Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/im054CG-8kj21KZDiVii_CDSb7Y.roa
File: im054CG-8kj21KZDiVii_CDSb7Y.roa (raw, json)
Hash identifier: qHKJE9P4j6ZtSoqQJCxW3t2CZloWcIf3kRVKzsZiWjc=
Subject key identifier: 8A:6D:39:E0:21:BE:F2:48:F6:D4:A6:43:89:58:A2:FC:20:D2:6F:B6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C57B4403853D8EBF3FBAED618B6C52A0A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/im054CG-8kj21KZDiVii_CDSb7Y.roa
Signing time: Mon 11 Dec 2023 07:07:59 +0000
ROA not before: Mon 11 Dec 2023 07:07:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50738
IP address blocks: 87.121.124.0/23 maxlen: 24
171.22.31.0/24 maxlen: 24
81.161.239.0/24 maxlen: 24
91.200.192.0/22 maxlen: 24
94.156.250.0/24 maxlen: 24
94.156.248.0/24 maxlen: 24
87.121.162.0/24 maxlen: 24
147.78.100.0/23 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.129.86.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:b4:40:38:53:d8:eb:f3:fb:ae:d6:18:b6:c5:2a:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 11 07:07:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a6d39e021bef248f6d4a6438958a2fc20d26fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:4b:d9:7b:e9:a2:a8:6f:5e:ef:6d:ea:f8:8b:
53:f7:77:9f:f7:90:67:62:ce:7f:98:ec:85:02:9c:
fe:80:cb:75:fd:aa:d3:e0:b4:2c:ce:58:48:06:49:
29:f0:e1:de:2a:06:20:5e:26:d4:67:34:25:1b:8e:
5c:bd:8d:e3:04:72:a3:b3:cf:8e:d6:93:53:55:4a:
7c:f0:ff:32:3a:be:db:fc:ec:c7:fb:88:24:3e:90:
11:34:46:b2:3d:c8:16:76:3b:82:90:da:a5:68:10:
99:c3:fd:5e:53:6a:12:7b:67:73:cb:7d:76:8a:8a:
1f:24:f2:d8:b3:d2:38:4e:66:3c:9f:0e:42:f8:0f:
bc:4b:9b:7a:7f:a7:f7:6c:7c:e0:88:58:82:c1:96:
85:d3:a4:54:83:c2:de:3f:2e:2d:78:60:43:a9:0f:
b9:c4:ff:64:71:1b:e3:85:0f:28:af:6d:98:84:6c:
48:dc:bc:dc:3a:2b:27:cc:39:e4:c3:5b:8c:6b:96:
f3:6b:ab:8d:53:0a:05:7f:89:97:99:c1:a6:60:18:
0c:59:46:f5:a8:5d:20:83:ad:67:64:b7:f2:6f:49:
a2:8d:b3:d2:a0:79:a4:14:db:d1:f3:91:b8:cb:31:
16:76:16:98:98:0c:30:41:be:ad:3d:bd:02:7c:83:
69:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:6D:39:E0:21:BE:F2:48:F6:D4:A6:43:89:58:A2:FC:20:D2:6F:B6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/im054CG-8kj21KZDiVii_CDSb7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/24
45.129.84.0/24
45.129.86.0/24
45.141.158.0/24
79.110.61.0/24
81.161.239.0/24
83.219.97.0/24
87.121.124.0/23
87.121.162.0/24
91.200.192.0/22
92.249.48.0/24
94.154.172.0/24
94.156.248.0/24
94.156.250.0/24
