Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/cpHtrJivmqDNkdOYt1jugEwRV-w.roa
File: cpHtrJivmqDNkdOYt1jugEwRV-w.roa (raw, json)
Hash identifier: pWkKpRb4z9KgN6OBnr8h+V5RYdU3PkH8OzMM7wtFetk=
Subject key identifier: 72:91:ED:AC:98:AF:9A:A0:CD:91:D3:98:B7:58:EE:80:4C:11:57:EC
Certificate issuer: /CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Certificate serial: 01856ED4AFE8E3885C156EBC85BE8546C01C
Authority key identifier: 61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/cpHtrJivmqDNkdOYt1jugEwRV-w.roa
Signing time: Sun 01 Jan 2023 19:35:10 +0000
ROA not before: Sun 01 Jan 2023 19:35:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200596
IP address blocks: 147.12.16.0/20 maxlen: 24
185.101.196.0/22 maxlen: 24
91.212.42.0/24 maxlen: 24
135.84.148.0/22 maxlen: 24
85.184.228.0/22 maxlen: 24
2a00:5ea0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:af:e8:e3:88:5c:15:6e:bc:85:be:85:46:c0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=617cd8d48b5d15667bf131396d4a6c59d7d167c0
Validity
Not Before: Jan 1 19:35:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7291edac98af9aa0cd91d398b758ee804c1157ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:9c:eb:f6:6c:73:e6:98:66:80:38:b4:7b:cb:
6f:eb:eb:95:df:e2:b1:8f:29:d2:c1:d7:61:14:fd:
5f:c6:81:4e:ac:2f:3a:4e:ec:87:63:c0:b7:7e:4d:
64:d3:a8:1a:81:a2:98:2e:b6:3e:b6:c9:78:18:49:
81:82:7f:28:26:68:c2:39:f4:5d:69:e2:2e:a6:44:
77:07:56:b3:42:01:4e:24:8a:cc:50:56:62:31:bf:
34:a1:59:65:ad:05:b9:51:9c:1e:db:b0:b1:82:36:
26:57:ff:2d:38:78:8f:8c:f7:41:75:04:74:02:42:
03:88:52:53:bd:c0:3c:c4:7f:23:60:24:b3:90:5e:
ef:95:bd:92:32:05:b0:04:ee:f6:2b:f4:b7:d6:09:
d5:2a:3a:bd:1d:0b:6e:bf:66:03:db:c3:96:39:ed:
1c:a7:e8:31:cd:4b:70:c1:a5:31:4f:bb:5b:4c:49:
94:26:50:a1:05:7a:48:c7:da:43:b3:31:69:6d:7e:
da:ab:69:1c:dd:aa:f0:14:95:95:75:9b:65:cd:fb:
67:43:3d:0a:63:ab:b6:35:da:a6:f6:46:1a:ad:0d:
ce:8e:6b:4f:80:1d:0c:7a:f1:27:3c:43:35:a2:76:
53:08:b0:cd:7e:63:0b:82:9d:dc:4c:e0:e7:97:0e:
52:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:91:ED:AC:98:AF:9A:A0:CD:91:D3:98:B7:58:EE:80:4C:11:57:EC
X509v3 Authority Key Identifier:
keyid:61:7C:D8:D4:8B:5D:15:66:7B:F1:31:39:6D:4A:6C:59:D7:D1:67:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/cpHtrJivmqDNkdOYt1jugEwRV-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/105e23-6ce6-4ce0-93fa-bf6e97ddd079/1/YXzY1ItdFWZ78TE5bUpsWdfRZ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.184.228.0/22
91.212.42.0/24
135.84.148.0/22
147.12.16.0/20
185.101.196.0/22
