Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iZseLJ0PSzILvLdBJKsuR5ENnkc.roa
File: iZseLJ0PSzILvLdBJKsuR5ENnkc.roa (raw, json)
Hash identifier: C9QeySmmK/Jk/NzBVVBkO5DXPeGBMu/nNw8CmxyBLsE=
Subject key identifier: 89:9B:1E:2C:9D:0F:4B:32:0B:BC:B7:41:24:AB:2E:47:91:0D:9E:47
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AB2F8DEC7CAC0669FD3E4C331DAB94211
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iZseLJ0PSzILvLdBJKsuR5ENnkc.roa
Signing time: Wed 20 Sep 2023 14:22:48 +0000
ROA not before: Wed 20 Sep 2023 14:22:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213200
IP address blocks: 94.156.8.0/24 maxlen: 24
45.88.88.0/24 maxlen: 24
94.156.177.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:f8:de:c7:ca:c0:66:9f:d3:e4:c3:31:da:b9:42:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 20 14:22:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=899b1e2c9d0f4b320bbcb74124ab2e47910d9e47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:20:54:dd:33:7f:e6:80:82:ab:c7:4c:2b:ee:
aa:b0:72:5b:5d:30:28:2e:90:e0:b7:fc:ad:91:04:
3b:42:af:7e:d5:67:7d:5d:f1:36:b2:06:3b:9c:9e:
d7:01:c2:d5:b6:e6:02:d4:11:4f:17:90:eb:47:79:
fe:07:b7:cf:53:d4:0a:55:11:c8:45:d2:88:93:e3:
55:aa:d8:2a:eb:54:11:16:e8:fb:a0:77:d3:f8:02:
ae:76:76:a9:6f:69:63:12:0a:79:48:07:86:15:42:
96:6c:f9:49:22:18:a2:83:ab:53:05:b7:0e:eb:d6:
36:90:33:d7:64:eb:36:6a:6a:f4:de:4a:46:db:81:
30:69:07:8e:37:a1:90:a4:5f:a1:16:51:67:80:64:
9f:e2:c7:04:40:16:fc:34:f3:4c:a6:57:64:71:de:
72:a0:dd:46:4b:ca:c9:fb:ce:f6:01:db:d6:93:b8:
4d:0f:1c:33:5d:f8:1c:90:23:6f:45:58:c9:87:10:
dd:58:39:c8:f0:99:58:77:a8:e6:fe:6a:30:29:b5:
27:7b:7f:24:08:92:0b:44:98:bf:44:79:8f:39:21:
b9:4e:2b:b1:6d:42:05:b0:f6:63:dd:cd:b2:ae:14:
b5:86:0e:bc:54:f6:bc:01:8c:8d:c2:93:3b:59:33:
b4:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:9B:1E:2C:9D:0F:4B:32:0B:BC:B7:41:24:AB:2E:47:91:0D:9E:47
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iZseLJ0PSzILvLdBJKsuR5ENnkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.88.0/24
94.156.8.0/24
94.156.177.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:ce:08:47:59:e6:7a:a6:db:20:74:e5:29:cf:e1:b2:e9:e1:
0c:47:f1:83:b3:a9:59:e5:7b:c8:7c:82:78:a7:ed:db:f1:88:
9f:a4:72:c8:88:e5:06:f4:f0:3c:db:18:6c:b4:cf:ab:8f:c6:
f8:6a:a0:e6:29:c9:b0:d6:e0:92:57:4f:c6:8b:33:a4:42:e4:
d7:60:8d:49:66:4d:4b:d4:36:39:ad:9f:df:7b:69:c1:81:e3:
a8:6a:e5:fc:c7:2a:df:49:30:2f:53:36:39:1b:dc:12:1e:6f:
09:fe:94:43:b6:5c:59:a4:91:3a:55:cf:12:67:f2:a2:09:a3:
c8:ee:51:df:d1:f2:bd:ae:1f:7e:47:b6:74:de:79:f2:d6:f4:
b1:40:7a:40:03:48:29:d8:68:4c:96:eb:8f:b9:93:02:18:96:
bf:ff:86:02:62:ae:e8:ba:1e:29:ac:5e:8f:30:ba:f6:be:e2:
68:af:30:2e:ee:73:ea:50:7e:20:24:f5:38:9b:dd:68:bc:99:
fc:9b:78:67:b2:f1:0b:3a:70:64:06:c1:0e:c8:19:34:a3:bf:
3c:b9:7e:7c:f5:86:e0:88:38:00:7e:30:40:41:b2:bf:f0:3a:
ff:3d:c9:48:9d:ec:0a:98:26:55:2e:09:e5:9a:27:28:0a:82:
45:53:42:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYqy+N7HysBmn9PkwzHauUIRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTIwMTQyMjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTliMWUyYzlkMGY0YjMyMGJiY2I3NDEyNGFiMmU0NzkxMGQ5ZTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyBU3TN/5oCCq8dMK+6qsHJbXTAo
LpDgt/ytkQQ7Qq9+1Wd9XfE2sgY7nJ7XAcLVtuYC1BFPF5DrR3n+B7fPU9QKVRHI
RdKIk+NVqtgq61QRFuj7oHfT+AKudnapb2ljEgp5SAeGFUKWbPlJIhiig6tTBbcO
69Y2kDPXZOs2amr03kpG24EwaQeON6GQpF+hFlFngGSf4scEQBb8NPNMpldkcd5y
oN1GS8rJ+872AdvWk7hNDxwzXfgckCNvRVjJhxDdWDnI8JlYd6jm/mowKbUne38k
CJILRJi/RHmPOSG5TiuxbUIFsPZj3c2yrhS1hg68VPa8AYyNwpM7WTO0SQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFImbHiydD0syC7y3QSSrLkeRDZ5HMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaVpzZUxKMFBTeklMdkxkQkpLc3VSNUVObmtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALVhYAwQA
XpwIAwQAXpyxMA0GCSqGSIb3DQEBCwUAA4IBAQBLzghHWeZ6ptsgdOUpz+Gy6eEM
R/GDs6lZ5XvIfIJ4p+3b8YifpHLIiOUG9PA82xhstM+rj8b4aqDmKcmw1uCSV0/G
izOkQuTXYI1JZk1L1DY5rZ/fe2nBgeOoauX8xyrfSTAvUzY5G9wSHm8J/pRDtlxZ
pJE6Vc8SZ/KiCaPI7lHf0fK9rh9+R7Z03nny1vSxQHpAA0gp2GhMluuPuZMCGJa/
/4YCYq7ouh4prF6PMLr2vuJorzAu7nPqUH4gJPU4m91ovJn8m3hnsvELOnBkBsEO
yBk0o788uX589YbgiDgAfjBAQbK/8Dr/PclInewKmCZVLgnlmicoCoJFU0IK
-----END CERTIFICATE-----
Generated at Mon Sep 25 07:58:01 2023 by rpki-client on console-ams.rpki-client.org