147.78.100.0/23
171.22.17.0-171.22.18.255
171.22.31.0/24
193.25.216.0/24
193.35.19.0/24
Signature Algorithm: sha256WithRSAEncryption
51:21:1e:64:67:a4:da:8c:65:c1:44:df:c5:d8:0f:33:02:a2:
40:20:00:dc:66:45:32:6f:d6:1b:65:94:75:4c:75:d0:e7:91:
e4:b6:a0:2b:e8:df:a7:28:8a:8c:e9:67:4a:e5:6f:d1:f9:2f:
13:ab:63:41:eb:65:66:b9:1a:c4:10:b6:26:22:00:bc:8d:43:
3d:2c:8b:e2:79:e7:18:7d:ae:7f:d3:40:c5:86:14:43:49:82:
37:5e:69:9f:8d:fb:61:18:77:f7:03:db:33:67:e5:5e:ca:91:
0c:a3:a6:41:f8:49:4a:c6:1f:64:54:1d:dc:73:24:08:87:ec:
fe:58:4f:c6:b6:a6:0b:d2:10:39:82:25:a4:70:43:d7:75:14:
60:96:95:95:18:20:f8:d9:5f:d2:9f:41:58:7b:97:63:4d:65:
1d:05:ed:9e:9c:f4:f4:23:09:b3:7a:27:f6:a6:79:20:d3:ac:
91:cb:bf:9c:bf:81:da:cd:ed:3f:8d:86:83:8d:c4:a4:80:0f:
21:e2:46:57:15:2d:4a:a6:97:d2:a9:28:40:1a:d2:b7:f4:44:
42:58:d6:3c:6d:3e:b4:a7:ec:85:08:70:67:7c:e0:16:22:04:
a4:86:c4:d0:5b:ff:4e:7a:5c:6e:6a:b2:b2:c1:7d:69:f9:97:
55:3e:71:de
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAYxXtEA4U9jr8/uu1hi2xSoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjExMDcwNzU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTZkMzllMDIxYmVmMjQ4ZjZkNGE2NDM4OTU4YTJmYzIwZDI2ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjEvZe+miqG9e723q+ItT93ef95Bn
Ys5/mOyFApz+gMt1/arT4LQszlhIBkkp8OHeKgYgXibUZzQlG45cvY3jBHKjs8+O
1pNTVUp88P8yOr7b/OzH+4gkPpARNEayPcgWdjuCkNqlaBCZw/1eU2oSe2dzy312
ioofJPLYs9I4TmY8nw5C+A+8S5t6f6f3bHzgiFiCwZaF06RUg8LePy4teGBDqQ+5
xP9kcRvjhQ8or22YhGxI3LzcOisnzDnkw1uMa5bza6uNUwoFf4mXmcGmYBgMWUb1
qF0gg61nZLfyb0mijbPSoHmkFNvR85G4yzEWdhaYmAwwQb6tPb0CfINp8QIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFIptOeAhvvJI9tSmQ4lYovwg0m+2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaW0wNTRDRy04a2oyMUtaRGlWaWlfQ0RTYjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEACWL
ggMEAC2BVAMEAC2BVgMEAC2NngMEAE9uPQMEAFGh7wMEAFPbYQMEAVd5fAMEAFd5
ogMEAlvIwAMEAFz5MAMEAF6arAMEAF6c+AMEAF6c+gMEAZNOZDAMAwQAqxYRAwQA
qxYSAwQAqxYfAwQAwRnYAwQAwSMTMA0GCSqGSIb3DQEBCwUAA4IBAQBRIR5kZ6Ta
jGXBRN/F2A8zAqJAIADcZkUyb9YbZZR1THXQ55HktqAr6N+nKIqM6WdK5W/R+S8T
q2NB62VmuRrEELYmIgC8jUM9LIvieecYfa5/00DFhhRDSYI3XmmfjfthGHf3A9sz
Z+VeypEMo6ZB+ElKxh9kVB3ccyQIh+z+WE/GtqYL0hA5giWkcEPXdRRglpWVGCD4
2V/Sn0FYe5djTWUdBe2enPT0Iwmzeif2pnkg06yRy7+cv4Haze0/jYaDjcSkgA8h
4kZXFS1KppfSqShAGtK39ERCWNY8bT60p+yFCHBnfOAWIgSkhsTQW/9OelxuarKy
wX1p+ZdVPnHe
-----END CERTIFICATE-----
Generated at Mon Dec 18 08:40:24 2023 by rpki-client on console-ams.rpki-client.org