Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/nFF_8YLNMpccJ7hae1KQFOuXm-0.roa
File: nFF_8YLNMpccJ7hae1KQFOuXm-0.roa (raw, json)
Hash identifier: ym7SaS3ub1yQf0PhQ2zCCk5mCyq+8fBq7e1BMLPDyVA=
Subject key identifier: 9C:51:7F:F1:82:CD:32:97:1C:27:B8:5A:7B:52:90:14:EB:97:9B:ED
Certificate issuer: /CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Certificate serial: 018A4AF8A7BC91BF573A832F2C00F561B667
Authority key identifier: 7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/nFF_8YLNMpccJ7hae1KQFOuXm-0.roa
Signing time: Thu 31 Aug 2023 09:42:04 +0000
ROA not before: Thu 31 Aug 2023 09:42:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58193
IP address blocks: 185.154.86.0/24 maxlen: 24
194.48.100.0/22 maxlen: 24
178.251.124.0/24 maxlen: 24
178.251.125.0/24 maxlen: 24
2a02:fae0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:4a:f8:a7:bc:91:bf:57:3a:83:2f:2c:00:f5:61:b6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afa135b2072dfcc4ef3b541c136bc8001ef4307
Validity
Not Before: Aug 31 09:42:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9c517ff182cd32971c27b85a7b529014eb979bed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:c8:74:93:46:77:ac:ae:bd:a6:ce:cc:68:fe:
cd:6f:ea:9b:df:37:f5:28:cb:5a:45:b9:b7:ab:b4:
4d:69:f0:26:d6:f2:58:a6:26:78:bf:ce:60:4d:92:
53:c2:25:80:b6:fa:a2:34:ec:de:14:34:76:b1:55:
12:d6:9b:d6:76:63:2b:85:a8:9c:cc:e2:d0:bf:ac:
4a:6c:56:c3:fe:21:5e:9f:c3:b9:8f:67:55:30:fa:
09:5c:f0:40:eb:75:d7:62:ef:00:58:31:bc:3e:49:
c0:2b:8b:3a:37:90:5c:98:95:19:ac:f1:cb:a4:af:
99:e2:70:2a:a1:45:35:fc:b5:9d:7e:4f:c4:57:55:
19:17:97:81:ec:1c:81:65:77:15:7d:aa:9f:36:82:
81:b7:b5:ba:fa:01:23:39:80:fe:ef:fc:d2:ea:ef:
74:ec:62:12:5b:df:8e:70:10:a0:af:88:7f:b1:94:
9b:17:3c:0b:7a:e3:c7:24:03:f3:ee:15:c0:94:cd:
ab:b0:f2:1c:67:8f:43:2c:37:d6:fc:de:c5:ee:53:
3f:c0:fa:12:01:10:ac:a4:af:06:37:5d:a6:cc:96:
31:01:42:61:d2:e2:77:85:70:3e:6b:bd:01:6a:89:
e0:e1:b8:83:32:0a:c0:b1:ed:e5:e0:f7:61:bf:31:
b2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:51:7F:F1:82:CD:32:97:1C:27:B8:5A:7B:52:90:14:EB:97:9B:ED
X509v3 Authority Key Identifier:
keyid:7A:FA:13:5B:20:72:DF:CC:4E:F3:B5:41:C1:36:BC:80:01:EF:43:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evoTWyBy38xO87VBwTa8gAHvQwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/nFF_8YLNMpccJ7hae1KQFOuXm-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/b14193-f569-434a-aea4-f5deaa9bf0f7/1/evoTWyBy38xO87VBwTa8gAHvQwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.124.0/23
185.154.86.0/24
