Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iYObkA8TIL6tlMLSxL4-Cc4ALkA.roa
File: iYObkA8TIL6tlMLSxL4-Cc4ALkA.roa (raw, json)
Hash identifier: tSHBqO9gpTZga2OiagHqinVHRqKZjs24fh1Dm4R9KoE=
Subject key identifier: 89:83:9B:90:0F:13:20:BE:AD:94:C2:D2:C4:BE:3E:09:CE:00:2E:40
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01877908A5AA8D64ABA80F479F6054B54C97
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iYObkA8TIL6tlMLSxL4-Cc4ALkA.roa
Signing time: Thu 13 Apr 2023 05:13:42 +0000
ROA not before: Thu 13 Apr 2023 05:13:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
94.156.236.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:79:08:a5:aa:8d:64:ab:a8:0f:47:9f:60:54:b5:4c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 13 05:13:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89839b900f1320bead94c2d2c4be3e09ce002e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d4:3f:4d:c3:62:f7:68:b0:48:37:eb:73:6f:
a5:f4:45:76:d9:ca:7d:c6:05:7f:8a:ea:6d:06:28:
22:d5:df:12:60:79:e1:40:a1:fe:2d:b3:b1:aa:46:
b2:38:48:e6:f8:4b:26:63:9c:ec:3b:c8:cc:68:ca:
61:7b:eb:69:84:df:98:5d:13:83:e6:e1:b6:27:5b:
c3:f3:61:85:9c:fb:78:08:51:35:4e:3e:24:75:c0:
bc:68:71:44:56:7b:63:b6:d0:85:89:29:36:18:e6:
ff:1e:1b:48:71:b0:d7:b7:cd:bb:fb:60:cc:63:f1:
61:8e:ac:1a:bd:0c:09:61:9f:11:6e:ef:f2:ce:09:
d7:16:3c:ed:eb:a2:d6:f3:5b:9c:1a:23:f6:d6:69:
9e:fe:7a:49:a2:fc:65:7e:ff:8d:66:42:f3:df:b2:
91:a3:c7:9e:fc:09:3d:63:e5:4a:84:06:80:47:54:
cd:d9:85:8b:4c:47:57:26:8c:25:57:95:22:5e:aa:
d6:d3:3b:48:d5:5d:12:1e:db:c0:d7:ce:69:7a:54:
d4:b0:c7:c9:1e:a7:12:77:9b:c1:0e:a7:af:63:fd:
44:b1:c8:a6:56:3d:5c:f2:55:38:17:94:1c:5e:6b:
db:b5:31:75:ae:45:0b:02:68:a0:0f:6a:50:f8:ea:
56:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:9B:90:0F:13:20:BE:AD:94:C2:D2:C4:BE:3E:09:CE:00:2E:40
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iYObkA8TIL6tlMLSxL4-Cc4ALkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
94.156.236.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
40:9a:1b:57:e4:5a:2c:c6:fa:4a:ec:53:ac:ad:dd:bc:bb:1d:
c8:97:af:60:a6:b3:3c:b2:bb:82:25:dc:d8:5a:0a:48:3c:c0:
1c:c8:29:12:6f:83:67:9c:65:3b:c4:87:b5:d1:6c:f4:f3:7c:
5a:2d:bd:4d:6c:6e:77:d7:eb:5d:71:17:89:dc:62:32:65:6f:
34:b5:69:b9:f4:86:64:86:11:46:44:56:9d:2e:dc:c6:4b:5b:
32:89:a4:89:ae:f4:bc:17:14:cb:68:25:e2:1f:e9:79:37:36:
e9:83:3b:ec:5b:c2:97:00:ba:b3:83:d9:72:bc:6b:99:28:de:
9c:8b:f3:cc:79:a9:28:8b:2f:e9:41:87:43:cb:c2:9b:b9:2f:
2d:f3:d6:58:2b:31:a7:6e:4f:7e:b0:ca:f3:79:8d:29:c9:a5:
45:47:e0:e6:c8:fd:f8:39:d4:25:3b:1d:c4:d7:d4:ee:3a:1e:
d8:f2:92:41:54:c5:e0:59:80:10:3f:5d:6b:8f:85:19:ba:5f:
ca:19:4d:ff:cb:ee:80:10:e3:29:c4:86:8b:fd:1e:8b:b4:52:
82:02:94:22:ba:05:7e:3a:7b:aa:ff:84:38:8e:9d:3c:ae:9b:
71:15:5a:29:ae:e0:69:15:b6:e6:2e:d2:22:18:aa:e6:6f:e5:
72:4d:3d:f0
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYd5CKWqjWSrqA9Hn2BUtUyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDEzMDUxMzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgzOWI5MDBmMTMyMGJlYWQ5NGMyZDJjNGJlM2UwOWNlMDAyZTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAitQ/TcNi92iwSDfrc2+l9EV22cp9
xgV/iuptBigi1d8SYHnhQKH+LbOxqkayOEjm+EsmY5zsO8jMaMphe+tphN+YXROD
5uG2J1vD82GFnPt4CFE1Tj4kdcC8aHFEVntjttCFiSk2GOb/HhtIcbDXt827+2DM
Y/FhjqwavQwJYZ8Rbu/yzgnXFjzt66LW81ucGiP21mme/npJovxlfv+NZkLz37KR
o8ee/Ak9Y+VKhAaAR1TN2YWLTEdXJowlV5UiXqrW0ztI1V0SHtvA185pelTUsMfJ
HqcSd5vBDqevY/1EscimVj1c8lU4F5QcXmvbtTF1rkULAmigD2pQ+OpWHQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFImDm5APEyC+rZTC0sS+PgnOAC5AMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaVlPYmtBOFRJTDZ0bE1MU3hMNC1DYzRBTGtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAXpzsAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3
DQEBCwUAA4IBAQBAmhtX5FosxvpK7FOsrd28ux3Il69gprM8sruCJdzYWgpIPMAc
yCkSb4NnnGU7xIe10Wz083xaLb1NbG531+tdcReJ3GIyZW80tWm59IZkhhFGRFad
LtzGS1syiaSJrvS8FxTLaCXiH+l5NzbpgzvsW8KXALqzg9lyvGuZKN6ci/PMeako
iy/pQYdDy8KbuS8t89ZYKzGnbk9+sMrzeY0pyaVFR+DmyP34OdQlOx3E19TuOh7Y
8pJBVMXgWYAQP11rj4UZul/KGU3/y+6AEOMpxIaL/R6LtFKCApQiugV+Onuq/4Q4
jp08rptxFVopruBpFbbmLtIiGKrmb+VyTT3w
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:47 2023 by rpki-client on console-fra.rpki-client.org