Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/CVvPiWsMaRJTUuywtR52zNoH4-0.roa
File: CVvPiWsMaRJTUuywtR52zNoH4-0.roa (raw, json)
Hash identifier: tKn3Jl34XTZTe+aWbAk+dQ4Qqd3UV/X5gv0BB05BdKM=
Subject key identifier: 09:5B:CF:89:6B:0C:69:12:53:52:EC:B0:B5:1E:76:CC:DA:07:E3:ED
Certificate issuer: /CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Certificate serial: 01856EEFD2A14A88FF8593B85DACB10919B4
Authority key identifier: 1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/CVvPiWsMaRJTUuywtR52zNoH4-0.roa
Signing time: Sun 01 Jan 2023 20:04:48 +0000
ROA not before: Sun 01 Jan 2023 20:04:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198930
IP address blocks: 185.161.144.0/22 maxlen: 22
185.78.60.0/22 maxlen: 22
170.133.0.0/18 maxlen: 18
91.106.128.0/18 maxlen: 18
2a07:c540::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:d2:a1:4a:88:ff:85:93:b8:5d:ac:b1:09:19:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cf2ec825fa6381e8e94fd39b06ea38b63e41a10
Validity
Not Before: Jan 1 20:04:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=095bcf896b0c69125352ecb0b51e76ccda07e3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:97:47:db:80:c1:76:c0:30:64:b1:f8:24:20:
9c:fb:74:7f:b0:fe:0a:84:05:3e:ef:12:22:1c:f2:
f6:09:21:31:e9:1c:e1:96:d6:8c:2b:b8:52:c3:7e:
84:a4:ef:0e:df:2c:13:56:24:10:35:b7:75:45:bc:
03:fe:49:e7:a0:cf:e7:49:0b:1a:38:bf:5a:39:ef:
29:14:87:7f:22:ff:ed:23:8d:f4:09:2d:e0:43:aa:
07:65:b6:ad:f7:f1:d5:e0:d7:e3:0c:c0:65:23:8f:
ba:c8:8d:da:69:a3:7d:fb:7d:65:de:b0:22:ba:ae:
7f:e3:56:6c:dc:ad:36:bf:28:71:ba:f3:a9:b5:c1:
5f:90:78:54:9a:9d:9d:0b:bb:93:bc:a9:b1:b3:6d:
0e:37:1b:7e:21:df:55:4f:2d:5d:3a:98:f9:fb:b4:
43:73:30:57:b5:f1:95:1b:8c:cc:c6:7a:d6:51:3b:
aa:68:41:3f:a2:5b:c5:3a:fa:3b:63:a1:0e:14:5b:
b3:6d:59:eb:cf:67:39:d9:c6:dd:b3:2f:86:65:4a:
39:01:24:5f:c4:a9:00:80:59:9e:7a:e9:a6:b6:c1:
8d:37:23:1f:19:32:a8:46:4c:d8:71:07:97:a6:f0:
37:a9:2a:09:6b:4f:27:0d:07:bf:3d:5b:89:61:a0:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:5B:CF:89:6B:0C:69:12:53:52:EC:B0:B5:1E:76:CC:DA:07:E3:ED
X509v3 Authority Key Identifier:
keyid:1C:F2:EC:82:5F:A6:38:1E:8E:94:FD:39:B0:6E:A3:8B:63:E4:1A:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HPLsgl-mOB6OlP05sG6ji2PkGhA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/CVvPiWsMaRJTUuywtR52zNoH4-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/a009e8-2dc7-4ef8-a5ce-c4c63983b50c/1/HPLsgl-mOB6OlP05sG6ji2PkGhA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.128.0/18
170.133.0.0/18
185.78.60.0/22
