Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/7xQj2SJlYW8FT40dLCVsPhz49zM.roa
File: 7xQj2SJlYW8FT40dLCVsPhz49zM.roa (raw, json)
Hash identifier: is/pvNvFGZHvpzIC2CcPXCbVnKE0hql6hYnSoIzap6M=
Subject key identifier: EF:14:23:D9:22:65:61:6F:05:4F:8D:1D:2C:25:6C:3E:1C:F8:F7:33
Certificate issuer: /CN=8c77013e488a09c709b632246d9405da458c5538
Certificate serial: 01856E6F8CD82C1E48BA513B0887EE0805BD
Authority key identifier: 8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/7xQj2SJlYW8FT40dLCVsPhz49zM.roa
Signing time: Sun 01 Jan 2023 17:44:42 +0000
ROA not before: Sun 01 Jan 2023 17:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51184
IP address blocks: 185.17.12.0/22 maxlen: 24
178.251.64.0/21 maxlen: 24
185.128.244.0/22 maxlen: 24
116.204.196.0/22 maxlen: 24
185.68.248.0/22 maxlen: 24
185.129.172.0/22 maxlen: 24
217.116.176.0/20 maxlen: 24
91.206.8.0/23 maxlen: 24
193.238.236.0/22 maxlen: 24
2a02:1748::/32 maxlen: 48
2a0c:ad40::/29 maxlen: 48
2a06:d500::/29 maxlen: 48
2001:1b98::/32 maxlen: 48
2a06:d180::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:6f:8c:d8:2c:1e:48:ba:51:3b:08:87:ee:08:05:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c77013e488a09c709b632246d9405da458c5538
Validity
Not Before: Jan 1 17:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef1423d92265616f054f8d1d2c256c3e1cf8f733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:92:fc:4d:bd:d1:78:b9:69:e1:54:75:f5:2c:
ea:19:e0:9d:f1:64:33:8b:45:14:ad:69:2f:80:9a:
4c:f1:cb:bd:2c:ce:e1:84:72:9d:de:fb:7f:dd:19:
e3:89:79:d7:20:55:a9:08:b2:4f:5f:42:13:35:1d:
1e:d9:01:c7:53:2e:d5:da:42:b8:eb:b2:04:7a:e0:
3e:41:b4:c1:ce:1c:99:3f:8d:d5:ae:c3:b2:16:cc:
bc:7b:ae:19:5e:6e:37:c6:b8:07:ac:ad:fe:72:89:
1f:b4:c5:2a:c4:b7:2d:e6:5e:ce:72:01:ac:8a:33:
39:23:eb:19:d5:54:11:14:3e:a3:61:f5:c1:70:8d:
f4:c1:83:33:31:09:e7:12:50:0d:1b:4e:e0:8e:95:
3d:80:88:22:0d:9f:1d:0f:4a:11:5d:4a:58:23:8e:
09:69:9e:9e:e5:7a:2e:a4:1a:92:52:81:7a:59:85:
f9:9e:bf:d9:0a:1a:b5:07:e6:c6:92:7f:2a:f0:d0:
7d:a3:e2:ef:d8:41:95:39:0d:b1:eb:e6:87:44:84:
14:e0:ef:99:81:b4:e0:91:ef:15:61:94:99:66:c2:
7b:f3:69:df:bd:62:a5:02:86:ce:31:e0:a3:c1:2f:
aa:71:3f:82:ae:c1:04:e1:c1:93:5b:4f:11:92:e9:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:14:23:D9:22:65:61:6F:05:4F:8D:1D:2C:25:6C:3E:1C:F8:F7:33
X509v3 Authority Key Identifier:
keyid:8C:77:01:3E:48:8A:09:C7:09:B6:32:24:6D:94:05:DA:45:8C:55:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jHcBPkiKCccJtjIkbZQF2kWMVTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/7xQj2SJlYW8FT40dLCVsPhz49zM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/168509-2cf3-483d-bcd8-02129533a33d/1/jHcBPkiKCccJtjIkbZQF2kWMVTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.8.0/23
116.204.196.0/22
178.251.64.0/21
