hOaAyftslcBsTYnEalP5uByx+
2rMGjPfhS1kztGjFVBzamOBKJ09khcpiMGo5LWKyxuRHZikx/XZodqiGQQvkbzed
hjQq0fSFBxHeRF+DNAG6/D6UHUKMMyVG7lgGD9k6gxv6ML6zVjizVvNiF6TNfFyz
yRwXx/iZwFh48kuiBwffd/OSFeE6UNBZCWw/H7AZzFgWsRptnRyu8h1jrcos1y44
NcE686cx4d0TmbcUoxr0xEXYSSStmb/bW3+r/AU1W+YotbXXS7Ayj8+qnwQMWil/
TmQb
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:12 2024 by rpki-client on console-ams.rpki-client.org