Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/aQHFo0hhmZ37zGdheIdQcNSEuRo.roa
File: aQHFo0hhmZ37zGdheIdQcNSEuRo.roa (raw, json)
Hash identifier: 8yIsuh5jNmXlLyEMB28PQeaoLfoQ3mYEtZFA+p09Gsw=
Subject key identifier: 69:01:C5:A3:48:61:99:9D:FB:CC:67:61:78:87:50:70:D4:84:B9:1A
Certificate issuer: /CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Certificate serial: 0185734CCEB54C8F4D3BFFFE5B3132ED5B05
Authority key identifier: F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/aQHFo0hhmZ37zGdheIdQcNSEuRo.roa
Signing time: Mon 02 Jan 2023 16:24:51 +0000
ROA not before: Mon 02 Jan 2023 16:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200810
IP address blocks: 185.77.176.0/22 maxlen: 24
185.246.248.0/22 maxlen: 24
185.245.188.0/22 maxlen: 24
89.36.80.0/21 maxlen: 24
2a05:6580::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:4c:ce:b5:4c:8f:4d:3b:ff:fe:5b:31:32:ed:5b:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f27c93ddb1a17151c56f22dcaf31dd8229463742
Validity
Not Before: Jan 2 16:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6901c5a34861999dfbcc676178875070d484b91a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:90:d0:e6:ea:f0:8c:96:43:dd:68:c2:97:7a:
d1:5f:61:77:a6:75:6b:86:f0:17:06:bf:b5:2b:b0:
54:c1:a4:8a:cd:35:a8:2f:2e:d1:07:7d:50:9c:17:
a0:58:83:9d:06:d0:31:e9:a3:da:ad:82:9a:32:ed:
4e:a5:1d:59:9a:58:82:f5:0a:84:16:d6:89:46:e6:
59:2e:23:ba:5c:54:c6:c2:8a:41:7a:71:59:d1:49:
fd:81:45:21:75:b1:fa:fe:16:d1:27:d0:ef:2a:e1:
63:86:28:64:94:f0:38:4c:18:12:76:dd:b6:a0:46:
be:8e:22:ca:8f:9f:4f:bd:79:37:31:10:5c:d9:a4:
a3:11:28:7c:f2:1c:83:56:8e:e2:1a:c0:36:9c:b1:
81:17:bb:a5:39:c6:77:ce:03:a7:b2:8e:f8:24:0b:
fa:16:41:ff:e3:77:cd:fb:af:4c:82:f5:d9:ee:25:
a2:be:8c:74:53:ae:8c:a1:af:92:61:aa:e4:08:1f:
1f:66:02:7f:4d:7f:41:8a:73:47:73:34:4e:58:b7:
68:9d:5b:a0:46:d8:74:6f:98:37:10:3a:99:c3:19:
43:98:aa:33:87:5a:e2:f3:a8:32:48:f7:00:fb:f5:
b2:19:9e:b9:e1:bb:f1:90:61:c6:0b:32:42:17:09:
46:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:01:C5:A3:48:61:99:9D:FB:CC:67:61:78:87:50:70:D4:84:B9:1A
X509v3 Authority Key Identifier:
keyid:F2:7C:93:DD:B1:A1:71:51:C5:6F:22:DC:AF:31:DD:82:29:46:37:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8nyT3bGhcVHFbyLcrzHdgilGN0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/aQHFo0hhmZ37zGdheIdQcNSEuRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/944f09-406e-4985-9929-36e0c8afe26a/1/8nyT3bGhcVHFbyLcrzHdgilGN0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.80.0/21
185.77.176.0/22
185.245.188.0/22