185.17.12.0/22
185.68.248.0/22
185.128.244.0/22
185.129.172.0/22
193.238.236.0/22
217.116.176.0/20
IPv6:
2001:1b98::/32
2a02:1748::/32
2a06:d180::/29
2a06:d500::/29
2a0c:ad40::/29
Signature Algorithm: sha256WithRSAEncryption
7c:3b:00:cc:15:9e:7f:d6:13:be:e7:b0:83:51:dc:a9:85:3a:
06:93:6f:f2:50:85:c7:c8:e5:d4:a5:9a:6a:d9:77:85:0a:23:
45:47:13:6b:9f:40:80:29:75:b5:5d:05:74:51:98:0f:3f:d9:
83:0b:8f:24:78:10:3c:1c:81:d3:2a:90:bf:23:e1:cf:c9:c6:
00:6a:c5:e4:58:1f:18:db:57:30:07:f7:f8:6b:21:f7:1e:3b:
50:d9:2c:c8:fc:5e:9f:cb:ac:a5:5d:98:f2:4c:75:af:d1:50:
73:66:32:99:71:92:fb:57:c4:d0:08:9e:a4:a1:95:19:8a:dc:
45:7a:7f:00:1d:fe:e8:20:75:a3:2c:7c:19:e6:63:57:67:5b:
28:87:77:fa:69:36:c4:91:43:99:5c:e3:1f:5f:75:de:5c:80:
75:60:4b:82:0c:bd:33:b1:d9:5c:3e:35:36:44:df:e3:86:1f:
99:8e:d4:27:60:56:b2:9c:28:28:e6:9f:90:99:0b:1f:5a:cb:
a2:8b:61:e8:e0:6b:6f:ca:2f:16:15:c0:30:a7:9e:94:7c:f4:
c5:8f:c8:0e:1e:42:9d:eb:e5:74:50:c7:4a:e9:35:e3:e4:2d:
53:43:dd:e7:b1:cf:b0:9f:23:f0:9a:d9:bc:a9:84:a4:7f:d4:
7a:cc:13:ec
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYVub4zYLB5IulE7CIfuCAW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNzcwMTNlNDg4YTA5YzcwOWI2MzIyNDZkOTQwNWRhNDU4
YzU1MzgwHhcNMjMwMTAxMTc0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjE0MjNkOTIyNjU2MTZmMDU0ZjhkMWQyYzI1NmMzZTFjZjhmNzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZL8Tb3ReLlp4VR19SzqGeCd8WQz
i0UUrWkvgJpM8cu9LM7hhHKd3vt/3RnjiXnXIFWpCLJPX0ITNR0e2QHHUy7V2kK4
67IEeuA+QbTBzhyZP43VrsOyFsy8e64ZXm43xrgHrK3+cokftMUqxLct5l7OcgGs
ijM5I+sZ1VQRFD6jYfXBcI30wYMzMQnnElANG07gjpU9gIgiDZ8dD0oRXUpYI44J
aZ6e5XoupBqSUoF6WYX5nr/ZChq1B+bGkn8q8NB9o+Lv2EGVOQ2x6+aHRIQU4O+Z
gbTgke8VYZSZZsJ782nfvWKlAobOMeCjwS+qcT+CrsEE4cGTW08Rkun5ywIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFO8UI9kiZWFvBU+NHSwlbD4c+PczMB8GA1UdIwQY
MBaAFIx3AT5IignHCbYyJG2UBdpFjFU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgt
MDIxMjk1MzNhMzNkLzEvN3hRajJTSmxZVzhGVDQwZExDVnNQaHo0OXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS8xNjg1MDktMmNmMy00ODNkLWJjZDgtMDIxMjk1MzNhMzNk
LzEvakhjQlBraUtDY2NKdGpJa2JaUUYya1dNVlRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTA8BAIAATA2AwQBW84IAwQC
dMzEAwQDsvtAAwQCuREMAwQCuUT4AwQCuYD0AwQCuYGsAwQCwe7sAwQE2XSwMCkE
AgACMCMDBQAgARuYAwUAKgIXSAMFAyoG0YADBQMqBtUAAwUDKgytQDANBgkqhkiG
9w0BAQsFAAOCAQEAfDsAzBWef9YTvuewg1HcqYU6BpNv8lCFx8jl1KWaatl3hQoj
RUcTa59AgCl1tV0FdFGYDz/ZgwuPJHgQPByB0yqQvyPhz8nGAGrF5FgfGNtXMAf3
+Gsh9x47UNksyPxen8uspV2Y8kx1r9FQc2YymXGS+1fE0AiepKGVGYrcRXp/AB3+
6CB1oyx8GeZjV2dbKId3+mk2xJFDmVzjH1913lyAdWBLggy9M7HZXD41NkTf44Yf
mY7UJ2BWspwoKOafkJkLH1rLooth6OBrb8ovFhXAMKeelHz0xY/IDh5CnevldFDH
Suk14+QtU0Pd57HPsJ8j8JrZvKmEpH/UeswT7A==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:09:23 2024 by rpki-client on console-ams.rpki-client.org