Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/qMmcA1PXwzkqK0rw6ECpzUCdTr0.roa
File: qMmcA1PXwzkqK0rw6ECpzUCdTr0.roa (raw, json)
Hash identifier: PxtTp30GXlNCZd7v/Yk0ZzPIr66WkjPwEaojMzS+I0o=
Subject key identifier: A8:C9:9C:03:53:D7:C3:39:2A:2B:4A:F0:E8:40:A9:CD:40:9D:4E:BD
Certificate issuer: /CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Certificate serial: 0185B157EF08FEEDE3CEE974D79C1CB43846
Authority key identifier: 64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/qMmcA1PXwzkqK0rw6ECpzUCdTr0.roa
Signing time: Sat 14 Jan 2023 17:33:28 +0000
ROA not before: Sat 14 Jan 2023 17:33:28 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 94.176.212.0/24 maxlen: 24
89.34.239.0/24 maxlen: 24
188.208.16.0/24 maxlen: 24
188.208.17.0/24 maxlen: 24
37.156.174.0/24 maxlen: 24
77.81.103.0/24 maxlen: 24
89.43.34.0/24 maxlen: 24
89.43.35.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:b1:57:ef:08:fe:ed:e3:ce:e9:74:d7:9c:1c:b4:38:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64fa66fb84a781a0584fd0d1c2df39bda4760519
Validity
Not Before: Jan 14 17:33:28 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a8c99c0353d7c3392a2b4af0e840a9cd409d4ebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:fe:74:1a:7a:e7:7f:08:a5:30:db:50:40:5e:
1c:e8:dc:ae:1f:80:f2:cb:28:ae:8e:25:90:ef:b2:
6b:88:cc:42:39:dc:3b:d9:bc:33:52:42:a9:46:17:
76:58:49:6f:6e:4b:9b:0e:fc:10:ae:58:4e:96:be:
07:f4:21:4d:e1:19:2c:a9:26:30:28:73:10:7c:47:
ad:3e:25:d5:05:c2:10:d3:db:81:b0:84:83:83:b2:
f1:e2:74:56:e3:af:a7:71:d7:2c:74:b2:0f:e1:15:
f8:df:79:24:26:fe:c8:18:1c:5c:27:48:c7:3c:00:
f4:25:63:42:8b:da:7a:d8:fb:68:e8:e4:29:03:98:
0f:e1:d1:c9:50:6a:12:b0:f8:7d:d9:b4:77:f9:f4:
74:26:2b:80:1a:d5:9a:b2:cb:9a:d6:f7:99:15:60:
67:0d:cc:0b:9d:3e:d5:22:c8:50:18:b1:c6:d0:98:
0b:75:e9:f7:e0:72:47:ce:fe:73:83:a7:e5:8a:ef:
09:06:b9:b8:fb:9e:88:0c:ef:46:70:96:6a:62:88:
5f:cf:bd:71:2d:26:53:97:a2:35:6d:14:b0:e4:35:
e5:8c:d5:b0:1f:6e:ff:81:f7:ee:1e:8d:7c:e8:14:
25:5a:e2:ec:08:8f:f0:04:43:dc:b8:f3:2f:16:9e:
a4:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C9:9C:03:53:D7:C3:39:2A:2B:4A:F0:E8:40:A9:CD:40:9D:4E:BD
X509v3 Authority Key Identifier:
keyid:64:FA:66:FB:84:A7:81:A0:58:4F:D0:D1:C2:DF:39:BD:A4:76:05:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPpm-4SngaBYT9DRwt85vaR2BRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/qMmcA1PXwzkqK0rw6ECpzUCdTr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/663b4d-b80e-4946-84c4-7408eb8bc586/1/ZPpm-4SngaBYT9DRwt85vaR2BRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.174.0/24
