Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/AbNBYqQeTRAjrx_doUClK8fgte4.roa
File: AbNBYqQeTRAjrx_doUClK8fgte4.roa (raw, json)
Hash identifier: XUCY4eLkWPXJ7dsJi5pbn6myWSQgO8mUDA6wsGUBfvQ=
Subject key identifier: 01:B3:41:62:A4:1E:4D:10:23:AF:1F:DD:A1:40:A5:2B:C7:E0:B5:EE
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 018C152FC5FBF6D11F5ACAF6137F53178D1E
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/AbNBYqQeTRAjrx_doUClK8fgte4.roa
Signing time: Tue 28 Nov 2023 09:08:21 +0000
ROA not before: Tue 28 Nov 2023 09:08:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202727
IP address blocks: 185.191.92.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.156.80.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:15:2f:c5:fb:f6:d1:1f:5a:ca:f6:13:7f:53:17:8d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Nov 28 09:08:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=01b34162a41e4d1023af1fdda140a52bc7e0b5ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:77:6c:a8:00:aa:a2:06:47:d3:73:0c:7e:17:
53:fd:ba:a3:70:bd:09:0b:97:d7:d1:59:9a:fb:83:
09:f3:30:72:69:f3:11:9b:8e:85:a1:43:ab:93:26:
ac:b7:98:72:35:13:8b:7f:ae:de:24:24:2a:c8:f1:
c1:e8:77:a8:7a:41:ee:de:7e:ea:e5:d6:20:72:7e:
94:ea:64:e7:a8:02:e4:af:8c:36:f5:c1:25:2a:f9:
93:7b:3e:55:4f:f9:e5:58:46:55:32:96:2e:86:3d:
78:c0:10:a8:b7:78:cd:d7:d7:f2:67:c4:fe:88:58:
ba:62:98:5f:bf:93:89:51:84:08:fa:ea:e2:32:d6:
ae:d1:c6:58:1c:1b:8c:13:ff:3c:91:45:1b:4b:5f:
0f:b0:70:dd:95:41:ab:21:1c:aa:38:82:52:59:2c:
e2:43:1b:a7:c4:ed:8e:59:3e:1b:98:0a:00:43:43:
25:06:b3:5e:97:ae:13:58:d1:73:eb:8f:18:0d:3a:
2c:f2:f5:86:a4:54:8a:26:1e:d3:0e:a8:17:a7:a8:
83:17:07:7b:12:6d:b7:fe:46:03:07:5a:f4:c3:ba:
a6:b0:86:69:3e:4b:94:5b:2f:34:bb:59:70:c3:3a:
d4:23:ab:71:f4:7a:e9:36:84:8d:de:66:38:48:76:
95:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:B3:41:62:A4:1E:4D:10:23:AF:1F:DD:A1:40:A5:2B:C7:E0:B5:EE
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/AbNBYqQeTRAjrx_doUClK8fgte4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.218.248.0/22
185.249.28.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:0c:a5:a9:ee:42:9c:f3:fe:60:d6:18:3d:3d:18:bc:4c:07:
a9:70:70:fa:51:12:22:5d:f2:4e:ee:ce:75:1b:6d:50:61:af:
79:5b:43:59:2b:9d:9d:45:bc:ef:b7:ff:ad:c7:6a:40:fd:72:
60:74:64:a3:5c:2f:45:a5:95:be:c7:37:3e:22:d9:8e:85:7d:
86:86:fa:70:ee:24:78:ae:a6:0d:11:11:c2:ad:e2:f0:0e:c7:
2d:8b:51:4f:6d:75:76:af:00:1d:b1:05:22:2d:05:57:15:93:
a4:11:6c:70:06:69:27:0d:3c:10:98:d3:84:b8:0e:7c:4e:57:
ea:fa:30:9f:fa:b0:d4:20:b5:61:ad:49:f4:26:21:49:ad:09:
61:42:d9:f1:7c:45:99:f4:ed:2d:28:c0:a7:b9:f5:b1:01:ec:
40:e7:5f:b5:13:0b:61:b5:7f:f6:f2:19:2b:a9:da:1f:cd:57:
11:86:eb:92:45:dd:1b:f0:ef:09:ec:e7:2c:42:f4:fa:79:8d:
9c:be:92:3f:39:92:bf:53:bc:82:0f:15:b1:4e:a3:08:85:25:
b9:5f:9f:51:ad:8b:b8:83:cc:0b:c4:bd:44:cf:83:8b:94:e8:
38:24:f9:17:6f:34:18:bd:16:94:26:4e:85:ae:bd:59:d3:3e:
b9:a6:d3:d4
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYwVL8X79tEfWsr2E39TF40eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjMxMTI4MDkwODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMWIzNDE2MmE0MWU0ZDEwMjNhZjFmZGRhMTQwYTUyYmM3ZTBiNWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHdsqACqogZH03MMfhdT/bqjcL0J
C5fX0Vma+4MJ8zByafMRm46FoUOrkyast5hyNROLf67eJCQqyPHB6HeoekHu3n7q
5dYgcn6U6mTnqALkr4w29cElKvmTez5VT/nlWEZVMpYuhj14wBCot3jN19fyZ8T+
iFi6Yphfv5OJUYQI+uriMtau0cZYHBuME/88kUUbS18PsHDdlUGrIRyqOIJSWSzi
QxunxO2OWT4bmAoAQ0MlBrNel64TWNFz648YDTos8vWGpFSKJh7TDqgXp6iDFwd7
Em23/kYDB1r0w7qmsIZpPkuUWy80u1lwwzrUI6tx9HrpNoSN3mY4SHaVjQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAGzQWKkHk0QI68f3aFApSvH4LXuMB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvQWJOQllxUWVUUkFqcnhfZG9VQ2xLOGZndGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCuZxQAwQC
uaMcAwQCuaucAwQCubT0AwQCub9cAwQCudMYAwQCudr4AwQCufkcMA0GCSqGSIb3
DQEBCwUAA4IBAQBrDKWp7kKc8/5g1hg9PRi8TAepcHD6URIiXfJO7s51G21QYa95
W0NZK52dRbzvt/+tx2pA/XJgdGSjXC9FpZW+xzc+ItmOhX2Ghvpw7iR4rqYNERHC
reLwDscti1FPbXV2rwAdsQUiLQVXFZOkEWxwBmknDTwQmNOEuA58Tlfq+jCf+rDU
ILVhrUn0JiFJrQlhQtnxfEWZ9O0tKMCnufWxAexA51+1EwthtX/28hkrqdofzVcR
huuSRd0b8O8J7OcsQvT6eY2cvpI/OZK/U7yCDxWxTqMIhSW5X59RrYu4g8wLxL1E
z4OLlOg4JPkXbzQYvRaUJk6Frr1Z0z65ptPU
-----END CERTIFICATE-----
Generated at Tue Jan 2 08:59:03 2024 by rpki-client on console-ams.rpki-client.org