Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h12IY8PFYPJBuH3Kgi_rB_L9khU.roa
File: h12IY8PFYPJBuH3Kgi_rB_L9khU.roa (raw, json)
Hash identifier: 7B7nxMfUszsnpkkaA5aE8qly88pJC0Kdzg3ALiEulhw=
Subject key identifier: 87:5D:88:63:C3:C5:60:F2:41:B8:7D:CA:82:2F:EB:07:F2:FD:92:15
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018BFC79CFB11C2AED7BF84BE113392BA8BE
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h12IY8PFYPJBuH3Kgi_rB_L9khU.roa
Signing time: Thu 23 Nov 2023 13:58:43 +0000
ROA not before: Thu 23 Nov 2023 13:58:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.156.78.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
87.121.220.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:fc:79:cf:b1:1c:2a:ed:7b:f8:4b:e1:13:39:2b:a8:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 23 13:58:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=875d8863c3c560f241b87dca822feb07f2fd9215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:5a:38:02:b0:3e:2a:52:11:3f:6a:02:65:61:
96:df:72:1b:5d:dc:8e:44:12:2b:96:05:39:98:9f:
8c:1b:ea:ef:e8:62:02:39:60:ee:71:99:05:c9:2a:
fa:55:fa:66:08:db:0a:f7:e1:ba:72:e7:84:2d:ff:
24:f9:14:36:41:d6:2e:2b:be:55:3e:52:8d:06:00:
d5:f1:c5:f0:64:ab:93:9f:dc:fb:15:51:c2:7b:55:
27:64:a4:94:32:9a:91:a9:97:30:84:56:9e:9a:58:
1b:00:13:87:e9:a2:42:7f:db:b8:d3:8c:09:d8:9b:
39:f1:67:dc:3a:2e:11:7b:96:96:a2:27:a1:4c:ea:
f5:d8:5a:66:8c:fb:45:af:31:d9:30:d8:78:f9:01:
32:91:44:e8:a0:ba:c8:36:1f:b1:bc:32:04:1d:f0:
18:99:0c:53:98:09:74:77:7f:67:27:33:48:94:36:
eb:85:1b:5f:8c:2c:1b:32:d3:e3:dc:5a:43:77:c4:
71:75:8f:68:09:8a:af:1f:5f:4c:39:ec:b2:66:c4:
88:dc:6e:45:f5:10:7b:7d:de:1c:9e:b5:8a:36:b8:
b1:a5:18:82:c0:e0:43:8b:42:52:3d:fb:7f:4f:7a:
d6:3a:c0:a8:38:57:31:7e:50:5b:5d:48:ca:fd:33:
35:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5D:88:63:C3:C5:60:F2:41:B8:7D:CA:82:2F:EB:07:F2:FD:92:15
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/h12IY8PFYPJBuH3Kgi_rB_L9khU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.220.0/23
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.78.0/24
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.246.223.0/24
185.252.176.0/24
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:1b:3d:b5:3d:76:7b:a3:4e:99:d0:85:8c:fc:4b:34:0c:45:
5f:3c:59:e2:ca:e7:62:5d:c5:e0:25:7c:b2:4a:1a:de:51:64:
df:aa:3d:5f:1e:69:19:2b:45:f1:ea:63:9a:2e:28:b9:d8:ae:
ff:36:3c:17:a9:4e:65:10:2f:8f:60:be:5b:10:b4:3f:36:0f:
31:3a:16:a5:c8:d4:dc:12:77:c0:7d:6c:df:bf:5e:59:f4:5d:
8f:c7:01:27:5d:d4:7e:62:fe:03:b3:ba:18:a8:7a:88:fe:19:
aa:40:5b:61:75:5a:55:1d:3e:16:fa:ad:70:0e:6e:00:c5:e5:
0c:30:11:46:a3:f5:ee:c2:07:6c:45:b0:ff:60:6c:1a:e0:fd:
2a:00:aa:c6:ba:d6:a8:d3:7a:87:a3:28:7a:87:79:a1:6b:4e:
23:7f:87:d7:4c:e4:89:17:aa:b5:f3:f1:2d:0b:6f:9d:50:be:
c2:66:4c:5d:10:2e:70:99:9b:7c:8a:b1:bb:44:a0:b3:6c:6e:
cd:53:77:f9:76:f1:fe:bc:3a:69:b9:1d:39:5f:6e:2d:5c:c3:
53:19:e9:24:13:29:e8:a6:b3:4c:37:a3:ea:ba:4d:a5:7f:d0:
77:63:69:34:97:f0:59:c4:09:9f:a9:64:8b:d4:7c:fc:2f:80:
41:67:1b:34
-----BEGIN CERTIFICATE-----
MIIFijCCBHKgAwIBAgISAYv8ec+xHCrte/hL4RM5K6i+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMTIzMTM1ODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVkODg2M2MzYzU2MGYyNDFiODdkY2E4MjJmZWIwN2YyZmQ5MjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Fo4ArA+KlIRP2oCZWGW33IbXdyO
RBIrlgU5mJ+MG+rv6GICOWDucZkFySr6VfpmCNsK9+G6cueELf8k+RQ2QdYuK75V
PlKNBgDV8cXwZKuTn9z7FVHCe1UnZKSUMpqRqZcwhFaemlgbABOH6aJCf9u404wJ
2Js58WfcOi4Re5aWoiehTOr12FpmjPtFrzHZMNh4+QEykUTooLrINh+xvDIEHfAY
mQxTmAl0d39nJzNIlDbrhRtfjCwbMtPj3FpDd8RxdY9oCYqvH19MOeyyZsSI3G5F
9RB7fd4cnrWKNrixpRiCwOBDi0JSPft/T3rWOsCoOFcxflBbXUjK/TM1dQIDAQAB
o4ICljCCApIwHQYDVR0OBBYEFIddiGPDxWDyQbh9yoIv6wfy/ZIVMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaDEySVk4UEZZUEpCdUgzS2dpX3JCX0w5a2hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGrBggrBgEFBQcBBwEB/wSBmzCBmDCBlQQCAAEwgY4DBAAt
WFoDBAAtl1kDBABXeFcDBABXeS0DBAFXedwDBAFcd8QDBABde3QwDAMEAF6aoQME
Al6aoAMEAF6cTgMEAF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufbfAwQAufywAwQAwqmuMA0GCSqG
SIb3DQEBCwUAA4IBAQB6Gz21PXZ7o06Z0IWM/Es0DEVfPFniyudiXcXgJXyyShre
UWTfqj1fHmkZK0Xx6mOaLii52K7/NjwXqU5lEC+PYL5bELQ/Ng8xOhalyNTcEnfA
fWzfv15Z9F2PxwEnXdR+Yv4Ds7oYqHqI/hmqQFthdVpVHT4W+q1wDm4AxeUMMBFG
o/XuwgdsRbD/YGwa4P0qAKrGutao03qHoyh6h3mha04jf4fXTOSJF6q18/EtC2+d
UL7CZkxdEC5wmZt8irG7RKCzbG7NU3f5dvH+vDppuR05X24tXMNTGekkEynoprNM
N6Pquk2lf9B3Y2k0l/BZxAmfqWSL1Hz8L4BBZxs0
-----END CERTIFICATE-----
Generated at Mon Nov 27 10:57:40 2023 by rpki-client on console-ams.rpki-client.org