77.81.103.0/24
89.34.239.0/24
89.43.34.0/23
94.176.212.0/24
188.208.16.0/23
Signature Algorithm: sha256WithRSAEncryption
22:8e:4f:00:34:2e:34:56:02:04:68:e2:b4:1a:5b:64:30:12:
5f:9c:0a:c1:58:ba:74:b9:52:ac:e2:58:c0:f6:20:f4:ed:52:
c3:40:a6:2b:c5:c9:01:21:f4:df:8a:7b:ae:e5:e3:63:bb:87:
74:25:b3:87:8e:ca:c1:fc:85:83:7b:5c:bf:cd:67:b2:cb:85:
7b:f2:19:0a:9a:05:aa:14:1b:28:cd:6c:f0:e0:60:50:69:23:
cb:01:31:76:6b:73:38:dd:3a:b3:65:43:ee:6a:f9:02:ff:e0:
f8:76:17:bb:0a:12:37:51:82:43:b1:91:d4:ee:28:1f:90:73:
57:3a:3f:bf:2a:66:3e:8c:e1:26:d3:fd:61:65:83:e3:2e:88:
0f:78:7e:e2:15:f3:89:51:ba:10:1a:55:08:05:cd:dc:f7:f0:
ce:23:7f:d7:fd:07:6e:6f:de:56:e6:a9:b9:17:98:3f:6b:dc:
39:14:79:6a:94:7c:94:dd:f9:f5:36:67:30:05:14:e9:9d:6a:
02:a1:7b:35:f9:c9:17:7c:5a:90:b3:50:65:53:6a:4f:14:39:
02:bd:c0:c0:31:a9:58:aa:bb:e1:94:f0:4a:c4:76:c7:6e:c7:
b2:46:f5:29:6b:4d:41:46:1a:8f:bd:35:48:02:cf:7f:f1:bc:
c4:5f:22:85
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYWxV+8I/u3jzul015wctDhGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZmE2NmZiODRhNzgxYTA1ODRmZDBkMWMyZGYzOWJkYTQ3
NjA1MTkwHhcNMjMwMTE0MTczMzI4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGM5OWMwMzUzZDdjMzM5MmEyYjRhZjBlODQwYTljZDQwOWQ0ZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyf50GnrnfwilMNtQQF4c6NyuH4Dy
yyiujiWQ77JriMxCOdw72bwzUkKpRhd2WElvbkubDvwQrlhOlr4H9CFN4RksqSYw
KHMQfEetPiXVBcIQ09uBsISDg7Lx4nRW46+ncdcsdLIP4RX433kkJv7IGBxcJ0jH
PAD0JWNCi9p62Pto6OQpA5gP4dHJUGoSsPh92bR3+fR0JiuAGtWassua1veZFWBn
DcwLnT7VIshQGLHG0JgLden34HJHzv5zg6fliu8JBrm4+56IDO9GcJZqYohfz71x
LSZTl6I1bRSw5DXljNWwH27/gffuHo186BQlWuLsCI/wBEPcuPMvFp6kPwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKjJnANT18M5KitK8OhAqc1AnU69MB8GA1UdIwQY
MBaAFGT6ZvuEp4GgWE/Q0cLfOb2kdgUZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQt
NzQwOGViOGJjNTg2LzEvcU1tY0ExUFh3emtxSzBydzZFQ3B6VUNkVHIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82NjNiNGQtYjgwZS00OTQ2LTg0YzQtNzQwOGViOGJjNTg2
LzEvWlBwbS00U25nYUJZVDlEUnd0ODV2YVIyQlJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJZyuAwQA
TVFnAwQAWSLvAwQBWSsiAwQAXrDUAwQBvNAQMA0GCSqGSIb3DQEBCwUAA4IBAQAi
jk8ANC40VgIEaOK0GltkMBJfnArBWLp0uVKs4ljA9iD07VLDQKYrxckBIfTfinuu
5eNju4d0JbOHjsrB/IWDe1y/zWeyy4V78hkKmgWqFBsozWzw4GBQaSPLATF2a3M4
3TqzZUPuavkC/+D4dhe7ChI3UYJDsZHU7igfkHNXOj+/KmY+jOEm0/1hZYPjLogP
eH7iFfOJUboQGlUIBc3c9/DOI3/X/Qdub95W5qm5F5g/a9w5FHlqlHyU3fn1Nmcw
BRTpnWoCoXs1+ckXfFqQs1BlU2pPFDkCvcDAMalYqrvhlPBKxHbHbseyRvUpa01B
RhqPvTVIAs9/8bzEXyKF
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:02 2023 by rpki-client on console-fra.rpki-client.org