Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t34Dmw09CGeWbCy1yrpKMSqx2jg.roa
File: t34Dmw09CGeWbCy1yrpKMSqx2jg.roa (raw, json)
Hash identifier: ypN6EdykEjew8SfrBeE0OMm1Xy0I62HT692graaQt5I=
Subject key identifier: B7:7E:03:9B:0D:3D:08:67:96:6C:2C:B5:CA:BA:4A:31:2A:B1:DA:38
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018934B98A7C3403D5744671E9711235AECB
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t34Dmw09CGeWbCy1yrpKMSqx2jg.roa
Signing time: Sat 08 Jul 2023 08:58:42 +0000
ROA not before: Sat 08 Jul 2023 08:58:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.14.167.0/24 maxlen: 24
93.123.74.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:34:b9:8a:7c:34:03:d5:74:46:71:e9:71:12:35:ae:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 8 08:58:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b77e039b0d3d0867966c2cb5caba4a312ab1da38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:d8:a3:a2:1a:84:36:a0:35:10:d4:e3:8e:6e:
74:54:07:89:1e:8b:eb:56:13:50:0b:2a:f5:05:c8:
92:48:e5:7b:4f:cb:cc:25:69:cc:5c:f1:02:5a:20:
b1:55:ff:03:3c:83:39:1b:f7:70:fe:39:5b:4f:9c:
a6:29:4f:6b:83:bd:e7:0b:51:21:41:66:bb:51:4d:
e3:35:f9:85:04:fa:5e:58:25:c1:67:96:0d:61:0e:
b6:94:cc:5c:da:fe:7e:f6:cc:f5:7a:58:7e:fc:4c:
28:3e:95:d7:e6:7b:8c:b9:fb:25:cb:4e:e2:5f:0e:
2c:6c:54:74:c4:9e:f9:75:9f:02:78:d9:31:d5:38:
7c:22:88:68:3f:a4:44:4e:74:4e:9e:a9:d0:e2:9b:
1f:a7:5c:55:bc:35:69:2d:8b:22:58:b4:c6:6d:1b:
da:54:6d:68:7b:d4:a0:b2:a0:18:24:7e:3d:22:f7:
c9:7d:b1:62:ba:99:98:7c:f4:5d:de:43:c8:53:48:
df:15:da:84:11:0a:0a:0f:0f:f4:64:11:6c:d8:6e:
ba:20:da:8d:ae:3e:d0:ba:3d:04:bc:f8:b4:2b:83:
d1:0e:c4:08:35:12:3e:b0:62:5b:36:16:62:e8:cc:
22:3b:80:4a:32:8d:32:db:0a:15:8f:5b:66:c2:b4:
2c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:7E:03:9B:0D:3D:08:67:96:6C:2C:B5:CA:BA:4A:31:2A:B1:DA:38
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/t34Dmw09CGeWbCy1yrpKMSqx2jg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.167.0/24
83.219.96.0/24
83.219.99.0/24
93.123.74.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:1d:eb:6d:66:6a:d9:d9:d7:db:34:ab:21:c3:99:f9:7b:f7:
d8:d6:83:37:aa:df:76:3d:3e:02:91:b1:ac:5e:53:27:95:e4:
8f:4b:5d:3d:f0:db:d1:54:d4:a3:56:3a:87:64:23:32:65:90:
ab:83:cf:6c:86:1e:18:2b:32:fe:a3:8b:17:66:bd:37:88:f5:
1f:62:40:6a:4d:99:9a:90:50:f0:e3:e9:70:4a:79:42:dc:6c:
dc:82:20:bf:20:e7:32:c5:46:da:46:25:fe:c3:e2:aa:a9:d1:
0c:0e:1c:8b:ed:dc:08:dc:a7:7b:22:1b:3a:4d:e3:66:dd:ce:
ae:f7:99:1f:8a:87:98:98:cf:58:a0:2a:18:e1:dd:fb:87:b4:
a2:70:b3:52:2c:b2:c6:20:54:ba:df:10:aa:7e:c2:45:25:0f:
47:5d:de:ef:77:78:94:fd:3d:bb:03:22:3f:91:3b:ef:3f:49:
5b:c9:a1:cf:36:9c:de:59:a9:78:d6:ef:c7:94:c6:fe:f9:99:
86:d0:8e:e8:84:c0:c9:63:32:4d:84:f2:5a:54:3c:4b:11:13:
da:91:8c:57:0f:ef:48:72:b6:10:3f:69:da:d3:e9:00:91:1f:
5b:7f:ec:30:09:af:1b:95:c0:b4:a5:a7:00:39:75:db:41:95:
79:50:35:ce
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYk0uYp8NAPVdEZx6XESNa7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNzA4MDg1ODQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzdlMDM5YjBkM2QwODY3OTY2YzJjYjVjYWJhNGEzMTJhYjFkYTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwNijohqENqA1ENTjjm50VAeJHovr
VhNQCyr1BciSSOV7T8vMJWnMXPECWiCxVf8DPIM5G/dw/jlbT5ymKU9rg73nC1Eh
QWa7UU3jNfmFBPpeWCXBZ5YNYQ62lMxc2v5+9sz1elh+/EwoPpXX5nuMufsly07i
Xw4sbFR0xJ75dZ8CeNkx1Th8IohoP6RETnROnqnQ4psfp1xVvDVpLYsiWLTGbRva
VG1oe9SgsqAYJH49IvfJfbFiupmYfPRd3kPIU0jfFdqEEQoKDw/0ZBFs2G66INqN
rj7Quj0EvPi0K4PRDsQINRI+sGJbNhZi6MwiO4BKMo0y2woVj1tmwrQsGwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLd+A5sNPQhnlmwstcq6SjEqsdo4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdDM0RG13MDlDR2VXYkN5MXlycEtNU3F4MmpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALQ6nAwQA
U9tgAwQAU9tjAwQAXXtKMA0GCSqGSIb3DQEBCwUAA4IBAQCeHettZmrZ2dfbNKsh
w5n5e/fY1oM3qt92PT4CkbGsXlMnleSPS1098NvRVNSjVjqHZCMyZZCrg89shh4Y
KzL+o4sXZr03iPUfYkBqTZmakFDw4+lwSnlC3GzcgiC/IOcyxUbaRiX+w+KqqdEM
DhyL7dwI3Kd7Ihs6TeNm3c6u95kfioeYmM9YoCoY4d37h7SicLNSLLLGIFS63xCq
fsJFJQ9HXd7vd3iU/T27AyI/kTvvP0lbyaHPNpzeWal41u/HlMb++ZmG0I7ohMDJ
YzJNhPJaVDxLERPakYxXD+9IcrYQP2na0+kAkR9bf+wwCa8blcC0pacAOXXbQZV5
UDXO
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org