IPv6:
2a00:5ea0::/29
Signature Algorithm: sha256WithRSAEncryption
62:14:d4:7e:d9:ce:db:4c:41:42:18:6b:2b:27:dd:a7:06:64:
ed:40:f3:bb:f3:74:0c:f0:80:a3:59:cd:f4:75:2c:4e:ba:3d:
ca:42:c2:14:ad:1f:99:b7:a1:6b:b4:f7:de:5d:41:05:78:33:
b7:83:ef:7a:54:99:1e:2f:67:26:26:2a:6f:cd:1c:13:8d:76:
57:56:41:24:3b:47:09:88:4e:11:04:f6:42:20:56:34:5c:6b:
70:b2:ae:26:22:54:ce:a7:bb:d6:03:a0:d0:af:0e:ca:b4:3b:
b0:ec:79:63:de:51:56:6f:8d:85:2a:2f:e9:c6:dc:b9:c0:0a:
7e:7f:46:fb:fc:05:43:9c:52:16:90:cc:d8:c2:1c:63:c9:93:
5a:19:08:0d:3e:a1:03:67:74:e9:45:1d:8a:ff:fd:91:47:51:
40:58:e8:a3:63:85:81:c7:4a:34:df:d7:af:e8:01:70:83:59:
f9:1b:c4:35:50:c7:b9:e6:c5:c2:73:16:32:ed:02:91:cc:33:
22:c1:d5:05:f9:87:67:0b:69:2f:71:ec:c9:94:b6:3d:82:ef:
95:3d:64:fb:b9:c0:85:7c:63:34:8c:81:dc:08:66:10:08:cd:
9d:89:d2:1b:71:81:d9:c9:6f:16:7c:c7:cb:de:06:4a:67:0b:
3a:a9:8b:25
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVu1K/o44hcFW68hb6FRsAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxN2NkOGQ0OGI1ZDE1NjY3YmYxMzEzOTZkNGE2YzU5ZDdk
MTY3YzAwHhcNMjMwMTAxMTkzNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjkxZWRhYzk4YWY5YWEwY2Q5MWQzOThiNzU4ZWU4MDRjMTE1N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4Jzr9mxz5phmgDi0e8tv6+uV3+Kx
jynSwddhFP1fxoFOrC86TuyHY8C3fk1k06gagaKYLrY+tsl4GEmBgn8oJmjCOfRd
aeIupkR3B1azQgFOJIrMUFZiMb80oVllrQW5UZwe27CxgjYmV/8tOHiPjPdBdQR0
AkIDiFJTvcA8xH8jYCSzkF7vlb2SMgWwBO72K/S31gnVKjq9HQtuv2YD28OWOe0c
p+gxzUtwwaUxT7tbTEmUJlChBXpIx9pDszFpbX7aq2kc3arwFJWVdZtlzftnQz0K
Y6u2Ndqm9kYarQ3OjmtPgB0MevEnPEM1onZTCLDNfmMLgp3cTODnlw5S2QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHKR7ayYr5qgzZHTmLdY7oBMEVfsMB8GA1UdIwQY
MBaAFGF82NSLXRVme/ExOW1KbFnX0WfAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEt
YmY2ZTk3ZGRkMDc5LzEvY3BIdHJKaXZtcUROa2RPWXQxanVnRXdSVi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xMDVlMjMtNmNlNi00Y2UwLTkzZmEtYmY2ZTk3ZGRkMDc5
LzEvWVh6WTFJdGRGV1o3OFRFNWJVcHNXZGZSWjhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCVbjkAwQA
W9QqAwQCh1SUAwQEkwwQAwQCuWXEMA0EAgACMAcDBQMqAF6gMA0GCSqGSIb3DQEB
CwUAA4IBAQBiFNR+2c7bTEFCGGsrJ92nBmTtQPO783QM8ICjWc30dSxOuj3KQsIU
rR+Zt6FrtPfeXUEFeDO3g+96VJkeL2cmJipvzRwTjXZXVkEkO0cJiE4RBPZCIFY0
XGtwsq4mIlTOp7vWA6DQrw7KtDuw7Hlj3lFWb42FKi/pxty5wAp+f0b7/AVDnFIW
kMzYwhxjyZNaGQgNPqEDZ3TpRR2K//2RR1FAWOijY4WBx0o039ev6AFwg1n5G8Q1
UMe55sXCcxYy7QKRzDMiwdUF+YdnC2kvcezJlLY9gu+VPWT7ucCFfGM0jIHcCGYQ
CM2didIbcYHZyW8WfMfL3gZKZws6qYsl
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:39:36 2024 by rpki-client on console-fra.rpki-client.org