Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn-qOcnsssB0cJi9iHOyuV6w6XQ.roa
File: bn-qOcnsssB0cJi9iHOyuV6w6XQ.roa (raw, json)
Hash identifier: BIX0Q27otLrY/vhUxYEgmUyVQ/l1iOkWLE0A77N2xa0=
Subject key identifier: 6E:7F:AA:39:C9:EC:B2:C0:74:70:98:BD:88:73:B2:B9:5E:B0:E9:74
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018AACB88C8524828563DEAEF7B8EBD6868C
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn-qOcnsssB0cJi9iHOyuV6w6XQ.roa
Signing time: Tue 19 Sep 2023 09:14:50 +0000
ROA not before: Tue 19 Sep 2023 09:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2588
IP address blocks: 83.223.128.0/19 maxlen: 24
83.223.145.0/24 maxlen: 24
91.190.32.0/19 maxlen: 24
159.148.0.0/16 maxlen: 24
91.190.36.0/24 maxlen: 24
159.148.10.0/24 maxlen: 24
85.254.49.0/24 maxlen: 24
91.190.56.0/23 maxlen: 24
91.190.52.0/24 maxlen: 24
91.190.60.0/24 maxlen: 24
85.254.69.0/24 maxlen: 24
159.148.49.0/24 maxlen: 24
159.148.50.0/24 maxlen: 24
46.19.200.0/21 maxlen: 24
83.223.155.0/24 maxlen: 24
185.176.116.0/22 maxlen: 24
85.254.0.0/17 maxlen: 24
159.148.116.0/24 maxlen: 24
159.148.117.0/24 maxlen: 24
80.81.32.0/19 maxlen: 24
80.81.35.0/24 maxlen: 24
159.148.131.0/24 maxlen: 24
217.69.112.0/20 maxlen: 24
217.69.113.0/24 maxlen: 24
109.205.120.0/21 maxlen: 24
159.148.63.0/24 maxlen: 24
109.205.127.0/24 maxlen: 24
159.148.78.0/24 maxlen: 24
159.148.80.0/24 maxlen: 24
85.254.128.0/18 maxlen: 24
159.148.233.0/24 maxlen: 24
159.148.229.0/24 maxlen: 24
94.101.224.0/20 maxlen: 24
185.27.92.0/22 maxlen: 24
159.148.186.0/24 maxlen: 24
159.148.188.0/24 maxlen: 24
2a02:610::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:ac:b8:8c:85:24:82:85:63:de:ae:f7:b8:eb:d6:86:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 19 09:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e7faa39c9ecb2c0747098bd8873b2b95eb0e974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:90:42:fd:1f:1d:60:c4:6d:58:33:b6:85:
e1:27:f2:d8:35:8a:e6:87:3d:6a:92:55:01:11:78:
77:87:43:cd:b6:10:aa:11:d5:c7:a4:80:d7:25:64:
6b:a5:ce:b0:94:7a:a0:a0:e0:93:ab:2d:ec:90:2d:
73:2c:1a:52:62:27:73:da:f9:33:57:e4:8b:c8:27:
5e:8e:29:8a:58:b8:fa:d8:4f:a4:fc:71:91:dc:17:
ac:12:a7:8b:fb:c8:a7:70:f2:35:7b:a3:50:87:d2:
6c:ab:2f:1a:0a:de:9a:bd:71:f0:42:e6:52:e5:d0:
a4:72:df:19:91:02:55:04:46:40:74:c9:5f:e2:1f:
28:24:39:ca:69:41:41:78:52:75:5d:68:7c:c2:b8:
3b:b8:55:c3:89:13:99:e8:4e:2f:aa:82:2a:33:8e:
65:88:93:16:a1:dd:4b:1e:72:d8:ae:c4:c6:10:0d:
76:7b:f9:8a:52:75:97:13:57:bf:6e:ae:b3:a0:08:
e1:f9:f0:af:95:cb:6e:5d:dd:7d:76:87:69:42:06:
c9:d0:b2:14:7a:39:93:d3:fb:dc:ad:d8:c3:8f:af:
c1:cc:d5:88:1e:b3:4b:30:f8:62:10:db:8f:3a:bf:
bd:62:80:4e:98:cc:1e:10:09:33:f6:05:17:9a:23:
01:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7F:AA:39:C9:EC:B2:C0:74:70:98:BD:88:73:B2:B9:5E:B0:E9:74
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/bn-qOcnsssB0cJi9iHOyuV6w6XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.200.0/21
80.81.32.0/19
83.223.128.0/19
85.254.0.0-85.254.191.255
91.190.32.0/19
94.101.224.0/20
109.205.120.0/21
159.148.0.0/16
185.27.92.0/22
185.176.116.0/22
217.69.112.0/20
IPv6:
2a02:610::/32
Signature Algorithm: sha256WithRSAEncryption
9b:eb:87:d7:33:3c:15:4a:52:07:ad:9f:fd:42:73:ac:eb:19:
8e:d8:0e:e4:87:75:7c:d3:a0:04:0c:6c:c9:32:22:b1:f6:67:
fd:3d:d1:fa:f4:33:75:d2:c9:01:8d:01:e6:e0:90:b5:cd:a2:
a7:d9:1a:e0:1a:99:db:eb:36:4d:b7:47:9c:75:e0:6d:36:5c:
20:b1:44:e2:68:d0:f3:51:af:c2:8e:e6:85:66:b2:98:3b:93:
9b:8d:e7:99:ce:bf:f2:b1:66:79:00:1f:d2:2d:4f:bd:10:40:
64:df:b7:a1:f9:10:3e:40:73:71:61:88:91:56:c3:38:de:96:
6c:15:57:b3:8f:0e:c0:56:ca:96:bc:11:70:86:23:da:2a:97:
92:f9:1e:6e:4d:3f:3f:c6:2c:c4:38:1b:3a:b0:c0:64:e9:ea:
66:94:91:78:31:6b:fc:fd:b7:3f:07:79:90:93:f9:3a:2f:88:
6c:6c:4c:99:57:04:29:71:94:90:6f:8b:d6:c4:66:94:c1:96:
97:73:26:b8:b9:67:6d:f9:1a:f3:54:15:97:96:26:9b:ae:59:
ad:27:d5:ff:a5:73:ed:ea:d1:6c:8c:71:1e:18:89:75:31:af:
ee:9f:15:3d:24:e9:5a:e1:65:7b:bd:74:93:66:d4:6b:99:df:
65:76:92:24
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYqsuIyFJIKFY96u97jr1oaMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwOTE5MDkxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdmYWEzOWM5ZWNiMmMwNzQ3MDk4YmQ4ODczYjJiOTVlYjBlOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/6QQv0fHWDEbVgztoXhJ/LYNYrm
hz1qklUBEXh3h0PNthCqEdXHpIDXJWRrpc6wlHqgoOCTqy3skC1zLBpSYidz2vkz
V+SLyCdejimKWLj62E+k/HGR3BesEqeL+8incPI1e6NQh9Jsqy8aCt6avXHwQuZS
5dCkct8ZkQJVBEZAdMlf4h8oJDnKaUFBeFJ1XWh8wrg7uFXDiROZ6E4vqoIqM45l
iJMWod1LHnLYrsTGEA12e/mKUnWXE1e/bq6zoAjh+fCvlctuXd19dodpQgbJ0LIU
ejmT0/vcrdjDj6/BzNWIHrNLMPhiENuPOr+9YoBOmMweEAkz9gUXmiMBVQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFG5/qjnJ7LLAdHCYvYhzsrlesOl0MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvYm4tcU9jbnNzc0IwY0ppOWlIT3l1VjZ3NlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDLhPIAwQF
UFEgAwQFU9+AMAsDAwFV/gMEBlX+gAMEBVu+IAMEBF5l4AMEA23NeAMDAJ+UAwQC
uRtcAwQCubB0AwQE2UVwMA0EAgACMAcDBQAqAgYQMA0GCSqGSIb3DQEBCwUAA4IB
AQCb64fXMzwVSlIHrZ/9QnOs6xmO2A7kh3V806AEDGzJMiKx9mf9PdH69DN10skB
jQHm4JC1zaKn2RrgGpnb6zZNt0ecdeBtNlwgsUTiaNDzUa/CjuaFZrKYO5ObjeeZ
zr/ysWZ5AB/SLU+9EEBk37eh+RA+QHNxYYiRVsM43pZsFVezjw7AVsqWvBFwhiPa
KpeS+R5uTT8/xizEOBs6sMBk6epmlJF4MWv8/bc/B3mQk/k6L4hsbEyZVwQpcZSQ
b4vWxGaUwZaXcya4uWdt+RrzVBWXliabrlmtJ9X/pXPt6tFsjHEeGIl1Ma/unxU9
JOla4WV7vXSTZtRrmd9ldpIk
-----END CERTIFICATE-----
Generated at Mon Sep 25 12:35:49 2023 by rpki-client on console-fra.rpki-client.org