Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/1nzNqwtXfT4d2_wuI8Qe8E9ZVtU.roa
File: 1nzNqwtXfT4d2_wuI8Qe8E9ZVtU.roa (raw, json)
Hash identifier: qWUrtBooSjdTKL78rTzoHAitNY+Ko1xIYgF7EW+E314=
Subject key identifier: D6:7C:CD:AB:0B:57:7D:3E:1D:DB:FC:2E:23:C4:1E:F0:4F:59:56:D5
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C2494350B7CA8489C5A570F7F156FFBE3
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/1nzNqwtXfT4d2_wuI8Qe8E9ZVtU.roa
Signing time: Fri 01 Dec 2023 08:52:21 +0000
ROA not before: Fri 01 Dec 2023 08:52:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51335
IP address blocks: 185.4.44.0/22 maxlen: 24
185.4.46.0/24 maxlen: 24
194.213.124.0/23 maxlen: 23
2a02:68c0::/32 maxlen: 32
2001:67c:10f0::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:94:35:0b:7c:a8:48:9c:5a:57:0f:7f:15:6f:fb:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Dec 1 08:52:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d67ccdab0b577d3e1ddbfc2e23c41ef04f5956d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:48:20:f9:61:05:07:82:d1:f1:38:a2:c5:9a:
b9:d1:de:f8:b0:1b:14:d3:21:69:60:ba:63:9d:0c:
50:20:68:30:fd:03:63:8a:18:31:34:46:06:1f:3f:
a2:e9:cc:f9:b9:fa:c7:d0:74:97:10:e3:00:b4:e2:
f4:33:50:5e:68:97:f6:b2:18:76:18:a6:57:89:ce:
bd:c9:84:8f:27:a3:b4:28:0f:9d:54:0a:a9:ec:41:
02:33:63:8f:13:1c:72:ca:1d:b9:bc:07:aa:de:e1:
ec:06:d0:98:45:1b:a1:da:77:55:61:49:26:e9:f6:
90:de:32:59:90:4f:e3:7b:e8:d0:34:da:24:71:98:
8d:32:00:24:55:75:e9:48:e7:70:56:f2:d9:25:82:
bd:db:94:5c:78:23:f5:35:83:d4:d0:ce:71:ae:2e:
77:fe:d3:8c:23:51:a1:5b:be:83:5d:da:c3:99:2c:
d6:7e:b4:01:22:ed:25:9a:7a:e1:86:46:88:37:ef:
10:8c:6e:82:b0:df:ff:91:a2:9b:e2:cd:c8:e0:4e:
24:9e:82:81:2a:dc:a7:92:df:e1:58:8e:72:44:a9:
56:7f:e0:71:fe:a2:f5:0f:05:c0:54:23:6f:8f:4e:
94:42:19:d1:05:23:68:a3:a3:19:9b:a6:a6:68:d2:
26:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:7C:CD:AB:0B:57:7D:3E:1D:DB:FC:2E:23:C4:1E:F0:4F:59:56:D5
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/1nzNqwtXfT4d2_wuI8Qe8E9ZVtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.4.44.0/22
194.213.124.0/23
IPv6:
2001:67c:10f0::/48
2a02:68c0::/32
Signature Algorithm: sha256WithRSAEncryption
01:cf:f5:0c:04:26:26:f1:15:79:79:68:e3:67:da:6a:7f:3d:
72:10:86:82:95:36:99:a6:78:ea:30:91:a4:6b:3f:f2:b7:31:
98:5f:12:1b:de:b4:6c:dd:9c:4d:81:b3:43:8b:01:0c:45:e9:
b1:14:41:ad:92:59:c1:1d:a2:9b:d2:f1:da:35:df:07:7a:6d:
1d:27:28:11:92:fd:83:3d:c6:50:46:1e:e1:36:77:eb:45:9f:
6f:36:40:e3:c4:7e:71:b5:c5:53:1d:a2:66:aa:2f:07:9a:59:
f5:4a:a6:78:7c:2a:ae:69:9e:13:61:3b:6b:b5:e1:7a:49:c4:
93:4a:5a:64:32:df:3f:80:ae:a9:9b:ff:95:74:8e:bd:12:f3:
fd:0c:26:3b:ec:f0:0a:9a:4e:f1:35:be:f6:21:ad:17:20:59:
5c:e7:c1:83:ce:68:23:01:47:d5:6a:75:95:c6:29:c9:1b:65:
8f:6d:82:09:f3:a7:78:42:ee:bf:91:a6:0a:f0:00:26:b3:7c:
6c:fc:03:bb:19:84:06:8e:85:5a:3f:0c:09:0f:49:09:ed:fa:
3f:3e:3a:ab:4c:88:35:7a:65:9e:20:ec:9f:5c:d6:af:ee:f5:
d6:c6:b3:99:09:f9:04:6a:00:1f:35:e1:26:bc:1b:61:58:f7:
fa:4c:cd:45
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwklDULfKhInFpXD38Vb/vjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMjAxMDg1MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjdjY2RhYjBiNTc3ZDNlMWRkYmZjMmUyM2M0MWVmMDRmNTk1NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkgg+WEFB4LR8TiixZq50d74sBsU
0yFpYLpjnQxQIGgw/QNjihgxNEYGHz+i6cz5ufrH0HSXEOMAtOL0M1BeaJf2shh2
GKZXic69yYSPJ6O0KA+dVAqp7EECM2OPExxyyh25vAeq3uHsBtCYRRuh2ndVYUkm
6faQ3jJZkE/je+jQNNokcZiNMgAkVXXpSOdwVvLZJYK925RceCP1NYPU0M5xri53
/tOMI1GhW76DXdrDmSzWfrQBIu0lmnrhhkaIN+8QjG6CsN//kaKb4s3I4E4knoKB
Ktynkt/hWI5yRKlWf+Bx/qL1DwXAVCNvj06UQhnRBSNoo6MZm6amaNImPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNZ8zasLV30+Hdv8LiPEHvBPWVbVMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvMW56TnF3dFhmVDRkMl93dUk4UWU4RTlaVnRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuQQsAwQB
wtV8MBYEAgACMBADBwAgAQZ8EPADBQAqAmjAMA0GCSqGSIb3DQEBCwUAA4IBAQAB
z/UMBCYm8RV5eWjjZ9pqfz1yEIaClTaZpnjqMJGkaz/ytzGYXxIb3rRs3ZxNgbND
iwEMRemxFEGtklnBHaKb0vHaNd8Hem0dJygRkv2DPcZQRh7hNnfrRZ9vNkDjxH5x
tcVTHaJmqi8Hmln1SqZ4fCquaZ4TYTtrteF6ScSTSlpkMt8/gK6pm/+VdI69EvP9
DCY77PAKmk7xNb72Ia0XIFlc58GDzmgjAUfVanWVxinJG2WPbYIJ86d4Qu6/kaYK
8AAms3xs/AO7GYQGjoVaPwwJD0kJ7fo/PjqrTIg1emWeIOyfXNav7vXWxrOZCfkE
agAfNeEmvBthWPf6TM1F
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:49:27 2024 by rpki-client on console-fra.rpki-client.org