Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/7NmUyiGBIFdXW4fRD-TYcu03IZk.roa
File: 7NmUyiGBIFdXW4fRD-TYcu03IZk.roa (raw, json)
Hash identifier: 1wEZqJjj+vBW3WDKmVLBQB+Ml8YdbqHgpwatHqXS+x4=
Subject key identifier: EC:D9:94:CA:21:81:20:57:57:5B:87:D1:0F:E4:D8:72:ED:37:21:99
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 018AFE81DBFD873C2EAAD3D6D17F6F2226F1
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/7NmUyiGBIFdXW4fRD-TYcu03IZk.roa
Signing time: Thu 05 Oct 2023 06:23:57 +0000
ROA not before: Thu 05 Oct 2023 06:23:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62240
IP address blocks: 185.111.27.0/24 maxlen: 24
185.73.219.0/24 maxlen: 24
185.73.218.0/24 maxlen: 24
185.110.131.0/24 maxlen: 24
185.110.130.0/24 maxlen: 24
185.110.129.0/24 maxlen: 24
185.110.128.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fe:81:db:fd:87:3c:2e:aa:d3:d6:d1:7f:6f:22:26:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Oct 5 06:23:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ecd994ca21812057575b87d10fe4d872ed372199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2e:42:dd:38:6b:de:ab:b3:c8:0c:ba:43:b1:
b4:39:ff:b4:81:25:1a:c6:03:df:58:05:d1:12:99:
58:2b:a5:68:91:5a:12:18:f7:ef:0c:af:aa:2a:cf:
e5:9a:0d:01:cc:34:f6:71:e1:38:6b:32:21:00:b3:
ac:80:17:75:8b:fc:26:92:49:df:ab:15:e9:43:e3:
f6:e8:8c:f7:53:3a:a4:12:86:5a:3b:af:ca:3b:cb:
75:b8:32:48:0f:ba:b1:fa:26:d5:aa:45:ab:21:ea:
f3:24:dc:d5:6e:98:78:f0:35:1b:1b:01:6f:47:b0:
b8:18:2a:42:12:92:10:72:ea:84:bb:df:e1:08:37:
c0:3a:5c:78:1f:f0:11:7f:c3:43:99:e6:d7:60:86:
82:2a:31:25:88:9f:d7:75:31:21:e7:5e:d9:e7:c1:
98:d6:b7:ff:10:62:45:ad:a5:67:aa:5e:53:a3:7b:
60:95:8d:9b:92:88:06:a6:16:00:84:9a:01:22:db:
e6:c5:55:67:11:a6:64:ec:e6:5e:a4:c8:42:cc:8e:
c0:7d:4a:8f:04:a7:ee:ea:33:7e:9f:b8:7a:94:75:
64:5a:04:31:d3:4d:a0:77:dc:4c:66:e4:26:38:d5:
a2:50:3f:46:49:8e:ed:0b:3e:cd:9e:44:bf:de:c1:
fc:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:D9:94:CA:21:81:20:57:57:5B:87:D1:0F:E4:D8:72:ED:37:21:99
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/7NmUyiGBIFdXW4fRD-TYcu03IZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.218.0/23
185.110.128.0/22
185.111.27.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:3b:d3:8d:c0:00:fd:86:af:02:78:0f:46:b9:f0:bd:d1:ae:
e3:b7:be:b0:b0:2c:45:30:df:25:6c:2f:d2:25:61:5a:65:d7:
27:24:51:73:2f:1d:95:f4:1e:5e:92:39:81:86:d1:7e:92:98:
55:95:e5:31:46:64:19:6e:d2:31:ba:9d:8c:94:23:2d:a5:5e:
35:8b:ac:2b:c2:9e:dc:e4:c5:96:ec:86:86:09:fb:9c:f0:00:
4c:c9:1e:31:95:30:23:59:3b:67:93:1c:29:24:8c:2a:65:2e:
5e:54:45:4b:a9:6a:87:f8:c1:d3:a9:11:12:a3:b9:db:f1:e1:
15:cf:b6:04:9c:7b:65:9a:6a:00:8b:90:ef:34:b0:dc:44:1b:
db:9c:4b:18:61:93:53:1a:a4:43:45:9a:92:2f:57:1a:be:6a:
1a:99:90:53:49:d5:f8:16:62:07:9e:fd:22:87:44:80:df:99:
e5:d6:66:ac:8e:b4:d5:90:38:bd:e9:78:2b:e0:2e:21:58:ab:
be:6a:57:26:f4:11:85:9d:57:b5:84:03:3c:de:d9:68:9b:d0:
2d:a0:86:81:9d:2e:0d:58:07:3f:dc:60:c6:a8:3d:fe:71:f6:
58:f7:b2:d8:e5:19:7b:0e:89:e4:50:c4:e4:96:a7:83:ba:a4:
e5:1e:16:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYr+gdv9hzwuqtPW0X9vIibxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMxMDA1MDYyMzU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2Q5OTRjYTIxODEyMDU3NTc1Yjg3ZDEwZmU0ZDg3MmVkMzcyMTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S5C3Thr3quzyAy6Q7G0Of+0gSUa
xgPfWAXREplYK6VokVoSGPfvDK+qKs/lmg0BzDT2ceE4azIhALOsgBd1i/wmkknf
qxXpQ+P26Iz3UzqkEoZaO6/KO8t1uDJID7qx+ibVqkWrIerzJNzVbph48DUbGwFv
R7C4GCpCEpIQcuqEu9/hCDfAOlx4H/ARf8NDmebXYIaCKjEliJ/XdTEh517Z58GY
1rf/EGJFraVnql5To3tglY2bkogGphYAhJoBItvmxVVnEaZk7OZepMhCzI7AfUqP
BKfu6jN+n7h6lHVkWgQx002gd9xMZuQmONWiUD9GSY7tCz7NnkS/3sH8VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOzZlMohgSBXV1uH0Q/k2HLtNyGZMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvN05tVXlpR0JJRmRYVzRmUkQtVFljdTAzSVprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuUnaAwQC
uW6AAwQAuW8bMA0GCSqGSIb3DQEBCwUAA4IBAQBNO9ONwAD9hq8CeA9GufC90a7j
t76wsCxFMN8lbC/SJWFaZdcnJFFzLx2V9B5ekjmBhtF+kphVleUxRmQZbtIxup2M
lCMtpV41i6wrwp7c5MWW7IaGCfuc8ABMyR4xlTAjWTtnkxwpJIwqZS5eVEVLqWqH
+MHTqRESo7nb8eEVz7YEnHtlmmoAi5DvNLDcRBvbnEsYYZNTGqRDRZqSL1cavmoa
mZBTSdX4FmIHnv0ih0SA35nl1masjrTVkDi96Xgr4C4hWKu+alcm9BGFnVe1hAM8
3tlom9AtoIaBnS4NWAc/3GDGqD3+cfZY97LY5Rl7DonkUMTklqeDuqTlHhZQ
-----END CERTIFICATE-----
Generated at Mon Oct 9 10:44:38 2023 by rpki-client on console-ams.rpki-client.org