Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfXoGWSN1wkZlA3gZFM0Tqhklaw.roa
File: tfXoGWSN1wkZlA3gZFM0Tqhklaw.roa (raw, json)
Hash identifier: wkducfLI7KppOpxNWrZuGIM2roqTbTymE+CDOI1XhDw=
Subject key identifier: B5:F5:E8:19:64:8D:D7:09:19:94:0D:E0:64:53:34:4E:A8:64:95:AC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0185ECC0C0E3BB5C1D4918DBA3D30024E586
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfXoGWSN1wkZlA3gZFM0Tqhklaw.roa
Signing time: Thu 26 Jan 2023 06:25:33 +0000
ROA not before: Thu 26 Jan 2023 06:25:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
87.121.124.0/23 maxlen: 24
45.81.240.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
171.22.19.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
185.218.137.0/24 maxlen: 24
87.120.218.0/24 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ec:c0:c0:e3:bb:5c:1d:49:18:db:a3:d3:00:24:e5:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 26 06:25:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b5f5e819648dd70919940de06453344ea86495ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e3:1d:cc:c7:25:0b:d4:17:e8:73:29:b3:cf:
5a:29:88:fe:df:28:e3:ce:d0:2f:7e:32:f0:dd:fb:
5f:40:bc:71:4e:11:01:e1:90:6b:75:ac:a0:49:1c:
da:89:20:09:d8:a2:01:fd:a4:6e:03:1b:23:12:87:
85:9f:76:85:a9:73:92:ba:52:40:d2:b4:a3:b2:ca:
bf:ae:3a:74:ac:48:f1:71:d1:18:91:dc:3b:81:f1:
ce:c0:86:3d:fe:f0:59:73:37:20:d7:73:d7:86:9b:
26:c5:af:4b:69:b5:52:4b:e2:aa:23:62:b2:49:22:
f1:a3:db:fd:33:de:4e:b7:fc:f9:d0:98:43:e8:d2:
58:d4:f9:72:4e:17:3a:76:1a:93:41:d4:fe:9b:cc:
b7:3b:20:09:98:11:55:b5:92:c6:2b:7a:ae:63:f6:
ec:40:d4:85:a2:95:d7:19:19:1b:89:1a:de:ce:2e:
00:75:54:9a:87:a0:8c:df:6e:43:20:ba:cb:c1:92:
31:c2:8f:6a:f7:69:2a:75:15:8e:80:1f:91:37:90:
a5:6b:5e:1d:ee:48:73:e6:4e:30:74:fe:ba:97:50:
ba:91:01:5a:9b:a8:e8:a2:68:9b:b6:8a:e5:d7:21:
d6:95:49:db:81:90:f9:8b:36:bc:77:9c:1a:c7:e6:
34:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F5:E8:19:64:8D:D7:09:19:94:0D:E0:64:53:34:4E:A8:64:95:AC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/tfXoGWSN1wkZlA3gZFM0Tqhklaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.81.240.0/24
45.151.89.0/24
87.120.218.0/24
87.121.124.0/23
92.119.196.0/23
94.154.161.0-94.154.163.255
171.22.19.0/24
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:d6:4b:04:9c:32:f7:ec:7f:b7:f6:0a:b5:50:e3:14:d1:a9:
19:31:b9:10:19:eb:41:08:81:6f:53:69:f5:b4:ed:f7:e8:e4:
88:3d:ca:19:e8:0c:fa:21:17:5b:49:aa:db:47:01:bc:89:d1:
1e:d0:40:0e:53:e5:f0:06:f7:3f:4c:8c:a8:64:a7:be:1f:a2:
5f:89:71:1d:95:f1:83:26:88:3d:1e:e2:7c:75:7e:ce:60:41:
71:87:13:98:07:91:b7:df:27:a2:44:0d:0f:51:82:6e:e8:37:
99:96:f8:88:76:03:70:ee:ac:e5:0c:61:5b:3d:83:de:40:ff:
b2:29:e6:f2:43:86:74:bc:46:61:6d:c5:19:20:84:95:9e:69:
7b:20:85:7f:f1:56:46:2d:bb:76:6e:6a:db:73:d7:32:16:07:
d8:d1:f3:ca:7e:e1:1a:08:6f:27:23:72:d8:f0:98:47:d5:e8:
bb:84:ed:77:df:55:42:a6:15:e8:a4:20:4e:55:dc:b7:10:8c:
bd:a2:e8:18:95:2d:81:bd:6a:5f:d6:ee:70:6e:de:fe:38:fa:
ad:5b:bd:e8:de:37:40:64:15:9c:90:2d:f3:3a:cd:b8:c6:50:
a5:9d:eb:6f:d5:0b:fc:e4:0f:e5:ae:7c:f5:9a:04:f0:6a:f0:
2c:07:10:f8
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYXswMDju1wdSRjbo9MAJOWGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTI2MDYyNTMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY1ZTgxOTY0OGRkNzA5MTk5NDBkZTA2NDUzMzQ0ZWE4NjQ5NWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOMdzMclC9QX6HMps89aKYj+3yjj
ztAvfjLw3ftfQLxxThEB4ZBrdaygSRzaiSAJ2KIB/aRuAxsjEoeFn3aFqXOSulJA
0rSjssq/rjp0rEjxcdEYkdw7gfHOwIY9/vBZczcg13PXhpsmxa9LabVSS+KqI2Ky
SSLxo9v9M95Ot/z50JhD6NJY1PlyThc6dhqTQdT+m8y3OyAJmBFVtZLGK3quY/bs
QNSFopXXGRkbiRrezi4AdVSah6CM325DILrLwZIxwo9q92kqdRWOgB+RN5Cla14d
7khz5k4wdP66l1C6kQFam6joomibtorl1yHWlUnbgZD5iza8d5wax+Y0BQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFLX16BlkjdcJGZQN4GRTNE6oZJWsMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdGZYb0dXU04xd2tabEEzZ1pGTTBUcWhrbGF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQALVHwAwQA
LZdZAwQAV3jaAwQBV3l8AwQBXHfEMAwDBABemqEDBAJemqADBACrFhMDBAKrFkgD
BACy1+wDBAK52FQDBAK52lQDBAC52okDBAC5234DBAC5/LAwDQYJKoZIhvcNAQEL
BQADggEBADrWSwScMvfsf7f2CrVQ4xTRqRkxuRAZ60EIgW9TafW07ffo5Ig9yhno
DPohF1tJqttHAbyJ0R7QQA5T5fAG9z9MjKhkp74fol+JcR2V8YMmiD0e4nx1fs5g
QXGHE5gHkbffJ6JEDQ9Rgm7oN5mW+Ih2A3DurOUMYVs9g95A/7Ip5vJDhnS8RmFt
xRkghJWeaXsghX/xVkYtu3Zuattz1zIWB9jR88p+4RoIbycjctjwmEfV6LuE7Xff
VUKmFeikIE5V3LcQjL2i6BiVLYG9al/W7nBu3v44+q1bvejeN0BkFZyQLfM6zbjG
UKWd62/VC/zkD+WufPWaBPBq8CwHEPg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:42:49 2023 by rpki-client on console-fra.rpki-client.org