Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/KqrqhYhH_cey7mxVnUPEcTUrAyE.roa
File: KqrqhYhH_cey7mxVnUPEcTUrAyE.roa (raw, json)
Hash identifier: affp154hIu6ayTEJPdGtyvmizVv3SWktjESsV2xAIak=
Subject key identifier: 2A:AA:EA:85:88:47:FD:C7:B2:EE:6C:55:9D:43:C4:71:35:2B:03:21
Certificate issuer: /CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
Certificate serial: 018A02CCB4E052FD6848610B9C3AAF67467D
Authority key identifier: 85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/KqrqhYhH_cey7mxVnUPEcTUrAyE.roa
Signing time: Thu 17 Aug 2023 09:21:24 +0000
ROA not before: Thu 17 Aug 2023 09:21:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61062
IP address blocks: 193.135.156.0/24 maxlen: 24
185.247.196.0/22 maxlen: 24
2a0d:cb80::/29 maxlen: 48
Validation: Failed, certificate revoked on Sun 10 Dec 2023 10:58:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:cc:b4:e0:52:fd:68:48:61:0b:9c:3a:af:67:46:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=854c0db0065844d9594dfe8dd8efd77ed1e493f8
Validity
Not Before: Aug 17 09:21:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2aaaea858847fdc7b2ee6c559d43c471352b0321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:d4:b8:27:51:14:7a:68:87:50:80:88:e0:39:
79:6e:d3:4a:ff:c8:09:e8:ea:da:f1:9b:60:5f:4a:
3c:4c:d3:84:a3:eb:76:5b:08:7b:d3:75:55:46:09:
d1:12:35:d7:95:5c:ac:09:71:f5:6c:ba:68:3d:fb:
8a:dd:3e:75:7d:e5:51:18:97:39:c6:58:25:ab:f0:
a8:b1:3a:b8:c3:83:ac:2a:4e:3e:49:52:bb:a7:00:
f3:1b:ac:02:d2:e0:95:9d:44:98:31:1f:ad:b0:c9:
8b:7c:24:58:f5:cd:6c:ed:75:c6:ec:fb:b5:78:64:
e1:50:71:3d:40:2e:6e:4f:15:31:bb:ae:4e:e2:9d:
80:64:14:bb:3a:03:0b:04:1e:56:24:cd:65:48:50:
23:f0:b4:b8:5b:d7:9b:25:cd:c7:c1:8b:d7:24:9b:
3d:24:a7:53:c5:e5:24:24:79:44:1f:df:0e:e5:45:
30:3b:ac:c6:88:5e:16:cc:aa:21:4d:37:62:3b:92:
91:2e:68:ae:3f:c5:91:84:d7:ca:6f:dc:a1:1b:f7:
d4:be:bd:d5:9b:55:cb:4b:fe:5e:2a:4a:39:59:cb:
f9:29:4f:d8:4c:f2:32:36:22:5f:3f:2e:d1:d9:86:
8c:a1:aa:96:78:61:fa:85:3c:4a:45:a7:26:f1:c9:
a3:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:AA:EA:85:88:47:FD:C7:B2:EE:6C:55:9D:43:C4:71:35:2B:03:21
X509v3 Authority Key Identifier:
keyid:85:4C:0D:B0:06:58:44:D9:59:4D:FE:8D:D8:EF:D7:7E:D1:E4:93:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hUwNsAZYRNlZTf6N2O_XftHkk_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/KqrqhYhH_cey7mxVnUPEcTUrAyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ec67db-c7a1-48a6-ab94-60b93595bac9/1/hUwNsAZYRNlZTf6N2O_XftHkk_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.196.0/22
