Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/Cq7zkTPqLzJriMuYp23DUHMfZkY.roa
File: Cq7zkTPqLzJriMuYp23DUHMfZkY.roa (raw, json)
Hash identifier: jD0YVsyoClTMink2TH9kD7HgxMJTM3dSKGQbJXwv9+0=
Subject key identifier: 0A:AE:F3:91:33:EA:2F:32:6B:88:CB:98:A7:6D:C3:50:73:1F:66:46
Certificate issuer: /CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Certificate serial: 018570796DFCC43CAA19E72B593D7796B21A
Authority key identifier: F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/Cq7zkTPqLzJriMuYp23DUHMfZkY.roa
Signing time: Mon 02 Jan 2023 03:14:44 +0000
ROA not before: Mon 02 Jan 2023 03:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51167
IP address blocks: 185.137.122.0/24 maxlen: 32
94.250.202.0/24 maxlen: 32
94.250.201.0/24 maxlen: 32
94.250.203.0/24 maxlen: 32
176.57.150.0/24 maxlen: 32
176.57.184.0/24 maxlen: 32
176.57.188.0/24 maxlen: 32
176.57.189.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:6d:fc:c4:3c:aa:19:e7:2b:59:3d:77:96:b2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8857ecf441e5ea1d7181fec7e97e6dbc1220fc2
Validity
Not Before: Jan 2 03:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0aaef39133ea2f326b88cb98a76dc350731f6646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:13:e1:f2:b3:f5:2f:9e:54:58:ed:9b:34:43:
b7:da:2b:7c:f7:a4:8f:cf:af:8f:fe:b2:90:98:f2:
93:94:c4:cc:90:11:5e:ab:8e:f6:9b:2f:23:51:fb:
20:65:c5:78:85:2e:df:46:4f:4d:b6:dc:af:3a:2b:
32:5b:df:73:a5:0f:e9:36:d2:63:7e:2b:20:58:ce:
f7:9d:f8:cc:50:13:d5:de:eb:d0:cf:a7:1f:8a:bc:
0d:7f:a7:9d:35:e4:0d:89:00:c7:1a:3e:26:53:17:
f5:a9:13:60:25:87:e2:67:cc:0d:2d:00:4e:0e:b5:
71:79:5a:8a:b4:8a:24:1f:84:89:81:e3:e9:79:fd:
ac:ff:43:8e:42:c3:fd:20:33:18:42:20:08:6e:05:
1c:6f:6d:dc:84:1b:81:3f:b3:25:a3:4f:ff:8a:5b:
b8:29:dd:df:f3:7f:e1:85:a9:70:ee:29:ea:f2:71:
bf:9e:9f:e9:fe:31:29:36:98:83:92:fc:49:6b:ad:
27:65:fc:e5:7f:d0:f1:8a:40:f6:eb:8b:ad:8b:04:
bc:95:8f:ed:e2:20:e9:ce:ab:e7:a9:7d:1f:52:a0:
ca:06:9f:d2:18:25:46:50:48:85:91:61:e3:14:ce:
d9:07:e4:ac:00:65:b2:ec:ae:2c:df:f8:73:1f:2f:
92:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:AE:F3:91:33:EA:2F:32:6B:88:CB:98:A7:6D:C3:50:73:1F:66:46
X509v3 Authority Key Identifier:
keyid:F8:85:7E:CF:44:1E:5E:A1:D7:18:1F:EC:7E:97:E6:DB:C1:22:0F:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-IV-z0QeXqHXGB_sfpfm28EiD8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/Cq7zkTPqLzJriMuYp23DUHMfZkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/c84976-d5ea-4e7f-8ed3-a89f81776406/1/1-IV-z0QeXqHXGB_sfpfm28EiD8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.250.201.0-94.250.203.255
176.57.150.0/24
176.57.184.0/24
176.57.188.0/23
