Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/IjZ1RlqbJDZJezecz1OtGSwF0dc.roa
File: IjZ1RlqbJDZJezecz1OtGSwF0dc.roa (raw, json)
Hash identifier: wVBgSe7NZ3gdA3TbsZkkvLk/E+N7KbYGvUmhbuoB/Fs=
Subject key identifier: 22:36:75:46:5A:9B:24:36:49:7B:37:9C:CF:53:AD:19:2C:05:D1:D7
Certificate issuer: /CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Certificate serial: 01856BDC88AE909471BCF68762C40AB29B37
Authority key identifier: D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/IjZ1RlqbJDZJezecz1OtGSwF0dc.roa
Signing time: Sun 01 Jan 2023 05:44:53 +0000
ROA not before: Sun 01 Jan 2023 05:44:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43456
IP address blocks: 185.164.48.0/24 maxlen: 24
185.164.51.0/24 maxlen: 24
185.164.50.0/24 maxlen: 24
185.164.49.0/24 maxlen: 24
185.171.17.0/24 maxlen: 24
185.171.16.0/24 maxlen: 24
185.171.19.0/24 maxlen: 24
185.171.18.0/24 maxlen: 24
185.93.172.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:88:ae:90:94:71:bc:f6:87:62:c4:0a:b2:9b:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9773d733d1845c41d3f9a362b55b74e686f9c02
Validity
Not Before: Jan 1 05:44:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=223675465a9b2436497b379ccf53ad192c05d1d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:1f:38:f4:bf:db:69:e2:0f:f4:49:f0:ed:8f:
91:03:8e:ea:ee:ab:0b:e7:4a:5b:e9:26:37:23:77:
59:63:b4:33:69:78:a4:b9:28:8f:74:65:20:86:10:
65:7c:98:3e:c0:df:41:d0:9d:4c:54:f4:80:52:e1:
8b:22:74:b7:14:9b:68:cd:c5:4b:17:a9:d7:22:59:
1e:8f:32:8e:c5:3d:b1:e6:96:3f:7e:71:44:24:da:
1d:02:b8:ac:b3:fd:27:8a:74:a3:a8:ce:8d:cf:7c:
26:82:d9:34:c5:5e:ed:ca:6f:6b:6b:1f:47:b5:05:
2d:c9:af:a5:24:f8:5f:3c:eb:2d:44:80:b3:d0:00:
21:cf:25:d6:43:ab:98:4e:d4:4a:06:8c:ab:83:93:
fe:ec:f6:ec:e6:3d:9f:2a:ab:2e:01:ee:10:66:9b:
da:5c:2e:71:83:84:04:7b:bf:54:47:c6:21:69:d1:
d6:5c:96:4b:f5:36:eb:e8:d5:32:ce:96:fa:82:12:
3c:84:20:5c:b5:74:b1:73:ed:76:c9:23:a7:84:e4:
22:20:ac:5b:c5:35:87:b9:60:18:8a:0a:99:e2:78:
fb:c6:21:1c:b0:56:9e:88:c1:1f:84:12:fd:4f:e7:
59:c0:7e:4d:61:bb:61:ec:69:91:73:17:ff:e0:c1:
d1:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:36:75:46:5A:9B:24:36:49:7B:37:9C:CF:53:AD:19:2C:05:D1:D7
X509v3 Authority Key Identifier:
keyid:D9:77:3D:73:3D:18:45:C4:1D:3F:9A:36:2B:55:B7:4E:68:6F:9C:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/IjZ1RlqbJDZJezecz1OtGSwF0dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/37411e-2b89-4079-8cfc-01a29f5f6dde/1/2Xc9cz0YRcQdP5o2K1W3TmhvnAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.172.0/24
