Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gQg7jLBGP7GQb_3taXhp0aXwgxs.roa
File: gQg7jLBGP7GQb_3taXhp0aXwgxs.roa (raw, json)
Hash identifier: YU2FgQAs7/DxL1WloCWmXcnHPuvl0BhKfQPHotRVrdk=
Subject key identifier: 81:08:3B:8C:B0:46:3F:B1:90:6F:FD:ED:69:78:69:D1:A5:F0:83:1B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CF31E09D53614648F9FD1A8CF54DB8E0D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gQg7jLBGP7GQb_3taXhp0aXwgxs.roa
Signing time: Wed 10 Jan 2024 11:24:41 +0000
ROA not before: Wed 10 Jan 2024 11:24:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 08:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:1e:09:d5:36:14:64:8f:9f:d1:a8:cf:54:db:8e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 10 11:24:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81083b8cb0463fb1906ffded697869d1a5f0831b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:72:e7:c7:3f:47:63:52:59:ac:90:2e:46:
28:88:95:e8:25:60:df:dd:4b:d9:03:7c:56:96:c3:
98:82:9f:8c:28:36:0d:3e:de:89:a3:b2:d7:c5:a3:
93:0b:63:77:89:0b:9a:08:1c:bb:99:26:42:c6:56:
c4:39:90:6f:28:76:ea:29:14:76:dd:3c:ae:ca:dd:
74:56:08:03:cb:95:e3:a3:3b:b0:23:70:82:06:af:
bf:86:ed:c7:e5:fe:22:ec:2f:4f:7e:db:4b:ba:8d:
78:ca:93:79:ad:e2:37:e5:7c:48:59:3b:70:97:80:
0a:e2:b7:9d:f9:69:b3:90:29:b3:db:e3:f2:97:e9:
a3:09:9f:10:9a:79:bd:a5:65:72:69:30:f9:fa:7b:
f3:cd:90:ed:bc:29:0b:34:67:68:e1:11:81:e9:5c:
f2:7d:9b:47:f6:65:ff:76:26:75:20:1d:68:ae:23:
ef:fb:99:92:37:60:6a:34:83:7a:f0:5e:e2:98:93:
ea:6c:6c:10:c2:cf:55:5e:db:bf:8c:a2:8d:dd:cb:
da:4c:36:72:24:a9:b4:ca:da:f8:a7:7f:d1:c1:12:
3d:73:de:97:d4:2f:15:02:f4:71:d0:02:98:fd:ce:
d4:a1:2c:75:50:25:8d:c4:36:b3:6c:bb:2e:d2:53:
fe:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:08:3B:8C:B0:46:3F:B1:90:6F:FD:ED:69:78:69:D1:A5:F0:83:1B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/gQg7jLBGP7GQb_3taXhp0aXwgxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.226.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.252.176.0/24
194.55.186.0/24
Signature Algorithm: sha256WithRSAEncryption
67:de:27:50:77:dd:76:c8:ad:65:56:b1:54:f5:c5:b4:22:72:
de:b4:48:13:9c:a2:34:d4:78:49:fc:2e:4a:df:ce:d0:b5:4a:
fe:1c:94:87:ad:1e:f2:b5:25:7e:ad:be:9f:62:f3:ad:db:9c:
2d:29:1f:43:70:15:41:5c:46:0d:5b:45:76:66:73:bc:19:05:
a4:f3:21:76:a0:26:00:e6:87:e2:f9:28:db:57:f7:bd:8b:ec:
41:7a:fe:5d:95:f4:26:3b:ea:76:cc:c0:e8:ac:1d:08:56:11:
98:ef:ff:f1:07:07:e5:c5:2c:64:30:c1:a2:0a:dd:8b:ae:00:
90:1d:65:66:8c:85:73:2f:5c:1d:a1:56:ee:31:82:1a:01:7e:
75:be:31:a4:b4:09:81:4b:f5:1d:d1:13:39:24:6a:51:36:4e:
ff:62:f2:c4:c6:c3:a6:0b:d6:fe:65:55:72:15:c4:98:32:7e:
7e:b9:bc:21:10:bd:79:54:c6:19:32:db:7c:42:80:28:26:d0:
36:3d:80:cc:29:b1:e0:7f:83:3f:10:af:5e:a4:6b:79:f4:ff:
0b:ad:1d:19:4c:6c:76:13:bb:90:0b:cc:07:d3:e9:3d:db:ae:
7a:f7:5c:be:00:df:be:b6:d8:35:0c:2d:f2:61:39:cb:c2:fc:
02:21:62:c9
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYzzHgnVNhRkj5/RqM9U244NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTEwMTEyNDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTA4M2I4Y2IwNDYzZmIxOTA2ZmZkZWQ2OTc4NjlkMWE1ZjA4MzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvtdy58c/R2NSWayQLkYoiJXoJWDf
3UvZA3xWlsOYgp+MKDYNPt6Jo7LXxaOTC2N3iQuaCBy7mSZCxlbEOZBvKHbqKRR2
3Tyuyt10VggDy5XjozuwI3CCBq+/hu3H5f4i7C9PfttLuo14ypN5reI35XxIWTtw
l4AK4red+WmzkCmz2+Pyl+mjCZ8Qmnm9pWVyaTD5+nvzzZDtvCkLNGdo4RGB6Vzy
fZtH9mX/diZ1IB1oriPv+5mSN2BqNIN68F7imJPqbGwQws9VXtu/jKKN3cvaTDZy
JKm0ytr4p3/RwRI9c96X1C8VAvRx0AKY/c7UoSx1UCWNxDazbLsu0lP++wIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFIEIO4ywRj+xkG/97Wl4adGl8IMbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvZ1FnN2pMQkdQN0dRYl8zdGFYaHAwYVh3Z3hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
VFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QwDAMEAF6aoQME
Al6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfi
AwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufywAwQAwje6MA0GCSqG
SIb3DQEBCwUAA4IBAQBn3idQd912yK1lVrFU9cW0InLetEgTnKI01HhJ/C5K387Q
tUr+HJSHrR7ytSV+rb6fYvOt25wtKR9DcBVBXEYNW0V2ZnO8GQWk8yF2oCYA5ofi
+SjbV/e9i+xBev5dlfQmO+p2zMDorB0IVhGY7//xBwflxSxkMMGiCt2LrgCQHWVm
jIVzL1wdoVbuMYIaAX51vjGktAmBS/Ud0RM5JGpRNk7/YvLExsOmC9b+ZVVyFcSY
Mn5+ubwhEL15VMYZMtt8QoAoJtA2PYDMKbHgf4M/EK9epGt59P8LrR0ZTGx2E7uQ
C8wH0+k9265691y+AN++ttg1DC3yYTnLwvwCIWLJ
-----END CERTIFICATE-----
Generated at Mon Jan 15 11:45:09 2024 by rpki-client on console-ams.rpki-client.org