Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/71Dxfy6XZSScXL1MOO0vKtukevs.roa
File: 71Dxfy6XZSScXL1MOO0vKtukevs.roa (raw, json)
Hash identifier: tyYaBhUIHWULJuNSMdj9IOMvx5L+1MymdkAlqEtJg9M=
Subject key identifier: EF:50:F1:7F:2E:97:65:24:9C:5C:BD:4C:38:ED:2F:2A:DB:A4:7A:FB
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018B388DEA9116D3BF1C67E5A9EBE15764EC
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/71Dxfy6XZSScXL1MOO0vKtukevs.roa
Signing time: Mon 16 Oct 2023 12:55:06 +0000
ROA not before: Mon 16 Oct 2023 12:55:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207783
IP address blocks: 85.121.148.0/23 maxlen: 24
194.102.170.0/24 maxlen: 24
194.102.218.0/24 maxlen: 24
85.120.144.0/24 maxlen: 24
217.156.96.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:38:8d:ea:91:16:d3:bf:1c:67:e5:a9:eb:e1:57:64:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Oct 16 12:55:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ef50f17f2e9765249c5cbd4c38ed2f2adba47afb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:66:c9:eb:7e:1d:6f:65:a1:2d:f3:4d:05:6a:
ad:28:e7:2f:da:d2:57:a9:0d:33:56:18:62:e2:ef:
e9:6a:5e:48:d8:e6:76:ec:d1:d1:e6:f3:37:9d:a7:
30:29:da:a2:3a:97:9c:90:67:e5:2e:0a:f7:cc:6c:
c1:97:4f:70:5f:20:87:d1:86:b2:a0:32:86:75:0b:
1d:c9:f4:d2:07:cb:2f:04:9c:a6:b6:b3:61:2b:24:
12:f4:d1:fe:91:d1:b0:c5:06:8b:b5:1b:31:66:29:
82:99:4b:1c:31:2b:91:62:e2:5c:a8:5c:3f:10:21:
83:1c:2f:b9:2b:42:bd:a6:f6:1d:12:50:94:96:6d:
ef:b8:b8:75:42:d9:d6:b0:35:e4:73:47:1f:58:0f:
b3:85:5b:3b:5f:cb:47:07:ff:c7:e5:a9:4d:30:2a:
a3:40:d4:7f:2a:1b:c8:8a:64:f9:54:24:21:97:20:
bd:bc:bd:e9:5a:4d:6d:9d:50:45:a7:b6:4a:f0:3e:
96:07:71:a8:47:d8:7f:b1:c2:a8:11:96:c8:e6:6d:
f4:27:54:c2:df:35:f4:2f:5a:b0:6d:0c:54:8e:b2:
76:d1:91:42:9b:83:57:25:a1:06:71:7d:a1:b5:40:
59:48:5f:f8:6e:f9:a8:e9:f2:77:96:f7:8f:bf:d6:
53:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:50:F1:7F:2E:97:65:24:9C:5C:BD:4C:38:ED:2F:2A:DB:A4:7A:FB
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/71Dxfy6XZSScXL1MOO0vKtukevs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.144.0/24
85.121.148.0/23
194.102.170.0/24
194.102.218.0/24
217.156.96.0/24
Signature Algorithm: sha256WithRSAEncryption
78:b9:7b:2f:2a:d3:33:cc:44:19:9c:6d:71:ef:5a:53:ba:7e:
81:86:51:1f:7f:d7:e8:63:21:d0:27:53:28:92:22:f4:63:ba:
bb:27:52:22:0c:7b:f5:66:a4:17:d7:a1:30:3f:59:12:ac:61:
aa:7b:06:ab:c5:b9:44:da:5d:97:84:52:41:98:e6:b4:cb:de:
50:89:b6:9e:47:07:c1:1c:73:86:0d:a0:74:bc:d6:28:22:15:
42:26:f7:fd:b8:03:18:5e:16:f3:76:2c:7d:25:56:3a:1a:26:
66:9d:2c:6e:ea:f7:d4:3b:34:06:10:59:3c:fc:6e:e5:8d:23:
37:c7:17:01:b8:32:b0:80:57:ff:66:2c:10:ef:67:18:79:4b:
23:34:84:17:2a:8c:6a:45:27:46:57:86:5f:8e:b5:b3:4d:14:
57:73:9d:80:92:bd:88:88:bc:7b:b6:2e:ab:9f:4c:12:26:98:
77:91:6c:83:b4:06:17:c3:69:fc:7c:fe:e3:db:76:12:3a:fa:
b6:58:25:af:c9:71:e5:e9:67:c1:a4:26:b1:5e:eb:6e:9f:d9:
45:5c:7c:7d:2a:04:c0:b1:29:e8:43:40:a1:0c:b3:50:ff:90:
9d:ab:84:9c:ea:0f:cf:04:85:c1:6b:da:c4:ea:8e:c5:f3:21:
84:84:f8:72
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYs4jeqRFtO/HGflqevhV2TsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMxMDE2MTI1NTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjUwZjE3ZjJlOTc2NTI0OWM1Y2JkNGMzOGVkMmYyYWRiYTQ3YWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWbJ634db2WhLfNNBWqtKOcv2tJX
qQ0zVhhi4u/pal5I2OZ27NHR5vM3nacwKdqiOpeckGflLgr3zGzBl09wXyCH0Yay
oDKGdQsdyfTSB8svBJymtrNhKyQS9NH+kdGwxQaLtRsxZimCmUscMSuRYuJcqFw/
ECGDHC+5K0K9pvYdElCUlm3vuLh1QtnWsDXkc0cfWA+zhVs7X8tHB//H5alNMCqj
QNR/KhvIimT5VCQhlyC9vL3pWk1tnVBFp7ZK8D6WB3GoR9h/scKoEZbI5m30J1TC
3zX0L1qwbQxUjrJ20ZFCm4NXJaEGcX2htUBZSF/4bvmo6fJ3lvePv9ZTFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFO9Q8X8ul2UknFy9TDjtLyrbpHr7MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvNzFEeGZ5NlhaU1NjWEwxTU9PMHZLdHVrZXZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVXiQAwQB
VXmUAwQAwmaqAwQAwmbaAwQA2ZxgMA0GCSqGSIb3DQEBCwUAA4IBAQB4uXsvKtMz
zEQZnG1x71pTun6BhlEff9foYyHQJ1MokiL0Y7q7J1IiDHv1ZqQX16EwP1kSrGGq
ewarxblE2l2XhFJBmOa0y95QibaeRwfBHHOGDaB0vNYoIhVCJvf9uAMYXhbzdix9
JVY6GiZmnSxu6vfUOzQGEFk8/G7ljSM3xxcBuDKwgFf/ZiwQ72cYeUsjNIQXKoxq
RSdGV4ZfjrWzTRRXc52Akr2IiLx7ti6rn0wSJph3kWyDtAYXw2n8fP7j23YSOvq2
WCWvyXHl6WfBpCaxXutun9lFXHx9KgTAsSnoQ0ChDLNQ/5Cdq4Sc6g/PBIXBa9rE
6o7F8yGEhPhy
-----END CERTIFICATE-----
Generated at Thu Oct 26 08:31:45 2023 by rpki-client on console-ams.rpki-client.org