185.164.48.0/22
185.171.16.0/22
Signature Algorithm: sha256WithRSAEncryption
69:2c:1e:d0:e5:73:23:de:a4:08:50:61:8f:6a:3e:fc:47:b7:
80:e6:66:c5:43:5e:e8:60:70:ff:2c:d9:d7:81:39:73:38:06:
a9:e2:e7:16:59:a5:d3:78:4c:05:23:d8:9c:e3:fc:51:3c:77:
47:8c:62:a2:05:bf:d3:fa:63:a4:5a:de:1c:5b:74:53:49:6b:
5b:0a:73:1b:57:d5:86:30:9f:08:ea:ea:fd:7d:03:39:71:f1:
65:7b:99:48:32:10:62:52:0c:93:38:db:6f:d9:a0:4e:70:c5:
6a:a0:82:67:14:68:53:7a:c0:ad:39:64:71:91:02:d1:3a:50:
61:e7:a5:19:67:73:a1:fc:ae:de:04:04:8f:6b:f9:4a:2a:d3:
15:c3:d4:0d:1f:11:93:70:3f:ac:12:bf:cc:2b:cf:48:8b:4b:
8a:08:27:a4:eb:c0:bc:35:89:e4:6e:cd:e8:77:4b:8f:b3:e0:
58:e6:f5:1f:d4:4c:c6:fa:32:d4:13:41:90:09:8e:29:82:f6:
67:c1:28:2e:3e:10:f6:43:12:5d:2c:4c:ca:5c:5c:19:40:2e:
c4:0f:c7:8f:4b:32:eb:6f:ca:4c:a7:d2:1d:c2:45:9e:3e:d8:
71:e0:39:56:c4:05:68:d7:65:9c:01:02:8a:9a:6e:71:f8:d7:
1f:c6:b1:d7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVr3IiukJRxvPaHYsQKsps3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NzczZDczM2QxODQ1YzQxZDNmOWEzNjJiNTViNzRlNjg2
ZjljMDIwHhcNMjMwMTAxMDU0NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM2NzU0NjVhOWIyNDM2NDk3YjM3OWNjZjUzYWQxOTJjMDVkMWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhx849L/baeIP9Enw7Y+RA47q7qsL
50pb6SY3I3dZY7QzaXikuSiPdGUghhBlfJg+wN9B0J1MVPSAUuGLInS3FJtozcVL
F6nXIlkejzKOxT2x5pY/fnFEJNodAriss/0ninSjqM6Nz3wmgtk0xV7tym9rax9H
tQUtya+lJPhfPOstRICz0AAhzyXWQ6uYTtRKBoyrg5P+7Pbs5j2fKqsuAe4QZpva
XC5xg4QEe79UR8YhadHWXJZL9Tbr6NUyzpb6ghI8hCBctXSxc+12ySOnhOQiIKxb
xTWHuWAYigqZ4nj7xiEcsFaeiMEfhBL9T+dZwH5NYbth7GmRcxf/4MHRNwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCI2dUZamyQ2SXs3nM9TrRksBdHXMB8GA1UdIwQY
MBaAFNl3PXM9GEXEHT+aNitVt05ob5wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMt
MDFhMjlmNWY2ZGRlLzEvSWpaMVJscWJKRFpKZXplY3oxT3RHU3dGMGRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8zNzQxMWUtMmI4OS00MDc5LThjZmMtMDFhMjlmNWY2ZGRl
LzEvMlhjOWN6MFlSY1FkUDVvMksxVzNUbWh2bkFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuV2sAwQC
uaQwAwQCuasQMA0GCSqGSIb3DQEBCwUAA4IBAQBpLB7Q5XMj3qQIUGGPaj78R7eA
5mbFQ17oYHD/LNnXgTlzOAap4ucWWaXTeEwFI9ic4/xRPHdHjGKiBb/T+mOkWt4c
W3RTSWtbCnMbV9WGMJ8I6ur9fQM5cfFle5lIMhBiUgyTONtv2aBOcMVqoIJnFGhT
esCtOWRxkQLROlBh56UZZ3Oh/K7eBASPa/lKKtMVw9QNHxGTcD+sEr/MK89Ii0uK
CCek68C8NYnkbs3od0uPs+BY5vUf1EzG+jLUE0GQCY4pgvZnwSguPhD2QxJdLEzK
XFwZQC7ED8ePSzLrb8pMp9IdwkWePthx4DlWxAVo12WcAQKKmm5x+NcfxrHX
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:27 2024 by rpki-client on console-ams.rpki-client.org