Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhYXrsi00BIjKvzqIemaU2eeevg.roa
File: rhYXrsi00BIjKvzqIemaU2eeevg.roa (raw, json)
Hash identifier: 6TbzrCB+yZxZGPrGpt1utNpTSCwz9WMxYxA82QuruNI=
Subject key identifier: AE:16:17:AE:C8:B4:D0:12:23:2A:FC:EA:21:E9:9A:53:67:9E:7A:F8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0189E4941B66845D1C9EDFEAF554F77F4DB2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhYXrsi00BIjKvzqIemaU2eeevg.roa
Signing time: Fri 11 Aug 2023 12:30:58 +0000
ROA not before: Fri 11 Aug 2023 12:30:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50225
IP address blocks: 91.92.21.0/24 maxlen: 24
85.217.145.0/24 maxlen: 24
185.222.163.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
45.128.99.0/24 maxlen: 24
193.42.34.0/24 maxlen: 24
94.156.176.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
45.84.90.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
85.209.132.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:e4:94:1b:66:84:5d:1c:9e:df:ea:f5:54:f7:7f:4d:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 11 12:30:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae1617aec8b4d012232afcea21e99a53679e7af8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:08:9e:b5:82:56:d7:8d:15:32:06:42:25:5d:
83:64:88:f5:70:41:9b:92:fc:bb:82:55:87:79:ac:
72:ff:9f:b6:ee:d7:1e:83:34:2d:ad:77:44:97:6a:
5a:cf:de:0d:80:b8:37:40:18:2f:a3:f3:f0:a6:d6:
72:04:4b:0e:55:bf:9c:31:ea:da:8b:23:91:c3:08:
8a:49:08:3f:5f:5f:7a:a1:fa:d5:ba:48:7f:32:46:
82:81:f8:f4:18:0c:e0:8a:70:08:c1:a9:c6:cc:76:
38:bf:6b:ad:00:21:b7:d9:2c:d8:a2:3a:e8:b2:04:
8b:58:b6:1a:bb:e7:68:2b:d6:38:fd:43:91:c9:11:
e7:0a:ac:f1:ac:37:5f:73:32:45:ef:21:78:5b:21:
97:1e:98:0b:77:0a:61:51:98:f3:c6:d5:cc:2e:42:
6a:35:82:cb:79:f0:65:68:9e:4d:22:f7:92:18:83:
8d:6f:19:b8:4d:9d:14:fc:a3:98:bc:13:db:3f:68:
06:79:df:2a:7e:d6:93:d3:05:01:5d:4f:0c:0b:60:
22:61:89:13:0d:3d:f3:e8:e9:cb:6e:8d:ae:16:03:
ed:5b:4f:2b:37:84:d4:67:37:05:12:64:c9:43:58:
b8:18:95:57:52:cc:7d:a0:a7:a4:98:fb:98:3a:5c:
ad:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:16:17:AE:C8:B4:D0:12:23:2A:FC:EA:21:E9:9A:53:67:9E:7A:F8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rhYXrsi00BIjKvzqIemaU2eeevg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.131.0/24
45.84.90.0/24
45.128.99.0/24
79.110.50.0/24
85.209.132.0/24
85.217.145.0/24
91.92.21.0/24
93.123.85.0/24
94.156.176.0/24
176.125.252.0/24
178.215.237.0/24
