Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/xV9ha2IryS4bdTg4caeQuxKD1D4.roa
File: xV9ha2IryS4bdTg4caeQuxKD1D4.roa (raw, json)
Hash identifier: LUChye07UhW6ipmyuGd9KN+MnGaq+HXhpvLuQOZsms8=
Subject key identifier: C5:5F:61:6B:62:2B:C9:2E:1B:75:38:38:71:A7:90:BB:12:83:D4:3E
Certificate issuer: /CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Certificate serial: 0185724C5494E9C564E3F74CCC516D4A2AB6
Authority key identifier: 20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/xV9ha2IryS4bdTg4caeQuxKD1D4.roa
Signing time: Mon 02 Jan 2023 11:44:43 +0000
ROA not before: Mon 02 Jan 2023 11:44:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47895
IP address blocks: 185.244.20.0/22 maxlen: 22
185.189.100.0/22 maxlen: 22
185.34.21.0/24 maxlen: 24
185.34.20.0/22 maxlen: 22
91.205.131.0/24 maxlen: 24
91.205.128.0/22 maxlen: 22
78.142.232.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:4c:54:94:e9:c5:64:e3:f7:4c:cc:51:6d:4a:2a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20d2633bffb16da2d75edaf49bc821187cfb88ef
Validity
Not Before: Jan 2 11:44:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c55f616b622bc92e1b75383871a790bb1283d43e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:66:7c:6d:20:bb:04:0f:51:a1:8f:3b:fd:ab:
a8:cd:41:b2:f5:b5:6d:97:54:22:76:9f:e7:94:c8:
5c:45:63:e1:77:2e:ed:93:50:6e:af:60:c0:50:2f:
1a:c6:e8:7a:1f:16:d7:d2:cd:1e:a9:79:a3:e3:37:
04:2f:3a:00:e1:68:53:2b:0b:ec:fe:40:be:c5:01:
41:70:a4:60:17:3e:a2:ee:1e:99:ee:5e:5f:da:dd:
0f:6a:dc:aa:c7:d8:3e:89:eb:97:2d:ba:a3:6f:e7:
0b:12:67:b2:0d:0d:55:b2:c8:f4:51:89:b8:7e:f3:
a8:ff:61:74:91:0a:22:14:bd:9f:05:66:db:89:9b:
a4:85:ae:8d:c4:2b:67:e1:ba:8a:a9:4b:6e:06:c2:
fc:04:8b:d2:d5:3b:2f:f3:7b:96:d8:fa:ae:9e:a4:
52:68:4c:62:61:fa:2c:1b:ce:b8:17:44:94:e0:d3:
4e:45:45:7d:29:29:27:34:71:20:90:63:d7:99:c5:
72:7d:ce:0f:56:58:41:1b:49:68:46:67:51:8c:54:
f7:17:2b:fe:3f:a1:06:3c:f5:eb:ea:0a:7d:18:4e:
c9:16:c5:14:7e:3a:f2:6d:45:7e:4d:2c:f1:95:99:
37:34:ee:d0:f0:1e:10:3d:34:c4:19:cf:f2:05:0a:
f7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:5F:61:6B:62:2B:C9:2E:1B:75:38:38:71:A7:90:BB:12:83:D4:3E
X509v3 Authority Key Identifier:
keyid:20:D2:63:3B:FF:B1:6D:A2:D7:5E:DA:F4:9B:C8:21:18:7C:FB:88:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/INJjO_-xbaLXXtr0m8ghGHz7iO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/xV9ha2IryS4bdTg4caeQuxKD1D4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/7f0464-226d-4f49-a270-1cd6c871c1e8/1/INJjO_-xbaLXXtr0m8ghGHz7iO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.232.0/22
