Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/BQjmXN1Ld8f4GUqhfqmF-tv1LXI.roa
File: BQjmXN1Ld8f4GUqhfqmF-tv1LXI.roa (raw, json)
Hash identifier: UYC+7f47q3c5JFiR++3uoRgDZK5D1pjCTdMfz2hRuPI=
Subject key identifier: 05:08:E6:5C:DD:4B:77:C7:F8:19:4A:A1:7E:A9:85:FA:DB:F5:2D:72
Certificate issuer: /CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Certificate serial: 018608336A793E049682BDA5E1992C1C43AC
Authority key identifier: EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/BQjmXN1Ld8f4GUqhfqmF-tv1LXI.roa
Signing time: Tue 31 Jan 2023 14:20:32 +0000
ROA not before: Tue 31 Jan 2023 14:20:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15954
IP address blocks: 185.49.184.0/22 maxlen: 22
31.24.120.0/21 maxlen: 21
185.203.224.0/22 maxlen: 22
31.47.72.0/21 maxlen: 21
193.247.194.0/24 maxlen: 24
37.247.120.0/21 maxlen: 21
91.216.219.0/24 maxlen: 24
217.18.32.0/20 maxlen: 20
194.176.119.0/24 maxlen: 24
185.57.196.0/22 maxlen: 22
2a01:a941::/32 maxlen: 32
2a02:2810::/32 maxlen: 32
2a01:a940::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:08:33:6a:79:3e:04:96:82:bd:a5:e1:99:2c:1c:43:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4f78947341ce55888b7ebf3690143b0cbff3d6
Validity
Not Before: Jan 31 14:20:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0508e65cdd4b77c7f8194aa17ea985fadbf52d72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:59:89:17:73:ae:1c:54:2a:14:77:fd:ad:00:
d6:44:68:f8:08:b4:f4:63:5b:77:bc:f5:8c:0b:de:
f9:68:09:7a:d0:db:87:94:a3:ae:62:a6:13:99:a8:
f3:b0:86:14:c2:43:c8:e2:2b:b7:f7:b2:06:67:db:
35:88:43:01:98:72:3d:fb:f5:64:37:9c:0d:6e:3f:
7f:b0:ae:20:69:4d:fc:08:fb:d4:48:e0:ee:ff:ec:
b6:cc:c7:74:5c:bf:17:10:9b:a7:9a:d8:7c:b0:d3:
40:11:a3:79:18:b9:41:59:db:c0:68:3e:08:4d:ae:
1f:b5:29:38:59:b1:07:76:64:b4:02:46:65:5d:3d:
fd:a3:c2:c6:d0:43:3f:ac:30:2d:2f:f1:57:3e:c7:
47:7e:d7:bb:17:f5:10:98:a1:be:57:62:c2:e7:d9:
cf:7e:9a:59:c8:cf:6d:1e:b3:4f:76:12:55:69:c9:
b7:41:9b:13:70:92:c3:e9:58:a5:4f:f6:b8:a3:31:
07:d5:02:db:b0:e2:29:a8:01:3e:30:c3:27:c3:3e:
a1:1d:b3:9c:6e:2b:fe:db:18:4a:a3:c4:98:20:df:
8a:f0:f4:80:9c:2a:6c:f3:a2:ad:30:b0:97:eb:69:
7e:6a:62:be:4c:9a:51:11:6f:5a:18:83:b0:78:46:
73:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:08:E6:5C:DD:4B:77:C7:F8:19:4A:A1:7E:A9:85:FA:DB:F5:2D:72
X509v3 Authority Key Identifier:
keyid:EF:4F:78:94:73:41:CE:55:88:8B:7E:BF:36:90:14:3B:0C:BF:F3:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7094lHNBzlWIi36_NpAUOwy_89Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/BQjmXN1Ld8f4GUqhfqmF-tv1LXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/005c9e-fe7c-469a-b6f0-9baa66ca1404/1/7094lHNBzlWIi36_NpAUOwy_89Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.120.0/21
31.47.72.0/21
