Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/q8k7cdenejHy7atn1KjapGXk2Mo.roa
File: q8k7cdenejHy7atn1KjapGXk2Mo.roa (raw, json)
Hash identifier: xNsSto5kVwzS02tUuSJc5uuCRbSCDPFBHlT4mAOGyps=
Subject key identifier: AB:C9:3B:71:D7:A7:7A:31:F2:ED:AB:67:D4:A8:DA:A4:65:E4:D8:CA
Certificate issuer: /CN=facf153f24fa8d3214cd7c6e250d4b19f506722b
Certificate serial: 018571CC3113B5E4A83D2348BAB627F02F0E
Authority key identifier: FA:CF:15:3F:24:FA:8D:32:14:CD:7C:6E:25:0D:4B:19:F5:06:72:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/q8k7cdenejHy7atn1KjapGXk2Mo.roa
Signing time: Mon 02 Jan 2023 09:24:45 +0000
ROA not before: Mon 02 Jan 2023 09:24:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198970
IP address blocks: 194.49.126.0/24 maxlen: 24
185.159.116.0/24 maxlen: 24
185.159.117.0/24 maxlen: 24
185.159.118.0/24 maxlen: 24
185.159.119.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:cc:31:13:b5:e4:a8:3d:23:48:ba:b6:27:f0:2f:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=facf153f24fa8d3214cd7c6e250d4b19f506722b
Validity
Not Before: Jan 2 09:24:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=abc93b71d7a77a31f2edab67d4a8daa465e4d8ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:61:d9:93:ce:c6:6f:15:d6:1b:a9:fa:98:08:
bd:70:88:a9:15:58:46:d1:63:90:24:55:35:c6:69:
54:ad:42:1b:bb:bc:f3:be:98:86:42:ad:1d:3b:cd:
1e:00:f3:77:b4:0f:4d:f3:ef:7a:cd:42:ef:2f:1b:
05:f4:d6:30:07:ad:7d:88:51:13:5e:a2:5c:88:5c:
60:b8:b1:e5:1b:bc:a2:bd:ab:c2:4b:a5:56:10:f1:
3e:34:41:28:1c:25:ee:2b:3d:55:c0:9e:b5:30:07:
7b:8b:e8:a4:94:e3:07:8b:f4:35:50:90:9b:28:af:
c4:0c:94:c8:b0:f1:41:6c:ad:eb:33:43:61:2f:6e:
f4:91:ee:53:8f:22:16:32:91:6f:94:45:bb:7a:d1:
47:4c:c0:c3:33:81:82:9d:3a:b1:63:0c:9a:c0:ac:
57:ec:44:6c:4b:15:80:06:7e:8b:a3:55:59:00:80:
9e:42:d6:e5:f2:3e:67:dd:22:7f:2e:d9:9c:2a:0c:
29:5b:14:53:0a:9e:25:6b:d7:eb:ca:e4:f1:c7:33:
6b:9f:42:7c:88:ae:80:1e:1e:9c:82:0a:01:3e:5d:
1f:f6:24:c5:70:62:ec:ba:e2:63:3e:06:b4:1a:9f:
04:76:0c:11:81:c3:3e:cb:4f:08:6a:db:88:4e:7b:
16:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:C9:3B:71:D7:A7:7A:31:F2:ED:AB:67:D4:A8:DA:A4:65:E4:D8:CA
X509v3 Authority Key Identifier:
keyid:FA:CF:15:3F:24:FA:8D:32:14:CD:7C:6E:25:0D:4B:19:F5:06:72:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/q8k7cdenejHy7atn1KjapGXk2Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8621e4-e9a9-4b64-9648-9aa7372b616d/1/1-s8VPyT6jTIUzXxuJQ1LGfUGcis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.116.0/22
194.49.126.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:53:db:73:2a:c2:25:8e:81:b5:96:6d:04:2c:ff:2d:8c:55:
09:df:9e:6e:a7:ae:91:ad:0d:0a:c3:0d:a8:e0:81:14:8e:e5:
33:63:d4:be:d3:11:21:af:0e:bb:f7:84:11:7f:c0:85:f3:24:
78:bb:10:a3:35:10:8f:15:50:f3:b4:33:98:35:f1:a4:c1:af:
50:69:e9:fd:0a:27:20:f8:58:32:a7:d2:67:f2:db:a0:44:6a:
eb:e3:10:87:bd:d3:78:19:5f:9a:4b:e0:23:ae:68:94:61:fb:
fa:ab:7d:06:ec:83:cf:f7:88:a8:46:ca:11:d4:c9:05:87:22:
c2:69:9a:bb:ea:18:b0:2b:83:f3:82:22:60:4f:38:f9:1d:6d:
06:2b:84:b3:d4:af:18:71:68:45:51:b6:e7:f0:f8:13:e1:64:
e8:ed:19:98:96:0d:3d:6c:88:f8:3c:06:9d:cc:6f:a5:75:0e:
78:30:71:30:31:35:86:56:50:39:af:41:e3:4c:f0:42:c9:48:
06:99:22:88:0f:ec:67:8b:47:42:cf:df:f7:16:12:0a:e8:d4:
9e:2e:68:9e:80:fd:69:4d:82:99:84:92:e6:ea:eb:87:ba:f1:
bb:a2:0b:e6:e3:bd:4b:11:90:5c:60:eb:34:68:1b:79:35:7a:
0e:93:2a:76
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxzDETteSoPSNIurYn8C8OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhY2YxNTNmMjRmYThkMzIxNGNkN2M2ZTI1MGQ0YjE5ZjUw
NjcyMmIwHhcNMjMwMTAyMDkyNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmM5M2I3MWQ3YTc3YTMxZjJlZGFiNjdkNGE4ZGFhNDY1ZTRkOGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWHZk87GbxXWG6n6mAi9cIipFVhG
0WOQJFU1xmlUrUIbu7zzvpiGQq0dO80eAPN3tA9N8+96zULvLxsF9NYwB619iFET
XqJciFxguLHlG7yivavCS6VWEPE+NEEoHCXuKz1VwJ61MAd7i+iklOMHi/Q1UJCb
KK/EDJTIsPFBbK3rM0NhL270ke5TjyIWMpFvlEW7etFHTMDDM4GCnTqxYwyawKxX
7ERsSxWABn6Lo1VZAICeQtbl8j5n3SJ/LtmcKgwpWxRTCp4la9fryuTxxzNrn0J8
iK6AHh6cggoBPl0f9iTFcGLsuuJjPga0Gp8EdgwRgcM+y08IatuITnsWTwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKvJO3HXp3ox8u2rZ9So2qRl5NjKMB8GA1UdIwQY
MBaAFPrPFT8k+o0yFM18biUNSxn1BnIrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1zOFZQeVQ2alRJVXpYeHVKUTFMR2ZVR2Npcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODEvODYyMWU0LWU5YTktNGI2NC05NjQ4
LTlhYTczNzJiNjE2ZC8xL3E4azdjZGVuZWpIeTdhdG4xS2phcEdYazJNby5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODEvODYyMWU0LWU5YTktNGI2NC05NjQ4LTlhYTczNzJiNjE2
ZC8xLzEtczhWUHlUNmpUSVV6WHh1SlExTEdmVUdjaXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAK5n3QD
BADCMX4wDQYJKoZIhvcNAQELBQADggEBAAtT23MqwiWOgbWWbQQs/y2MVQnfnm6n
rpGtDQrDDajggRSO5TNj1L7TESGvDrv3hBF/wIXzJHi7EKM1EI8VUPO0M5g18aTB
r1Bp6f0KJyD4WDKn0mfy26BEauvjEIe903gZX5pL4COuaJRh+/qrfQbsg8/3iKhG
yhHUyQWHIsJpmrvqGLArg/OCImBPOPkdbQYrhLPUrxhxaEVRtufw+BPhZOjtGZiW
DT1siPg8Bp3Mb6V1DngwcTAxNYZWUDmvQeNM8ELJSAaZIogP7GeLR0LP3/cWEgro
1J4uaJ6A/WlNgpmEkubq64e68buiC+bjvUsRkFxg6zRoG3k1eg6TKnY=
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:51 2024 by rpki-client on console-fra.rpki-client.org