185.246.248.0/22
IPv6:
2a05:6580::/32
Signature Algorithm: sha256WithRSAEncryption
63:cd:64:79:a8:c7:79:f9:07:dd:3b:63:19:c7:31:2d:e9:90:
b7:4f:cf:51:8c:53:27:21:6a:e6:ba:0e:65:16:77:af:42:b1:
f2:8b:cd:5d:d4:16:57:6e:2e:23:6f:06:fe:d5:59:ad:dc:c2:
9e:46:f6:8f:a1:0a:8e:1b:ef:f8:e3:ab:56:53:66:90:7c:22:
62:0e:c2:34:c8:5e:96:52:f7:50:13:99:96:94:79:c9:d5:b8:
46:15:46:c7:d8:46:91:af:c8:e2:ed:bb:9d:7b:76:46:87:3b:
43:78:87:c3:eb:2d:62:1e:96:59:54:7b:76:60:1f:1b:03:1b:
50:4a:11:55:d7:0e:79:9e:06:6a:d8:c0:5a:13:f0:d8:73:82:
e7:c7:d2:83:bf:1d:46:22:c1:b9:d4:db:55:03:93:a0:d8:9f:
7d:00:4e:62:17:ce:a9:4d:9a:ac:e1:6d:7a:07:a6:af:2f:7a:
0c:7f:a9:ae:5e:d4:a2:0a:d9:5d:46:51:be:03:07:4b:aa:19:
ed:73:94:0d:9e:1d:07:4d:21:c2:fb:03:92:7c:e0:44:be:f1:
66:ce:db:c9:b4:fb:c5:52:a8:78:1d:cb:60:b5:5d:1e:e1:93:
ef:0e:8d:88:4b:21:0f:26:c4:c4:fe:17:6b:b0:da:2c:f8:6d:
ac:56:64:4b
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVzTM61TI9NO//+WzEy7VsFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyN2M5M2RkYjFhMTcxNTFjNTZmMjJkY2FmMzFkZDgyMjk0
NjM3NDIwHhcNMjMwMTAyMTYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTAxYzVhMzQ4NjE5OTlkZmJjYzY3NjE3ODg3NTA3MGQ0ODRiOTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr5DQ5urwjJZD3WjCl3rRX2F3pnVr
hvAXBr+1K7BUwaSKzTWoLy7RB31QnBegWIOdBtAx6aParYKaMu1OpR1ZmliC9QqE
FtaJRuZZLiO6XFTGwopBenFZ0Un9gUUhdbH6/hbRJ9DvKuFjhihklPA4TBgSdt22
oEa+jiLKj59PvXk3MRBc2aSjESh88hyDVo7iGsA2nLGBF7ulOcZ3zgOnso74JAv6
FkH/43fN+69MgvXZ7iWivox0U66Moa+SYarkCB8fZgJ/TX9BinNHczROWLdonVug
Rth0b5g3EDqZwxlDmKozh1ri86gySPcA+/WyGZ654bvxkGHGCzJCFwlG8wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGkBxaNIYZmd+8xnYXiHUHDUhLkaMB8GA1UdIwQY
MBaAFPJ8k92xoXFRxW8i3K8x3YIpRjdCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5Mjkt
MzZlMGM4YWZlMjZhLzEvYVFIRm8waGhtWjM3ekdkaGVJZFFjTlNFdVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS85NDRmMDktNDA2ZS00OTg1LTk5MjktMzZlMGM4YWZlMjZh
LzEvOG55VDNiR2hjVkhGYnlMY3J6SGRnaWxHTjBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDWSRQAwQC
uU2wAwQCufW8AwQCufb4MA0EAgACMAcDBQAqBWWAMA0GCSqGSIb3DQEBCwUAA4IB
AQBjzWR5qMd5+QfdO2MZxzEt6ZC3T89RjFMnIWrmug5lFnevQrHyi81d1BZXbi4j
bwb+1Vmt3MKeRvaPoQqOG+/446tWU2aQfCJiDsI0yF6WUvdQE5mWlHnJ1bhGFUbH
2EaRr8ji7bude3ZGhztDeIfD6y1iHpZZVHt2YB8bAxtQShFV1w55ngZq2MBaE/DY
c4Lnx9KDvx1GIsG51NtVA5Og2J99AE5iF86pTZqs4W16B6avL3oMf6muXtSiCtld
RlG+AwdLqhntc5QNnh0HTSHC+wOSfOBEvvFmztvJtPvFUqh4HctgtV0e4ZPvDo2I
SyEPJsTE/hdrsNos+G2sVmRL
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:19 2024 by rpki-client on console-fra.rpki-client.org