Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/xXmnQ51mWa_LgDnQ8UmwI4Csh8g.roa
File: xXmnQ51mWa_LgDnQ8UmwI4Csh8g.roa (raw, json)
Hash identifier: 6STqBcjr5KrhlFiNYbNfKP/B1QingYDXXd6J198cL5c=
Subject key identifier: C5:79:A7:43:9D:66:59:AF:CB:80:39:D0:F1:49:B0:23:80:AC:87:C8
Certificate issuer: /CN=cfcab8c9d217ac3079c3014b18d446e213f19492
Certificate serial: 018570799B62F93B190AC3F74A720C18CA36
Authority key identifier: CF:CA:B8:C9:D2:17:AC:30:79:C3:01:4B:18:D4:46:E2:13:F1:94:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z8q4ydIXrDB5wwFLGNRG4hPxlJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/xXmnQ51mWa_LgDnQ8UmwI4Csh8g.roa
Signing time: Mon 02 Jan 2023 03:14:55 +0000
ROA not before: Mon 02 Jan 2023 03:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41332
IP address blocks: 194.76.10.0/23 maxlen: 24
194.76.12.0/23 maxlen: 24
185.108.236.0/22 maxlen: 22
185.116.176.0/22 maxlen: 24
2a06:8040::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:9b:62:f9:3b:19:0a:c3:f7:4a:72:0c:18:ca:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfcab8c9d217ac3079c3014b18d446e213f19492
Validity
Not Before: Jan 2 03:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c579a7439d6659afcb8039d0f149b02380ac87c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:c6:9b:95:15:33:4b:c7:04:3b:4f:0c:66:6f:
e4:03:9a:d7:06:f8:05:02:d6:d9:d4:77:a6:ff:53:
a0:d5:45:a7:43:c3:d9:c9:be:fc:7d:4a:c2:9e:93:
39:29:14:27:14:f0:14:61:cd:2a:9c:1c:8d:19:93:
16:c5:ff:9d:36:d3:8f:d5:2f:39:6b:21:da:81:08:
54:81:e9:a1:9e:9e:e9:72:e7:d4:95:df:ab:9f:97:
6f:a3:35:60:e4:90:60:8e:e2:95:79:7c:5f:fa:78:
2c:4a:b9:3c:78:70:b1:79:a1:11:07:50:b0:7f:f1:
a4:26:1b:af:3d:26:23:af:c2:5c:09:5e:59:46:07:
a2:88:1d:4a:9d:40:89:65:d6:21:66:01:06:b2:ca:
28:55:9b:bd:e3:cd:1c:ef:6f:47:b2:d6:f2:f9:a3:
ed:95:2e:35:41:c3:20:09:f7:b6:c4:89:1e:1e:0a:
ea:37:72:68:25:cc:d9:0c:98:5f:3f:6e:a8:11:bb:
1d:3e:81:03:57:93:b7:5e:8e:a6:ba:f3:cb:44:12:
e9:db:c8:84:1e:c4:45:fd:1f:3f:cb:15:50:10:b1:
68:cb:e1:29:81:0c:f9:e3:79:4c:04:9a:a3:5c:3f:
10:ea:c5:a0:52:3e:2e:4e:cb:2f:eb:d4:4c:fe:eb:
5a:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:79:A7:43:9D:66:59:AF:CB:80:39:D0:F1:49:B0:23:80:AC:87:C8
X509v3 Authority Key Identifier:
keyid:CF:CA:B8:C9:D2:17:AC:30:79:C3:01:4B:18:D4:46:E2:13:F1:94:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z8q4ydIXrDB5wwFLGNRG4hPxlJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/xXmnQ51mWa_LgDnQ8UmwI4Csh8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/10c000-77b0-466d-b4cf-445400d703c8/1/z8q4ydIXrDB5wwFLGNRG4hPxlJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.108.236.0/22
185.116.176.0/22
