Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rPmDi6DedgAZKBoa-C3ZI9f6-zw.roa
File: rPmDi6DedgAZKBoa-C3ZI9f6-zw.roa (raw, json)
Hash identifier: Tp1j1m89yWVSKU9c4miC3Tk8VYxb9ElR3BXM+baZ5+I=
Subject key identifier: AC:F9:83:8B:A0:DE:76:00:19:28:1A:1A:F8:2D:D9:23:D7:FA:FB:3C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01870D5A314B33371A3B8F06D34F8E4CBD29
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rPmDi6DedgAZKBoa-C3ZI9f6-zw.roa
Signing time: Thu 23 Mar 2023 07:23:47 +0000
ROA not before: Thu 23 Mar 2023 07:23:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35913
IP address blocks: 81.161.231.0/24 maxlen: 24
192.145.29.0/24 maxlen: 24
192.145.30.0/24 maxlen: 24
192.145.31.0/24 maxlen: 24
192.145.28.0/24 maxlen: 24
164.40.185.0/24 maxlen: 24
185.252.162.0/24 maxlen: 24
185.252.161.0/24 maxlen: 24
185.252.160.0/24 maxlen: 24
185.252.163.0/24 maxlen: 24
193.148.50.0/24 maxlen: 24
194.11.197.0/24 maxlen: 24
193.148.49.0/24 maxlen: 24
194.11.198.0/24 maxlen: 24
194.11.199.0/24 maxlen: 24
193.148.48.0/24 maxlen: 24
193.148.51.0/24 maxlen: 24
194.11.196.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:0d:5a:31:4b:33:37:1a:3b:8f:06:d3:4f:8e:4c:bd:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Mar 23 07:23:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=acf9838ba0de760019281a1af82dd923d7fafb3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:17:cf:14:ed:53:40:8f:57:88:0e:d2:86:b3:
6c:40:9c:51:f7:f0:49:9b:71:b2:37:76:b1:b8:da:
e1:54:8a:0b:da:ac:19:b3:26:b2:15:4c:02:d4:a3:
95:96:1c:8b:08:bf:50:b4:fb:39:21:cb:39:00:85:
c4:04:1c:2c:a5:ec:81:a5:e1:83:1f:ee:d6:e3:03:
87:0c:3b:1d:dc:4b:30:39:8f:f7:65:eb:ff:cc:d8:
81:a0:e6:7a:5b:1c:c4:21:16:37:98:d6:af:b4:29:
3e:54:59:b1:6a:78:aa:f7:b7:e8:1e:3e:b0:fd:ae:
94:35:57:22:30:90:45:7f:61:af:d5:a5:c7:2b:17:
1d:63:60:4c:d0:3a:75:d4:97:df:39:5a:b8:bc:16:
18:e6:b6:31:4a:18:97:35:0e:dc:59:91:52:82:32:
fa:33:c4:e8:66:c6:22:e3:9b:e8:26:72:2d:6f:3b:
8f:2d:02:6b:9d:55:a8:4d:c7:42:ed:51:79:ea:29:
dd:ee:49:bc:7b:52:0b:16:63:82:c9:4d:46:2d:31:
16:92:2e:3b:a0:8f:a0:37:a2:cd:db:c5:b7:6c:26:
a8:b2:d0:3c:30:33:e9:12:65:52:f2:07:82:a9:f1:
84:88:a9:98:47:a8:36:44:bc:6b:68:a1:7c:3c:44:
61:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:F9:83:8B:A0:DE:76:00:19:28:1A:1A:F8:2D:D9:23:D7:FA:FB:3C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rPmDi6DedgAZKBoa-C3ZI9f6-zw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.231.0/24
