Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/eKFfQi0knjr9kuogZKJ07EnGeTs.roa
File: eKFfQi0knjr9kuogZKJ07EnGeTs.roa (raw, json)
Hash identifier: djphsQwvUgB7PpA7ng1Od01wrdE5uDx6M4KlmWvanR8=
Subject key identifier: 78:A1:5F:42:2D:24:9E:3A:FD:92:EA:20:64:A2:74:EC:49:C6:79:3B
Certificate issuer: /CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Certificate serial: 01856E41D129B5E6524C6B5D4A830ED1E057
Authority key identifier: 15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/eKFfQi0knjr9kuogZKJ07EnGeTs.roa
Signing time: Sun 01 Jan 2023 16:54:45 +0000
ROA not before: Sun 01 Jan 2023 16:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61221
IP address blocks: 185.14.246.0/24 maxlen: 24
185.14.245.0/24 maxlen: 24
185.14.246.0/23 maxlen: 23
185.14.244.0/24 maxlen: 24
185.14.244.0/23 maxlen: 23
185.14.247.0/24 maxlen: 24
2a03:b840:12::/48 maxlen: 48
2a03:b840:2::/48 maxlen: 48
2a03:b840:100::/48 maxlen: 48
2a03:b840:13::/48 maxlen: 48
2a03:b840:3::/48 maxlen: 64
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:d1:29:b5:e6:52:4c:6b:5d:4a:83:0e:d1:e0:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1550afae2baefb6b88f9751bb3218eb39b94b576
Validity
Not Before: Jan 1 16:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78a15f422d249e3afd92ea2064a274ec49c6793b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d7:27:96:c3:d8:21:07:51:23:5a:4f:dc:92:
44:21:da:3a:c0:63:35:ee:46:7e:45:ce:54:50:b4:
90:e0:e0:f4:2f:b1:0e:91:35:d8:f8:d9:55:dc:48:
42:e8:c1:23:05:b7:d6:a5:51:55:5f:a4:e0:a9:52:
0c:07:e7:e5:32:b6:a5:63:74:5e:70:4c:97:e4:e8:
3a:af:f7:56:a5:ba:98:c6:73:41:57:67:73:b5:ba:
11:79:22:83:9c:46:b1:35:3e:06:51:50:8b:85:3b:
92:35:19:d8:b1:4a:cb:a8:ae:f2:e2:37:39:04:f8:
58:a9:b3:f9:a8:92:a6:c9:9e:f2:9e:35:88:23:0b:
b2:6e:53:f1:11:1c:d3:eb:44:a8:a7:c1:93:ae:a5:
b1:a6:b0:45:b3:f8:05:91:ee:1a:9b:ea:b8:2e:96:
01:3f:af:31:39:40:88:c4:85:e2:dd:f4:fd:3e:91:
d1:fe:68:2b:18:94:da:3f:44:12:2d:00:bc:a9:84:
26:fe:6d:14:7d:e3:20:47:17:41:9a:80:17:e6:b4:
d2:dc:23:8b:5d:c3:f0:fa:33:d8:26:5d:31:18:f2:
12:b0:0e:e4:d3:69:15:9a:cd:ef:eb:05:d5:da:be:
6a:b1:33:55:1d:83:59:1a:7d:7f:50:b6:25:7b:3e:
d0:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A1:5F:42:2D:24:9E:3A:FD:92:EA:20:64:A2:74:EC:49:C6:79:3B
X509v3 Authority Key Identifier:
keyid:15:50:AF:AE:2B:AE:FB:6B:88:F9:75:1B:B3:21:8E:B3:9B:94:B5:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FVCvriuu-2uI-XUbsyGOs5uUtXY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/eKFfQi0knjr9kuogZKJ07EnGeTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/6278c6-c201-4740-a5f1-66d671f842b3/1/FVCvriuu-2uI-XUbsyGOs5uUtXY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.244.0/22
