Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yrVd01yHNE5fHe_rKRWxvpsl98A.roa
File: yrVd01yHNE5fHe_rKRWxvpsl98A.roa (raw, json)
Hash identifier: NxEwBu5KhwkLYJur2rT6LsiN45qkURkAD6Sf/MOXZ6E=
Subject key identifier: CA:B5:5D:D3:5C:87:34:4E:5F:1D:EF:EB:29:15:B1:BE:9B:25:F7:C0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018B433630ACDF3880FC4337592DDFDE9171
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yrVd01yHNE5fHe_rKRWxvpsl98A.roa
Signing time: Wed 18 Oct 2023 14:35:06 +0000
ROA not before: Wed 18 Oct 2023 14:35:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197450
IP address blocks: 87.120.166.0/24 maxlen: 24
87.121.44.0/24 maxlen: 24
87.121.46.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
45.128.233.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
185.221.64.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:43:36:30:ac:df:38:80:fc:43:37:59:2d:df:de:91:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 18 14:35:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cab55dd35c87344e5f1defeb2915b1be9b25f7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:bd:40:79:cf:43:e4:cc:cb:87:1f:3f:9f:da:
fa:0b:84:75:79:ae:e8:bb:c2:4b:fc:3a:3d:a6:32:
21:e6:df:8a:a3:e1:b3:84:3a:32:1a:14:16:d6:4f:
74:a6:93:5e:4c:9a:55:44:1d:6d:d2:e7:86:29:d7:
bd:09:62:11:85:c5:e5:76:73:12:13:1a:b2:ce:bc:
98:33:49:47:43:bd:a1:82:de:76:97:ba:f3:dc:03:
3b:12:21:79:24:d1:c2:12:d1:09:83:12:1c:92:ca:
37:a5:84:6f:99:cb:ef:25:d0:39:b8:0b:12:93:e5:
e0:e3:93:b2:fb:62:63:b5:3c:9d:ec:bc:b4:d9:b0:
a1:46:3f:f4:2f:55:2e:53:da:11:f1:ca:b8:96:0d:
c9:de:f8:39:aa:db:9b:4e:bb:be:56:33:d8:53:5b:
29:8b:1b:9b:7a:d7:d3:e6:21:69:e9:0b:ee:a7:9b:
24:8c:28:1d:07:2c:1e:21:ca:4d:f4:43:5c:df:dc:
87:fb:5d:c4:29:94:87:8e:08:36:21:a8:0f:39:c8:
f0:6f:ec:92:77:ac:73:64:cd:82:59:3c:d0:a6:fa:
f8:7a:7a:37:38:cf:6b:8d:10:06:3c:c3:05:bc:6f:
50:5d:03:c0:89:54:21:4d:58:75:53:c1:f8:90:57:
10:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:B5:5D:D3:5C:87:34:4E:5F:1D:EF:EB:29:15:B1:BE:9B:25:F7:C0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yrVd01yHNE5fHe_rKRWxvpsl98A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.233.0/24
85.31.47.0/24
87.120.166.0/24
87.121.44.0/24
87.121.46.0/24
94.156.79.0/24
185.221.64.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:cc:e9:24:97:b1:58:b1:1e:58:e9:aa:2d:48:e3:67:87:43:
d3:1f:c6:06:da:88:ec:bd:7f:57:44:06:a6:a7:12:bb:df:fe:
b9:8d:65:10:90:1d:3e:94:0e:19:e7:1e:d3:ea:bf:8a:a2:ad:
4c:1f:e9:f0:ff:d9:84:8d:4e:c1:a1:f5:33:09:32:f7:f4:db:
d0:0c:c8:b5:8a:c6:53:dd:53:58:77:44:78:df:92:7b:fd:3d:
d2:86:aa:a3:7b:79:1c:5c:1c:e2:67:81:0b:32:25:a5:36:1d:
25:30:66:84:c8:22:16:96:41:9d:f7:ec:13:0d:39:04:42:43:
36:ae:16:a0:63:b5:1a:8c:d6:fa:12:86:9c:f9:05:3a:b8:6f:
b0:6d:ab:05:49:f9:27:38:86:74:f6:77:41:dd:0d:ee:4c:b5:
ae:52:4d:e3:f3:9d:d9:66:b2:c3:e1:e8:b7:fa:f5:d1:86:80:
bc:5b:3e:86:c9:32:63:76:e7:11:1b:72:bc:39:5b:96:68:cd:
bf:44:f4:84:6c:49:af:17:0a:81:6b:49:0d:ad:98:78:18:92:
27:93:d8:19:31:38:de:31:07:72:3e:67:bb:6d:df:6a:da:8a:
d5:91:c8:c9:48:cf:62:ee:b1:ad:40:82:45:a5:c2:1a:76:1d:
c9:eb:19:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYtDNjCs3ziA/EM3WS3f3pFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMDE4MTQzNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWI1NWRkMzVjODczNDRlNWYxZGVmZWIyOTE1YjFiZTliMjVmN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoL1Aec9D5MzLhx8/n9r6C4R1ea7o
u8JL/Do9pjIh5t+Ko+GzhDoyGhQW1k90ppNeTJpVRB1t0ueGKde9CWIRhcXldnMS
ExqyzryYM0lHQ72hgt52l7rz3AM7EiF5JNHCEtEJgxIckso3pYRvmcvvJdA5uAsS
k+Xg45Oy+2JjtTyd7Ly02bChRj/0L1UuU9oR8cq4lg3J3vg5qtubTru+VjPYU1sp
ixubetfT5iFp6Qvup5skjCgdByweIcpN9ENc39yH+13EKZSHjgg2IagPOcjwb+yS
d6xzZM2CWTzQpvr4eno3OM9rjRAGPMMFvG9QXQPAiVQhTVh1U8H4kFcQlQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMq1XdNchzROXx3v6ykVsb6bJffAMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveXJWZDAxeUhORTVmSGVfcktSV3h2cHNsOThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALYDpAwQA
VR8vAwQAV3imAwQAV3ksAwQAV3kuAwQAXpxPAwQAud1AMA0GCSqGSIb3DQEBCwUA
A4IBAQB6zOkkl7FYsR5Y6aotSONnh0PTH8YG2ojsvX9XRAampxK73/65jWUQkB0+
lA4Z5x7T6r+Koq1MH+nw/9mEjU7BofUzCTL39NvQDMi1isZT3VNYd0R435J7/T3S
hqqje3kcXBziZ4ELMiWlNh0lMGaEyCIWlkGd9+wTDTkEQkM2rhagY7UajNb6Eoac
+QU6uG+wbasFSfknOIZ09ndB3Q3uTLWuUk3j853ZZrLD4ei3+vXRhoC8Wz6GyTJj
ducRG3K8OVuWaM2/RPSEbEmvFwqBa0kNrZh4GJInk9gZMTjeMQdyPme7bd9q2orV
kcjJSM9i7rGtQIJFpcIadh3J6xnB
-----END CERTIFICATE-----
Generated at Thu Nov 16 09:42:26 2023 by rpki-client on console-ams.rpki-client.org