164.40.185.0/24
185.252.160.0/22
192.145.28.0/22
193.148.48.0/22
194.11.196.0/22
Signature Algorithm: sha256WithRSAEncryption
4c:f8:ad:40:23:55:2a:16:1c:35:b2:57:63:f1:c5:b7:bf:c6:
80:55:c8:f7:57:49:22:9a:8e:d9:a2:93:a1:a4:b6:79:c0:a1:
b5:64:26:fd:98:63:6e:68:b4:a4:10:94:b6:0c:d4:fb:c8:5c:
69:be:d1:83:f8:b9:e9:37:1e:7f:93:1a:a3:4c:92:07:cd:17:
c5:14:78:b8:7e:de:9c:49:fc:2a:9d:bd:1e:df:34:a0:80:58:
2e:28:18:30:05:77:f5:fd:30:d0:c5:b8:4a:91:9d:6a:5b:71:
39:4c:75:83:8d:cd:dc:fc:28:10:83:85:e3:ed:ac:b8:cd:fd:
12:08:ea:f5:62:0e:72:7e:48:4f:60:25:a0:de:a3:22:05:bb:
c3:5c:75:66:01:79:07:aa:2e:9b:07:bc:ab:3d:6b:d6:40:a2:
5c:75:f8:d0:26:d8:ec:b3:58:ab:5c:b8:cd:7b:53:53:12:b6:
d4:35:14:84:d0:42:ff:a6:16:9c:93:19:c0:cf:62:cc:56:a0:
00:a1:fa:ce:3e:9d:93:62:53:43:c7:b5:67:8d:90:94:7c:00:
75:ee:3b:ac:68:33:fb:a1:5f:3c:24:a9:0f:8b:44:90:59:23:
7f:6a:d5:52:30:1a:4a:fa:83:54:19:65:39:30:e3:51:27:05:
12:2c:01:6f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYcNWjFLMzcaO48G00+OTL0pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMzIzMDcyMzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2Y5ODM4YmEwZGU3NjAwMTkyODFhMWFmODJkZDkyM2Q3ZmFmYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhfPFO1TQI9XiA7ShrNsQJxR9/BJ
m3GyN3axuNrhVIoL2qwZsyayFUwC1KOVlhyLCL9QtPs5Ics5AIXEBBwspeyBpeGD
H+7W4wOHDDsd3EswOY/3Zev/zNiBoOZ6WxzEIRY3mNavtCk+VFmxaniq97foHj6w
/a6UNVciMJBFf2Gv1aXHKxcdY2BM0Dp11JffOVq4vBYY5rYxShiXNQ7cWZFSgjL6
M8ToZsYi45voJnItbzuPLQJrnVWoTcdC7VF56ind7km8e1ILFmOCyU1GLTEWki47
oI+gN6LN28W3bCaostA8MDPpEmVS8geCqfGEiKmYR6g2RLxraKF8PERh6wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKz5g4ug3nYAGSgaGvgt2SPX+vs8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvclBtRGk2RGVkZ0FaS0JvYS1DM1pJOWY2LXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUaHnAwQA
pCi5AwQCufygAwQCwJEcAwQCwZQwAwQCwgvEMA0GCSqGSIb3DQEBCwUAA4IBAQBM
+K1AI1UqFhw1sldj8cW3v8aAVcj3V0kimo7ZopOhpLZ5wKG1ZCb9mGNuaLSkEJS2
DNT7yFxpvtGD+LnpNx5/kxqjTJIHzRfFFHi4ft6cSfwqnb0e3zSggFguKBgwBXf1
/TDQxbhKkZ1qW3E5THWDjc3c/CgQg4Xj7ay4zf0SCOr1Yg5yfkhPYCWg3qMiBbvD
XHVmAXkHqi6bB7yrPWvWQKJcdfjQJtjss1irXLjNe1NTErbUNRSE0EL/phackxnA
z2LMVqAAofrOPp2TYlNDx7VnjZCUfAB17jusaDP7oV88JKkPi0SQWSN/atVSMBpK
+oNUGWU5MONRJwUSLAFv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:42 2023 by rpki-client on console-ams.rpki-client.org