Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/u9SU9QASiC81Y0sufn3BIYcKDL8.roa
File: u9SU9QASiC81Y0sufn3BIYcKDL8.roa (raw, json)
Hash identifier: v6YjbBEDG93YCHPbEpupCFKAWycQ5VsSsTkZ1pAhRDA=
Subject key identifier: BB:D4:94:F5:00:12:88:2F:35:63:4B:2E:7E:7D:C1:21:87:0A:0C:BF
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0187DB3A49C28A6A1A0413856BE19DBBF2B2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/u9SU9QASiC81Y0sufn3BIYcKDL8.roa
Signing time: Tue 02 May 2023 06:50:42 +0000
ROA not before: Tue 02 May 2023 06:50:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
87.120.64.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
94.103.126.0/24 maxlen: 24
185.218.137.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:3a:49:c2:8a:6a:1a:04:13:85:6b:e1:9d:bb:f2:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 2 06:50:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=bbd494f50012882f35634b2e7e7dc121870a0cbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:95:d9:f6:20:a9:df:b7:84:1f:3d:18:8e:6e:
e6:d9:b5:4a:e0:e9:75:c6:68:9d:16:70:37:a0:8f:
09:0d:0c:98:9d:33:ba:63:7c:68:cc:4f:70:b3:24:
bc:06:9a:e5:b2:ac:c7:eb:fe:60:0e:76:52:1b:62:
a6:97:6c:ca:05:81:cf:ef:d4:6f:e8:f2:33:ef:17:
1c:e0:f0:89:d3:a9:77:57:2a:9c:5a:87:19:a8:d3:
f4:d4:7f:f1:9c:ba:cd:b7:de:c9:82:e6:94:33:96:
73:6b:75:74:cf:75:e5:d7:5f:39:4d:1c:80:4b:5b:
6d:47:f8:5a:8b:cb:9e:e8:91:e0:a3:e4:41:39:d6:
5a:a7:92:38:43:86:9f:81:9b:1f:be:e5:ab:be:93:
5e:ec:f9:af:7d:66:2f:38:59:9c:55:11:19:04:b2:
0e:bd:2f:37:74:e2:32:5f:df:3a:00:85:5f:a7:6e:
c0:f7:cd:c4:d5:d8:47:eb:a5:59:24:21:81:1a:cd:
86:27:e8:24:12:83:8e:7a:0c:89:3c:ba:6d:e7:b5:
da:3f:95:f1:b5:b7:fb:ce:8b:8d:e3:ff:0c:3f:79:
6b:56:6a:85:a1:a7:7a:3d:5d:7d:a1:a3:26:0a:2c:
fd:33:b5:64:70:49:fc:05:5b:0f:d4:c4:4b:bc:50:
74:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D4:94:F5:00:12:88:2F:35:63:4B:2E:7E:7D:C1:21:87:0A:0C:BF
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/u9SU9QASiC81Y0sufn3BIYcKDL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.89.0/24
87.120.64.0/23
92.119.196.0/23
94.103.126.0/24
94.154.161.0-94.154.163.255
147.78.100.0/23
171.22.72.0/22
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.218.137.0/24
185.219.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:44:90:f6:5e:d0:1b:9d:0f:98:9e:30:83:60:ec:07:d2:82:
ab:ef:99:7c:3c:c7:54:c8:08:ce:e3:02:8e:18:d4:51:bb:69:
40:88:34:51:4a:27:f8:1b:cb:83:3c:99:7b:9e:28:00:20:93:
de:29:41:99:b9:a1:5a:95:20:fd:40:d0:62:84:c1:41:2a:26:
77:a6:6d:86:ce:43:76:2a:d2:23:9b:75:48:a6:22:63:42:b3:
04:07:25:22:77:31:24:3a:a2:74:38:ff:cd:6b:3c:e9:1c:8b:
2a:00:43:d0:c6:26:83:71:10:90:c3:7a:42:e0:87:b8:f4:dc:
ba:05:21:75:d2:f1:47:08:7c:dc:7e:cb:a9:ee:c2:b4:8d:1b:
0a:97:9e:87:68:d2:47:4e:85:68:e3:24:0f:94:87:c7:e7:45:
32:98:4d:11:c6:3b:73:7a:eb:77:93:70:73:27:b6:ce:ab:32:
bc:22:c4:75:64:67:fd:bc:dc:bb:57:26:fd:ec:f9:49:f6:c3:
03:75:d8:0f:bd:d0:d0:98:e5:61:f2:b6:d9:b4:ae:41:f9:30:
06:44:dd:48:0d:fc:7e:d9:72:55:75:7e:ab:1d:1d:bf:be:49:
3c:08:92:47:37:5c:57:6a:7e:22:55:23:59:cd:9d:99:cb:4f:
90:b0:05:00
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYfbOknCimoaBBOFa+Gdu/KyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwNTAyMDY1MDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ0OTRmNTAwMTI4ODJmMzU2MzRiMmU3ZTdkYzEyMTg3MGEwY2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqZXZ9iCp37eEHz0Yjm7m2bVK4Ol1
xmidFnA3oI8JDQyYnTO6Y3xozE9wsyS8BprlsqzH6/5gDnZSG2Kml2zKBYHP79Rv
6PIz7xcc4PCJ06l3VyqcWocZqNP01H/xnLrNt97JguaUM5Zza3V0z3Xl1185TRyA
S1ttR/hai8ue6JHgo+RBOdZap5I4Q4afgZsfvuWrvpNe7PmvfWYvOFmcVREZBLIO
vS83dOIyX986AIVfp27A983E1dhH66VZJCGBGs2GJ+gkEoOOegyJPLpt57XaP5Xx
tbf7zouN4/8MP3lrVmqFoad6PV19oaMmCiz9M7VkcEn8BVsP1MRLvFB0BwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFLvUlPUAEogvNWNLLn59wSGHCgy/MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdTlTVTlRQVNpQzgxWTBzdWZuM0JJWWNLREw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALZdZAwQB
V3hAAwQBXHfEAwQAXmd+MAwDBABemqEDBAJemqADBAGTTmQDBAKrFkgDBACy1+wD
BAK52FQDBAK52lQDBAC52okDBAC5234wDQYJKoZIhvcNAQELBQADggEBAA5EkPZe
0BudD5ieMINg7AfSgqvvmXw8x1TICM7jAo4Y1FG7aUCINFFKJ/gby4M8mXueKAAg
k94pQZm5oVqVIP1A0GKEwUEqJnembYbOQ3Yq0iObdUimImNCswQHJSJ3MSQ6onQ4
/81rPOkciyoAQ9DGJoNxEJDDekLgh7j03LoFIXXS8UcIfNx+y6nuwrSNGwqXnodo
0kdOhWjjJA+Uh8fnRTKYTRHGO3N663eTcHMnts6rMrwixHVkZ/283LtXJv3s+Un2
wwN12A+90NCY5WHyttm0rkH5MAZE3UgN/H7ZclV1fqsdHb++STwIkkc3XFdqfiJV
I1nNnZnLT5CwBQA=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org