Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfDCbpPfIv-UXvgfeY-hxiLE8-c.roa
File: hfDCbpPfIv-UXvgfeY-hxiLE8-c.roa (raw, json)
Hash identifier: Dz6UpUkyzWknY20eL5qY7KP3t3Yn7IvORvDY64H/8Rw=
Subject key identifier: 85:F0:C2:6E:93:DF:22:FF:94:5E:F8:1F:79:8F:A1:C6:22:C4:F3:E7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01889F20934E961FFAB9EB216C8BA38B3C60
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfDCbpPfIv-UXvgfeY-hxiLE8-c.roa
Signing time: Fri 09 Jun 2023 07:48:12 +0000
ROA not before: Fri 09 Jun 2023 07:48:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:9f:20:93:4e:96:1f:fa:b9:eb:21:6c:8b:a3:8b:3c:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jun 9 07:48:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85f0c26e93df22ff945ef81f798fa1c622c4f3e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:0f:47:6a:34:cb:ca:e8:99:7f:9c:6e:29:2f:
7a:5f:1a:3b:c1:d2:05:03:4b:35:6e:8b:7c:9c:24:
c4:28:ad:94:3f:dc:54:a9:3a:69:db:30:3b:50:0a:
74:71:2f:bd:8f:22:06:78:73:bd:0c:90:7a:40:91:
51:ca:d8:02:91:fd:92:6f:b3:b5:bf:9b:b2:8d:d3:
c0:94:7c:1f:b8:10:07:17:f5:76:51:6f:63:12:f5:
34:68:77:4b:5f:3b:95:79:a6:e6:08:37:16:dd:90:
6b:81:77:0a:5c:d4:04:04:cf:5b:68:55:cf:f5:f0:
da:d2:e1:5a:e3:71:7c:71:fd:b0:ab:78:8e:1b:a0:
78:60:96:4e:b8:a5:0a:b2:28:af:9d:da:a2:9e:2a:
68:22:8b:d1:ce:be:d7:06:a8:cf:3a:f9:3f:17:59:
cf:a4:c6:ed:bc:f1:d5:9f:b6:15:65:67:a7:81:d1:
ae:5e:a5:1a:9e:61:dd:60:b8:3d:1f:27:93:e0:19:
97:f9:1a:5d:ba:6d:7c:f8:c6:aa:30:d1:56:60:10:
66:b9:e4:e3:d7:70:37:9d:f4:54:f5:d0:74:bf:f6:
47:74:f0:97:3b:5f:0c:76:fd:71:19:ba:6d:bd:b3:
58:ed:72:8c:53:33:b7:f9:8b:dd:f0:75:3f:8c:01:
65:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F0:C2:6E:93:DF:22:FF:94:5E:F8:1F:79:8F:A1:C6:22:C4:F3:E7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/hfDCbpPfIv-UXvgfeY-hxiLE8-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
Signature Algorithm: sha256WithRSAEncryption
af:e3:54:f9:af:5e:2e:fd:c9:bb:34:d5:4d:82:e1:b1:ef:46:
07:b0:b0:47:8e:a8:c5:e8:18:3d:12:fe:89:a8:47:31:7a:4e:
85:d0:fd:6b:a6:18:65:08:66:64:b0:d8:20:2c:46:cf:f7:cb:
49:ec:2e:43:5d:6c:3a:1f:c9:72:fc:f8:55:5b:22:80:e1:fc:
8c:fe:0f:07:1c:2f:50:d0:32:ce:eb:65:08:7c:5d:82:77:74:
95:1f:55:f2:a1:b6:d2:9c:b7:3b:03:04:bb:6e:6b:83:78:01:
16:63:00:22:22:a1:dc:36:02:9f:1c:6b:84:b4:25:6e:25:60:
f4:d3:b2:51:64:df:be:7b:4c:43:93:29:9c:76:7d:f1:54:70:
37:f4:5a:bc:f1:eb:6c:e8:0c:8e:58:c6:3b:76:29:13:a4:2f:
83:5f:06:8f:c0:0c:d2:80:50:fa:8f:18:5a:e7:e8:71:c2:38:
69:7b:5b:49:5e:f3:d0:15:7b:26:83:50:c0:bc:65:ee:a0:f9:
61:7e:28:02:07:3d:f3:0e:46:fa:e0:f3:87:ac:86:f6:93:c8:
98:09:af:54:b4:03:d6:51:90:6d:60:4a:14:10:71:77:3f:b7:
30:3c:91:21:4b:00:66:84:84:94:37:71:5f:3e:8b:3a:1a:bd:
61:93:30:e8
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYifIJNOlh/6ueshbIujizxgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNjA5MDc0ODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWYwYzI2ZTkzZGYyMmZmOTQ1ZWY4MWY3OThmYTFjNjIyYzRmM2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvg9HajTLyuiZf5xuKS96Xxo7wdIF
A0s1bot8nCTEKK2UP9xUqTpp2zA7UAp0cS+9jyIGeHO9DJB6QJFRytgCkf2Sb7O1
v5uyjdPAlHwfuBAHF/V2UW9jEvU0aHdLXzuVeabmCDcW3ZBrgXcKXNQEBM9baFXP
9fDa0uFa43F8cf2wq3iOG6B4YJZOuKUKsiivndqinipoIovRzr7XBqjPOvk/F1nP
pMbtvPHVn7YVZWengdGuXqUanmHdYLg9HyeT4BmX+Rpdum18+MaqMNFWYBBmueTj
13A3nfRU9dB0v/ZHdPCXO18Mdv1xGbptvbNY7XKMUzO3+Yvd8HU/jAFlBwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIXwwm6T3yL/lF74H3mPocYixPPnMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaGZEQ2JwUGZJdi1VWHZnZmVZLWh4aUxFOC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZdZAwQB
XHfEAwQAXmd+MAwDBABemqEDBAJemqADBABenO8DBAGTTmQDBAKrFkgDBACy1+wD
BAK52FQDBAK52lQDBAC52okDBAC5234wDQYJKoZIhvcNAQELBQADggEBAK/jVPmv
Xi79ybs01U2C4bHvRgewsEeOqMXoGD0S/omoRzF6ToXQ/WumGGUIZmSw2CAsRs/3
y0nsLkNdbDofyXL8+FVbIoDh/Iz+DwccL1DQMs7rZQh8XYJ3dJUfVfKhttKctzsD
BLtua4N4ARZjACIiodw2Ap8ca4S0JW4lYPTTslFk3757TEOTKZx2ffFUcDf0Wrzx
62zoDI5Yxjt2KROkL4NfBo/ADNKAUPqPGFrn6HHCOGl7W0le89AVeyaDUMC8Ze6g
+WF+KAIHPfMORvrg84eshvaTyJgJr1S0A9ZRkG1gShQQcXc/tzA8kSFLAGaEhJQ3
cV8+izoavWGTMOg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:40 2023 by rpki-client on console-ams.rpki-client.org