Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/X67AQ1gEbr9_1Tjo6MGTvLjNO3w.roa
File: X67AQ1gEbr9_1Tjo6MGTvLjNO3w.roa (raw, json)
Hash identifier: /ToTFclOb/sKcgcXL/XEJU5C72l5W7guPSaNUMJQsa0=
Subject key identifier: 5F:AE:C0:43:58:04:6E:BF:7F:D5:38:E8:E8:C1:93:BC:B8:CD:3B:7C
Certificate issuer: /CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Certificate serial: 01856BDCA113D75522179D8E1528565697E1
Authority key identifier: 33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/X67AQ1gEbr9_1Tjo6MGTvLjNO3w.roa
Signing time: Sun 01 Jan 2023 05:44:59 +0000
ROA not before: Sun 01 Jan 2023 05:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198944
IP address blocks: 185.247.100.0/22 maxlen: 22
185.82.228.0/22 maxlen: 22
81.161.96.0/23 maxlen: 23
185.137.112.0/23 maxlen: 23
185.137.114.0/23 maxlen: 23
2a03:6960::/32 maxlen: 32
2001:67c:2a68::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:dc:a1:13:d7:55:22:17:9d:8e:15:28:56:56:97:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33ea08efa9b3f78c9ef9db767adc21dd61834e0f
Validity
Not Before: Jan 1 05:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5faec04358046ebf7fd538e8e8c193bcb8cd3b7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:61:93:7b:de:5b:ef:43:81:69:42:4e:5a:7b:
6d:e4:d6:12:42:6c:db:c6:bd:79:7b:42:31:f7:ef:
eb:57:27:ac:12:69:19:85:42:c9:f5:f2:f0:eb:ee:
a4:9b:2e:23:a3:93:a4:14:21:1c:07:ef:0d:8f:24:
00:93:b4:78:98:8c:e9:44:97:00:0a:97:08:2e:23:
d6:25:bb:2b:ae:aa:d5:ff:7f:36:6c:c4:ae:95:e3:
cc:8c:7b:b2:c8:74:1b:69:3e:30:fa:dc:8b:93:48:
30:e2:0c:3e:75:1c:fa:9d:e2:44:3a:16:31:aa:d6:
12:c4:c3:e3:d8:fc:34:89:30:0d:5c:15:3d:f2:c8:
10:ef:2c:ae:14:ef:41:5e:74:a5:01:cf:3f:1a:f0:
53:88:78:ac:01:43:d4:8a:54:e9:da:21:4c:da:a4:
de:42:88:da:c4:06:c8:33:29:b0:db:23:11:fb:11:
6c:1a:b2:98:be:c8:e6:14:cf:e2:e3:5b:bd:8b:e8:
5f:b0:03:24:89:56:c5:82:ed:60:f5:2c:5a:91:05:
15:23:ff:f2:57:40:de:e5:76:29:4c:0f:78:80:df:
0d:ab:d0:01:63:99:f6:14:6c:b7:b6:db:6e:aa:95:
4d:5d:d4:a7:6d:e7:16:fe:ec:30:60:40:31:6c:41:
03:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:AE:C0:43:58:04:6E:BF:7F:D5:38:E8:E8:C1:93:BC:B8:CD:3B:7C
X509v3 Authority Key Identifier:
keyid:33:EA:08:EF:A9:B3:F7:8C:9E:F9:DB:76:7A:DC:21:DD:61:83:4E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M-oI76mz94ye-dt2etwh3WGDTg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/X67AQ1gEbr9_1Tjo6MGTvLjNO3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/688425-14cb-4fd6-8f27-deccfa3ea635/1/M-oI76mz94ye-dt2etwh3WGDTg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.96.0/23
185.82.228.0/22
