Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uhdTDgGqQT1EN0L2czCf9q3m_0U.roa
File: uhdTDgGqQT1EN0L2czCf9q3m_0U.roa (raw, json)
Hash identifier: F+Ud0fZAIPp1D0zE0HyVHiMDeaEwp4Gi43ljhFaBKwI=
Subject key identifier: BA:17:53:0E:01:AA:41:3D:44:37:42:F6:73:30:9F:F6:AD:E6:FF:45
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCCCA0CE7F9CEAC47DE0412FB90216
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uhdTDgGqQT1EN0L2czCf9q3m_0U.roa
Signing time: Tue 02 Jan 2024 06:29:22 +0000
ROA not before: Tue 02 Jan 2024 06:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
92.249.48.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:cc:a0:ce:7f:9c:ea:c4:7d:e0:41:2f:b9:02:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ba17530e01aa413d443742f673309ff6ade6ff45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:f0:af:a9:15:bf:4a:d6:2b:6b:af:5e:d3:72:
04:f4:80:d9:c9:a8:9b:d8:1e:02:ec:15:ea:e2:7c:
a2:8f:d7:4c:55:55:a9:d8:43:ca:69:83:1d:0e:4f:
3d:77:ed:68:13:2a:cc:f2:6b:c0:b6:5c:be:2d:79:
5e:a9:1b:7a:78:9a:72:74:c4:28:11:79:9e:e7:88:
fe:d7:b8:4c:81:ec:09:09:ef:8f:e2:4c:49:6e:27:
da:b9:31:cd:1f:26:20:49:be:70:8d:77:a5:4a:ec:
e4:67:03:ce:fb:11:26:66:d4:44:88:1d:1a:72:6f:
97:4a:15:28:f9:88:d8:7e:66:89:68:cb:40:8b:b4:
87:c9:22:40:95:b7:2a:23:b6:95:c5:11:31:27:c5:
3a:a7:76:a9:15:34:cb:6e:a4:97:a5:3f:93:e9:fb:
6c:fd:48:a7:6b:84:04:02:e1:ef:7f:54:6f:23:6a:
a8:ce:a8:3e:5e:26:98:24:38:09:03:f8:ee:1e:f3:
10:3e:ed:99:da:6d:8a:ae:f0:b8:d3:5a:f1:d9:2f:
40:9a:1c:23:9f:45:08:46:db:31:0b:43:1a:f4:1c:
01:ae:a7:6c:7d:6b:bd:72:16:9f:2a:77:33:6c:ef:
d3:8f:50:d6:c2:ac:13:2c:10:fc:84:72:59:30:52:
d0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:17:53:0E:01:AA:41:3D:44:37:42:F6:73:30:9F:F6:AD:E6:FF:45
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/uhdTDgGqQT1EN0L2czCf9q3m_0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
92.249.48.0/24
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
89:3a:65:81:0e:5d:2e:8c:0e:67:4f:02:d9:eb:72:ce:c5:8e:
63:5b:9d:a2:14:f1:79:db:28:93:76:fb:2f:82:c8:05:b0:91:
77:7d:b9:c7:4a:a2:00:07:6d:9c:2a:ba:f9:0b:a1:5c:38:ce:
06:5d:cc:18:86:3e:48:f1:e3:b9:e2:1a:75:15:6a:de:0a:27:
9b:9e:db:89:7e:54:03:98:ac:3d:9c:ea:3c:ca:e6:d5:2e:ff:
df:f8:3d:03:22:5b:ef:4f:ae:31:25:5b:a4:fa:f5:e1:3e:76:
7b:c0:84:be:32:99:a9:da:70:3d:83:10:4d:7b:80:8a:62:b3:
ee:86:8c:c8:82:05:29:a1:22:c4:4c:1f:29:54:a2:ee:2e:34:
72:58:6b:aa:ef:e7:3e:9c:48:9f:c0:0c:93:76:8b:49:d1:9c:
c8:97:52:0f:fb:a9:3e:70:93:e6:4a:93:06:d4:43:4f:f7:a3:
f3:74:98:29:65:45:07:e8:b6:7b:64:83:ff:bf:09:b9:7f:ca:
85:25:54:75:ed:f1:b6:f9:d7:92:dc:25:5e:c7:75:2c:58:8e:
4c:2d:f5:bf:cb:c0:48:31:d6:2e:5e:62:17:b9:8f:9c:dd:26:
97:c2:af:3b:2f:8a:11:af:2c:4f:8e:94:d9:98:2f:c5:9b:09:
2f:f2:0f:97
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYzI3Mygzn+c6sR94EEvuQIWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYTE3NTMwZTAxYWE0MTNkNDQzNzQyZjY3MzMwOWZmNmFkZTZmZjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvCvqRW/StYra69e03IE9IDZyaib
2B4C7BXq4nyij9dMVVWp2EPKaYMdDk89d+1oEyrM8mvAtly+LXleqRt6eJpydMQo
EXme54j+17hMgewJCe+P4kxJbifauTHNHyYgSb5wjXelSuzkZwPO+xEmZtREiB0a
cm+XShUo+YjYfmaJaMtAi7SHySJAlbcqI7aVxRExJ8U6p3apFTTLbqSXpT+T6fts
/Uina4QEAuHvf1RvI2qozqg+XiaYJDgJA/juHvMQPu2Z2m2KrvC401rx2S9Amhwj
n0UIRtsxC0Ma9BwBrqdsfWu9chafKnczbO/Tj1DWwqwTLBD8hHJZMFLQ+wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFLoXUw4BqkE9RDdC9nMwn/at5v9FMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdWhkVERnR3FRVDFFTjBMMmN6Q2Y5cTNtXzBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
WFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QDBABc+TAwDAMEAF6aoQME
Al6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfs
AwQCudhUAwQCudpUAwQAueKsAwQAueKvAwQAufywMA0GCSqGSIb3DQEBCwUAA4IB
AQCJOmWBDl0ujA5nTwLZ63LOxY5jW52iFPF52yiTdvsvgsgFsJF3fbnHSqIAB22c
Krr5C6FcOM4GXcwYhj5I8eO54hp1FWreCiebntuJflQDmKw9nOo8yubVLv/f+D0D
IlvvT64xJVuk+vXhPnZ7wIS+Mpmp2nA9gxBNe4CKYrPuhozIggUpoSLETB8pVKLu
LjRyWGuq7+c+nEifwAyTdotJ0ZzIl1IP+6k+cJPmSpMG1ENP96PzdJgpZUUH6LZ7
ZIP/vwm5f8qFJVR17fG2+deS3CVex3UsWI5MLfW/y8BIMdYuXmIXuY+c3SaXwq87
L4oRryxPjpTZmC/Fmwkv8g+X
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:17 2024 by rpki-client on console-ams.rpki-client.org