185.161.144.0/22
IPv6:
2a07:c540::/29
Signature Algorithm: sha256WithRSAEncryption
7a:60:50:24:65:ba:30:5f:d2:ab:79:6e:1a:cc:3f:94:6e:3c:
fc:c3:78:47:e3:07:1b:f5:d5:4b:4a:2a:41:76:93:dd:b0:8a:
78:b2:cb:da:3d:cb:6e:7a:eb:d7:6e:5d:da:ec:40:a2:05:e5:
f6:f3:2b:ea:04:d7:68:6a:96:41:c0:64:72:bd:63:09:64:06:
d8:bc:bb:68:09:ef:ab:23:ed:55:5b:4f:14:73:1c:ac:d4:d4:
4d:40:a3:81:63:66:04:62:1f:49:47:16:56:b5:51:c2:cb:af:
67:44:e3:5d:cc:74:82:ec:24:d4:85:50:fd:db:94:3c:94:b1:
38:5c:9a:85:26:ff:40:7e:9b:bd:24:ab:99:d7:ab:8a:78:1e:
84:86:af:05:ea:f4:80:e1:b1:e0:83:e5:ba:4d:d7:d8:4f:f3:
15:28:7f:d5:45:e6:b8:ee:f6:3e:a7:c5:a3:be:69:77:39:ed:
c8:32:74:d7:6a:4a:ef:39:43:b7:99:0c:65:ae:d8:54:e4:4d:
ba:b6:fe:1a:62:d3:d8:1e:b1:c5:d8:4a:95:a7:c1:98:0a:e4:
b1:a3:f2:9d:37:97:ac:93:b5:90:b1:29:ae:ac:25:a5:bf:62:
e5:ea:23:f3:7f:0f:bc:33:bb:83:43:47:7c:7f:63:52:49:a7:
8c:a2:dd:a3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVu79KhSoj/hZO4XayxCRm0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZjJlYzgyNWZhNjM4MWU4ZTk0ZmQzOWIwNmVhMzhiNjNl
NDFhMTAwHhcNMjMwMTAxMjAwNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTViY2Y4OTZiMGM2OTEyNTM1MmVjYjBiNTFlNzZjY2RhMDdlM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhZdH24DBdsAwZLH4JCCc+3R/sP4K
hAU+7xIiHPL2CSEx6RzhltaMK7hSw36EpO8O3ywTViQQNbd1RbwD/knnoM/nSQsa
OL9aOe8pFId/Iv/tI430CS3gQ6oHZbat9/HV4NfjDMBlI4+6yI3aaaN9+31l3rAi
uq5/41Zs3K02vyhxuvOptcFfkHhUmp2dC7uTvKmxs20ONxt+Id9VTy1dOpj5+7RD
czBXtfGVG4zMxnrWUTuqaEE/olvFOvo7Y6EOFFuzbVnrz2c52cbdsy+GZUo5ASRf
xKkAgFmeeummtsGNNyMfGTKoRkzYcQeXpvA3qSoJa08nDQe/PVuJYaBLvQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAlbz4lrDGkSU1LssLUedszaB+PtMB8GA1UdIwQY
MBaAFBzy7IJfpjgejpT9ObBuo4tj5BoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2Ut
YzRjNjM5ODNiNTBjLzEvQ1Z2UGlXc01hUkpUVXV5d3RSNTJ6Tm9INC0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9hMDA5ZTgtMmRjNy00ZWY4LWE1Y2UtYzRjNjM5ODNiNTBj
LzEvSFBMc2dsLW1PQjZPbFAwNXNHNmppMlBrR2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGW2qAAwQG
qoUAAwQCuU48AwQCuaGQMA0EAgACMAcDBQMqB8VAMA0GCSqGSIb3DQEBCwUAA4IB
AQB6YFAkZbowX9KreW4azD+Ubjz8w3hH4wcb9dVLSipBdpPdsIp4ssvaPctueuvX
bl3a7ECiBeX28yvqBNdoapZBwGRyvWMJZAbYvLtoCe+rI+1VW08Ucxys1NRNQKOB
Y2YEYh9JRxZWtVHCy69nRONdzHSC7CTUhVD925Q8lLE4XJqFJv9Afpu9JKuZ16uK
eB6Ehq8F6vSA4bHgg+W6TdfYT/MVKH/VRea47vY+p8Wjvml3Oe3IMnTXakrvOUO3
mQxlrthU5E26tv4aYtPYHrHF2EqVp8GYCuSxo/KdN5esk7WQsSmurCWlv2Ll6iPz
fw+8M7uDQ0d8f2NSSaeMot2j
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:07 2023 by rpki-client on console-fra.rpki-client.org