185.137.112.0/22
185.247.100.0/22
IPv6:
2001:67c:2a68::/48
2a03:6960::/32
Signature Algorithm: sha256WithRSAEncryption
38:12:87:8e:b8:14:35:9c:f7:3b:12:e4:aa:0d:e9:c6:b6:b0:
7a:2c:83:93:84:67:11:af:81:09:4a:26:ea:ad:7e:40:03:6d:
c9:8c:8e:ea:b2:4b:ec:c1:cd:f6:60:8c:a4:fb:cf:e8:7e:1a:
f4:37:b6:dc:7a:a5:b9:52:49:06:e1:b8:c2:ca:76:c9:ce:50:
e1:e9:34:b9:f2:c6:ba:9c:ac:10:71:10:6d:aa:ff:f0:8f:b0:
2e:2b:96:c5:5d:9f:b5:d5:6a:26:8f:d3:a8:02:8a:80:44:db:
da:24:e6:16:30:b6:40:84:8f:e6:c3:93:6f:e2:48:72:d9:f5:
bb:8f:c0:94:bc:7e:df:a1:02:a3:3c:40:91:1c:e9:1c:22:c8:
f3:5d:05:69:1d:0d:57:e0:1c:4f:02:fa:40:cb:b7:a4:da:28:
74:53:6f:04:3e:82:6d:99:4a:4d:43:10:61:3c:b5:ce:5b:5c:
a5:29:73:66:0f:0b:c7:17:d4:5b:41:e8:59:70:04:2b:c9:3d:
53:1d:f0:12:e8:3e:80:6d:18:0a:56:bb:02:0f:59:c1:29:11:
29:8e:4b:9c:ce:66:64:11:7e:08:24:95:6e:f8:74:f2:44:0a:
2d:75:65:a7:09:b9:8d:58:ea:31:ce:c8:6f:af:77:80:86:37:
b6:4f:36:30
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYVr3KET11UiF52OFShWVpfhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzZWEwOGVmYTliM2Y3OGM5ZWY5ZGI3NjdhZGMyMWRkNjE4
MzRlMGYwHhcNMjMwMTAxMDU0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmFlYzA0MzU4MDQ2ZWJmN2ZkNTM4ZThlOGMxOTNiY2I4Y2QzYjdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2WGTe95b70OBaUJOWntt5NYSQmzb
xr15e0Ix9+/rVyesEmkZhULJ9fLw6+6kmy4jo5OkFCEcB+8NjyQAk7R4mIzpRJcA
CpcILiPWJbsrrqrV/382bMSulePMjHuyyHQbaT4w+tyLk0gw4gw+dRz6neJEOhYx
qtYSxMPj2Pw0iTANXBU98sgQ7yyuFO9BXnSlAc8/GvBTiHisAUPUilTp2iFM2qTe
QojaxAbIMymw2yMR+xFsGrKYvsjmFM/i41u9i+hfsAMkiVbFgu1g9SxakQUVI//y
V0De5XYpTA94gN8Nq9ABY5n2FGy3tttuqpVNXdSnbecW/uwwYEAxbEEDvQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF+uwENYBG6/f9U46OjBk7y4zTt8MB8GA1UdIwQY
MBaAFDPqCO+ps/eMnvnbdnrcId1hg04PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjct
ZGVjY2ZhM2VhNjM1LzEvWDY3QVExZ0VicjlfMVRqbzZNR1R2TGpOTzN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi82ODg0MjUtMTRjYi00ZmQ2LThmMjctZGVjY2ZhM2VhNjM1
LzEvTS1vSTc2bXo5NHllLWR0MmV0d2gzV0dEVGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQBUaFgAwQC
uVLkAwQCuYlwAwQCufdkMBYEAgACMBADBwAgAQZ8KmgDBQAqA2lgMA0GCSqGSIb3
DQEBCwUAA4IBAQA4EoeOuBQ1nPc7EuSqDenGtrB6LIOThGcRr4EJSibqrX5AA23J
jI7qskvswc32YIyk+8/ofhr0N7bceqW5UkkG4bjCynbJzlDh6TS58sa6nKwQcRBt
qv/wj7AuK5bFXZ+11Womj9OoAoqARNvaJOYWMLZAhI/mw5Nv4khy2fW7j8CUvH7f
oQKjPECRHOkcIsjzXQVpHQ1X4BxPAvpAy7ek2ih0U28EPoJtmUpNQxBhPLXOW1yl
KXNmDwvHF9RbQehZcAQryT1THfAS6D6AbRgKVrsCD1nBKREpjkuczmZkEX4IJJVu
+HTyRAotdWWnCbmNWOoxzshvr3eAhje2TzYw
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:56 2024 by rpki-client on console-ams.rpki-client.org