Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1-qiOZUse6x9ha-E43mIVnl-hyR8.roa
File: 1-qiOZUse6x9ha-E43mIVnl-hyR8.roa (raw, json)
Hash identifier: kHd1xTsJsn0jGrrMltvPJV1+ocC6a4Mxgg/UwZH2cCg=
Subject key identifier: FA:A8:8E:65:4B:1E:EB:1F:61:6B:E1:38:DE:62:15:9E:5F:A1:C9:1F
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 0189DB792AA4218D90B046D628D8ABD04840
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1-qiOZUse6x9ha-E43mIVnl-hyR8.roa
Signing time: Wed 09 Aug 2023 18:04:58 +0000
ROA not before: Wed 09 Aug 2023 18:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203936
IP address blocks: 193.39.94.0/24 maxlen: 24
193.39.93.0/24 maxlen: 24
193.39.92.0/24 maxlen: 24
193.39.92.0/22 maxlen: 22
185.253.144.0/22 maxlen: 22
185.253.147.0/24 maxlen: 24
45.144.248.0/22 maxlen: 22
2a0c:3cc0::/32 maxlen: 32
2a03:6280::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:79:2a:a4:21:8d:90:b0:46:d6:28:d8:ab:d0:48:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Aug 9 18:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=faa88e654b1eeb1f616be138de62159e5fa1c91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0c:79:1d:32:eb:b2:09:aa:75:80:ba:7e:5a:
94:bf:bb:e9:02:75:72:7e:1a:6c:9b:65:11:81:d3:
3e:c2:64:2c:8b:ad:08:d9:9c:4c:4e:92:56:9e:9c:
bf:c3:65:17:fb:11:67:a1:08:e3:0c:3b:2b:a6:e3:
72:aa:e7:c8:df:3f:e2:70:07:e8:14:8d:7c:66:a8:
8d:05:46:64:cc:1b:2a:3b:65:f8:62:d9:0d:86:a5:
17:d5:43:2f:94:8a:3a:94:a6:b4:5d:df:ea:41:78:
b6:c8:a5:5a:22:32:09:05:12:be:52:70:f7:5e:14:
be:3b:af:02:78:da:0c:8a:7e:b0:de:e5:25:a0:ee:
75:88:2e:6f:5b:89:70:71:e8:90:5a:4f:8a:b3:66:
5b:33:42:34:77:c9:ec:55:fe:03:a2:38:78:7c:a1:
5e:d4:ba:61:a9:d8:90:65:d8:ae:fc:38:c6:f8:8b:
23:e8:06:98:b4:a5:98:c1:1e:da:1b:c6:98:61:39:
0f:63:1a:b4:4f:64:71:e9:1e:7b:0f:c8:00:f4:9b:
35:1d:97:8d:4b:32:9b:66:05:b3:9a:2a:53:98:45:
d8:82:dd:f4:85:7b:e6:37:7b:d6:71:71:49:94:e7:
f9:1a:91:84:44:7e:24:e3:4e:bd:a0:d1:0d:18:2b:
74:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A8:8E:65:4B:1E:EB:1F:61:6B:E1:38:DE:62:15:9E:5F:A1:C9:1F
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/1-qiOZUse6x9ha-E43mIVnl-hyR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.248.0/22
185.253.144.0/22
193.39.92.0/22
IPv6:
2a03:6280::/29
2a0c:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
c0:07:da:b9:d9:53:f9:90:5e:46:e3:41:b6:ae:32:f1:8c:b7:
65:7b:66:15:65:09:a2:a8:b3:42:cc:05:cd:ca:aa:dd:60:1a:
f4:14:ba:e3:aa:71:90:5e:f8:9b:07:a7:15:e8:86:93:09:01:
6f:66:ce:00:21:f5:bf:dc:ca:ce:ae:f3:f0:c0:5b:4a:72:fc:
ee:37:6d:88:21:bb:12:6e:b4:b9:c0:fb:7d:ce:d7:b0:f2:1c:
8f:5e:fb:52:b7:0c:95:c7:7c:80:b4:47:bf:82:f0:2f:bf:0f:
d8:11:ba:23:e3:e9:88:45:6c:34:2f:34:60:8c:ba:01:47:69:
a2:8b:d1:48:0a:05:49:b4:52:3a:89:79:6d:d0:cd:63:02:05:
43:6d:e9:19:21:e9:21:9f:56:56:ca:a8:3a:42:24:b4:dd:f3:
e7:77:06:af:0e:f4:b2:28:0e:c2:be:7b:93:34:b2:3c:09:d5:
34:9d:72:7a:1f:05:90:10:c2:1a:6d:14:62:86:1c:b9:5b:ec:
f6:8d:99:fa:a2:1f:02:9c:0d:a1:f8:00:68:1e:8e:28:37:d2:
14:02:9f:f9:49:01:a9:10:ad:fb:d6:7a:1c:d8:ab:44:7d:f4:
a2:6d:d4:ef:10:46:ec:c8:80:6a:fc:41:56:d3:2d:6e:26:87:
06:4c:d6:1c
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYnbeSqkIY2QsEbWKNir0EhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjMwODA5MTgwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE4OGU2NTRiMWVlYjFmNjE2YmUxMzhkZTYyMTU5ZTVmYTFjOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQx5HTLrsgmqdYC6flqUv7vpAnVy
fhpsm2URgdM+wmQsi60I2ZxMTpJWnpy/w2UX+xFnoQjjDDsrpuNyqufI3z/icAfo
FI18ZqiNBUZkzBsqO2X4YtkNhqUX1UMvlIo6lKa0Xd/qQXi2yKVaIjIJBRK+UnD3
XhS+O68CeNoMin6w3uUloO51iC5vW4lwceiQWk+Ks2ZbM0I0d8nsVf4Dojh4fKFe
1LphqdiQZdiu/DjG+Isj6AaYtKWYwR7aG8aYYTkPYxq0T2Rx6R57D8gA9Js1HZeN
SzKbZgWzmipTmEXYgt30hXvmN3vWcXFJlOf5GpGERH4k4069oNENGCt0bwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFPqojmVLHusfYWvhON5iFZ5fockfMB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvMS1xaU9aVXNlNng5aGEtRTQzbUlWbmwtaHlSOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvMzU4NDE2LTI3NTItNDE1OS1hZGQ2LWNjM2ZiMzUxZTMz
Ni8xL0JadUctWjR0YTk0VS1vZVozbkhPUWJtQUlMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBBBggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi2Q+AME
Arn9kAMEAsEnXDAUBAIAAjAOAwUDKgNigAMFACoMPMAwDQYJKoZIhvcNAQELBQAD
ggEBAMAH2rnZU/mQXkbjQbauMvGMt2V7ZhVlCaKos0LMBc3Kqt1gGvQUuuOqcZBe
+JsHpxXohpMJAW9mzgAh9b/cys6u8/DAW0py/O43bYghuxJutLnA+33O17DyHI9e
+1K3DJXHfIC0R7+C8C+/D9gRuiPj6YhFbDQvNGCMugFHaaKL0UgKBUm0UjqJeW3Q
zWMCBUNt6Rkh6SGfVlbKqDpCJLTd8+d3Bq8O9LIoDsK+e5M0sjwJ1TSdcnofBZAQ
whptFGKGHLlb7PaNmfqiHwKcDaH4AGgejig30hQCn/lJAakQrfvWehzYq0R99KJt
1O8QRuzIgGr8QVbTLW4mhwZM1hw=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org