Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qx7K1TZK-SWt-C7UnOvLs9HDkpU.roa
File: qx7K1TZK-SWt-C7UnOvLs9HDkpU.roa (raw, json)
Hash identifier: zsscWhAuS3gQpd5mELEH0Q66KF1e2V4hPMtDWF80wJ0=
Subject key identifier: AB:1E:CA:D5:36:4A:F9:25:AD:F8:2E:D4:9C:EB:CB:B3:D1:C3:92:95
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 01863AF89961AB06397D28755B5E632BDA6F
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qx7K1TZK-SWt-C7UnOvLs9HDkpU.roa
Signing time: Fri 10 Feb 2023 10:56:56 +0000
ROA not before: Fri 10 Feb 2023 10:56:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
185.220.57.0/24 maxlen: 24
185.220.56.0/24 maxlen: 24
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.7.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:f8:99:61:ab:06:39:7d:28:75:5b:5e:63:2b:da:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Feb 10 10:56:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ab1ecad5364af925adf82ed49cebcbb3d1c39295
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6c:58:c9:d5:5a:75:31:3d:19:30:4e:b1:f8:
db:fc:53:36:3d:52:06:8c:02:c1:b8:0d:02:d4:f2:
79:dc:1a:51:cf:3c:65:73:66:0f:ca:08:fb:a8:8e:
0d:09:8b:af:c4:b0:27:86:e3:71:6d:c7:72:d0:63:
9b:f2:74:20:1b:64:bd:70:68:6a:4a:1b:8a:13:89:
e0:ca:d6:8d:b0:c3:cf:53:81:10:57:56:f7:26:40:
6d:68:40:71:ab:97:d0:4c:9a:85:17:aa:b2:65:af:
70:2c:2b:21:ff:b2:e5:3f:79:61:08:f1:17:76:11:
31:1c:6f:7f:a2:62:1c:ba:06:f6:26:06:f0:4e:65:
78:a8:da:16:96:cc:0f:fa:ee:6e:19:74:ad:a2:10:
ce:04:45:a3:a6:f3:bc:9c:2a:ad:b9:97:ef:e4:a0:
75:24:64:31:8f:35:44:84:8c:c2:80:6e:dc:66:3b:
c1:3c:ab:67:8f:80:ba:be:9a:b6:7b:70:f4:ab:08:
00:64:a5:eb:a1:66:d6:41:9f:68:58:e4:3b:c1:ab:
3c:fd:14:91:72:84:b2:b0:57:80:15:ae:cb:45:4f:
d4:ae:2a:38:20:86:15:36:07:e6:8a:e5:e2:f6:5c:
5e:14:f2:3b:47:db:4b:a3:7d:2f:5d:8d:19:91:07:
96:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:1E:CA:D5:36:4A:F9:25:AD:F8:2E:D4:9C:EB:CB:B3:D1:C3:92:95
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/qx7K1TZK-SWt-C7UnOvLs9HDkpU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.56.0/22
194.107.229.0/24
194.110.1.0/24
194.110.7.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
96:75:23:5d:d6:50:b0:fe:0f:e9:44:f8:ad:1b:89:ad:7b:9d:
bd:2a:da:28:10:d9:66:72:8d:a8:cb:d2:79:c3:e5:05:da:60:
6b:d9:28:17:4b:86:59:02:7a:3d:2d:18:79:a5:99:bf:8c:e4:
df:4d:a1:b8:29:ee:fd:dc:8e:b8:53:0d:af:c7:5d:ee:24:2a:
1d:e4:c7:ee:68:21:9a:62:2b:2b:2f:be:98:f7:a6:47:20:fd:
8d:d6:ea:f5:cc:d5:72:2d:cb:1c:28:30:88:04:bb:da:aa:92:
b1:7c:22:86:4f:64:ed:64:e7:a3:c6:c8:03:49:39:4c:26:c4:
9b:6f:b9:53:f9:34:2f:2a:bc:83:ee:ca:cb:bb:72:31:5a:91:
a1:af:9e:df:92:a2:48:6a:26:73:f7:02:b4:87:37:e7:1f:b4:
ad:ad:f2:ba:f1:47:04:96:de:d0:56:7b:4b:eb:e6:bd:d3:ca:
2d:7f:69:44:ef:27:f4:e6:6e:97:c3:85:a5:c8:5e:99:70:46:
1c:a1:4c:1a:7e:33:75:1f:2b:f9:6e:e6:60:2c:fe:93:e3:04:
96:31:20:16:86:51:73:56:c0:1d:99:c8:9f:a7:d6:8e:aa:fe:
08:e0:cf:90:93:b2:6b:44:a5:3e:fc:b1:fe:fa:1e:22:7a:5e:
47:82:97:9f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYY6+JlhqwY5fSh1W15jK9pvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjMwMjEwMTA1NjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjFlY2FkNTM2NGFmOTI1YWRmODJlZDQ5Y2ViY2JiM2QxYzM5Mjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2xYydVadTE9GTBOsfjb/FM2PVIG
jALBuA0C1PJ53BpRzzxlc2YPygj7qI4NCYuvxLAnhuNxbcdy0GOb8nQgG2S9cGhq
ShuKE4ngytaNsMPPU4EQV1b3JkBtaEBxq5fQTJqFF6qyZa9wLCsh/7LlP3lhCPEX
dhExHG9/omIcugb2JgbwTmV4qNoWlswP+u5uGXStohDOBEWjpvO8nCqtuZfv5KB1
JGQxjzVEhIzCgG7cZjvBPKtnj4C6vpq2e3D0qwgAZKXroWbWQZ9oWOQ7was8/RSR
coSysFeAFa7LRU/Urio4IIYVNgfmiuXi9lxeFPI7R9tLo30vXY0ZkQeWIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKseytU2Svklrfgu1Jzry7PRw5KVMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvcXg3SzFUWkstU1d0LUM3VW5PdkxzOUhEa3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCudw4AwQA
wmvlAwQAwm4BAwQAwm4HAwQAwm4TMA0GCSqGSIb3DQEBCwUAA4IBAQCWdSNd1lCw
/g/pRPitG4mte529KtooENlmco2oy9J5w+UF2mBr2SgXS4ZZAno9LRh5pZm/jOTf
TaG4Ke793I64Uw2vx13uJCod5MfuaCGaYisrL76Y96ZHIP2N1ur1zNVyLcscKDCI
BLvaqpKxfCKGT2TtZOejxsgDSTlMJsSbb7lT+TQvKryD7srLu3IxWpGhr57fkqJI
aiZz9wK0hzfnH7StrfK68UcElt7QVntL6+a908otf2lE7yf05m6Xw4WlyF6ZcEYc
oUwafjN1Hyv5buZgLP6T4wSWMSAWhlFzVsAdmcifp9aOqv4I4M+Qk7JrRKU+/LH+
+h4iel5Hgpef
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:57 2023 by rpki-client on console-fra.rpki-client.org