194.76.10.0-194.76.13.255
IPv6:
2a06:8040::/29
Signature Algorithm: sha256WithRSAEncryption
7b:d7:cc:8b:56:05:f6:a9:5b:c3:41:c4:a2:df:a0:75:f5:e5:
3c:bf:f9:29:00:b8:93:56:c7:7c:bc:bb:87:24:4e:4d:f0:79:
61:c8:a6:0c:77:b6:53:4d:77:0e:4b:46:54:21:c2:b9:09:53:
be:b4:6b:83:48:fe:ad:e1:b7:f6:46:2e:db:70:ae:e4:e8:26:
87:a2:6a:f7:be:77:db:44:68:9d:6a:72:25:27:0c:df:08:16:
e9:24:a8:59:17:70:e7:9a:57:c5:79:73:0d:e4:37:aa:0a:f8:
a7:b3:7c:4b:7d:44:a8:a6:4f:ee:26:14:40:9c:e0:9d:c4:ae:
7d:34:27:4f:03:06:48:ce:13:3b:6c:66:60:6b:da:cb:b0:16:
1e:9c:87:23:97:eb:aa:63:16:0a:2e:a5:e8:81:d0:ad:94:68:
29:39:12:04:46:62:45:e7:8b:0e:45:84:37:26:64:56:14:ae:
d8:71:ec:e2:01:c5:ab:72:e0:26:53:30:cd:05:23:b9:fb:19:
a0:82:db:16:d3:93:a7:95:f1:59:46:90:15:02:3e:e0:e5:ad:
48:99:2d:58:d4:8e:7f:04:e2:da:d0:2e:7f:00:ae:87:1e:17:
ff:6f:78:30:4c:3e:22:64:f7:74:53:44:f7:2f:10:4e:3d:6a:
b2:78:59:cb
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYVweZti+TsZCsP3SnIMGMo2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmY2FiOGM5ZDIxN2FjMzA3OWMzMDE0YjE4ZDQ0NmUyMTNm
MTk0OTIwHhcNMjMwMTAyMDMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTc5YTc0MzlkNjY1OWFmY2I4MDM5ZDBmMTQ5YjAyMzgwYWM4N2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlcablRUzS8cEO08MZm/kA5rXBvgF
AtbZ1Hem/1Og1UWnQ8PZyb78fUrCnpM5KRQnFPAUYc0qnByNGZMWxf+dNtOP1S85
ayHagQhUgemhnp7pcufUld+rn5dvozVg5JBgjuKVeXxf+ngsSrk8eHCxeaERB1Cw
f/GkJhuvPSYjr8JcCV5ZRgeiiB1KnUCJZdYhZgEGssooVZu9480c729Hstby+aPt
lS41QcMgCfe2xIkeHgrqN3JoJczZDJhfP26oEbsdPoEDV5O3Xo6muvPLRBLp28iE
HsRF/R8/yxVQELFoy+EpgQz543lMBJqjXD8Q6sWgUj4uTssv69RM/utabwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMV5p0OdZlmvy4A50PFJsCOArIfIMB8GA1UdIwQY
MBaAFM/KuMnSF6wwecMBSxjURuIT8ZSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejhxNHlkSVhyREI1d3dGTEdOUkc0aFB4bEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8xMGMwMDAtNzdiMC00NjZkLWI0Y2Yt
NDQ1NDAwZDcwM2M4LzEveFhtblE1MW1XYV9MZ0RuUThVbXdJNENzaDhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8xMGMwMDAtNzdiMC00NjZkLWI0Y2YtNDQ1NDAwZDcwM2M4
LzEvejhxNHlkSVhyREI1d3dGTEdOUkc0aFB4bEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuWzsAwQC
uXSwMAwDBAHCTAoDBAHCTAwwDQQCAAIwBwMFAyoGgEAwDQYJKoZIhvcNAQELBQAD
ggEBAHvXzItWBfapW8NBxKLfoHX15Ty/+SkAuJNWx3y8u4ckTk3weWHIpgx3tlNN
dw5LRlQhwrkJU760a4NI/q3ht/ZGLttwruToJoeiave+d9tEaJ1qciUnDN8IFukk
qFkXcOeaV8V5cw3kN6oK+KezfEt9RKimT+4mFECc4J3Ern00J08DBkjOEztsZmBr
2suwFh6chyOX66pjFgoupeiB0K2UaCk5EgRGYkXniw5FhDcmZFYUrthx7OIBxaty
4CZTMM0FI7n7GaCC2xbTk6eV8VlGkBUCPuDlrUiZLVjUjn8E4trQLn8AroceF/9v
eDBMPiJk93RTRPcvEE49arJ4Wcs=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:40:57 2024 by rpki-client on console-ams.rpki-client.org