Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa
File: zZILdOBmi4_lCFfYFu2O5e7yGOg.roa (raw, json)
Hash identifier: 059ikwdGCxoLque5bB5EjGRInjU63zc5CDVDFL1K0Os=
Subject key identifier: CD:92:0B:74:E0:66:8B:8F:E5:08:57:D8:16:ED:8E:E5:EE:F2:18:E8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018C80F3204D94BF6873C27127464C7E5DB4
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa
Signing time: Tue 19 Dec 2023 07:21:06 +0000
ROA not before: Tue 19 Dec 2023 07:21:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 185.218.84.0/22 maxlen: 24
178.215.224.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
171.22.72.0/22 maxlen: 24
185.252.176.0/24 maxlen: 24
147.78.101.0/24 maxlen: 24
147.78.100.0/24 maxlen: 24
147.78.102.0/24 maxlen: 24
185.226.172.0/24 maxlen: 24
185.226.175.0/24 maxlen: 24
92.119.196.0/23 maxlen: 24
185.216.84.0/22 maxlen: 24
45.88.90.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
93.123.116.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.154.161.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
45.151.89.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:80:f3:20:4d:94:bf:68:73:c2:71:27:46:4c:7e:5d:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 19 07:21:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd920b74e0668b8fe50857d816ed8ee5eef218e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:3d:3a:95:64:b8:13:ec:3e:98:f6:f9:6a:53:
dc:70:8c:86:68:a4:9e:42:2a:ac:ca:1c:69:1a:39:
c0:e6:30:e4:33:16:ea:4d:f5:15:56:d1:e7:8b:54:
f0:f7:1a:52:4d:dc:af:35:08:32:36:a1:a4:3d:6b:
a0:d3:15:ce:73:72:30:cc:43:0d:88:8e:ab:0f:2c:
61:61:e7:68:bf:e9:5b:40:bf:82:2b:06:1f:0c:de:
ba:d6:57:89:e6:7d:3c:1b:53:3a:73:b9:71:d0:4e:
e9:15:52:86:54:65:f1:e5:0f:de:1d:99:e7:64:6a:
e7:3c:61:55:73:2d:16:9b:7a:6b:ed:30:66:4f:58:
96:07:e6:a4:48:a4:e2:00:8c:f7:c6:8b:7f:0c:94:
62:53:74:62:aa:9d:28:39:c2:6c:07:d0:14:5c:54:
ef:1a:1a:79:e9:7c:62:eb:b2:86:50:ae:4f:13:57:
e4:3b:52:51:b7:83:58:d8:d9:24:4a:9d:09:c9:f1:
50:79:e4:16:2c:c5:d4:c6:49:99:26:2f:6e:b0:63:
31:d1:25:32:33:42:26:39:a3:84:fe:13:36:36:4c:
3b:a5:48:53:ff:31:c9:b2:8d:68:f4:fb:ee:e2:fe:
15:79:63:c9:7d:f3:93:c1:92:a0:eb:61:c8:07:6d:
49:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:92:0B:74:E0:66:8B:8F:E5:08:57:D8:16:ED:8E:E5:EE:F2:18:E8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zZILdOBmi4_lCFfYFu2O5e7yGOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.90.0/24
45.151.89.0/24
87.120.87.0/24
87.121.45.0/24
87.121.221.0/24
92.119.196.0/23
93.123.116.0/24
94.154.161.0-94.154.163.255
