Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qJ5I74dBThFUKJxn4m_TkOxYBaA.roa
File: qJ5I74dBThFUKJxn4m_TkOxYBaA.roa (raw, json)
Hash identifier: CiTpJPUQ1j7EoYE+Pj3VaR7IhN6PYzSkgP/5fXjCFp0=
Subject key identifier: A8:9E:48:EF:87:41:4E:11:54:28:9C:67:E2:6F:D3:90:EC:58:05:A0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01859C8D3ED4C75F3E35B825B221277B6307
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qJ5I74dBThFUKJxn4m_TkOxYBaA.roa
Signing time: Tue 10 Jan 2023 16:39:40 +0000
ROA not before: Tue 10 Jan 2023 16:39:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204843
IP address blocks: 94.156.11.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
193.149.2.0/24 maxlen: 24
193.149.3.0/24 maxlen: 24
37.221.123.0/24 maxlen: 24
37.221.121.0/24 maxlen: 24
37.221.122.0/24 maxlen: 24
37.221.120.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
45.144.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:8d:3e:d4:c7:5f:3e:35:b8:25:b2:21:27:7b:63:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 10 16:39:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a89e48ef87414e1154289c67e26fd390ec5805a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ff:36:e7:f4:c9:98:8a:98:37:3b:ea:e5:b6:
49:63:62:20:3d:52:73:3d:ca:a8:f1:80:78:4b:72:
8f:6a:97:04:33:e6:5f:f6:8b:65:4e:a7:8c:5c:a4:
7e:64:b6:35:7b:ec:68:e0:21:ae:06:c7:60:ac:ad:
b1:fa:71:27:01:90:e7:93:66:bd:78:47:c8:58:42:
f3:dc:25:22:94:e8:03:7d:3d:cb:59:ee:ca:2a:46:
45:2d:97:7f:bf:60:28:af:75:e8:3a:89:86:f5:70:
df:b8:16:f0:bf:b4:fe:dc:d1:c8:d4:e8:7c:bd:53:
c0:a8:2a:ac:d0:b2:9c:c2:c3:52:8f:5b:e2:c3:8b:
cf:48:19:5b:56:5c:ec:df:6a:63:f0:d7:0c:1a:23:
f9:fe:37:58:56:0a:86:f4:9f:5f:e2:17:97:cc:7b:
7c:fd:5d:cf:20:0c:81:18:bc:0a:1f:a2:30:fd:38:
b4:9e:53:05:88:be:50:74:ad:54:45:c6:a4:5a:22:
dc:d3:ff:55:a9:01:17:ab:87:83:40:17:9a:97:a8:
f7:83:3a:4b:ba:21:56:11:c0:2a:f5:8a:15:07:05:
96:f5:72:65:17:da:84:cf:22:7b:4f:3f:b1:0e:a6:
7d:05:d8:ec:02:bb:21:c3:57:05:48:89:1b:fa:b1:
67:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:9E:48:EF:87:41:4E:11:54:28:9C:67:E2:6F:D3:90:EC:58:05:A0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qJ5I74dBThFUKJxn4m_TkOxYBaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.120.0/22
45.81.241.0/24
45.144.153.0/24
94.156.11.0/24
141.98.1.0/24
185.221.64.0/24
193.149.2.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:ab:14:d2:4c:95:e7:57:4e:d7:14:b0:4c:a0:84:f5:d2:09:
9a:69:40:39:91:2a:40:16:95:ad:54:5d:ef:09:2a:70:3a:43:
d1:f6:d8:b8:d1:4f:43:ac:5e:55:36:ee:8a:67:2b:0c:d4:5a:
2f:0e:a5:ca:34:94:29:5b:c3:e6:31:97:86:a5:26:3a:44:50:
35:13:14:7c:20:51:1d:f7:c0:c0:84:37:76:95:d4:b2:4c:82:
85:3f:16:82:aa:e1:1d:99:df:eb:92:fe:a7:28:29:f8:45:12:
12:80:6d:29:f1:6b:2e:96:a0:74:7b:f3:51:93:d0:ac:30:d3:
f0:ca:e6:1e:40:da:f4:fd:c2:59:86:94:d7:56:2d:c4:d4:c9:
64:66:70:fa:f6:4a:ea:1e:4b:30:59:e8:85:50:0f:82:0b:d8:
ab:d8:ca:93:3c:af:00:8e:86:93:18:f7:d1:d9:b3:f7:39:9d:
86:c5:16:e7:e3:ed:29:27:5b:e4:83:e9:5d:7a:df:ab:79:3a:
80:f0:3e:e2:85:6e:c0:0d:68:39:01:6b:de:47:dc:68:36:ab:
d1:95:a4:29:46:60:2d:42:fb:f0:42:b3:08:0b:d3:2b:79:da:
a5:92:0e:81:48:fe:a1:2e:26:b3:8a:12:e4:eb:7d:4e:88:18:
fa:bf:c0:8d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYWcjT7Ux18+NbglsiEne2MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTEwMTYzOTQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODllNDhlZjg3NDE0ZTExNTQyODljNjdlMjZmZDM5MGVjNTgwNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkf825/TJmIqYNzvq5bZJY2IgPVJz
Pcqo8YB4S3KPapcEM+Zf9otlTqeMXKR+ZLY1e+xo4CGuBsdgrK2x+nEnAZDnk2a9
eEfIWELz3CUilOgDfT3LWe7KKkZFLZd/v2Aor3XoOomG9XDfuBbwv7T+3NHI1Oh8
vVPAqCqs0LKcwsNSj1viw4vPSBlbVlzs32pj8NcMGiP5/jdYVgqG9J9f4heXzHt8
/V3PIAyBGLwKH6Iw/Ti0nlMFiL5QdK1URcakWiLc0/9VqQEXq4eDQBeal6j3gzpL
uiFWEcAq9YoVBwWW9XJlF9qEzyJ7Tz+xDqZ9BdjsArshw1cFSIkb+rFnXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKieSO+HQU4RVCicZ+Jv05DsWAWgMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcUo1STc0ZEJUaEZVS0p4bjRtX1RrT3hZQmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCJd14AwQA
LVHxAwQALZCZAwQAXpwLAwQAjWIBAwQAud1AAwQBwZUCMA0GCSqGSIb3DQEBCwUA
A4IBAQB+qxTSTJXnV07XFLBMoIT10gmaaUA5kSpAFpWtVF3vCSpwOkPR9ti40U9D
rF5VNu6KZysM1FovDqXKNJQpW8PmMZeGpSY6RFA1ExR8IFEd98DAhDd2ldSyTIKF
PxaCquEdmd/rkv6nKCn4RRISgG0p8WsulqB0e/NRk9CsMNPwyuYeQNr0/cJZhpTX
Vi3E1MlkZnD69krqHkswWeiFUA+CC9ir2MqTPK8AjoaTGPfR2bP3OZ2GxRbn4+0p
J1vkg+ldet+reTqA8D7ihW7ADWg5AWveR9xoNqvRlaQpRmAtQvvwQrMIC9Mredql
kg6BSP6hLiazihLk631OiBj6v8CN
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org