Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/7a9506-5ee6-4220-bdfc-649d1c18dd8c/1/nI--VXQGZIN775d1tmsQ7i8vRqY.roa
File: nI--VXQGZIN775d1tmsQ7i8vRqY.roa (raw, json)
Hash identifier: Dbgq2/ZmLzUlVqmQKqsS2BnrLRZ//MV9xstgogaGqpA=
Subject key identifier: 9C:8F:BE:55:74:06:64:83:7B:EF:97:75:B6:6B:10:EE:2F:2F:46:A6
Certificate issuer: /CN=ed770674837d28ea60c2878f342cdb35f1e3b1c5
Certificate serial: 01856FC27B21DD440367CA77FB2C2D625821
Authority key identifier: ED:77:06:74:83:7D:28:EA:60:C2:87:8F:34:2C:DB:35:F1:E3:B1:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7XcGdIN9KOpgwoePNCzbNfHjscU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/7a9506-5ee6-4220-bdfc-649d1c18dd8c/1/nI--VXQGZIN775d1tmsQ7i8vRqY.roa
Signing time: Sun 01 Jan 2023 23:54:54 +0000
ROA not before: Sun 01 Jan 2023 23:54:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50064
IP address blocks: 185.51.85.0/24 maxlen: 24
185.51.84.0/24 maxlen: 24
185.51.84.0/22 maxlen: 22
185.51.87.0/24 maxlen: 24
185.51.86.0/24 maxlen: 24
46.167.58.0/24 maxlen: 24
46.167.57.0/24 maxlen: 24
46.167.56.0/21 maxlen: 21
46.167.56.0/24 maxlen: 24
46.167.62.0/24 maxlen: 24
46.167.61.0/24 maxlen: 24
46.167.60.0/24 maxlen: 24
46.167.59.0/24 maxlen: 24
46.167.63.0/24 maxlen: 24
2a01:b160::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:c2:7b:21:dd:44:03:67:ca:77:fb:2c:2d:62:58:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed770674837d28ea60c2878f342cdb35f1e3b1c5
Validity
Not Before: Jan 1 23:54:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c8fbe55740664837bef9775b66b10ee2f2f46a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8a:c5:18:46:22:d4:7a:ee:8e:b2:8f:ae:f6:
25:90:fe:09:de:b6:5c:ad:6c:dd:97:58:6b:62:bb:
bd:b4:ac:b5:cf:3b:55:a5:c2:28:28:b7:7c:dc:43:
ef:5e:6f:d7:89:d0:7a:87:b7:2b:76:85:e6:9b:06:
ee:54:b0:31:22:59:c2:95:3b:84:8b:cb:57:00:dc:
d3:6f:db:f1:41:17:bb:d4:74:90:c5:c9:4a:fe:8d:
c8:2a:ce:32:18:db:f3:80:11:bb:ec:c2:06:e2:21:
76:11:dd:8a:05:bf:a9:17:18:29:d5:70:c4:2a:e3:
ae:b1:c5:43:de:fa:3c:88:93:8a:b9:c9:7e:5e:44:
ee:3a:4f:62:ec:82:89:28:94:6a:30:ca:d8:1c:9d:
c2:6e:d6:73:08:4d:f1:9d:71:15:a8:0b:c4:78:df:
2c:93:22:23:b1:28:d0:30:31:9b:0e:da:2d:62:90:
26:1c:34:a9:2b:01:ce:5c:6e:bb:ae:f4:14:e2:df:
60:3d:e3:78:e2:a2:b8:ea:f9:f4:53:d5:ac:7e:82:
06:91:8f:e3:98:eb:4e:83:7c:1c:9d:11:6e:11:e8:
9b:a6:ea:96:fb:5b:a4:e8:3d:33:2b:c3:9e:e0:ed:
ea:78:72:23:f8:c5:a6:2b:24:ec:d0:32:5b:2b:d1:
29:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:8F:BE:55:74:06:64:83:7B:EF:97:75:B6:6B:10:EE:2F:2F:46:A6
X509v3 Authority Key Identifier:
keyid:ED:77:06:74:83:7D:28:EA:60:C2:87:8F:34:2C:DB:35:F1:E3:B1:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7XcGdIN9KOpgwoePNCzbNfHjscU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7a9506-5ee6-4220-bdfc-649d1c18dd8c/1/nI--VXQGZIN775d1tmsQ7i8vRqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/7a9506-5ee6-4220-bdfc-649d1c18dd8c/1/7XcGdIN9KOpgwoePNCzbNfHjscU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.167.56.0/21
