Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/0QQj8aVPFeKhitqap0fLMMGgL0o.roa
File: 0QQj8aVPFeKhitqap0fLMMGgL0o.roa (raw, json)
Hash identifier: CtBlG88jC0Z3GnMITxdsogglLX1P8Wv07lcOCO/XyaE=
Subject key identifier: D1:04:23:F1:A5:4F:15:E2:A1:8A:DA:9A:A7:47:CB:30:C1:A0:2F:4A
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 01856F796427CBEB5B51D9AA02D21349BF5F
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/0QQj8aVPFeKhitqap0fLMMGgL0o.roa
Signing time: Sun 01 Jan 2023 22:35:04 +0000
ROA not before: Sun 01 Jan 2023 22:35:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43658
IP address blocks: 94.232.208.0/21 maxlen: 21
176.97.0.0/21 maxlen: 21
91.197.168.0/22 maxlen: 22
91.218.72.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:79:64:27:cb:eb:5b:51:d9:aa:02:d2:13:49:bf:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Jan 1 22:35:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d10423f1a54f15e2a18ada9aa747cb30c1a02f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:2e:1d:e1:a4:3e:6d:b1:22:b7:3f:3e:5f:
20:da:c0:5e:92:03:31:e2:26:12:81:17:e8:0f:b8:
c2:10:72:be:ba:42:51:11:18:9f:00:ff:cd:fb:80:
e7:1f:55:ec:da:5a:02:92:87:96:a3:0e:12:7c:84:
fd:fc:ea:64:ff:70:16:56:f3:2b:25:8a:30:c6:b4:
29:3e:50:9a:74:b1:e7:38:b2:7f:78:85:bf:04:dc:
63:e7:ad:0a:e0:d5:b6:58:40:9e:fe:cf:80:de:cd:
e5:b4:b5:a1:b6:77:95:e9:6f:29:11:39:4c:a8:ee:
26:68:2e:15:5d:a5:2d:41:a7:47:62:12:b7:00:68:
55:89:38:f5:84:60:70:eb:a2:1b:a0:85:53:a1:cb:
92:02:e7:98:46:28:43:e5:23:75:af:aa:2b:56:68:
52:cd:e7:89:ba:25:90:f7:68:1a:a9:53:e3:89:f9:
b4:18:ab:c7:fc:d3:24:44:ce:b0:13:50:b0:12:1a:
87:75:73:e9:53:a9:5c:70:c2:ad:bd:f8:3f:01:be:
a7:12:ed:28:49:19:59:75:46:45:82:b8:c4:05:ea:
83:83:c3:21:bd:9e:8a:15:90:7f:cf:78:45:eb:98:
5d:ea:b8:bb:cf:da:1e:07:a1:ac:1f:eb:d7:41:7c:
7c:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:04:23:F1:A5:4F:15:E2:A1:8A:DA:9A:A7:47:CB:30:C1:A0:2F:4A
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/0QQj8aVPFeKhitqap0fLMMGgL0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0/21
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:dc:fa:3c:cd:ad:dc:db:e2:99:26:98:ad:f4:fa:4b:02:3d:
84:ca:87:e0:12:a6:c1:b7:c8:2f:66:04:51:59:9f:00:3a:6c:
cc:7f:30:14:65:c0:bc:04:56:a2:e3:95:ae:2c:5f:af:f9:64:
a9:09:88:4f:be:15:30:e7:1a:34:6d:4a:ad:08:aa:ea:39:c6:
c9:ab:51:f7:cf:30:29:b9:ce:de:db:f1:42:ee:c4:6f:07:ef:
f9:86:a4:e0:67:9e:fc:fd:bc:66:1f:83:e3:4d:09:f0:c0:9b:
97:f2:91:1a:02:a9:13:37:4c:aa:98:43:18:b9:16:5f:01:de:
df:8a:86:0a:67:8c:5e:48:2c:4f:52:7b:71:e1:ac:8a:09:2c:
20:c1:e7:f6:88:e1:59:8d:8a:15:f9:f7:57:53:45:b6:2e:71:
fd:8a:17:77:4e:5e:93:34:13:b0:03:df:ef:08:3c:a1:39:6f:
d9:a4:cd:1e:84:20:a3:90:d9:82:0e:2e:b0:d2:ef:80:ec:f0:
50:af:a8:53:9d:5c:a4:45:15:d5:66:9d:99:e0:4d:8c:05:a6:
ef:a2:f4:cd:ee:6a:94:95:4c:97:e6:d5:38:89:b5:d3:b3:22:
49:3e:2c:b2:28:47:96:7b:77:b4:03:fc:31:17:ac:55:0f:9f:
ad:91:a5:5f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVveWQny+tbUdmqAtITSb9fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjMwMTAxMjIzNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTA0MjNmMWE1NGYxNWUyYTE4YWRhOWFhNzQ3Y2IzMGMxYTAyZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjusuHeGkPm2xIrc/Pl8g2sBekgMx
4iYSgRfoD7jCEHK+ukJRERifAP/N+4DnH1Xs2loCkoeWow4SfIT9/Opk/3AWVvMr
JYowxrQpPlCadLHnOLJ/eIW/BNxj560K4NW2WECe/s+A3s3ltLWhtneV6W8pETlM
qO4maC4VXaUtQadHYhK3AGhViTj1hGBw66IboIVTocuSAueYRihD5SN1r6orVmhS
zeeJuiWQ92gaqVPjifm0GKvH/NMkRM6wE1CwEhqHdXPpU6lccMKtvfg/Ab6nEu0o
SRlZdUZFgrjEBeqDg8MhvZ6KFZB/z3hF65hd6ri7z9oeB6GsH+vXQXx8BwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNEEI/GlTxXioYramqdHyzDBoC9KMB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvMFFRajhhVlBGZUtoaXRxYXAwZkxNTUdnTDBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8WoAwQC
W9pIAwQDXujQAwQDsGEAMA0GCSqGSIb3DQEBCwUAA4IBAQB83Po8za3c2+KZJpit
9PpLAj2EyofgEqbBt8gvZgRRWZ8AOmzMfzAUZcC8BFai45WuLF+v+WSpCYhPvhUw
5xo0bUqtCKrqOcbJq1H3zzApuc7e2/FC7sRvB+/5hqTgZ578/bxmH4PjTQnwwJuX
8pEaAqkTN0yqmEMYuRZfAd7fioYKZ4xeSCxPUntx4ayKCSwgwef2iOFZjYoV+fdX
U0W2LnH9ihd3Tl6TNBOwA9/vCDyhOW/ZpM0ehCCjkNmCDi6w0u+A7PBQr6hTnVyk
RRXVZp2Z4E2MBabvovTN7mqUlUyX5tU4ibXTsyJJPiyyKEeWe3e0A/wxF6xVD5+t
kaVf
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:33:58 2024 by rpki-client on console-fra.rpki-client.org