Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nqe8qv-OHhVl7HelXkYPveR7Lkk.roa
File: nqe8qv-OHhVl7HelXkYPveR7Lkk.roa (raw, json)
Hash identifier: 1+Rwk7DKl6sQKufbnAM7iaEMHzgEywGyKQmO5CdDDbU=
Subject key identifier: 9E:A7:BC:AA:FF:8E:1E:15:65:EC:77:A5:5E:46:0F:BD:E4:7B:2E:49
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018656F21DF992171FD641CC04BB1212D8D6
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nqe8qv-OHhVl7HelXkYPveR7Lkk.roa
Signing time: Wed 15 Feb 2023 21:19:13 +0000
ROA not before: Wed 15 Feb 2023 21:19:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 40676
IP address blocks: 193.221.192.0/24 maxlen: 24
193.221.193.0/24 maxlen: 24
193.221.194.0/24 maxlen: 24
83.143.118.0/24 maxlen: 24
83.143.119.0/24 maxlen: 24
45.90.144.0/24 maxlen: 24
212.107.13.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:56:f2:1d:f9:92:17:1f:d6:41:cc:04:bb:12:12:d8:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Feb 15 21:19:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9ea7bcaaff8e1e1565ec77a55e460fbde47b2e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:ec:53:97:a6:f0:9b:27:08:d4:a7:c9:4d:
70:b2:fe:96:0a:bc:ac:51:d2:77:da:51:6d:83:83:
55:11:ae:07:e0:e6:e6:e9:2c:c7:ec:0c:06:65:38:
c4:18:20:bb:4b:17:43:78:6b:74:75:a9:11:4b:ce:
f0:96:57:fc:49:42:40:2a:d1:c7:71:11:fc:c6:9d:
b5:8f:13:ae:1c:89:6d:bb:f9:cb:9f:5d:07:2b:a4:
bb:87:af:31:0e:23:b0:83:7b:e5:6b:b1:5d:ac:23:
c4:46:98:a4:1a:3e:0e:55:e7:b0:2a:01:bd:7e:11:
f3:28:d9:8a:40:c4:cd:f6:48:0b:2a:c3:c6:5e:98:
c2:46:8d:c8:28:1c:c2:03:2d:5b:be:fc:d9:99:f5:
ec:17:02:7b:5c:95:c4:6d:78:14:5d:9c:03:08:07:
97:ba:a8:da:27:f4:a3:62:a7:a4:39:0b:0a:32:3a:
4e:f0:67:ab:b9:b5:8f:e3:16:12:f3:eb:6b:9f:04:
e3:85:fa:49:3e:4d:52:ed:d1:4c:fb:9a:25:ef:8d:
4e:d7:7f:43:92:23:0a:2f:a5:bc:94:23:1a:49:1a:
25:7b:b8:3c:78:48:fa:ba:10:53:21:ce:c4:b2:02:
ba:aa:8e:73:39:80:e1:bc:8e:1f:b9:45:38:93:10:
6f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:A7:BC:AA:FF:8E:1E:15:65:EC:77:A5:5E:46:0F:BD:E4:7B:2E:49
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/nqe8qv-OHhVl7HelXkYPveR7Lkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.144.0/24
83.143.118.0/23
193.221.192.0-193.221.194.255
212.107.13.0/24
Signature Algorithm: sha256WithRSAEncryption
91:41:46:3d:6e:71:2f:64:d6:25:e5:9b:9e:6b:28:62:fc:e5:
1a:12:eb:94:f5:ca:28:5e:63:cd:b6:7d:af:37:5e:ac:37:41:
28:e8:d3:4b:3c:a4:ec:d8:a4:62:86:a5:2e:8b:32:c4:ca:01:
cc:cc:83:5a:d7:96:83:fa:35:a8:e9:07:3e:0d:8d:6f:eb:73:
63:a9:ba:0b:4c:6f:27:4b:36:dd:15:6e:95:b0:72:da:73:da:
d1:22:b4:57:4a:34:aa:09:e0:6a:d0:aa:b3:0d:c5:4b:32:a0:
ef:e0:c3:82:79:08:48:67:5c:64:dd:ed:e0:3e:58:55:11:60:
85:1b:cd:ed:41:cf:3b:5f:01:8a:36:2d:ed:4e:57:04:da:98:
89:df:c1:84:4c:c0:8a:90:c9:60:29:69:7a:94:45:eb:d2:27:
59:60:0c:f3:ef:cc:99:c5:9c:64:ef:7a:05:69:11:64:07:da:
ba:c6:94:83:ba:42:07:c9:2f:35:71:11:1b:03:6d:7b:9e:28:
f2:61:14:e9:7c:b3:65:cc:28:4a:cb:84:b1:6f:46:04:eb:77:
5f:f0:12:17:66:fb:69:fe:0c:66:1b:8a:0d:d8:bd:99:a8:00:
1e:24:b6:60:7e:8a:91:a0:24:4b:34:56:9c:d3:32:35:5a:02:
ab:e9:de:58
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYZW8h35khcf1kHMBLsSEtjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMjE1MjExOTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWE3YmNhYWZmOGUxZTE1NjVlYzc3YTU1ZTQ2MGZiZGU0N2IyZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaLsU5em8JsnCNSnyU1wsv6WCrys
UdJ32lFtg4NVEa4H4Obm6SzH7AwGZTjEGCC7SxdDeGt0dakRS87wllf8SUJAKtHH
cRH8xp21jxOuHIltu/nLn10HK6S7h68xDiOwg3vla7FdrCPERpikGj4OVeewKgG9
fhHzKNmKQMTN9kgLKsPGXpjCRo3IKBzCAy1bvvzZmfXsFwJ7XJXEbXgUXZwDCAeX
uqjaJ/SjYqekOQsKMjpO8GerubWP4xYS8+trnwTjhfpJPk1S7dFM+5ol741O139D
kiMKL6W8lCMaSRole7g8eEj6uhBTIc7EsgK6qo5zOYDhvI4fuUU4kxBv9wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFJ6nvKr/jh4VZex3pV5GD73key5JMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvbnFlOHF2LU9IaFZsN0hlbFhrWVB2ZVI3TGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALVqQAwQB
U492MAwDBAbB3cADBADB3cIDBADUaw0wDQYJKoZIhvcNAQELBQADggEBAJFBRj1u
cS9k1iXlm55rKGL85RoS65T1yiheY822fa83Xqw3QSjo00s8pOzYpGKGpS6LMsTK
AczMg1rXloP6NajpBz4NjW/rc2OpugtMbydLNt0VbpWwctpz2tEitFdKNKoJ4GrQ
qrMNxUsyoO/gw4J5CEhnXGTd7eA+WFURYIUbze1BzztfAYo2Le1OVwTamInfwYRM
wIqQyWApaXqURevSJ1lgDPPvzJnFnGTvegVpEWQH2rrGlIO6QgfJLzVxERsDbXue
KPJhFOl8s2XMKErLhLFvRgTrd1/wEhdm+2n+DGYbig3YvZmoAB4ktmB+ipGgJEs0
VpzTMjVaAqvp3lg=
-----END CERTIFICATE-----
Generated at Mon Sep 25 14:28:38 2023 by rpki-client on console-fra.rpki-client.org