193.135.156.0/24
IPv6:
2a0d:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
4d:d0:7a:60:f6:f7:4a:eb:16:74:f4:04:7e:2f:cb:aa:76:3d:
cc:ed:7d:8c:a6:44:08:d2:cb:27:77:d5:d6:89:fd:f2:31:5d:
85:bc:08:9b:9d:cb:ec:c0:50:eb:55:4f:e6:37:a0:c1:68:01:
93:ed:53:0a:f5:c4:76:77:ea:ef:1e:35:59:ab:1f:79:03:d9:
39:ef:0d:0f:7a:55:9a:eb:0e:b2:fc:1c:f4:71:d3:42:1d:73:
24:2b:27:e4:b3:10:2c:39:0f:1d:f7:ab:38:ed:36:79:f3:36:
27:9f:d3:c7:70:22:c0:b2:cc:74:5a:17:c0:42:9f:7f:17:2e:
82:cc:62:0f:44:41:c3:c7:bf:b2:69:78:8f:8c:97:13:01:35:
15:5f:32:a2:65:83:21:ad:07:ce:01:99:ce:89:43:11:ad:d4:
fb:5c:84:91:10:f0:13:9a:b2:04:2b:99:f4:ca:ba:1c:1d:d4:
c2:fe:c9:e5:ca:8f:f1:c0:51:0f:5d:69:e2:db:da:aa:16:a2:
a6:e5:64:34:4b:af:6c:bd:45:e0:e1:c6:d4:38:46:4e:c3:f2:
58:bb:82:ee:71:be:a3:bb:c5:80:d4:2c:86:10:c8:8f:4e:48:
8b:c2:1a:b4:f1:4d:e7:9e:59:a4:13:a7:77:e6:21:5e:c6:5a:
6c:26:fc:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYoCzLTgUv1oSGELnDqvZ0Z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1NGMwZGIwMDY1ODQ0ZDk1OTRkZmU4ZGQ4ZWZkNzdlZDFl
NDkzZjgwHhcNMjMwODE3MDkyMTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWFhZWE4NTg4NDdmZGM3YjJlZTZjNTU5ZDQzYzQ3MTM1MmIwMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA99S4J1EUemiHUICI4Dl5btNK/8gJ
6Ora8ZtgX0o8TNOEo+t2Wwh703VVRgnREjXXlVysCXH1bLpoPfuK3T51feVRGJc5
xlglq/CosTq4w4OsKk4+SVK7pwDzG6wC0uCVnUSYMR+tsMmLfCRY9c1s7XXG7Pu1
eGThUHE9QC5uTxUxu65O4p2AZBS7OgMLBB5WJM1lSFAj8LS4W9ebJc3HwYvXJJs9
JKdTxeUkJHlEH98O5UUwO6zGiF4WzKohTTdiO5KRLmiuP8WRhNfKb9yhG/fUvr3V
m1XLS/5eKko5Wcv5KU/YTPIyNiJfPy7R2YaMoaqWeGH6hTxKRacm8cmj9QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCqq6oWIR/3Hsu5sVZ1DxHE1KwMhMB8GA1UdIwQY
MBaAFIVMDbAGWETZWU3+jdjv137R5JP4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQt
NjBiOTM1OTViYWM5LzEvS3FycWhZaEhfY2V5N214Vm5VUEVjVFVyQXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9lYzY3ZGItYzdhMS00OGE2LWFiOTQtNjBiOTM1OTViYWM5
LzEvaFV3TnNBWllSTmxaVGY2TjJPX1hmdEhra19nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuffEAwQA
wYecMA0EAgACMAcDBQMqDcuAMA0GCSqGSIb3DQEBCwUAA4IBAQBN0Hpg9vdK6xZ0
9AR+L8uqdj3M7X2MpkQI0ssnd9XWif3yMV2FvAibncvswFDrVU/mN6DBaAGT7VMK
9cR2d+rvHjVZqx95A9k57w0PelWa6w6y/Bz0cdNCHXMkKyfksxAsOQ8d96s47TZ5
8zYnn9PHcCLAssx0WhfAQp9/Fy6CzGIPREHDx7+yaXiPjJcTATUVXzKiZYMhrQfO
AZnOiUMRrdT7XISREPATmrIEK5n0yrocHdTC/snlyo/xwFEPXWni29qqFqKm5WQ0
S69svUXg4cbUOEZOw/JYu4Lucb6ju8WA1CyGEMiPTkiLwhq08U3nnlmkE6d35iFe
xlpsJvzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:38 2024 by rpki-client on console-fra.rpki-client.org