37.247.120.0/21
91.216.219.0/24
185.49.184.0/22
185.57.196.0/22
185.203.224.0/22
193.247.194.0/24
194.176.119.0/24
217.18.32.0/20
IPv6:
2a01:a940::/31
2a02:2810::/32
Signature Algorithm: sha256WithRSAEncryption
a3:26:b3:23:a6:36:a7:c6:22:3f:68:b4:38:64:b6:60:45:15:
65:f9:20:b3:1f:d9:d8:d9:ba:de:35:08:30:d1:c8:e5:5d:c5:
b7:60:1f:19:e4:32:89:8f:27:92:47:84:9f:b9:5b:5e:46:02:
f0:69:cf:77:97:0b:4c:11:54:33:52:cf:bf:72:82:fb:1a:e1:
d3:8b:49:f7:56:af:a1:55:13:8b:ff:bc:fc:15:66:99:65:21:
1b:7c:c4:fb:73:9d:59:ea:a7:74:05:85:dd:76:66:59:29:16:
ea:59:7f:1d:b8:0d:c8:f9:a4:00:6a:89:5d:90:2c:2f:94:b7:
72:72:76:41:fd:7d:77:ca:2a:89:66:df:9d:2a:d7:62:04:aa:
46:a1:78:cd:82:de:c4:b7:e2:0f:87:82:87:46:8a:1b:95:8b:
6a:d2:f5:f2:ee:f5:3d:b4:a4:1a:23:da:56:e5:c9:45:5f:25:
eb:9d:38:c8:15:6b:e8:9f:49:f0:70:f6:cb:bf:ee:a5:09:94:
fe:91:9c:d2:68:c8:0c:8e:3e:d1:fe:76:69:78:e4:45:56:45:
2b:28:63:ae:bc:89:58:3b:ac:17:74:45:a9:83:f3:82:1c:6e:
ba:f4:65:4a:f0:a4:f0:52:62:29:c8:fb:7f:a7:e5:b6:bd:eb:
17:db:f8:e1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYYIM2p5PgSWgr2l4ZksHEOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGY3ODk0NzM0MWNlNTU4ODhiN2ViZjM2OTAxNDNiMGNi
ZmYzZDYwHhcNMjMwMTMxMTQyMDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTA4ZTY1Y2RkNGI3N2M3ZjgxOTRhYTE3ZWE5ODVmYWRiZjUyZDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVmJF3OuHFQqFHf9rQDWRGj4CLT0
Y1t3vPWMC975aAl60NuHlKOuYqYTmajzsIYUwkPI4iu397IGZ9s1iEMBmHI9+/Vk
N5wNbj9/sK4gaU38CPvUSODu/+y2zMd0XL8XEJunmth8sNNAEaN5GLlBWdvAaD4I
Ta4ftSk4WbEHdmS0AkZlXT39o8LG0EM/rDAtL/FXPsdHfte7F/UQmKG+V2LC59nP
fppZyM9tHrNPdhJVacm3QZsTcJLD6VilT/a4ozEH1QLbsOIpqAE+MMMnwz6hHbOc
biv+2xhKo8SYIN+K8PSAnCps86KtMLCX62l+amK+TJpREW9aGIOweEZzyQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFAUI5lzdS3fH+BlKoX6phfrb9S1yMB8GA1UdIwQY
MBaAFO9PeJRzQc5ViIt+vzaQFDsMv/PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAt
OWJhYTY2Y2ExNDA0LzEvQlFqbVhOMUxkOGY0R1VxaGZxbUYtdHYxTFhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8wMDVjOWUtZmU3Yy00NjlhLWI2ZjAtOWJhYTY2Y2ExNDA0
LzEvNzA5NGxITkJ6bFdJaTM2X05wQVVPd3lfODlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBCBAIAATA8AwQDHxh4AwQD
Hy9IAwQDJfd4AwQAW9jbAwQCuTG4AwQCuTnEAwQCucvgAwQAwffCAwQAwrB3AwQE
2RIgMBQEAgACMA4DBQEqAalAAwUAKgIoEDANBgkqhkiG9w0BAQsFAAOCAQEAoyaz
I6Y2p8YiP2i0OGS2YEUVZfkgsx/Z2Nm63jUIMNHI5V3Ft2AfGeQyiY8nkkeEn7lb
XkYC8GnPd5cLTBFUM1LPv3KC+xrh04tJ91avoVUTi/+8/BVmmWUhG3zE+3OdWeqn
dAWF3XZmWSkW6ll/HbgNyPmkAGqJXZAsL5S3cnJ2Qf19d8oqiWbfnSrXYgSqRqF4
zYLexLfiD4eCh0aKG5WLatL18u71PbSkGiPaVuXJRV8l6504yBVr6J9J8HD2y7/u
pQmU/pGc0mjIDI4+0f52aXjkRVZFKyhjrryJWDusF3RFqYPzghxuuvRlSvCk8FJi
Kcj7f6fltr3rF9v44Q==
-----END CERTIFICATE-----
Generated at Wed Oct 18 10:20:52 2023 by rpki-client on console-fra.rpki-client.org