Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/X7bMqJAyZ98OBmvOlxiBmbgcuvA.roa
File: X7bMqJAyZ98OBmvOlxiBmbgcuvA.roa (raw, json)
Hash identifier: KSO/gVb//tLLMSL2ZccQbsSBAFeVYZvX1j9abfPBZHQ=
Subject key identifier: 5F:B6:CC:A8:90:32:67:DF:0E:06:6B:CE:97:18:81:99:B8:1C:BA:F0
Certificate issuer: /CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Certificate serial: 01856F42B49B1E3E77941F1B670382C4ADCC
Authority key identifier: 90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/X7bMqJAyZ98OBmvOlxiBmbgcuvA.roa
Signing time: Sun 01 Jan 2023 21:35:20 +0000
ROA not before: Sun 01 Jan 2023 21:35:20 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35224
IP address blocks: 94.231.240.0/24 maxlen: 24
94.231.244.0/22 maxlen: 22
94.231.242.0/23 maxlen: 23
94.231.241.0/24 maxlen: 24
94.231.249.0/24 maxlen: 24
94.231.248.0/24 maxlen: 24
94.231.250.0/24 maxlen: 24
94.231.252.0/24 maxlen: 24
94.231.251.0/24 maxlen: 24
94.231.253.0/24 maxlen: 24
185.9.253.0/24 maxlen: 24
185.9.252.0/24 maxlen: 24
185.9.255.0/24 maxlen: 24
185.9.254.0/24 maxlen: 24
94.231.254.0/24 maxlen: 24
94.231.255.0/24 maxlen: 24
193.239.92.0/22 maxlen: 22
92.118.0.0/22 maxlen: 22
45.150.0.0/22 maxlen: 22
195.222.116.0/22 maxlen: 22
91.189.96.0/24 maxlen: 24
91.189.98.0/24 maxlen: 24
91.189.97.0/24 maxlen: 24
91.189.100.0/24 maxlen: 24
91.189.99.0/24 maxlen: 24
91.189.102.0/24 maxlen: 24
91.189.101.0/24 maxlen: 24
91.189.103.0/24 maxlen: 24
193.239.186.0/23 maxlen: 23
45.66.76.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:b4:9b:1e:3e:77:94:1f:1b:67:03:82:c4:ad:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90d753a2547e03a4b0d2f91c70e9ce4e44680418
Validity
Not Before: Jan 1 21:35:20 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fb6cca8903267df0e066bce97188199b81cbaf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:06:7a:13:51:4e:2d:90:0f:8e:d3:6e:cd:dc:
34:d6:5f:1d:c6:f7:7f:30:cc:e5:f6:07:5f:b9:77:
67:12:99:fd:77:ca:1a:83:63:6b:2f:5a:e2:7c:89:
03:b7:eb:d0:ef:a7:42:c8:18:95:41:33:40:5a:34:
64:c9:77:67:02:03:cd:82:7f:fb:3d:54:e2:ad:51:
38:be:c6:ac:c2:b2:1e:1e:df:1b:31:a5:24:01:5f:
fe:aa:17:82:4c:1f:69:c1:53:23:ee:f6:02:4c:eb:
ff:1d:db:87:27:7b:eb:b0:bd:6f:e7:92:e5:fa:f4:
60:a4:57:ba:69:8c:b1:6b:7c:93:7e:96:cd:9c:2f:
6c:ce:a0:f4:39:2a:df:ca:7e:f4:fe:27:34:1b:cc:
96:06:29:aa:7d:26:98:55:06:c9:20:33:d5:77:b4:
8a:1a:55:4a:6e:fc:84:9b:05:25:e9:41:36:cc:54:
7e:3f:34:66:06:8d:cb:8e:2b:ac:58:ca:55:15:b5:
d5:55:36:02:24:c5:47:73:6f:87:fd:1e:00:ca:97:
90:f5:75:10:55:36:68:aa:43:ab:0a:ae:51:d9:31:
3e:57:9f:fb:04:e1:06:51:8e:6a:ac:e5:59:50:0b:
1f:21:0d:5a:90:c1:4a:dc:7c:3d:80:8c:d4:1e:66:
af:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:B6:CC:A8:90:32:67:DF:0E:06:6B:CE:97:18:81:99:B8:1C:BA:F0
X509v3 Authority Key Identifier:
keyid:90:D7:53:A2:54:7E:03:A4:B0:D2:F9:1C:70:E9:CE:4E:44:68:04:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNdTolR-A6Sw0vkccOnOTkRoBBg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/X7bMqJAyZ98OBmvOlxiBmbgcuvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/cc9099-7101-472e-aefc-5eb66bce318d/1/kNdTolR-A6Sw0vkccOnOTkRoBBg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.76.0/22
45.150.0.0/22
91.189.96.0/21
92.118.0.0/22
94.231.240.0/20
185.9.252.0/22
193.239.92.0/22
193.239.186.0/23
195.222.116.0/22
Signature Algorithm: sha256WithRSAEncryption
0e:4a:0e:00:28:f9:be:de:d6:5d:ea:af:49:58:d4:48:bf:cf:
e1:ac:05:13:fe:44:72:c4:12:b9:df:c9:c8:5c:9b:79:77:f8:
f2:58:e1:bc:17:b4:fb:7e:fe:98:c6:37:33:07:c2:b3:a2:c7:
b4:3e:85:f1:ef:15:03:29:86:4d:fe:50:0f:86:4b:d1:0c:7d:
1b:c2:25:d9:c2:33:e0:1f:a0:72:72:dc:12:14:e4:5b:21:b8:
5d:90:12:05:72:e4:08:69:3d:c9:aa:6a:94:3b:5f:e1:12:1e:
f1:78:db:6e:d6:0b:53:68:ab:bd:c4:bc:07:e7:7a:a6:91:b1:
24:41:47:33:73:ad:57:93:b7:c4:04:a8:3c:32:c2:0b:f8:b4:
6e:7b:a8:2e:55:45:97:bc:78:5a:c1:81:87:be:ed:8e:10:3b:
a6:3f:51:e2:1a:36:1d:d6:d6:a3:b3:8c:e8:a6:9d:04:96:c4:
67:c1:fd:ea:3d:d3:5e:18:92:0d:33:c8:48:be:42:68:fd:9f:
59:c4:c6:7d:06:da:c8:0e:11:65:a5:be:86:4e:34:30:3b:bf:
5a:e5:52:2a:8b:09:b1:2b:91:03:97:ac:ab:74:f9:eb:05:25:
53:9e:5d:f8:8b:9c:77:55:39:2c:8e:ee:f7:92:9f:7a:ba:31:
28:a4:49:84
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVvQrSbHj53lB8bZwOCxK3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZDc1M2EyNTQ3ZTAzYTRiMGQyZjkxYzcwZTljZTRlNDQ2
ODA0MTgwHhcNMjMwMTAxMjEzNTIwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmI2Y2NhODkwMzI2N2RmMGUwNjZiY2U5NzE4ODE5OWI4MWNiYWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AZ6E1FOLZAPjtNuzdw01l8dxvd/
MMzl9gdfuXdnEpn9d8oag2NrL1rifIkDt+vQ76dCyBiVQTNAWjRkyXdnAgPNgn/7
PVTirVE4vsaswrIeHt8bMaUkAV/+qheCTB9pwVMj7vYCTOv/HduHJ3vrsL1v55Ll
+vRgpFe6aYyxa3yTfpbNnC9szqD0OSrfyn70/ic0G8yWBimqfSaYVQbJIDPVd7SK
GlVKbvyEmwUl6UE2zFR+PzRmBo3LjiusWMpVFbXVVTYCJMVHc2+H/R4AypeQ9XUQ
VTZoqkOrCq5R2TE+V5/7BOEGUY5qrOVZUAsfIQ1akMFK3Hw9gIzUHmavHQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFF+2zKiQMmffDgZrzpcYgZm4HLrwMB8GA1UdIwQY
MBaAFJDXU6JUfgOksNL5HHDpzk5EaAQYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMt
NWViNjZiY2UzMThkLzEvWDdiTXFKQXlaOThPQm12T2x4aUJtYmdjdXZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9jYzkwOTktNzEwMS00NzJlLWFlZmMtNWViNjZiY2UzMThk
LzEva05kVG9sUi1BNlN3MHZrY2NPbk9Ua1JvQkJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCLUJMAwQC
LZYAAwQDW71gAwQCXHYAAwQEXufwAwQCuQn8AwQCwe9cAwQBwe+6AwQCw950MA0G
CSqGSIb3DQEBCwUAA4IBAQAOSg4AKPm+3tZd6q9JWNRIv8/hrAUT/kRyxBK538nI
XJt5d/jyWOG8F7T7fv6YxjczB8Kzose0PoXx7xUDKYZN/lAPhkvRDH0bwiXZwjPg
H6ByctwSFORbIbhdkBIFcuQIaT3JqmqUO1/hEh7xeNtu1gtTaKu9xLwH53qmkbEk
QUczc61Xk7fEBKg8MsIL+LRue6guVUWXvHhawYGHvu2OEDumP1HiGjYd1tajs4zo
pp0ElsRnwf3qPdNeGJINM8hIvkJo/Z9ZxMZ9BtrIDhFlpb6GTjQwO79a5VIqiwmx
K5EDl6yrdPnrBSVTnl34i5x3VTksju73kp96ujEopEmE
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:24 2024 by rpki-client on console-fra.rpki-client.org