94.156.239.0/24
147.78.100.0-147.78.102.255
171.22.72.0/22
178.215.224.0/24
178.215.236.0/24
185.216.84.0/22
185.218.84.0/22
185.226.172.0/24
185.226.175.0/24
185.252.176.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:62:cf:82:6b:19:66:55:be:c3:f3:10:d2:93:d8:2f:e5:34:
e8:8c:69:f2:ed:8a:3a:4e:13:09:55:0b:7b:97:b1:b9:5d:53:
61:f8:c8:ae:6f:10:a5:4c:df:a3:28:c6:5b:b0:c4:aa:fe:5e:
12:f6:d1:6b:61:fd:3c:32:bd:d8:2b:7c:42:df:df:69:22:19:
cd:f8:a1:72:15:52:7d:17:ba:a0:22:b8:db:24:a5:29:1c:b0:
04:0d:6e:03:41:b5:32:6e:69:e2:db:60:7c:4f:64:c3:02:39:
3c:03:e6:1e:a9:a9:3b:0a:bf:b4:b9:fb:43:48:1c:ca:43:e4:
3d:08:90:86:b3:98:eb:b8:03:8a:9b:80:c7:2a:dd:29:6d:b1:
04:f7:4f:0c:ed:d3:b7:59:d2:28:45:8a:c4:07:49:81:9d:b8:
fd:71:7d:82:b4:b5:22:87:90:1b:fd:a8:71:88:f4:bf:2c:39:
1d:75:57:31:c2:6c:ab:7b:ba:54:01:f4:78:30:c9:20:04:84:
2d:11:d9:b2:47:34:88:1c:75:1e:f7:89:9c:c8:84:3b:67:0a:
64:bd:81:77:ec:f8:48:dd:3b:c3:2f:2f:3b:a1:8b:d0:25:94:
fa:5e:2e:8c:e1:12:5e:3c:5f:12:45:2a:70:89:0d:4e:fc:81:
35:00:4b:5c
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYyA8yBNlL9oc8JxJ0ZMfl20MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMxMjE5MDcyMTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDkyMGI3NGUwNjY4YjhmZTUwODU3ZDgxNmVkOGVlNWVlZjIxOGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnT06lWS4E+w+mPb5alPccIyGaKSe
QiqsyhxpGjnA5jDkMxbqTfUVVtHni1Tw9xpSTdyvNQgyNqGkPWug0xXOc3IwzEMN
iI6rDyxhYedov+lbQL+CKwYfDN661leJ5n08G1M6c7lx0E7pFVKGVGXx5Q/eHZnn
ZGrnPGFVcy0Wm3pr7TBmT1iWB+akSKTiAIz3xot/DJRiU3Riqp0oOcJsB9AUXFTv
Ghp56Xxi67KGUK5PE1fkO1JRt4NY2NkkSp0JyfFQeeQWLMXUxkmZJi9usGMx0SUy
M0ImOaOE/hM2Nkw7pUhT/zHJso1o9Pvu4v4VeWPJffOTwZKg62HIB21JiQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFM2SC3TgZouP5QhX2BbtjuXu8hjoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvelpJTGRPQm1pNF9sQ0ZmWUZ1Mk81ZTd5R09nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAC1Y
WgMEAC2XWQMEAFd4VwMEAFd5LQMEAFd53QMEAVx3xAMEAF17dDAMAwQAXpqhAwQC
XpqgAwQAXpzvMAwDBAKTTmQDBACTTmYDBAKrFkgDBACy1+ADBACy1+wDBAK52FQD
BAK52lQDBAC54qwDBAC54q8DBAC5/LAwDQYJKoZIhvcNAQELBQADggEBAA9iz4Jr
GWZVvsPzENKT2C/lNOiMafLtijpOEwlVC3uXsbldU2H4yK5vEKVM36MoxluwxKr+
XhL20Wth/TwyvdgrfELf32kiGc34oXIVUn0XuqAiuNskpSkcsAQNbgNBtTJuaeLb
YHxPZMMCOTwD5h6pqTsKv7S5+0NIHMpD5D0IkIazmOu4A4qbgMcq3SltsQT3Twzt
07dZ0ihFisQHSYGduP1xfYK0tSKHkBv9qHGI9L8sOR11VzHCbKt7ulQB9HgwySAE
hC0R2bJHNIgcdR73iZzIhDtnCmS9gXfs+EjdO8MvLzuhi9AllPpeLozhEl48XxJF
KnCJDU78gTUAS1w=
-----END CERTIFICATE-----
Generated at Tue Dec 19 11:56:18 2023 by rpki-client on console-ams.rpki-client.org