Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yt7EYDsYd1rCIf75YwiR_MYeQbw.roa
File: yt7EYDsYd1rCIf75YwiR_MYeQbw.roa (raw, json)
Hash identifier: gJf1cbOheHeI5eD0IWjiquH9tHRPlViFm8wniolLSsg=
Subject key identifier: CA:DE:C4:60:3B:18:77:5A:C2:21:FE:F9:63:08:91:FC:C6:1E:41:BC
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018A220C35B68735BB5CB8C0201C77D7E337
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yt7EYDsYd1rCIf75YwiR_MYeQbw.roa
Signing time: Wed 23 Aug 2023 10:59:00 +0000
ROA not before: Wed 23 Aug 2023 10:59:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
164.40.185.0/24 maxlen: 24
45.14.166.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
45.14.167.0/24 maxlen: 24
45.8.94.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:22:0c:35:b6:87:35:bb:5c:b8:c0:20:1c:77:d7:e3:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 23 10:59:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cadec4603b18775ac221fef9630891fcc61e41bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:f9:29:ef:7b:41:7c:2d:e2:0c:93:81:ac:a6:
c5:ff:c6:86:a1:f0:09:bc:3e:ef:12:7f:4b:33:31:
ba:67:4d:67:6e:b0:c9:e2:aa:17:90:50:a6:c5:88:
63:ab:3b:dc:83:34:c3:45:9f:f4:43:d3:0e:e2:7e:
2b:8d:f6:e9:7f:69:74:e1:27:e2:da:47:8e:d1:7c:
f1:cc:7f:5a:b9:1c:e1:b1:dc:a2:40:ac:a0:a4:fd:
f1:b7:99:30:5f:4b:a2:7e:d9:fc:df:1b:ad:0e:82:
03:ec:3b:41:fd:b3:22:88:14:a9:bc:4e:47:5f:af:
53:d5:96:19:6e:71:06:00:5a:f4:02:79:0b:24:1c:
09:d3:b0:92:1e:4e:e0:69:3a:36:15:6b:e3:32:94:
e2:bc:d1:b1:a0:4f:0f:d2:0d:b4:bf:d9:dd:f8:72:
4f:91:b1:81:37:30:c5:cf:3d:6d:9b:c9:73:96:75:
17:22:ae:de:df:43:f2:7f:11:7a:c4:49:b5:3e:04:
df:99:d4:b5:4b:bc:1e:7c:c7:70:94:c6:0c:47:38:
43:66:23:69:d9:e6:37:95:46:ed:a6:35:44:c5:dd:
95:03:4f:fb:ca:6e:b2:f6:37:4b:56:c1:8a:8b:30:
d6:6b:a6:b3:f2:dc:53:a2:3e:3d:a5:7b:5e:fb:6b:
c5:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:DE:C4:60:3B:18:77:5A:C2:21:FE:F9:63:08:91:FC:C6:1E:41:BC
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/yt7EYDsYd1rCIf75YwiR_MYeQbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.94.0/24
45.14.166.0/23
83.219.99.0/24
87.120.68.0/23
93.123.74.0/23
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:a6:3d:c7:02:10:92:f6:57:3a:d5:f2:c0:93:f0:20:b1:36:
30:b4:00:d2:fa:8d:21:6a:8d:f6:b0:53:40:b6:24:32:3b:2a:
f9:8d:73:60:f2:4e:c1:7b:90:79:f7:e5:dd:02:f7:39:cf:74:
bf:67:78:54:10:5e:d4:d8:37:98:50:01:c0:f6:e1:01:bf:91:
64:ed:7e:af:77:69:86:4b:ac:99:1b:0a:9b:6c:1b:74:7e:02:
e8:44:f3:d2:e7:3b:b9:34:cd:7b:45:04:b4:44:19:88:73:1c:
9f:dd:91:ff:b5:ce:78:fe:fb:3a:92:6d:08:83:82:fb:9e:f8:
8b:8a:bb:fd:3c:1e:17:96:12:c1:19:66:97:be:8f:8b:5d:aa:
d6:a5:9e:cc:55:45:5b:8d:7a:dd:6c:10:a3:9b:56:0f:22:71:
21:b6:93:59:e0:5e:88:a4:9e:9b:da:af:a5:c1:0b:f2:da:de:
15:d9:ac:17:80:cb:15:c9:91:47:6e:75:23:34:53:d2:bf:1a:
26:dc:06:98:ac:f5:ee:11:c0:de:d3:55:b2:fd:47:b0:64:61:
11:5f:c5:ca:41:88:2b:8b:f5:0e:f2:b8:bd:4e:8c:55:57:67:
7b:0f:c5:d5:e8:87:f8:18:11:16:9a:78:fb:f8:ac:44:ec:54:
39:0c:3e:e5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYoiDDW2hzW7XLjAIBx31+M3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwODIzMTA1OTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWRlYzQ2MDNiMTg3NzVhYzIyMWZlZjk2MzA4OTFmY2M2MWU0MWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgvkp73tBfC3iDJOBrKbF/8aGofAJ
vD7vEn9LMzG6Z01nbrDJ4qoXkFCmxYhjqzvcgzTDRZ/0Q9MO4n4rjfbpf2l04Sfi
2keO0XzxzH9auRzhsdyiQKygpP3xt5kwX0uiftn83xutDoID7DtB/bMiiBSpvE5H
X69T1ZYZbnEGAFr0AnkLJBwJ07CSHk7gaTo2FWvjMpTivNGxoE8P0g20v9nd+HJP
kbGBNzDFzz1tm8lzlnUXIq7e30PyfxF6xEm1PgTfmdS1S7wefMdwlMYMRzhDZiNp
2eY3lUbtpjVExd2VA0/7ym6y9jdLVsGKizDWa6az8txToj49pXte+2vFgQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMrexGA7GHdawiH++WMIkfzGHkG8MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveXQ3RVlEc1lkMXJDSWY3NVl3aVJfTVllUWJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQheAwQB
LQ6mAwQAU9tjAwQBV3hEAwQBXXtKAwQApCi5MA0GCSqGSIb3DQEBCwUAA4IBAQCt
pj3HAhCS9lc61fLAk/AgsTYwtADS+o0hao32sFNAtiQyOyr5jXNg8k7Be5B59+Xd
Avc5z3S/Z3hUEF7U2DeYUAHA9uEBv5Fk7X6vd2mGS6yZGwqbbBt0fgLoRPPS5zu5
NM17RQS0RBmIcxyf3ZH/tc54/vs6km0Ig4L7nviLirv9PB4XlhLBGWaXvo+LXarW
pZ7MVUVbjXrdbBCjm1YPInEhtpNZ4F6IpJ6b2q+lwQvy2t4V2awXgMsVyZFHbnUj
NFPSvxom3AaYrPXuEcDe01Wy/UewZGERX8XKQYgri/UO8ri9ToxVV2d7D8XV6If4
GBEWmnj7+KxE7FQ5DD7l
-----END CERTIFICATE-----
Generated at Wed Aug 23 11:59:26 2023 by rpki-client on console-ams.rpki-client.org