Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tHS63VkuthAKqaRum0rqZsZuKLs.roa
File: tHS63VkuthAKqaRum0rqZsZuKLs.roa (raw, json)
Hash identifier: u3Q1FrP9WpR6ENxzL4qfkFdzwq4tktoCaQZV+bMx/Ws=
Subject key identifier: B4:74:BA:DD:59:2E:B6:10:0A:A9:A4:6E:9B:4A:EA:66:C6:6E:28:BB
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01856F14E4EF30E322539C42C5D3DD42D616
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tHS63VkuthAKqaRum0rqZsZuKLs.roa
Signing time: Sun 01 Jan 2023 20:45:18 +0000
ROA not before: Sun 01 Jan 2023 20:45:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 85.122.82.0/24 maxlen: 24
85.122.112.0/23 maxlen: 24
194.102.168.0/22 maxlen: 24
85.120.12.0/23 maxlen: 24
217.156.84.0/24 maxlen: 24
194.102.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e4:ef:30:e3:22:53:9c:42:c5:d3:dd:42:d6:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 20:45:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b474badd592eb6100aa9a46e9b4aea66c66e28bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c6:f9:8b:4f:56:02:1a:01:29:d4:00:a9:f0:
68:3e:47:64:96:16:e8:16:43:46:0b:7a:53:c6:e4:
39:b0:a4:3b:4c:64:23:50:42:e0:1e:66:b0:02:ee:
59:fb:53:f6:18:e5:31:71:12:78:fa:f1:1b:0c:70:
77:91:8e:cb:59:6f:4b:a9:a1:b4:b5:1c:74:7f:e9:
9f:09:59:76:09:ea:42:21:53:fa:b6:98:f1:82:e8:
c3:9c:0d:35:df:b9:1b:30:71:df:79:b7:d8:93:61:
f7:a6:1f:71:26:e8:f8:97:5a:84:51:fb:8f:1a:52:
ae:b5:67:23:04:85:a4:3c:01:f1:f0:f3:67:53:b8:
1a:ad:53:c9:4f:ff:3e:c8:33:74:fa:6a:27:17:9c:
9b:8a:0e:6e:62:43:bf:c3:a7:ad:a2:f7:a9:b7:3b:
63:2e:6b:5e:c8:74:b3:a2:bf:1d:09:df:fb:de:3c:
f2:d2:93:f7:d6:3f:5e:14:98:25:89:35:ac:51:0a:
27:ce:0b:22:38:91:50:65:d9:27:00:d8:32:88:88:
b4:db:35:d7:48:5b:00:46:8f:81:9f:31:18:0e:11:
9b:26:aa:ec:99:da:34:15:81:75:8b:e3:92:e3:32:
e1:69:d6:a2:45:2e:c0:20:06:de:44:51:01:59:4f:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:74:BA:DD:59:2E:B6:10:0A:A9:A4:6E:9B:4A:EA:66:C6:6E:28:BB
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/tHS63VkuthAKqaRum0rqZsZuKLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.12.0/23
85.122.82.0/24
85.122.112.0/23
194.102.168.0/22
194.102.218.0/24
217.156.84.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:4f:31:33:6d:9a:2c:3c:79:3f:19:f2:3b:06:9e:e8:bf:b6:
26:34:00:22:ae:5c:00:a5:7f:23:eb:00:45:a5:6c:7c:b8:bf:
e0:37:71:30:40:81:56:09:07:0a:de:1a:7e:27:1a:31:37:27:
dd:20:fb:9c:49:2b:64:99:26:0e:66:85:51:9a:b9:b9:ba:eb:
13:e7:0a:8f:32:83:38:d9:5a:3f:88:1b:7c:9e:82:94:36:bd:
93:b4:57:b0:90:c9:11:41:a1:ec:1c:15:7a:28:27:7f:d9:1f:
50:1c:c6:d8:5a:d0:6a:c3:fc:a9:8e:09:4e:22:90:01:10:eb:
5c:62:4b:b5:6d:cc:59:5a:0e:f8:89:45:53:5c:3e:c3:94:fa:
c3:d1:0c:20:79:97:9d:0f:4c:99:5e:43:49:02:a9:49:fc:97:
a3:09:bd:6e:06:8e:2e:0c:58:48:b2:a8:a7:d2:a2:ac:15:14:
29:7e:46:f3:51:e6:d2:b3:32:3f:fa:ab:c8:ab:64:d9:5f:23:
58:99:ca:21:ce:e0:0b:0b:64:27:18:f5:c6:75:1b:34:86:a0:
a5:b7:4b:d8:02:42:e6:b0:80:46:2d:f9:dc:33:ed:ea:dd:f2:
99:10:d8:17:9a:ef:27:62:87:7e:09:1f:ca:fe:c9:3b:59:84:
66:bf:c6:15
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvFOTvMOMiU5xCxdPdQtYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjMwMTAxMjA0NTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDc0YmFkZDU5MmViNjEwMGFhOWE0NmU5YjRhZWE2NmM2NmUyOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Mb5i09WAhoBKdQAqfBoPkdklhbo
FkNGC3pTxuQ5sKQ7TGQjUELgHmawAu5Z+1P2GOUxcRJ4+vEbDHB3kY7LWW9LqaG0
tRx0f+mfCVl2CepCIVP6tpjxgujDnA0137kbMHHfebfYk2H3ph9xJuj4l1qEUfuP
GlKutWcjBIWkPAHx8PNnU7garVPJT/8+yDN0+monF5ybig5uYkO/w6etoveptztj
LmteyHSzor8dCd/73jzy0pP31j9eFJgliTWsUQonzgsiOJFQZdknANgyiIi02zXX
SFsARo+BnzEYDhGbJqrsmdo0FYF1i+OS4zLhadaiRS7AIAbeRFEBWU95QQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLR0ut1ZLrYQCqmkbptK6mbGbii7MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvdEhTNjNWa3V0aEFLcWFSdW0wcnFac1p1S0xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVXgMAwQA
VXpSAwQBVXpwAwQCwmaoAwQAwmbaAwQA2ZxUMA0GCSqGSIb3DQEBCwUAA4IBAQCO
TzEzbZosPHk/GfI7Bp7ov7YmNAAirlwApX8j6wBFpWx8uL/gN3EwQIFWCQcK3hp+
JxoxNyfdIPucSStkmSYOZoVRmrm5uusT5wqPMoM42Vo/iBt8noKUNr2TtFewkMkR
QaHsHBV6KCd/2R9QHMbYWtBqw/ypjglOIpABEOtcYku1bcxZWg74iUVTXD7DlPrD
0QwgeZedD0yZXkNJAqlJ/JejCb1uBo4uDFhIsqin0qKsFRQpfkbzUebSszI/+qvI
q2TZXyNYmcohzuALC2QnGPXGdRs0hqClt0vYAkLmsIBGLfncM+3q3fKZENgXmu8n
Yod+CR/K/sk7WYRmv8YV
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:28 2023 by rpki-client on console-fra.rpki-client.org