Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7-mKL1TJh7FD2QpUjFUF9_OztY.roa
File: k7-mKL1TJh7FD2QpUjFUF9_OztY.roa (raw, json)
Hash identifier: QpZyUxmg23GoRDiLx6RBK/EWSl6J/YgpNJGxCxFJHEw=
Subject key identifier: 93:BF:A6:28:BD:53:26:1E:C5:0F:64:29:52:31:54:17:DF:CE:CE:D6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018770C2D43EDC81DE39F774BCB4CF5997B5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7-mKL1TJh7FD2QpUjFUF9_OztY.roa
Signing time: Tue 11 Apr 2023 14:40:29 +0000
ROA not before: Tue 11 Apr 2023 14:40:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206003
IP address blocks: 81.161.239.0/24 maxlen: 24
194.180.39.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
171.22.17.0/24 maxlen: 24
171.22.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:70:c2:d4:3e:dc:81:de:39:f7:74:bc:b4:cf:59:97:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 11 14:40:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=93bfa628bd53261ec50f642952315417dfceced6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f5:60:50:eb:fd:12:84:2c:87:a6:bd:b9:6f:
21:ec:9b:21:9d:f4:a0:9c:22:c6:80:18:87:4f:6e:
f3:24:e0:9d:02:87:d0:2a:7e:cc:92:1a:e1:be:0c:
f9:1e:96:91:04:b5:6d:a2:63:42:3e:cf:00:93:5e:
98:ac:ff:53:bd:24:69:aa:ef:48:6a:5f:85:d8:25:
8c:8e:d2:93:24:bf:90:ad:a8:45:fd:8f:ac:97:45:
c3:14:80:21:76:4e:fb:c6:7a:20:aa:c2:f3:a0:70:
1a:99:c6:f6:bc:92:16:79:bd:0d:4f:c2:d0:27:5d:
38:2b:a8:c1:a9:3e:f3:a0:21:92:56:32:2a:4a:ed:
d5:09:db:29:b1:7e:ef:02:22:bb:f8:64:e6:86:77:
48:2e:d0:68:c0:37:3d:e7:e5:ca:66:55:a8:b1:cb:
be:d2:68:c3:72:30:2b:65:bb:44:70:00:7d:0f:3e:
1a:ac:01:1b:93:4b:93:32:ae:68:39:4e:1b:d1:8a:
7c:83:e2:e4:e9:2b:0d:a9:77:4e:33:82:32:87:41:
0e:6a:c5:17:4f:c4:1e:ac:86:7f:c3:f2:9d:43:b0:
65:4c:e9:f1:36:b7:14:b8:8e:4e:bc:5c:b1:22:4d:
b4:8d:36:ad:05:aa:be:9d:bc:22:95:3b:7e:7e:3c:
6e:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:BF:A6:28:BD:53:26:1E:C5:0F:64:29:52:31:54:17:DF:CE:CE:D6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/k7-mKL1TJh7FD2QpUjFUF9_OztY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.158.0/24
81.161.239.0/24
83.219.97.0/24
171.22.17.0-171.22.18.255
194.180.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:a8:6f:90:9e:fe:b4:fb:61:bc:bc:ff:24:29:70:93:1a:47:
6d:eb:a5:ed:4d:60:5c:49:c1:2d:5e:38:5f:f5:a4:16:59:60:
90:ec:1b:ef:0d:5e:43:c9:bf:a7:6d:69:76:22:73:85:0d:eb:
86:49:c9:eb:d5:fb:6d:8e:51:19:1f:d8:0e:f3:15:b9:56:95:
8a:1f:7e:2b:d8:29:d0:d6:0c:d7:39:3b:27:a6:df:d1:b0:15:
20:93:fb:99:57:e0:0b:ec:95:11:f8:53:93:86:32:77:44:93:
5c:fe:2b:16:b6:85:54:57:fb:ff:e1:fa:68:c7:b9:c5:fc:c1:
bd:f8:77:ef:e9:6f:69:f8:f3:c3:d4:db:d5:7d:4c:a4:ca:51:
45:8e:a9:42:eb:85:93:b3:6d:ba:df:43:0b:78:1f:c7:8a:48:
12:f1:49:40:85:30:d0:eb:7a:37:2a:7f:d2:65:63:ab:6e:a0:
53:26:94:0c:69:13:61:fb:46:42:25:9c:42:7f:d3:d8:64:86:
33:34:35:13:a6:4f:7c:79:a4:bf:db:4d:bc:24:09:e1:44:ca:
87:3a:5c:6c:8f:52:4c:22:4d:07:95:ab:2a:e3:af:94:3e:5a:
b6:f2:c3:f2:6e:e0:e9:1b:59:b1:64:ae:44:8b:24:98:04:fe:
73:1b:df:4d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYdwwtQ+3IHeOfd0vLTPWZe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNDExMTQ0MDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2JmYTYyOGJkNTMyNjFlYzUwZjY0Mjk1MjMxNTQxN2RmY2VjZWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvVgUOv9EoQsh6a9uW8h7JshnfSg
nCLGgBiHT27zJOCdAofQKn7Mkhrhvgz5HpaRBLVtomNCPs8Ak16YrP9TvSRpqu9I
al+F2CWMjtKTJL+QrahF/Y+sl0XDFIAhdk77xnogqsLzoHAamcb2vJIWeb0NT8LQ
J104K6jBqT7zoCGSVjIqSu3VCdspsX7vAiK7+GTmhndILtBowDc95+XKZlWoscu+
0mjDcjArZbtEcAB9Dz4arAEbk0uTMq5oOU4b0Yp8g+Lk6SsNqXdOM4Iyh0EOasUX
T8QerIZ/w/KdQ7BlTOnxNrcUuI5OvFyxIk20jTatBaq+nbwilTt+fjxujQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFJO/pii9UyYexQ9kKVIxVBffzs7WMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvazctbUtMMVRKaDdGRDJRcFVqRlVGOV9PenRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALY2eAwQA
UaHvAwQAU9thMAwDBACrFhEDBACrFhIDBADCtCcwDQYJKoZIhvcNAQELBQADggEB
AKSob5Ce/rT7Yby8/yQpcJMaR23rpe1NYFxJwS1eOF/1pBZZYJDsG+8NXkPJv6dt
aXYic4UN64ZJyevV+22OURkf2A7zFblWlYoffivYKdDWDNc5Oyem39GwFSCT+5lX
4AvslRH4U5OGMndEk1z+Kxa2hVRX+//h+mjHucX8wb34d+/pb2n488PU29V9TKTK
UUWOqULrhZOzbbrfQwt4H8eKSBLxSUCFMNDrejcqf9JlY6tuoFMmlAxpE2H7RkIl
nEJ/09hkhjM0NROmT3x5pL/bTbwkCeFEyoc6XGyPUkwiTQeVqyrjr5Q+Wrbyw/Ju
4OkbWbFkrkSLJJgE/nMb300=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:41 2023 by rpki-client on console-ams.rpki-client.org