Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/n0C7WQUnRTxAqIPO8mhcGUeSQPc.roa
File: n0C7WQUnRTxAqIPO8mhcGUeSQPc.roa (raw, json)
Hash identifier: IJIz1kPiNYQFfMZl4B4arLMLpXZoMU96cMuGXLHYE88=
Subject key identifier: 9F:40:BB:59:05:27:45:3C:40:A8:83:CE:F2:68:5C:19:47:92:40:F7
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0185A12A55CB465B605B2A476D778CB4922E
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/n0C7WQUnRTxAqIPO8mhcGUeSQPc.roa
Signing time: Wed 11 Jan 2023 14:09:44 +0000
ROA not before: Wed 11 Jan 2023 14:09:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 185.132.125.0/24 maxlen: 24
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
185.87.148.0/23 maxlen: 23
188.116.22.0/24 maxlen: 24
195.54.171.0/24 maxlen: 24
176.97.70.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
176.97.72.0/24 maxlen: 24
176.97.73.0/24 maxlen: 24
176.97.75.0/24 maxlen: 24
176.97.76.0/24 maxlen: 24
176.97.77.0/24 maxlen: 24
176.97.78.0/24 maxlen: 24
5.61.62.0/23 maxlen: 23
5.61.60.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a1:2a:55:cb:46:5b:60:5b:2a:47:6d:77:8c:b4:92:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jan 11 14:09:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9f40bb590527453c40a883cef2685c19479240f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:02:df:fd:51:d5:ae:93:9c:fd:82:42:f6:43:
e3:13:d8:98:0c:34:83:e5:5b:22:a1:00:d7:1c:18:
6c:9c:c7:05:0c:cf:c6:7d:64:4e:6e:68:b9:50:cc:
db:fb:0c:54:18:8f:ee:b5:51:20:e4:e6:6c:76:36:
cd:8b:70:46:0d:08:f5:28:d9:4a:3d:4e:1d:d6:b9:
41:48:15:be:b4:26:d3:26:72:26:9f:53:26:f1:fb:
f7:da:6e:26:98:44:61:0f:c4:07:b3:9f:e8:1d:cc:
01:81:ae:8e:77:44:77:d8:ef:cf:b3:c0:41:04:57:
32:b5:60:e8:4b:a5:9b:4d:5d:49:68:92:65:8d:2f:
5b:60:da:b7:6a:e8:4e:35:2a:5c:30:35:ea:03:c2:
fc:33:bc:bf:f3:f7:6d:62:2a:11:de:a2:99:22:bc:
f7:5c:58:65:62:db:c2:61:e6:ee:74:1e:b8:23:c3:
0f:18:b5:cc:01:27:c8:03:3d:f5:42:9e:ed:3a:c0:
62:66:61:6d:7e:d6:d0:1e:e6:4a:c7:95:e3:30:f1:
4d:63:14:15:93:b3:5d:9c:ad:80:cc:32:fe:d6:53:
57:c7:53:06:21:a6:6c:66:5a:3f:19:e3:bd:f3:20:
c9:47:7f:e6:75:0a:32:4b:24:da:56:21:22:4b:c8:
b5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:40:BB:59:05:27:45:3C:40:A8:83:CE:F2:68:5C:19:47:92:40:F7
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/n0C7WQUnRTxAqIPO8mhcGUeSQPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0-176.97.73.255
176.97.75.0-176.97.78.255
185.87.148.0/23
185.132.125.0/24
188.116.22.0/24
195.54.171.0/24
Signature Algorithm: sha256WithRSAEncryption
54:e8:6a:71:17:96:cc:7a:d5:46:32:05:e4:dd:c2:ea:f2:04:
04:28:4e:90:58:02:73:ad:4d:f4:43:69:7a:0b:c9:cd:42:58:
52:cc:3c:3f:46:1b:89:4d:11:ba:b2:03:01:22:98:98:24:49:
18:66:79:82:da:6d:e2:6a:0a:12:ba:8e:67:3d:99:3f:e9:9a:
12:80:36:08:81:ee:0e:ae:8f:3b:a1:9d:d8:d0:91:81:9f:26:
d8:51:32:bf:b9:13:39:ba:64:94:ac:76:d0:53:a1:7f:33:f7:
e3:e7:7c:48:96:c6:75:49:dd:25:ab:c2:6e:d6:44:f6:90:3e:
ac:c0:11:7b:2a:eb:78:c4:42:6a:b4:b8:49:98:cf:fb:14:2f:
2c:ce:fc:91:98:e3:da:7c:6d:53:cb:e1:a6:3e:2e:40:b2:b2:
2b:63:6b:37:39:b0:97:bf:2c:6b:98:14:64:72:67:77:20:31:
7c:54:2b:a3:01:07:81:45:59:da:74:ba:48:c0:77:34:e1:5b:
9d:3f:8c:a9:8c:7b:a3:85:a5:31:95:b2:e6:c3:ea:1c:59:c4:
27:c7:c0:a2:67:7e:d1:5f:fe:33:f4:40:ad:0a:9b:8a:1e:a2:
32:e0:5e:39:72:4c:c1:74:68:63:d5:a4:86:8d:85:18:f1:3c:
a1:b1:f6:7f
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAYWhKlXLRltgWypHbXeMtJIuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjMwMTExMTQwOTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjQwYmI1OTA1Mjc0NTNjNDBhODgzY2VmMjY4NWMxOTQ3OTI0MGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhgLf/VHVrpOc/YJC9kPjE9iYDDSD
5VsioQDXHBhsnMcFDM/GfWRObmi5UMzb+wxUGI/utVEg5OZsdjbNi3BGDQj1KNlK
PU4d1rlBSBW+tCbTJnImn1Mm8fv32m4mmERhD8QHs5/oHcwBga6Od0R32O/Ps8BB
BFcytWDoS6WbTV1JaJJljS9bYNq3auhONSpcMDXqA8L8M7y/8/dtYioR3qKZIrz3
XFhlYtvCYebudB64I8MPGLXMASfIAz31Qp7tOsBiZmFtftbQHuZKx5XjMPFNYxQV
k7NdnK2AzDL+1lNXx1MGIaZsZlo/GeO98yDJR3/mdQoySyTaViEiS8i1JQIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFJ9Au1kFJ0U8QKiDzvJoXBlHkkD3MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvbjBDN1dRVW5SVHhBcUlQTzhtaGNHVWVTUVBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQCBT08AwQC
LYjEMAwDBAawYUADBAGwYUgwDAMEALBhSwMEALBhTgMEAblXlAMEALmEfQMEALx0
FgMEAMM2qzANBgkqhkiG9w0BAQsFAAOCAQEAVOhqcReWzHrVRjIF5N3C6vIEBChO
kFgCc61N9ENpegvJzUJYUsw8P0YbiU0RurIDASKYmCRJGGZ5gtpt4moKErqOZz2Z
P+maEoA2CIHuDq6PO6Gd2NCRgZ8m2FEyv7kTObpklKx20FOhfzP34+d8SJbGdUnd
JavCbtZE9pA+rMAReyrreMRCarS4SZjP+xQvLM78kZjj2nxtU8vhpj4uQLKyK2Nr
Nzmwl78sa5gUZHJndyAxfFQrowEHgUVZ2nS6SMB3NOFbnT+MqYx7o4WlMZWy5sPq
HFnEJ8fAomd+0V/+M/RArQqbih6iMuBeOXJMwXRoY9Wkho2FGPE8obH2fw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:58 2024 by rpki-client on console-fra.rpki-client.org