185.137.122.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:69:5a:47:0b:10:6f:c5:45:fd:31:79:aa:21:77:44:db:28:
ac:95:e6:17:de:20:80:3b:fd:fc:1a:13:3d:53:a6:69:93:0d:
4e:f6:26:5a:5d:73:ff:8a:a7:9b:f7:7f:51:11:19:89:8f:c3:
73:8d:e6:4d:9d:6f:fb:68:f9:6c:3c:52:34:bf:a9:71:66:3a:
c7:bd:48:53:3c:a5:a8:ca:38:95:59:19:98:2e:2e:4a:17:64:
7e:cd:d5:cc:8b:9c:03:63:6b:3f:f2:04:1a:7a:7c:68:39:00:
c4:c1:9f:9e:6b:b4:38:da:a0:be:aa:93:d6:6c:bf:94:d3:da:
89:89:02:e4:35:47:83:60:99:8c:df:d3:fa:86:18:7f:bd:af:
46:e5:7b:bb:a5:61:84:eb:ae:bc:de:48:a4:dc:d1:94:e8:60:
36:36:35:3a:bf:bc:f1:38:90:97:97:88:01:09:28:a1:25:3a:
a3:65:da:ab:c3:98:da:30:e3:39:1b:06:72:cd:f4:12:99:47:
17:dd:3a:d9:f5:90:38:c1:bc:20:7a:c9:bc:97:65:01:b4:fa:
18:ef:4b:d1:11:aa:6e:7c:f4:2c:21:b8:1a:73:48:45:cf:94:
2f:4d:fd:56:01:99:ed:f3:9a:f6:68:03:b1:0f:ea:3d:d3:a3:
f6:4f:61:d2
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYVweW38xDyqGecrWT13lrIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ODU3ZWNmNDQxZTVlYTFkNzE4MWZlYzdlOTdlNmRiYzEy
MjBmYzIwHhcNMjMwMTAyMDMxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWFlZjM5MTMzZWEyZjMyNmI4OGNiOThhNzZkYzM1MDczMWY2NjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhPh8rP1L55UWO2bNEO32it896SP
z6+P/rKQmPKTlMTMkBFeq472my8jUfsgZcV4hS7fRk9NttyvOisyW99zpQ/pNtJj
fisgWM73nfjMUBPV3uvQz6cfirwNf6edNeQNiQDHGj4mUxf1qRNgJYfiZ8wNLQBO
DrVxeVqKtIokH4SJgePpef2s/0OOQsP9IDMYQiAIbgUcb23chBuBP7Mlo0//ilu4
Kd3f83/hhalw7inq8nG/np/p/jEpNpiDkvxJa60nZfzlf9DxikD264utiwS8lY/t
4iDpzqvnqX0fUqDKBp/SGCVGUEiFkWHjFM7ZB+SsAGWy7K4s3/hzHy+SOwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAqu85Ez6i8ya4jLmKdtw1BzH2ZGMB8GA1UdIwQY
MBaAFPiFfs9EHl6h1xgf7H6X5tvBIg/CMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1JVi16MFFlWHFIWEdCX3NmcGZtMjhFaUQ4SS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQz
LWE4OWY4MTc3NjQwNi8xL0NxN3prVFBxTHpKcmlNdVlwMjNEVUhNZlprWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmEvYzg0OTc2LWQ1ZWEtNGU3Zi04ZWQzLWE4OWY4MTc3NjQw
Ni8xLzEtSVYtejBRZVhxSFhHQl9zZnBmbTI4RWlEOEkuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwPwYIKwYBBQUHAQcBAf8EMDAuMCwEAgABMCYwDAMEAF76
yQMEAl76yAMEALA5lgMEALA5uAMEAbA5vAMEALmJejANBgkqhkiG9w0BAQsFAAOC
AQEADGlaRwsQb8VF/TF5qiF3RNsorJXmF94ggDv9/BoTPVOmaZMNTvYmWl1z/4qn
m/d/UREZiY/Dc43mTZ1v+2j5bDxSNL+pcWY6x71IUzylqMo4lVkZmC4uShdkfs3V
zIucA2NrP/IEGnp8aDkAxMGfnmu0ONqgvqqT1my/lNPaiYkC5DVHg2CZjN/T+oYY
f72vRuV7u6VhhOuuvN5IpNzRlOhgNjY1Or+88TiQl5eIAQkooSU6o2Xaq8OY2jDj
ORsGcs30EplHF9062fWQOMG8IHrJvJdlAbT6GO9L0RGqbnz0LCG4GnNIRc+UL039
VgGZ7fOa9mgDsQ/qPdOj9k9h0g==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:24 2024 by rpki-client on console-fra.rpki-client.org