Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RaIi5yySDC-X1SOYGonN8glS76o.roa
File: RaIi5yySDC-X1SOYGonN8glS76o.roa (raw, json)
Hash identifier: R4znwUiEFJAXMP4GYlZVXrzmsqN09K2Q5wghzAZFOUU=
Subject key identifier: 45:A2:22:E7:2C:92:0C:2F:97:D5:23:98:1A:89:CD:F2:09:52:EF:AA
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 018AFB579E3F1518BDA489D49D5B990A4364
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RaIi5yySDC-X1SOYGonN8glS76o.roa
Signing time: Wed 04 Oct 2023 15:38:57 +0000
ROA not before: Wed 04 Oct 2023 15:38:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211432
IP address blocks: 185.169.228.0/22 maxlen: 22
45.147.152.0/22 maxlen: 22
85.8.168.0/22 maxlen: 22
2.56.184.0/22 maxlen: 22
194.124.144.0/24 maxlen: 24
193.37.220.0/22 maxlen: 22
194.121.59.0/24 maxlen: 24
31.40.232.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fb:57:9e:3f:15:18:bd:a4:89:d4:9d:5b:99:0a:43:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 4 15:38:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45a222e72c920c2f97d523981a89cdf20952efaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:4a:4c:bb:88:08:36:2e:b7:46:36:71:2c:
65:b0:eb:37:8e:85:d4:55:c8:d6:f0:e1:65:2a:d9:
82:a9:aa:d9:3a:8c:fa:c1:70:72:e7:8d:6d:63:91:
6b:96:40:57:04:82:e3:5e:33:a1:29:c6:ed:ac:ef:
2f:21:61:28:ab:ab:5d:4f:9c:83:3e:0b:57:80:19:
ff:1a:97:b7:e3:7d:fa:f2:db:35:f5:eb:e3:a2:5a:
be:c5:1e:7c:27:5f:fc:77:04:d2:0a:d3:70:7c:11:
e1:5a:8f:9c:51:6a:91:7f:da:30:78:a4:78:62:8f:
eb:fc:df:41:b4:e6:12:2a:9c:99:42:6d:54:5c:5e:
b4:85:cb:7d:44:2f:9b:ab:e5:6b:3b:8b:93:bb:6c:
92:ef:6f:64:39:b6:79:f0:1b:21:18:8a:0c:a7:0b:
47:b8:62:02:62:c9:f6:b2:a5:2f:00:08:0a:77:be:
c9:3a:e5:08:59:6b:23:11:2e:f9:4a:69:7d:b9:8f:
7b:c0:fd:1e:bb:7f:70:ea:68:04:68:88:3b:50:28:
f7:15:96:d2:04:b8:f5:d8:8d:b5:68:72:fe:dd:4a:
6b:54:5a:66:0e:94:12:14:fc:b0:34:12:91:22:44:
1f:10:b1:bb:f1:30:33:6f:89:62:65:96:e8:4e:54:
00:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A2:22:E7:2C:92:0C:2F:97:D5:23:98:1A:89:CD:F2:09:52:EF:AA
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/RaIi5yySDC-X1SOYGonN8glS76o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
31.40.232.0/22
45.147.152.0/22
85.8.168.0/22
185.169.228.0/22
193.37.220.0/22
194.121.59.0/24
194.124.144.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:86:78:47:c2:0a:11:36:7b:46:4a:4b:93:46:55:49:58:90:
40:42:e9:de:61:42:f9:60:fa:3a:ce:d4:eb:ae:72:ba:80:b1:
ae:d4:4f:4e:21:90:b1:2e:91:63:44:1d:11:18:11:37:ca:8c:
cd:ee:62:6a:34:bf:0d:8d:94:95:0c:c1:48:93:50:75:53:3f:
13:90:18:50:36:b4:43:db:a1:55:5e:34:be:8a:b6:6b:e1:2e:
97:9a:fe:8c:fa:95:80:76:fe:4d:3a:02:59:b8:55:e9:db:d8:
f8:52:8d:96:0e:0f:a5:ad:de:5b:8b:ac:e9:4b:94:4a:09:e1:
eb:92:df:ad:07:c8:cd:9a:b5:2f:1f:3f:5c:e4:8d:a4:a2:ed:
05:e7:90:79:81:5c:be:4f:c2:7f:bc:c0:c5:00:36:7c:64:6a:
d0:14:01:1d:bd:78:0f:e6:c5:19:3a:b3:8f:66:15:d9:9e:a0:
44:69:83:a8:8f:0a:36:cb:07:75:3e:b2:33:31:82:58:fe:fb:
76:79:56:10:20:91:27:e5:64:a5:e3:cd:47:28:66:30:6e:fb:
50:1c:e5:62:1c:70:77:98:b1:9d:98:ea:89:ab:d4:fe:6a:63:
e0:d8:2d:b2:61:5b:87:28:d3:a3:b0:50:69:a8:f4:14:c0:f9:
ad:1b:e9:b4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYr7V54/FRi9pInUnVuZCkNkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjMxMDA0MTUzODU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWEyMjJlNzJjOTIwYzJmOTdkNTIzOTgxYTg5Y2RmMjA5NTJlZmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFJKTLuICDYut0Y2cSxlsOs3joXU
VcjW8OFlKtmCqarZOoz6wXBy541tY5FrlkBXBILjXjOhKcbtrO8vIWEoq6tdT5yD
PgtXgBn/Gpe343368ts19evjolq+xR58J1/8dwTSCtNwfBHhWo+cUWqRf9oweKR4
Yo/r/N9BtOYSKpyZQm1UXF60hct9RC+bq+VrO4uTu2yS729kObZ58BshGIoMpwtH
uGICYsn2sqUvAAgKd77JOuUIWWsjES75Sml9uY97wP0eu39w6mgEaIg7UCj3FZbS
BLj12I21aHL+3UprVFpmDpQSFPywNBKRIkQfELG78TAzb4liZZboTlQAbwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFEWiIucskgwvl9UjmBqJzfIJUu+qMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvUmFJaTV5eVNEQy1YMVNPWUdvbk44Z2xTNzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCAji4AwQC
HyjoAwQCLZOYAwQCVQioAwQCuankAwQCwSXcAwQAwnk7AwQAwnyQMA0GCSqGSIb3
DQEBCwUAA4IBAQAbhnhHwgoRNntGSkuTRlVJWJBAQuneYUL5YPo6ztTrrnK6gLGu
1E9OIZCxLpFjRB0RGBE3yozN7mJqNL8NjZSVDMFIk1B1Uz8TkBhQNrRD26FVXjS+
irZr4S6Xmv6M+pWAdv5NOgJZuFXp29j4Uo2WDg+lrd5bi6zpS5RKCeHrkt+tB8jN
mrUvHz9c5I2kou0F55B5gVy+T8J/vMDFADZ8ZGrQFAEdvXgP5sUZOrOPZhXZnqBE
aYOojwo2ywd1PrIzMYJY/vt2eVYQIJEn5WSl481HKGYwbvtQHOViHHB3mLGdmOqJ
q9T+amPg2C2yYVuHKNOjsFBpqPQUwPmtG+m0
-----END CERTIFICATE-----
Generated at Sat Oct 14 15:43:57 2023 by rpki-client on console-ams.rpki-client.org