185.51.84.0/22
IPv6:
2a01:b160::/32
Signature Algorithm: sha256WithRSAEncryption
12:30:e6:11:1f:bc:fa:f1:f7:9a:b1:5f:78:8c:20:7c:17:75:
ca:73:c9:53:c1:02:6f:ed:6f:8e:cb:1d:43:0a:13:0b:bd:b6:
dd:61:8c:0c:8f:24:cc:89:a0:55:8e:4b:38:4d:ef:64:fa:af:
96:82:6c:21:60:c1:62:52:cd:07:95:27:1b:19:50:ca:91:77:
fe:ea:f6:e0:71:7d:1c:4d:79:1c:74:7d:c1:6d:ff:31:9f:1c:
09:f8:ab:a6:28:87:c2:e8:ad:f5:22:2c:5a:71:6c:f7:9f:33:
c2:b9:19:08:90:f2:05:79:18:4f:22:dc:12:7a:87:a9:00:ce:
77:52:ce:75:64:95:bc:a2:1d:23:69:31:37:be:b8:ab:35:54:
12:1a:97:27:da:36:bd:4d:5e:7f:60:e2:47:83:ce:0d:cb:04:
45:fc:51:02:13:74:72:f1:09:51:c4:7c:6b:dd:ba:a7:a5:f0:
32:ab:0c:8c:af:c8:f2:fc:c0:a5:2c:d2:5e:70:f3:57:f8:7d:
e6:be:e7:bb:16:12:b0:7e:d8:da:a7:71:c1:38:e5:4f:d4:a4:
42:63:c7:60:ef:4a:e7:36:b1:74:e3:d9:75:77:b8:41:9f:40:
46:71:da:cc:2d:39:6f:8e:43:a8:f8:57:9b:91:72:5f:bf:32:
e6:70:b8:ff
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVvwnsh3UQDZ8p3+ywtYlghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkNzcwNjc0ODM3ZDI4ZWE2MGMyODc4ZjM0MmNkYjM1ZjFl
M2IxYzUwHhcNMjMwMTAxMjM1NDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzhmYmU1NTc0MDY2NDgzN2JlZjk3NzViNjZiMTBlZTJmMmY0NmE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYrFGEYi1HrujrKPrvYlkP4J3rZc
rWzdl1hrYru9tKy1zztVpcIoKLd83EPvXm/XidB6h7crdoXmmwbuVLAxIlnClTuE
i8tXANzTb9vxQRe71HSQxclK/o3IKs4yGNvzgBG77MIG4iF2Ed2KBb+pFxgp1XDE
KuOuscVD3vo8iJOKucl+XkTuOk9i7IKJKJRqMMrYHJ3CbtZzCE3xnXEVqAvEeN8s
kyIjsSjQMDGbDtotYpAmHDSpKwHOXG67rvQU4t9gPeN44qK46vn0U9WsfoIGkY/j
mOtOg3wcnRFuEeibpuqW+1uk6D0zK8Oe4O3qeHIj+MWmKyTs0DJbK9EpWQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJyPvlV0BmSDe++XdbZrEO4vL0amMB8GA1UdIwQY
MBaAFO13BnSDfSjqYMKHjzQs2zXx47HFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1hjR2RJTjlLT3Bnd29lUE5DemJOZkhqc2NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy83YTk1MDYtNWVlNi00MjIwLWJkZmMt
NjQ5ZDFjMThkZDhjLzEvbkktLVZYUUdaSU43NzVkMXRtc1E3aTh2UnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy83YTk1MDYtNWVlNi00MjIwLWJkZmMtNjQ5ZDFjMThkZDhj
LzEvN1hjR2RJTjlLT3Bnd29lUE5DemJOZkhqc2NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLqc4AwQC
uTNUMA0EAgACMAcDBQAqAbFgMA0GCSqGSIb3DQEBCwUAA4IBAQASMOYRH7z68fea
sV94jCB8F3XKc8lTwQJv7W+Oyx1DChMLvbbdYYwMjyTMiaBVjks4Te9k+q+Wgmwh
YMFiUs0HlScbGVDKkXf+6vbgcX0cTXkcdH3Bbf8xnxwJ+KumKIfC6K31IixacWz3
nzPCuRkIkPIFeRhPItwSeoepAM53Us51ZJW8oh0jaTE3vrirNVQSGpcn2ja9TV5/
YOJHg84NywRF/FECE3Ry8QlRxHxr3bqnpfAyqwyMr8jy/MClLNJecPNX+H3mvue7
FhKwftjap3HBOOVP1KRCY8dg70rnNrF049l1d7hBn0BGcdrMLTlvjkOo+FebkXJf
vzLmcLj/
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:23:41 2024 by rpki-client on console-fra.rpki-client.org