Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa
File: IsWbuASBFg1gdOielP9O1rkxuNc.roa (raw, json)
Hash identifier: 8+siXZDZlGMVvT2+YuB+jevkWV5jqvd/qElWWXiCDSI=
Subject key identifier: 22:C5:9B:B8:04:81:16:0D:60:74:E8:9E:94:FF:4E:D6:B9:31:B8:D7
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01871A9B22F2AE6C4B555D63487E5D8AA38D
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa
Signing time: Sat 25 Mar 2023 21:09:47 +0000
ROA not before: Sat 25 Mar 2023 21:09:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14576
IP address blocks: 194.110.150.0/24 maxlen: 24
45.159.23.0/24 maxlen: 24
193.31.127.0/24 maxlen: 24
193.56.20.0/24 maxlen: 24
88.218.46.0/24 maxlen: 24
194.99.25.0/24 maxlen: 24
89.19.34.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:1a:9b:22:f2:ae:6c:4b:55:5d:63:48:7e:5d:8a:a3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Mar 25 21:09:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22c59bb80481160d6074e89e94ff4ed6b931b8d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:7e:55:f5:a9:82:f0:6e:64:27:09:8c:89:3b:
48:05:fa:e9:af:ba:f7:c6:72:f0:23:8a:f2:c2:6e:
f4:ac:df:1b:65:bd:d3:97:29:4b:f0:82:d1:46:84:
a5:05:43:20:80:b5:00:39:ad:af:e7:27:1f:81:2f:
81:2a:5a:ea:a7:cd:a2:d3:2d:bf:48:71:7d:14:8b:
fa:e6:f3:15:6e:30:28:02:1d:5c:5b:a3:34:2a:bb:
cf:b7:34:b8:42:54:d9:d3:88:10:bb:75:a9:dd:a6:
11:94:41:4d:8b:9e:27:dd:44:1a:40:df:d9:fe:2e:
62:72:e2:a9:58:fd:ca:97:87:8a:2f:f3:02:17:87:
39:10:e8:24:b3:c7:ca:3d:c7:85:c3:6e:5b:c2:66:
27:3e:0a:e3:e7:ed:55:15:3a:9f:5b:40:3c:06:9f:
51:49:5a:54:bb:58:ed:bd:0e:a3:68:8f:50:72:41:
89:e5:5c:5d:a3:fe:3c:a3:31:9a:fe:e0:38:d8:4b:
77:ad:d8:34:a8:2a:a9:8f:96:b2:66:f2:0d:d3:cd:
c0:eb:d1:85:c1:bf:e9:66:7d:80:26:9c:41:2f:47:
bb:05:27:bb:d7:43:a9:40:c4:5f:39:98:4f:7a:0c:
d6:24:b1:b9:eb:21:a3:75:69:9e:2e:d8:28:76:46:
2a:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C5:9B:B8:04:81:16:0D:60:74:E8:9E:94:FF:4E:D6:B9:31:B8:D7
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/IsWbuASBFg1gdOielP9O1rkxuNc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.23.0/24
88.218.46.0/24
89.19.34.0/24
193.31.127.0/24
193.56.20.0/24
194.99.25.0/24
194.110.150.0/24
Signature Algorithm: sha256WithRSAEncryption
08:2a:9e:51:7c:3e:77:f6:e5:94:87:18:37:5d:fd:0c:f4:da:
17:7c:90:55:45:ea:12:5a:60:75:b7:12:bb:3c:1d:ae:9a:28:
16:30:81:05:69:b0:d0:f3:2b:c3:fd:83:46:11:2e:6f:93:cc:
79:f1:4f:81:f5:45:79:13:7f:b8:39:6d:8a:24:e0:b9:00:31:
9d:5b:59:85:a1:ff:23:20:b2:da:8c:73:4e:f7:36:2e:85:f3:
6c:13:b3:e8:d8:6b:a5:f9:57:16:2d:02:62:b1:64:c6:6c:f6:
e9:38:fe:eb:2b:45:42:39:77:b8:ca:6f:a1:d0:8a:2f:4d:e6:
fc:dc:69:aa:9a:7b:66:cd:9d:74:e4:74:19:0a:17:51:aa:4a:
d7:f5:6c:28:81:2a:66:9b:1d:c0:56:66:7b:b2:b3:12:34:d8:
15:c6:55:e6:78:81:ba:59:cb:89:d8:df:c2:ac:f8:38:ff:90:
0d:b7:7f:af:ca:79:96:45:4b:bb:35:15:cd:eb:62:41:6e:df:
5d:89:0b:c1:15:25:ac:15:d9:43:da:12:bc:75:b5:b7:49:4c:
cc:e9:48:31:fa:c5:4c:eb:d9:13:f5:47:1f:eb:96:ce:13:db:
fd:03:ac:8e:a7:bc:e9:e5:1f:79:e4:35:12:70:96:54:dd:91:
42:bb:4e:69
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYcamyLyrmxLVV1jSH5diqONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjMwMzI1MjEwOTQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM1OWJiODA0ODExNjBkNjA3NGU4OWU5NGZmNGVkNmI5MzFiOGQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtH5V9amC8G5kJwmMiTtIBfrpr7r3
xnLwI4rywm70rN8bZb3TlylL8ILRRoSlBUMggLUAOa2v5ycfgS+BKlrqp82i0y2/
SHF9FIv65vMVbjAoAh1cW6M0KrvPtzS4QlTZ04gQu3Wp3aYRlEFNi54n3UQaQN/Z
/i5icuKpWP3Kl4eKL/MCF4c5EOgks8fKPceFw25bwmYnPgrj5+1VFTqfW0A8Bp9R
SVpUu1jtvQ6jaI9QckGJ5Vxdo/48ozGa/uA42Et3rdg0qCqpj5ayZvIN083A69GF
wb/pZn2AJpxBL0e7BSe710OpQMRfOZhPegzWJLG56yGjdWmeLtgodkYqhQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCLFm7gEgRYNYHTonpT/Tta5MbjXMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvSXNXYnVBU0JGZzFnZE9pZWxQOU8xcmt4dU5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALZ8XAwQA
WNouAwQAWRMiAwQAwR9/AwQAwTgUAwQAwmMZAwQAwm6WMA0GCSqGSIb3DQEBCwUA
A4IBAQAIKp5RfD539uWUhxg3Xf0M9NoXfJBVReoSWmB1txK7PB2umigWMIEFabDQ
8yvD/YNGES5vk8x58U+B9UV5E3+4OW2KJOC5ADGdW1mFof8jILLajHNO9zYuhfNs
E7Po2Gul+VcWLQJisWTGbPbpOP7rK0VCOXe4ym+h0IovTeb83GmqmntmzZ105HQZ
ChdRqkrX9WwogSpmmx3AVmZ7srMSNNgVxlXmeIG6WcuJ2N/CrPg4/5ANt3+vynmW
RUu7NRXN62JBbt9diQvBFSWsFdlD2hK8dbW3SUzM6Ugx+sVM69kT9Ucf65bOE9v9
A6yOp7zp5R955DUScJZU3ZFCu05p
-----END CERTIFICATE-----
Generated at Tue Nov 14 15:18:39 2023 by rpki-client on console-ams.rpki-client.org