Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kXQa6KaoewTng1F_AZdX1vdswj8.roa
File: kXQa6KaoewTng1F_AZdX1vdswj8.roa (raw, json)
Hash identifier: 5uLmVfXN2nYEVePLNmys1dBginoO7I7UGfnDwSBlN3Y=
Subject key identifier: 91:74:1A:E8:A6:A8:7B:04:E7:83:51:7F:01:97:57:D6:F7:6C:C2:3F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01856CAEFD80BC157E15FAE366AE072586E3
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kXQa6KaoewTng1F_AZdX1vdswj8.roa
Signing time: Sun 01 Jan 2023 09:34:45 +0000
ROA not before: Sun 01 Jan 2023 09:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43350
IP address blocks: 151.236.14.0/24 maxlen: 24
151.236.29.0/24 maxlen: 24
151.236.28.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
2a03:f87:abce::/48 maxlen: 48
2a03:f87:abcd::/48 maxlen: 48
2a03:f87:fcba::/48 maxlen: 48
2a03:f87:dcba::/48 maxlen: 48
2a03:f87:ecba::/48 maxlen: 48
2a03:f87:abcf::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ae:fd:80:bc:15:7e:15:fa:e3:66:ae:07:25:86:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 1 09:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=91741ae8a6a87b04e783517f019757d6f76cc23f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:74:da:bb:13:23:6f:ce:0b:00:0c:f7:7f:a5:
17:e5:cb:69:9f:11:6b:96:20:cc:3f:31:a3:07:3f:
46:49:51:9d:c8:11:bf:82:77:3b:10:90:e4:bb:b8:
e4:38:03:8e:55:5f:f5:77:0c:87:4e:08:a2:51:7f:
46:f1:8d:f3:26:3e:97:91:5a:f3:e7:b7:c3:35:8c:
0e:e7:c2:1d:89:4e:08:ac:61:68:b2:9c:22:8b:3e:
79:ac:61:ee:de:42:90:0e:67:6c:6a:b7:7f:ff:0e:
ae:55:d0:29:e4:ee:ba:63:e2:8c:cd:5c:34:23:61:
b2:72:e8:e8:d0:da:d2:39:94:4d:55:27:b0:43:31:
de:53:7d:43:e3:c8:72:4c:06:76:41:64:b0:1d:80:
b7:aa:df:f2:42:36:b1:9e:d9:68:2a:ea:c0:c5:24:
da:e6:38:05:9c:9b:c3:1a:f8:d8:8c:d9:c4:5c:9a:
45:b2:2b:74:4e:ea:1f:21:2a:68:b8:ee:b6:0a:5c:
04:a4:3f:05:f5:20:60:d6:40:ef:f2:03:08:b8:70:
42:b6:b7:6d:a3:3e:82:8f:db:57:eb:ba:7c:55:1d:
42:35:77:08:d7:e7:90:9c:b4:20:e9:16:a6:c5:c2:
c3:d2:f9:55:8e:43:81:94:28:10:3e:80:c0:9f:18:
49:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:74:1A:E8:A6:A8:7B:04:E7:83:51:7F:01:97:57:D6:F7:6C:C2:3F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/kXQa6KaoewTng1F_AZdX1vdswj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.236.14.0/24
151.236.28.0/23
185.26.238.0/24
IPv6:
2a03:f87:abcd::-2a03:f87:abcf:ffff:ffff:ffff:ffff:ffff
2a03:f87:dcba::/48
2a03:f87:ecba::/48
2a03:f87:fcba::/48
Signature Algorithm: sha256WithRSAEncryption
6a:68:02:b1:e3:21:29:bf:38:b2:0d:67:58:cf:8c:34:44:68:
a6:36:41:2d:06:e8:ed:67:88:9f:77:7e:f2:19:9f:28:d6:28:
99:3d:76:70:95:b1:49:37:a3:e9:30:3a:98:8e:d7:84:78:39:
6e:14:e6:11:f9:90:22:93:e4:87:dd:95:a9:24:be:14:bc:3e:
89:0c:fa:91:cf:12:9c:0d:49:b6:56:91:32:13:f8:8d:5c:a1:
f1:81:b0:70:95:79:88:76:94:b3:d6:38:7b:ab:99:07:c5:af:
52:4b:43:cd:df:fe:23:c4:7f:e2:60:f5:d9:48:15:ab:ad:d0:
11:6c:59:85:97:06:9d:5f:85:6f:c8:e1:23:17:7f:23:b9:c8:
a8:92:26:fe:b3:ca:8b:13:db:03:77:19:dd:47:5e:c7:26:bd:
c4:4c:e9:9a:98:42:e1:f7:3c:f9:0a:42:13:0f:e5:86:b9:26:
cc:a3:4b:ec:de:2a:28:1f:de:84:8c:9d:8f:37:a4:0a:b0:57:
73:68:7c:25:85:22:23:33:1a:ee:2e:8c:74:65:60:2f:2a:c5:
76:e3:a1:ce:8f:f5:f3:27:3c:a5:34:db:49:51:86:9d:3b:48:
d5:58:b9:ab:d2:81:77:b0:34:38:48:e4:37:37:39:96:69:d9:
36:f9:bd:3f
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVsrv2AvBV+FfrjZq4HJYbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjMwMTAxMDkzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTc0MWFlOGE2YTg3YjA0ZTc4MzUxN2YwMTk3NTdkNmY3NmNjMjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXTauxMjb84LAAz3f6UX5ctpnxFr
liDMPzGjBz9GSVGdyBG/gnc7EJDku7jkOAOOVV/1dwyHTgiiUX9G8Y3zJj6XkVrz
57fDNYwO58IdiU4IrGFospwiiz55rGHu3kKQDmdsard//w6uVdAp5O66Y+KMzVw0
I2Gycujo0NrSOZRNVSewQzHeU31D48hyTAZ2QWSwHYC3qt/yQjaxntloKurAxSTa
5jgFnJvDGvjYjNnEXJpFsit0TuofISpouO62ClwEpD8F9SBg1kDv8gMIuHBCtrdt
oz6Cj9tX67p8VR1CNXcI1+eQnLQg6RamxcLD0vlVjkOBlCgQPoDAnxhJ5QIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFJF0GuimqHsE54NRfwGXV9b3bMI/MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEva1hRYTZLYW9ld1RuZzFGX0FaZFgxdmRzd2o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAYBAIAATASAwQAl+wOAwQB
l+wcAwQAuRruMDUEAgACMC8wEgMHACoDD4erzQMHBCoDD4erwAMHACoDD4fcugMH
ACoDD4fsugMHACoDD4f8ujANBgkqhkiG9w0BAQsFAAOCAQEAamgCseMhKb84sg1n
WM+MNERopjZBLQbo7WeIn3d+8hmfKNYomT12cJWxSTej6TA6mI7XhHg5bhTmEfmQ
IpPkh92VqSS+FLw+iQz6kc8SnA1JtlaRMhP4jVyh8YGwcJV5iHaUs9Y4e6uZB8Wv
UktDzd/+I8R/4mD12UgVq63QEWxZhZcGnV+Fb8jhIxd/I7nIqJIm/rPKixPbA3cZ
3Udexya9xEzpmphC4fc8+QpCEw/lhrkmzKNL7N4qKB/ehIydjzekCrBXc2h8JYUi
IzMa7i6MdGVgLyrFduOhzo/18yc8pTTbSVGGnTtI1Vi5q9KBd7A0OEjkNzc5lmnZ
Nvm9Pw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:58 2023 by rpki-client on console-ams.rpki-client.org