185.222.163.0/24
193.42.34.0/24
193.47.60.0/24
193.47.63.0/24
194.48.249.0/24
194.48.251.0/24
Signature Algorithm: sha256WithRSAEncryption
93:c3:a2:71:b1:26:26:ea:d0:33:46:29:0e:0f:7d:04:db:0a:
99:65:d6:93:ff:e7:df:23:4d:df:c8:49:bb:fe:60:c2:7b:67:
3d:38:4f:1e:78:43:42:78:bd:3b:d9:cf:99:77:98:34:a3:5d:
59:bc:98:44:f5:f5:be:27:e6:31:c3:79:f0:5f:2c:62:9b:c3:
cc:0b:44:19:c9:4b:86:03:b9:44:4e:9d:07:bd:ac:36:ca:07:
bd:72:05:99:00:de:b8:72:24:85:5b:db:4c:2b:be:e6:96:7f:
e4:19:4c:2d:47:cf:55:29:8a:4e:46:86:c6:3e:a0:00:b4:18:
a2:e2:e4:6b:43:57:04:7f:2c:fd:a0:c0:72:e7:db:f6:8e:79:
8d:07:03:00:4c:f4:9e:ba:be:bb:47:6c:17:c5:d2:74:b8:8d:
7e:6c:06:c7:73:1a:b5:8f:ea:f8:d3:88:a8:5d:21:ec:d5:50:
4d:c0:27:ea:7a:cd:f8:9f:df:58:5f:47:b3:a5:71:9b:b7:6d:
e5:c9:c4:4e:33:68:2a:69:8d:4d:80:a6:b4:ee:5a:d5:1c:84:
0a:d2:5e:29:5a:c7:df:5e:86:17:2c:38:2a:79:1f:6b:a5:4c:
1a:45:0a:09:c8:99:16:d8:2d:7c:7c:62:30:43:ae:93:0b:29:
05:4d:53:52
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAYnklBtmhF0cnt/q9VT3f02yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODExMTIzMDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE2MTdhZWM4YjRkMDEyMjMyYWZjZWEyMWU5OWE1MzY3OWU3YWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQietYJW140VMgZCJV2DZIj1cEGb
kvy7glWHeaxy/5+27tcegzQtrXdEl2paz94NgLg3QBgvo/PwptZyBEsOVb+cMera
iyORwwiKSQg/X196ofrVukh/MkaCgfj0GAzginAIwanGzHY4v2utACG32SzYojro
sgSLWLYau+doK9Y4/UORyRHnCqzxrDdfczJF7yF4WyGXHpgLdwphUZjzxtXMLkJq
NYLLefBlaJ5NIveSGIONbxm4TZ0U/KOYvBPbP2gGed8qftaT0wUBXU8MC2AiYYkT
DT3z6OnLbo2uFgPtW08rN4TUZzcFEmTJQ1i4GJVXUsx9oKekmPuYOlyt3QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFK4WF67ItNASIyr86iHpmlNnnnr4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvcmhZWHJzaTAwQklqS3Z6cUllbWFVMmVlZXZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBsBAIAATBmAwQAJYuDAwQA
LVRaAwQALYBjAwQAT24yAwQAVdGEAwQAVdmRAwQAW1wVAwQAXXtVAwQAXpywAwQA
sH38AwQAstftAwQAud6jAwQAwSoiAwQAwS88AwQAwS8/AwQAwjD5AwQAwjD7MA0G
CSqGSIb3DQEBCwUAA4IBAQCTw6JxsSYm6tAzRikOD30E2wqZZdaT/+ffI03fyEm7
/mDCe2c9OE8eeENCeL072c+Zd5g0o11ZvJhE9fW+J+Yxw3nwXyxim8PMC0QZyUuG
A7lETp0Hvaw2yge9cgWZAN64ciSFW9tMK77mln/kGUwtR89VKYpORobGPqAAtBii
4uRrQ1cEfyz9oMBy59v2jnmNBwMATPSeur67R2wXxdJ0uI1+bAbHcxq1j+r404io
XSHs1VBNwCfqes34n99YX0ezpXGbt23lycROM2gqaY1NgKa07lrVHIQK0l4pWsff
XoYXLDgqeR9rpUwaRQoJyJkW2C18fGIwQ66TCykFTVNS
-----END CERTIFICATE-----
Generated at Fri Aug 18 08:22:35 2023 by rpki-client on console-ams.rpki-client.org