Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qhaBGcZgx1PFhRc8SPKu9gAH4Hc.roa
File: qhaBGcZgx1PFhRc8SPKu9gAH4Hc.roa (raw, json)
Hash identifier: BB0mTKQpqt+N/6AB3sUzf1DcmavEV2m8QGlwCj9E4Tw=
Subject key identifier: AA:16:81:19:C6:60:C7:53:C5:85:17:3C:48:F2:AE:F6:00:07:E0:77
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01898CB6F22530D8E10008EA37CFBB862BA9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qhaBGcZgx1PFhRc8SPKu9gAH4Hc.roa
Signing time: Tue 25 Jul 2023 11:02:27 +0000
ROA not before: Tue 25 Jul 2023 11:02:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
194.113.36.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
45.95.0.0/22 maxlen: 24
185.216.84.0/22 maxlen: 24
87.121.45.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
194.169.174.0/24 maxlen: 24
94.154.163.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:8c:b6:f2:25:30:d8:e1:00:08:ea:37:cf:bb:86:2b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 25 11:02:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aa168119c660c753c585173c48f2aef60007e077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3a:1a:42:34:17:e2:d1:53:62:75:85:bc:6f:
81:b3:99:e6:17:45:36:bd:80:69:3d:56:99:a8:08:
fc:39:8e:c2:3a:54:f6:36:ac:cd:b9:01:b9:42:1c:
3d:c7:3e:52:05:ba:b7:d8:3b:74:1d:0f:a8:87:f3:
1f:ea:21:6f:d7:5e:47:71:a8:bd:ee:f2:6a:be:3a:
74:bb:6b:e6:d5:43:c1:b1:23:be:43:4d:f8:f6:84:
1e:d8:30:92:4b:fd:a2:7a:8c:7b:7c:47:cd:e2:74:
99:b7:0d:a7:47:f2:16:1c:2f:ae:2f:cd:cb:10:ba:
02:f5:c3:4d:a6:ec:5e:30:b7:b1:85:fc:36:da:af:
20:17:1c:62:a2:a3:74:d6:75:45:4e:ca:1f:88:af:
d9:8b:5c:6b:d3:d0:12:8b:b7:05:e7:0e:c1:fb:f3:
01:6a:99:bc:07:d6:84:47:5e:23:3b:94:8a:73:37:
9a:3b:cb:11:1e:a1:c5:f1:54:06:8e:3a:c7:01:60:
1d:df:5c:e3:3c:0a:68:84:a2:de:3b:2d:64:2b:5d:
9c:cf:df:51:52:97:45:66:47:10:35:a7:a6:bc:b4:
6d:6b:70:96:89:34:63:52:ac:a7:68:a2:3f:d3:bc:
23:a0:a1:7c:d8:70:52:26:f3:7c:c6:93:e1:51:5d:
4b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:16:81:19:C6:60:C7:53:C5:85:17:3C:48:F2:AE:F6:00:07:E0:77
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/qhaBGcZgx1PFhRc8SPKu9gAH4Hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.0.0/22
45.151.89.0/24
87.121.45.0/24
91.92.21.0/24
92.119.196.0/23
93.123.85.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
178.215.239.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
194.113.36.0/22
194.169.174.0/24
Signature Algorithm: sha256WithRSAEncryption
50:12:07:3c:fd:4c:ab:46:ff:bd:07:55:4d:02:8b:6c:8e:ff:
cb:8e:86:18:20:a4:d3:71:dc:03:82:ff:b3:72:7a:e0:0f:74:
72:e6:ff:7f:27:6c:50:d5:c1:2e:46:40:af:eb:34:7e:c8:bb:
b4:66:92:fd:67:b4:44:af:ab:2d:f9:1c:b8:4d:22:df:c9:5b:
17:5b:96:38:02:4f:5d:e1:45:99:1f:3d:e7:e8:33:2c:ae:92:
6b:03:df:60:76:98:9c:2f:15:2a:46:57:ea:9b:4b:52:75:a3:
8d:97:22:32:b8:e7:fc:13:cf:b3:ca:8d:7c:cc:f6:f0:79:b6:
14:0b:67:5d:13:4a:b7:c8:b3:16:cd:ff:8b:39:7e:57:39:32:
ca:7c:25:08:be:38:8f:be:cf:f3:e5:44:47:26:6c:2f:30:2f:
7d:9a:57:34:1f:dc:7b:af:05:f5:3a:2e:74:0f:7c:7f:63:e8:
7f:bd:36:3a:96:b0:bb:3b:81:c1:6a:71:8d:37:33:8b:36:70:
87:6f:1f:35:53:ee:6a:94:58:d3:be:24:da:cb:1c:d6:2d:37:
a1:42:b7:cf:28:9a:95:21:9c:2f:26:1a:ad:05:a7:0f:f6:63:
ba:1c:a5:c6:bc:97:7e:80:8a:5c:5e:43:cf:a6:b4:c7:78:ae:
79:57:dc:5e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYmMtvIlMNjhAAjqN8+7hiupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzI1MTEwMjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTE2ODExOWM2NjBjNzUzYzU4NTE3M2M0OGYyYWVmNjAwMDdlMDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnjoaQjQX4tFTYnWFvG+Bs5nmF0U2
vYBpPVaZqAj8OY7COlT2NqzNuQG5Qhw9xz5SBbq32Dt0HQ+oh/Mf6iFv115Hcai9
7vJqvjp0u2vm1UPBsSO+Q0349oQe2DCSS/2ieox7fEfN4nSZtw2nR/IWHC+uL83L
ELoC9cNNpuxeMLexhfw22q8gFxxioqN01nVFTsofiK/Zi1xr09ASi7cF5w7B+/MB
apm8B9aER14jO5SKczeaO8sRHqHF8VQGjjrHAWAd31zjPApohKLeOy1kK12cz99R
UpdFZkcQNaemvLRta3CWiTRjUqynaKI/07wjoKF82HBSJvN8xpPhUV1L1wIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKoWgRnGYMdTxYUXPEjyrvYAB+B3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcWhhQkdjWmd4MVBGaFJjOFNQS3U5Z0FINEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAIt
XwADBAAtl1kDBABXeS0DBABbXBUDBAFcd8QDBABde1UwDAMEAF6aoQMEAl6aoAME
AF6c7zAMAwQCk05kAwQAk05mAwQCqxZIAwQAstfgAwQAstfsAwQAstfvAwQCudhU
AwQCudpUAwQAudqJAwQAudt+AwQAufywAwQCwnEkAwQAwqmuMA0GCSqGSIb3DQEB
CwUAA4IBAQBQEgc8/UyrRv+9B1VNAotsjv/LjoYYIKTTcdwDgv+zcnrgD3Ry5v9/
J2xQ1cEuRkCv6zR+yLu0ZpL9Z7REr6st+Ry4TSLfyVsXW5Y4Ak9d4UWZHz3n6DMs
rpJrA99gdpicLxUqRlfqm0tSdaONlyIyuOf8E8+zyo18zPbwebYUC2ddE0q3yLMW
zf+LOX5XOTLKfCUIvjiPvs/z5URHJmwvMC99mlc0H9x7rwX1Oi50D3x/Y+h/vTY6
lrC7O4HBanGNNzOLNnCHbx81U+5qlFjTviTayxzWLTehQrfPKJqVIZwvJhqtBacP
9mO6HKXGvJd+gIpcXkPPprTHeK55V9xe
-----END CERTIFICATE-----
Generated at Fri Jul 28 08:33:34 2023 by rpki-client on console-ams.rpki-client.org