91.205.128.0/22
185.34.20.0/22
185.189.100.0/22
185.244.20.0/22
Signature Algorithm: sha256WithRSAEncryption
35:3f:e1:af:5c:ae:8d:41:d4:c8:05:2f:5a:12:92:46:70:0d:
c4:d5:1a:cc:90:aa:88:4f:6b:6c:49:b9:18:8b:1f:26:3b:56:
0c:41:38:75:3c:b7:de:bd:9c:af:61:e4:f0:ba:64:3d:da:dc:
98:58:57:00:bb:e2:48:ee:f8:35:0b:08:75:fd:b1:39:16:73:
70:30:5f:7d:0a:03:01:c6:59:20:db:3e:fa:eb:27:b1:fc:ce:
a8:3d:6b:ab:a2:f2:03:8d:a1:32:a4:c6:60:39:89:ca:54:2b:
2a:1f:ed:9c:81:b6:ae:e0:fd:9b:3d:0d:99:cb:71:b7:ef:a2:
52:90:7c:3a:cf:ec:6a:94:97:d5:9e:e4:c7:22:4b:63:fe:4b:
b2:e1:37:81:24:fa:b3:dc:e3:1d:cf:65:58:64:e1:25:58:54:
62:f3:fa:a0:92:a4:59:d9:34:d6:94:66:86:6c:68:7a:bb:ea:
07:ca:77:79:40:37:39:34:da:9b:aa:14:89:3f:de:a9:51:38:
d1:14:e4:34:3e:00:5c:cf:33:ca:c1:38:5e:02:44:82:16:de:
aa:09:eb:ab:06:12:eb:11:d2:54:bf:e2:17:39:27:7b:f4:1e:
b3:2d:31:e9:19:be:08:18:f3:8e:f8:60:de:98:5c:34:b3:d2:
bd:b1:db:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyTFSU6cVk4/dMzFFtSiq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZDI2MzNiZmZiMTZkYTJkNzVlZGFmNDliYzgyMTE4N2Nm
Yjg4ZWYwHhcNMjMwMTAyMTE0NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTVmNjE2YjYyMmJjOTJlMWI3NTM4Mzg3MWE3OTBiYjEyODNkNDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWZ8bSC7BA9RoY87/auozUGy9bVt
l1Qidp/nlMhcRWPhdy7tk1Bur2DAUC8axuh6HxbX0s0eqXmj4zcELzoA4WhTKwvs
/kC+xQFBcKRgFz6i7h6Z7l5f2t0Patyqx9g+ieuXLbqjb+cLEmeyDQ1Vssj0UYm4
fvOo/2F0kQoiFL2fBWbbiZukha6NxCtn4bqKqUtuBsL8BIvS1Tsv83uW2PqunqRS
aExiYfosG864F0SU4NNORUV9KSknNHEgkGPXmcVyfc4PVlhBG0loRmdRjFT3Fyv+
P6EGPPXr6gp9GE7JFsUUfjrybUV+TSzxlZk3NO7Q8B4QPTTEGc/yBQr3XwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMVfYWtiK8kuG3U4OHGnkLsSg9Q+MB8GA1UdIwQY
MBaAFCDSYzv/sW2i117a9JvIIRh8+4jvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAt
MWNkNmM4NzFjMWU4LzEveFY5aGEySXJ5UzRiZFRnNGNhZVF1eEtEMUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi83ZjA0NjQtMjI2ZC00ZjQ5LWEyNzAtMWNkNmM4NzFjMWU4
LzEvSU5Kak9fLXhiYUxYWHRyMG04Z2hHSHo3aU84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTo7oAwQC
W82AAwQCuSIUAwQCub1kAwQCufQUMA0GCSqGSIb3DQEBCwUAA4IBAQA1P+GvXK6N
QdTIBS9aEpJGcA3E1RrMkKqIT2tsSbkYix8mO1YMQTh1PLfevZyvYeTwumQ92tyY
WFcAu+JI7vg1Cwh1/bE5FnNwMF99CgMBxlkg2z766yex/M6oPWurovIDjaEypMZg
OYnKVCsqH+2cgbau4P2bPQ2Zy3G376JSkHw6z+xqlJfVnuTHIktj/kuy4TeBJPqz
3OMdz2VYZOElWFRi8/qgkqRZ2TTWlGaGbGh6u+oHynd5QDc5NNqbqhSJP96pUTjR
FOQ0PgBczzPKwTheAkSCFt6qCeurBhLrEdJUv+IXOSd79B6zLTHpGb4IGPOO+GDe
mFw0s9K9sdv1
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:26 2024 by rpki-client on console-ams.rpki-client.org