Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v4JEqnfF6exeHciIUrIVKigbyzc.roa
File: v4JEqnfF6exeHciIUrIVKigbyzc.roa (raw, json)
Hash identifier: +SYTcWYAo397Dqa/MlSfxaJ8K7KhEQK92uZeWzM18XQ=
Subject key identifier: BF:82:44:AA:77:C5:E9:EC:5E:1D:C8:88:52:B2:15:2A:28:1B:CB:37
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018D0DBFF7CB5C091EB42858D0399DF4CAA8
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v4JEqnfF6exeHciIUrIVKigbyzc.roa
Signing time: Mon 15 Jan 2024 15:31:41 +0000
ROA not before: Mon 15 Jan 2024 15:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
45.84.89.0/24 maxlen: 24
185.226.173.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jan 2024 14:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:bf:f7:cb:5c:09:1e:b4:28:58:d0:39:9d:f4:ca:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 15 15:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bf8244aa77c5e9ec5e1dc88852b2152a281bcb37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ed:97:d6:47:ce:cf:88:2a:23:f5:83:34:ef:
71:f1:42:e9:a5:a6:3d:17:cf:4d:53:c1:66:56:71:
cd:f9:53:01:72:6f:ea:91:8e:a4:e6:fd:ff:a3:3f:
51:fc:fc:ed:d4:4b:16:cb:52:58:6f:a4:c0:69:b7:
6a:82:6a:c4:51:d4:97:29:8a:20:29:e8:4d:f3:f5:
63:31:75:af:13:1b:d9:99:be:bf:1a:a2:81:2f:d5:
2c:a4:26:8d:17:e7:a9:79:3b:09:0c:c8:d1:74:c4:
7b:31:2d:c8:8d:af:16:77:a0:d1:39:57:37:2c:83:
0f:dd:6d:8d:1a:f6:6d:6f:b8:45:f1:dd:7a:21:ec:
d8:d4:20:49:a7:9d:e3:a4:5d:d2:26:1c:3d:b3:84:
4e:94:e5:70:db:44:8f:4a:83:e7:bf:6e:95:8c:74:
41:42:d9:10:3b:1e:f7:dd:71:77:b5:18:1c:c9:03:
20:9c:5e:78:55:72:c2:fc:60:f2:55:2b:e3:74:36:
18:9d:30:0c:30:d3:d3:33:7e:dc:59:94:50:d3:a9:
4f:1c:e6:92:f8:96:62:7a:b8:f3:fb:fc:94:34:9c:
f6:a9:d2:8e:1c:78:57:87:81:1b:af:7c:8f:94:96:
40:b0:cf:bf:12:4c:cc:fc:15:2f:f1:8b:fc:67:1f:
32:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:82:44:AA:77:C5:E9:EC:5E:1D:C8:88:52:B2:15:2A:28:1B:CB:37
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/v4JEqnfF6exeHciIUrIVKigbyzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.89.0/24
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
94.154.161.0-94.154.163.255
94.154.172.0/24
94.156.239.0/24
147.78.101.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.226.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.173.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
67:04:c7:11:45:c6:b5:e5:4f:f9:ff:a5:b7:4c:63:bf:07:55:
05:82:7f:d7:82:1b:a6:27:ab:f4:63:6f:5e:61:28:3f:16:07:
d8:cc:d4:1f:44:c1:fd:6e:b8:28:47:cf:37:03:78:7e:b4:8c:
62:29:b9:b4:b5:f4:3d:88:73:7a:11:6c:dd:53:48:5f:43:9d:
71:50:9f:18:cd:14:68:c2:75:5e:58:80:7b:18:4f:2e:98:70:
b5:cd:35:a3:ef:b1:70:c4:21:57:2c:59:d1:f5:ca:d7:8a:01:
86:9a:89:39:b1:3c:19:b0:9c:51:8b:ed:b4:3a:be:bb:0a:75:
22:04:d5:6c:9f:d1:fc:20:1f:07:ac:02:df:24:65:30:04:82:
87:ff:d4:fd:51:2c:a4:c0:81:b7:fc:48:16:b2:2f:53:31:ab:
ed:5c:ad:38:56:15:2f:60:37:39:f6:5c:4d:c8:1d:c0:84:26:
8c:2f:db:27:fb:66:62:1a:88:cd:17:7d:d4:25:a8:4f:2a:15:
7e:bb:aa:23:09:9a:af:ea:22:3f:78:2d:eb:3b:0a:dc:d0:4d:
c7:54:7a:57:4b:3f:31:bc:5b:c0:dc:e1:75:14:0e:c0:85:98:
f9:f0:4c:ba:e1:a9:45:3f:05:0b:fa:96:d8:c7:d1:a0:4c:c6:
fa:81:71:b4
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY0Nv/fLXAketChY0Dmd9MqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTE1MTUzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjgyNDRhYTc3YzVlOWVjNWUxZGM4ODg1MmIyMTUyYTI4MWJjYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+2X1kfOz4gqI/WDNO9x8ULppaY9
F89NU8FmVnHN+VMBcm/qkY6k5v3/oz9R/Pzt1EsWy1JYb6TAabdqgmrEUdSXKYog
KehN8/VjMXWvExvZmb6/GqKBL9UspCaNF+epeTsJDMjRdMR7MS3Ija8Wd6DROVc3
LIMP3W2NGvZtb7hF8d16IezY1CBJp53jpF3SJhw9s4ROlOVw20SPSoPnv26VjHRB
QtkQOx733XF3tRgcyQMgnF54VXLC/GDyVSvjdDYYnTAMMNPTM37cWZRQ06lPHOaS
+JZierjz+/yUNJz2qdKOHHhXh4Ebr3yPlJZAsM+/EkzM/BUv8Yv8Zx8yaQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFL+CRKp3xensXh3IiFKyFSooG8s3MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdjRKRXFuZkY2ZXhlSGNpSVVySVZLaWdieXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAAt
VFkDBAAtWFoDBAAtl1kDBABXeFcDBABXeS0DBABXed0DBAFcd8QwDAMEAF6aoQME
Al6aoAMEAF6arAMEAF6c7zAMAwQAk05lAwQAk05mAwQCqxZIAwQAstfgAwQAstfi
AwQAstfsAwQCudhUAwQCudpUAwQAueKtAwQAueKvAwQAufywMA0GCSqGSIb3DQEB
CwUAA4IBAQBnBMcRRca15U/5/6W3TGO/B1UFgn/XghumJ6v0Y29eYSg/FgfYzNQf
RMH9brgoR883A3h+tIxiKbm0tfQ9iHN6EWzdU0hfQ51xUJ8YzRRownVeWIB7GE8u
mHC1zTWj77FwxCFXLFnR9crXigGGmok5sTwZsJxRi+20Or67CnUiBNVsn9H8IB8H
rALfJGUwBIKH/9T9USykwIG3/EgWsi9TMavtXK04VhUvYDc59lxNyB3AhCaML9sn
+2ZiGojNF33UJahPKhV+u6ojCZqv6iI/eC3rOwrc0E3HVHpXSz8xvFvA3OF1FA7A
hZj58Ey64alFPwUL+pbYx9GgTMb6gXG0
-----END CERTIFICATE-----
Generated at Wed Jan 17 18:46:45 2024 by rpki-client on console-ams.rpki-client.org