Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/1-CEFw8jpLDzmN94l4eTz0JAI4c0.roa
File: 1-CEFw8jpLDzmN94l4eTz0JAI4c0.roa (raw, json)
Hash identifier: w0817QeVCt2Utk+bYoA0zxLVj98zhD4kgKPdpmASpwc=
Subject key identifier: F8:21:05:C3:C8:E9:2C:3C:E6:37:DE:25:E1:E4:F3:D0:90:08:E1:CD
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 0186C61BBEAC8457FF0A6408DEA1790FC77C
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/1-CEFw8jpLDzmN94l4eTz0JAI4c0.roa
Signing time: Thu 09 Mar 2023 11:22:32 +0000
ROA not before: Thu 09 Mar 2023 11:22:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198930
IP address blocks: 185.161.144.0/22 maxlen: 22
185.78.60.0/22 maxlen: 24
170.133.0.0/18 maxlen: 24
91.106.128.0/18 maxlen: 24
2a07:c540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c6:1b:be:ac:84:57:ff:0a:64:08:de:a1:79:0f:c7:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Mar 9 11:22:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f82105c3c8e92c3ce637de25e1e4f3d09008e1cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d3:1f:26:da:e5:b5:2e:73:96:e6:74:0a:c2:
7d:b6:63:0e:98:82:fc:80:4d:f9:7e:f2:f9:bb:7b:
08:fd:e6:c4:f8:59:26:0c:6b:61:a7:6b:99:e9:36:
d7:5e:7e:16:75:fa:70:c0:4c:37:cc:d4:c6:0f:55:
d5:84:37:6e:f7:89:ec:2a:07:c6:a7:d9:ae:14:4c:
63:32:16:a6:fe:7f:90:1b:53:91:85:e8:b9:07:68:
9a:c2:b9:1a:d4:7f:36:a4:61:38:4f:7b:94:38:12:
24:f7:70:4b:f0:c7:03:39:5d:f7:16:17:f9:5d:da:
5e:bf:6c:d5:92:0c:76:92:05:42:50:c0:e6:4f:dd:
56:d5:89:58:fd:51:6e:12:6f:e3:98:58:bf:5c:ea:
cb:46:c5:da:15:ce:78:80:69:31:f5:45:85:1c:4a:
b4:5b:d4:97:91:d7:c2:c6:1d:af:9b:f2:42:b6:68:
d7:d4:50:87:48:6d:55:fb:ec:bd:54:f1:3b:d0:77:
64:16:fd:49:55:7b:6f:f0:44:12:5c:c2:29:45:2c:
87:65:6f:ca:4b:f3:53:9d:b6:db:d0:6d:9e:76:8c:
35:9d:f8:5d:e8:60:36:e5:3f:c2:9e:26:a4:cf:9e:
f7:79:4c:8b:31:95:d3:20:17:a8:b3:28:ad:5d:85:
f2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:21:05:C3:C8:E9:2C:3C:E6:37:DE:25:E1:E4:F3:D0:90:08:E1:CD
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/1-CEFw8jpLDzmN94l4eTz0JAI4c0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
185.161.144.0/22
IPv6:
2a07:c540::/29
Signature Algorithm: sha256WithRSAEncryption
ad:48:55:81:e0:f6:11:a0:d3:d1:cd:bf:fc:72:69:01:66:92:
be:8a:6b:4c:aa:a7:5b:a1:29:1b:8b:db:4a:d2:15:e2:03:76:
bb:21:00:49:49:77:b5:26:0e:4f:4d:f3:81:87:69:79:76:48:
9f:46:f7:d3:ad:9f:c1:12:40:de:13:10:f7:fb:b5:2a:a0:87:
4f:af:b0:c6:3c:a4:1e:82:26:f9:33:e7:1d:60:c7:36:53:23:
17:97:46:61:e1:68:0a:d7:9a:5a:a5:6f:65:68:51:34:fd:9c:
f1:19:9c:25:60:da:e2:05:07:39:36:8a:ff:57:67:8c:c4:2a:
f3:32:62:9c:ab:59:89:e6:fc:a7:31:28:0e:b9:33:01:d8:fe:
f2:a6:5d:dd:22:18:70:f6:c2:77:55:a1:17:d3:d2:06:e2:a2:
c1:30:50:fc:c1:ec:d1:88:4b:2b:d3:3f:ea:05:d9:84:f3:bb:
fd:19:17:04:27:91:76:8a:41:7a:13:03:80:d6:ba:a0:d0:85:
2f:72:9d:d9:48:5d:3f:83:e2:98:1f:32:c9:74:5e:ad:68:9c:
b1:aa:fb:ed:2e:10:b1:9c:8e:26:86:a3:85:95:4e:a4:dc:17:
8e:73:f2:70:b3:24:bc:c5:5e:f9:35:bb:4f:6d:77:d7:1f:ad:
02:bd:19:f2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYbGG76shFf/CmQI3qF5D8d8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjMwMzA5MTEyMjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODIxMDVjM2M4ZTkyYzNjZTYzN2RlMjVlMWU0ZjNkMDkwMDhlMWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9MfJtrltS5zluZ0CsJ9tmMOmIL8
gE35fvL5u3sI/ebE+FkmDGthp2uZ6TbXXn4WdfpwwEw3zNTGD1XVhDdu94nsKgfG
p9muFExjMham/n+QG1ORhei5B2iawrka1H82pGE4T3uUOBIk93BL8McDOV33Fhf5
Xdpev2zVkgx2kgVCUMDmT91W1YlY/VFuEm/jmFi/XOrLRsXaFc54gGkx9UWFHEq0
W9SXkdfCxh2vm/JCtmjX1FCHSG1V++y9VPE70HdkFv1JVXtv8EQSXMIpRSyHZW/K
S/NTnbbb0G2edow1nfhd6GA25T/Cniakz573eUyLMZXTIBeosyitXYXyYQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFPghBcPI6Sw85jfeJeHk89CQCOHNMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvMS1DRUZ3OGpwTER6bU45NGw0ZVR6MEpBSTRjMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvYTAwOWU4LTJkYzctNGVmOC1hNWNlLWM0YzYzOTgzYjUw
Yy8xL0hQTHNnbC1tT0I2T2xQMDVzRzZqaTJQa0doQS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBABggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBltqgAME
BqqFAAMEArlOPAMEArmhkDANBAIAAjAHAwUDKgfFQDANBgkqhkiG9w0BAQsFAAOC
AQEArUhVgeD2EaDT0c2//HJpAWaSvoprTKqnW6EpG4vbStIV4gN2uyEASUl3tSYO
T03zgYdpeXZIn0b3062fwRJA3hMQ9/u1KqCHT6+wxjykHoIm+TPnHWDHNlMjF5dG
YeFoCteaWqVvZWhRNP2c8RmcJWDa4gUHOTaK/1dnjMQq8zJinKtZieb8pzEoDrkz
Adj+8qZd3SIYcPbCd1WhF9PSBuKiwTBQ/MHs0YhLK9M/6gXZhPO7/RkXBCeRdopB
ehMDgNa6oNCFL3Kd2UhdP4PimB8yyXRerWicsar77S4QsZyOJoajhZVOpNwXjnPy
cLMkvMVe+TW7T2131x+tAr0Z8g==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:04 2024 by rpki-client on console-fra.rpki-client.org