IPv6:
2a03:b840:2::/47
2a03:b840:12::/47
2a03:b840:100::/48
Signature Algorithm: sha256WithRSAEncryption
0b:2f:05:97:d1:c9:fe:8e:b1:0a:cf:81:29:2d:f5:01:c3:7e:
90:43:7e:18:ef:a7:a7:43:36:71:60:9b:9a:95:b5:4a:25:73:
50:3f:09:29:1a:81:26:16:a7:48:53:5e:18:43:ea:58:74:9c:
bf:56:45:8b:05:1e:0a:ac:86:dd:eb:83:93:88:93:8e:48:d8:
9a:8d:29:ec:47:5d:69:b5:db:62:11:fb:5a:32:38:28:59:7a:
43:aa:32:8f:0e:ed:3a:03:01:a8:a5:8b:12:f6:97:e2:06:70:
38:98:c8:50:1b:16:73:11:9e:a7:d5:6f:ab:71:82:52:b5:9f:
ea:04:81:19:d5:94:f3:5a:54:ec:4b:1e:16:81:11:46:15:b7:
dd:02:6d:33:54:22:96:02:b6:2f:4f:5d:fa:93:d4:ff:ba:cb:
18:4b:0a:80:2e:35:b5:bf:b2:48:51:0b:d9:b0:9d:1f:10:65:
45:19:63:90:74:36:2d:c7:59:6c:8e:dc:44:f4:d6:de:ed:da:
05:89:98:90:43:a6:3e:cb:33:37:93:12:7e:89:c1:f5:da:40:
c5:f0:bb:15:24:0a:6e:78:0e:81:01:54:1d:d4:14:ca:4f:0e:
e8:84:a1:a4:3f:5f:95:9d:58:76:2b:8f:f3:09:22:11:dc:92:
4e:ca:e5:63
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVuQdEpteZSTGtdSoMO0eBXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1NTBhZmFlMmJhZWZiNmI4OGY5NzUxYmIzMjE4ZWIzOWI5
NGI1NzYwHhcNMjMwMTAxMTY1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGExNWY0MjJkMjQ5ZTNhZmQ5MmVhMjA2NGEyNzRlYzQ5YzY3OTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntcnlsPYIQdRI1pP3JJEIdo6wGM1
7kZ+Rc5UULSQ4OD0L7EOkTXY+NlV3EhC6MEjBbfWpVFVX6TgqVIMB+flMralY3Re
cEyX5Og6r/dWpbqYxnNBV2dztboReSKDnEaxNT4GUVCLhTuSNRnYsUrLqK7y4jc5
BPhYqbP5qJKmyZ7ynjWIIwuyblPxERzT60Sop8GTrqWxprBFs/gFke4am+q4LpYB
P68xOUCIxIXi3fT9PpHR/mgrGJTaP0QSLQC8qYQm/m0UfeMgRxdBmoAX5rTS3COL
XcPw+jPYJl0xGPISsA7k02kVms3v6wXV2r5qsTNVHYNZGn1/ULYlez7Q8QIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFHihX0ItJJ46/ZLqIGSidOxJxnk7MB8GA1UdIwQY
MBaAFBVQr64rrvtriPl1G7MhjrOblLV2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEt
NjZkNjcxZjg0MmIzLzEvZUtGZlFpMGtuanI5a3VvZ1pLSjA3RW5HZVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82Mjc4YzYtYzIwMS00NzQwLWE1ZjEtNjZkNjcxZjg0MmIz
LzEvRlZDdnJpdXUtMnVJLVhVYnN5R09zNXVVdFhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQCuQ70MCEE
AgACMBsDBwEqA7hAAAIDBwEqA7hAABIDBwAqA7hAAQAwDQYJKoZIhvcNAQELBQAD
ggEBAAsvBZfRyf6OsQrPgSkt9QHDfpBDfhjvp6dDNnFgm5qVtUolc1A/CSkagSYW
p0hTXhhD6lh0nL9WRYsFHgqsht3rg5OIk45I2JqNKexHXWm122IR+1oyOChZekOq
Mo8O7ToDAailixL2l+IGcDiYyFAbFnMRnqfVb6txglK1n+oEgRnVlPNaVOxLHhaB
EUYVt90CbTNUIpYCti9PXfqT1P+6yxhLCoAuNbW/skhRC9mwnR8QZUUZY5B0Ni3H
WWyO3ET01t7t2gWJmJBDpj7LMzeTEn6JwfXaQMXwuxUkCm54DoEBVB3UFMpPDuiE
oaQ/X5WdWHYrj/MJIhHckk7K5WM=
-----END CERTIFICATE-----
Generated at Tue Nov 14 19:15:54 2023 by rpki-client on console-fra.rpki-client.org