Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/piAloZzCk_8eQJeu7bcwjTt9-EU.roa
File: piAloZzCk_8eQJeu7bcwjTt9-EU.roa (raw, json)
Hash identifier: VqtfBC8SILKFox3MmarIOqxdFDSNHzmtstlQRN2alT4=
Subject key identifier: A6:20:25:A1:9C:C2:93:FF:1E:40:97:AE:ED:B7:30:8D:3B:7D:F8:45
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018AD58BDCD2A035961EBAEB4B2B09EAD280
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/piAloZzCk_8eQJeu7bcwjTt9-EU.roa
Signing time: Wed 27 Sep 2023 07:30:27 +0000
ROA not before: Wed 27 Sep 2023 07:30:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202685
IP address blocks: 2.58.95.0/24 maxlen: 24
84.54.51.0/24 maxlen: 24
94.103.124.0/24 maxlen: 24
141.98.4.0/24 maxlen: 24
31.13.211.0/24 maxlen: 24
87.121.58.0/24 maxlen: 24
45.128.232.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d5:8b:dc:d2:a0:35:96:1e:ba:eb:4b:2b:09:ea:d2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 27 07:30:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a62025a19cc293ff1e4097aeedb7308d3b7df845
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:16:4c:b0:a6:7d:d9:1f:5d:44:78:37:fc:19:
52:a8:5c:b2:81:28:79:47:6d:04:c3:84:e9:da:48:
ba:f8:3d:77:b3:f5:ac:9c:b1:ab:f4:87:98:9f:48:
d2:18:97:5f:fc:66:c8:20:66:9b:05:be:44:b1:c4:
62:e3:4e:be:33:2f:80:93:88:9d:3e:e4:fb:b3:4b:
a7:bf:48:0a:42:5e:70:0f:a8:b7:14:c7:a9:08:b0:
27:7e:14:86:01:ac:31:e6:dd:c1:71:a3:95:97:a5:
b9:83:91:f0:d0:d1:80:ac:3f:8a:48:0f:d8:bb:35:
af:53:60:ef:60:54:a5:1e:ff:eb:63:36:94:5c:4e:
b2:d0:dc:4e:45:e9:3c:bb:47:ce:3c:f0:0e:6f:88:
7f:81:5e:9b:9f:c7:1e:79:c0:d1:e5:2c:64:e1:b4:
4c:ca:15:86:61:04:6a:6b:47:59:b7:2a:65:1a:76:
74:13:3f:65:bb:79:1a:bc:05:b5:ac:ac:fe:ec:37:
a7:72:c9:03:4e:04:9c:2c:2e:e4:e2:3b:52:de:eb:
58:a2:27:00:c6:b9:1c:10:cc:6f:de:1d:a7:0f:d5:
71:b0:85:eb:ca:18:49:fe:a8:1b:57:d4:fb:29:b4:
b1:ab:ee:f8:ae:e4:0b:45:7f:73:3e:3c:1c:a5:7c:
8f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:20:25:A1:9C:C2:93:FF:1E:40:97:AE:ED:B7:30:8D:3B:7D:F8:45
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/piAloZzCk_8eQJeu7bcwjTt9-EU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
31.13.211.0/24
45.128.232.0/24
84.54.51.0/24
87.121.58.0/24
94.103.124.0/24
141.98.4.0/24
147.78.102.0/24
193.35.18.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a0:59:61:a1:59:b8:c8:8d:1c:5c:ce:00:d3:86:d4:e9:f2:
c8:b1:ef:51:85:05:da:cb:cc:aa:50:ed:94:f6:95:27:6e:30:
51:c9:1b:4f:f5:19:d1:c4:73:d7:0c:3e:4d:70:13:58:ed:e5:
6b:fc:93:01:7c:00:10:1a:47:a7:e4:f3:73:fb:de:91:ba:37:
dc:10:c7:37:f2:cc:c8:cc:34:9f:65:f8:cb:4a:b5:f3:4c:fb:
ef:0e:33:a6:06:b3:15:fa:57:5d:49:5d:83:32:90:14:51:a3:
a6:79:e5:7c:b0:17:90:cd:e7:c2:f1:48:22:27:1a:07:a1:61:
f4:b4:28:b2:98:63:2c:82:28:e3:53:b7:d8:19:ee:6c:16:00:
2d:45:b2:0a:b1:6d:24:69:6b:7f:71:5c:d1:a7:b0:12:f0:63:
0f:f3:2c:4e:0c:3c:0d:f3:3f:96:81:36:67:d1:6a:ca:bc:44:
b0:80:b9:a3:3c:76:fc:d7:bb:0f:3c:f7:53:0f:e5:12:3d:15:
af:61:2d:79:66:35:cc:4a:45:3a:c1:49:40:7a:23:7c:46:14:
94:ec:93:f9:17:8b:d4:99:a3:b9:0c:99:0c:7a:b0:e7:2a:36:
5a:41:bc:16:a2:a0:88:ca:35:31:bf:70:e7:84:ea:58:2a:ce:
4f:26:08:3f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYrVi9zSoDWWHrrrSysJ6tKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwOTI3MDczMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjIwMjVhMTljYzI5M2ZmMWU0MDk3YWVlZGI3MzA4ZDNiN2RmODQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxZMsKZ92R9dRHg3/BlSqFyygSh5
R20Ew4Tp2ki6+D13s/WsnLGr9IeYn0jSGJdf/GbIIGabBb5EscRi406+My+Ak4id
PuT7s0unv0gKQl5wD6i3FMepCLAnfhSGAawx5t3BcaOVl6W5g5Hw0NGArD+KSA/Y
uzWvU2DvYFSlHv/rYzaUXE6y0NxORek8u0fOPPAOb4h/gV6bn8ceecDR5Sxk4bRM
yhWGYQRqa0dZtyplGnZ0Ez9lu3kavAW1rKz+7DencskDTgScLC7k4jtS3utYoicA
xrkcEMxv3h2nD9VxsIXryhhJ/qgbV9T7KbSxq+74ruQLRX9zPjwcpXyPEwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFKYgJaGcwpP/HkCXru23MI07ffhFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcGlBbG9aekNrXzhlUUpldTdiY3dqVHQ5LUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAAjpfAwQA
Hw3TAwQALYDoAwQAVDYzAwQAV3k6AwQAXmd8AwQAjWIEAwQAk05mAwQAwSMSMA0G
CSqGSIb3DQEBCwUAA4IBAQBMoFlhoVm4yI0cXM4A04bU6fLIse9RhQXay8yqUO2U
9pUnbjBRyRtP9RnRxHPXDD5NcBNY7eVr/JMBfAAQGken5PNz+96RujfcEMc38szI
zDSfZfjLSrXzTPvvDjOmBrMV+lddSV2DMpAUUaOmeeV8sBeQzefC8UgiJxoHoWH0
tCiymGMsgijjU7fYGe5sFgAtRbIKsW0kaWt/cVzRp7AS8GMP8yxODDwN8z+WgTZn
0WrKvESwgLmjPHb817sPPPdTD+USPRWvYS15ZjXMSkU6wUlAeiN8RhSU7JP5F4vU
maO5DJkMerDnKjZaQbwWoqCIyjUxv3DnhOpYKs5PJgg/
-----END CERTIFICATE-----
Generated at Fri Sep 29 08:40:59 2023 by rpki-client on console-ams.rpki-client.org