194.48.100.0/22
IPv6:
2a02:fae0::/29
Signature Algorithm: sha256WithRSAEncryption
05:df:ad:69:2a:b1:6e:9a:e3:c7:f5:23:dc:d3:35:03:c6:3e:
0a:44:35:51:12:be:a9:d0:53:ee:35:8b:a8:c2:fd:55:86:b5:
a5:21:1b:24:5d:79:19:b8:55:0a:14:8e:31:e0:89:ed:d9:f2:
c7:82:fc:58:f5:3f:c5:35:6d:2c:93:bf:d2:87:ba:a5:51:ea:
fd:d5:46:df:34:34:34:61:73:83:ec:3c:71:bd:70:29:43:95:
34:25:80:77:79:a7:5e:11:8d:c8:c0:1a:6a:31:63:f1:de:d2:
a5:26:0c:8e:51:2e:32:b0:66:ac:76:3f:2a:93:17:ca:37:57:
6a:95:fb:e6:b7:af:b8:53:f8:8d:ce:59:16:7a:f5:91:0d:fb:
cc:19:c7:34:10:c2:8a:19:e9:34:27:74:b4:4e:f3:38:db:a7:
e7:c3:40:cd:34:3c:1e:05:a4:d6:5d:b0:97:ca:88:ae:ba:ca:
7e:09:74:52:a8:f1:a2:ab:ba:d0:74:e3:c0:64:2d:63:2f:b6:
40:3a:bf:be:0f:28:3d:e2:80:3c:b7:ed:b3:26:1b:2c:c5:b5:
f3:cd:76:47:cb:ec:b4:8a:3c:90:6b:35:27:f0:c9:9c:8c:64:
de:6a:22:a8:60:4a:f1:bf:63:07:50:4a:2f:a1:72:93:10:c9:
25:8b:bb:68
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYpK+Ke8kb9XOoMvLAD1YbZnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmExMzViMjA3MmRmY2M0ZWYzYjU0MWMxMzZiYzgwMDFl
ZjQzMDcwHhcNMjMwODMxMDk0MjA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzUxN2ZmMTgyY2QzMjk3MWMyN2I4NWE3YjUyOTAxNGViOTc5YmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhch0k0Z3rK69ps7MaP7Nb+qb3zf1
KMtaRbm3q7RNafAm1vJYpiZ4v85gTZJTwiWAtvqiNOzeFDR2sVUS1pvWdmMrhaic
zOLQv6xKbFbD/iFen8O5j2dVMPoJXPBA63XXYu8AWDG8PknAK4s6N5BcmJUZrPHL
pK+Z4nAqoUU1/LWdfk/EV1UZF5eB7ByBZXcVfaqfNoKBt7W6+gEjOYD+7/zS6u90
7GISW9+OcBCgr4h/sZSbFzwLeuPHJAPz7hXAlM2rsPIcZ49DLDfW/N7F7lM/wPoS
ARCspK8GN12mzJYxAUJh0uJ3hXA+a70Baong4biDMgrAse3l4PdhvzGyMQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJxRf/GCzTKXHCe4WntSkBTrl5vtMB8GA1UdIwQY
MBaAFHr6E1sgct/MTvO1QcE2vIAB70MHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQt
ZjVkZWFhOWJmMGY3LzEvbkZGXzhZTE5NcGNjSjdoYWUxS1FGT3VYbS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9iMTQxOTMtZjU2OS00MzRhLWFlYTQtZjVkZWFhOWJmMGY3
LzEvZXZvVFd5QnkzOHhPODdWQndUYThnQUh2UXdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBsvt8AwQA
uZpWAwQCwjBkMA0EAgACMAcDBQMqAvrgMA0GCSqGSIb3DQEBCwUAA4IBAQAF361p
KrFumuPH9SPc0zUDxj4KRDVREr6p0FPuNYuowv1VhrWlIRskXXkZuFUKFI4x4Int
2fLHgvxY9T/FNW0sk7/Sh7qlUer91UbfNDQ0YXOD7DxxvXApQ5U0JYB3eadeEY3I
wBpqMWPx3tKlJgyOUS4ysGasdj8qkxfKN1dqlfvmt6+4U/iNzlkWevWRDfvMGcc0
EMKKGek0J3S0TvM426fnw0DNNDweBaTWXbCXyoiuusp+CXRSqPGiq7rQdOPAZC1j
L7ZAOr++Dyg94oA8t+2zJhssxbXzzXZHy+y0ijyQazUn8MmcjGTeaiKoYErxv2MH
UEovoXKTEMkli7to
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:23 2024 by rpki-client on console-fra.rpki-client.org