Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/pbf1yRO44QLZbQ4ejw0bvh0fcRY.roa
File: pbf1yRO44QLZbQ4ejw0bvh0fcRY.roa (raw, json)
Hash identifier: 6JzgoB7vKjkxUTeRJ1cnu6LemmaiUTJB0VUFYu4s4Fo=
Subject key identifier: A5:B7:F5:C9:13:B8:E1:02:D9:6D:0E:1E:8F:0D:1B:BE:1D:1F:71:16
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 01870667055DA116118096E265B5E7530F39
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/pbf1yRO44QLZbQ4ejw0bvh0fcRY.roa
Signing time: Tue 21 Mar 2023 23:00:27 +0000
ROA not before: Tue 21 Mar 2023 23:00:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42369
IP address blocks: 94.176.160.0/23 maxlen: 23
94.176.160.0/24 maxlen: 24
185.235.147.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
194.33.191.0/24 maxlen: 24
188.240.51.0/24 maxlen: 24
2a10:8b40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:06:67:05:5d:a1:16:11:80:96:e2:65:b5:e7:53:0f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Mar 21 23:00:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a5b7f5c913b8e102d96d0e1e8f0d1bbe1d1f7116
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:6c:ad:c6:b3:e7:f4:fd:23:9f:8f:b7:22:51:
b3:ec:ed:7b:a7:26:f4:dd:29:d5:95:46:5e:5f:5d:
87:eb:90:b4:f5:be:f5:48:58:a7:ca:7c:17:f6:fe:
0a:c6:6c:c3:9b:4f:ed:3e:b4:83:9e:f6:fc:ae:ee:
67:2a:d9:be:89:84:21:d7:b5:d6:fb:9f:8f:83:49:
5d:20:25:f3:70:76:9c:b4:5b:bd:f7:d7:e5:27:74:
e7:f5:3a:2b:2c:41:77:ab:56:f3:94:4b:ea:81:93:
de:42:e8:97:15:f1:51:83:78:aa:da:48:c4:4f:ef:
07:e5:24:b1:e7:5e:0f:cf:d9:27:6e:8e:cd:fb:3b:
94:05:eb:1a:4c:d3:18:f3:8f:68:89:81:c0:a7:21:
89:e7:66:cf:e1:65:79:c8:80:35:e9:2e:26:9d:f9:
3d:48:48:ad:f2:d0:25:ed:5c:27:71:e6:2d:8d:cb:
77:08:f4:48:0e:09:d8:94:52:5f:5e:19:7c:65:0b:
82:f5:46:64:dd:80:2a:eb:2e:ce:41:8e:ae:63:09:
59:02:7e:0d:30:9e:11:ad:92:f7:4c:bd:c1:9d:9c:
13:51:34:70:4a:ee:99:53:ea:dd:a0:b5:ec:d4:f6:
25:84:85:38:de:01:bc:67:66:30:5b:77:0e:96:3c:
5c:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:B7:F5:C9:13:B8:E1:02:D9:6D:0E:1E:8F:0D:1B:BE:1D:1F:71:16
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/pbf1yRO44QLZbQ4ejw0bvh0fcRY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.160.0/23
185.235.147.0/24
188.240.51.0/24
194.33.191.0/24
IPv6:
2a10:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
0e:45:d4:a9:f4:49:26:b0:4a:fc:73:5b:c1:04:48:3b:6b:9b:
a4:c9:b2:33:1a:05:dd:3f:c3:1b:c0:7c:07:ff:f1:5c:46:da:
af:7b:f1:bc:f1:88:d8:2c:3a:b7:2c:55:db:7a:37:24:d1:89:
95:77:b3:55:46:d6:04:c8:fd:8a:23:57:ee:8c:e9:2c:b5:ca:
3a:98:e3:38:ec:b6:6b:6e:e3:9f:b9:20:7f:7c:81:a1:05:f8:
95:ec:61:17:a0:ea:59:98:a4:59:b1:04:ba:08:eb:78:a4:28:
41:c3:9f:1d:20:22:a7:17:49:b7:b3:f3:51:8a:c8:b0:a2:b5:
05:18:71:51:5a:68:bf:71:02:7f:dd:3b:8b:09:13:1a:7a:5f:
e4:e7:09:63:fa:9e:c4:b7:e0:70:8e:15:11:b7:a1:7c:3a:9b:
0f:86:58:33:30:cd:b7:98:32:74:52:a1:32:b1:25:96:9d:cf:
ac:a8:31:d4:e0:61:37:58:2f:46:ff:17:ea:d1:be:55:fb:54:
d7:c3:23:c2:da:77:13:f6:6c:d1:d8:c3:ab:6f:e6:bd:43:9b:
43:d2:4f:d5:64:e2:c1:89:06:98:55:d4:68:9e:86:ef:a5:c8:
65:07:f1:80:7b:cd:04:76:c5:9f:80:98:78:a4:e1:ad:38:e9:
50:3c:50:e9
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYcGZwVdoRYRgJbiZbXnUw85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjMwMzIxMjMwMDI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWI3ZjVjOTEzYjhlMTAyZDk2ZDBlMWU4ZjBkMWJiZTFkMWY3MTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhmytxrPn9P0jn4+3IlGz7O17pyb0
3SnVlUZeX12H65C09b71SFinynwX9v4KxmzDm0/tPrSDnvb8ru5nKtm+iYQh17XW
+5+Pg0ldICXzcHactFu999flJ3Tn9TorLEF3q1bzlEvqgZPeQuiXFfFRg3iq2kjE
T+8H5SSx514Pz9knbo7N+zuUBesaTNMY849oiYHApyGJ52bP4WV5yIA16S4mnfk9
SEit8tAl7VwnceYtjct3CPRIDgnYlFJfXhl8ZQuC9UZk3YAq6y7OQY6uYwlZAn4N
MJ4RrZL3TL3BnZwTUTRwSu6ZU+rdoLXs1PYlhIU43gG8Z2YwW3cOljxcxQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFKW39ckTuOEC2W0OHo8NG74dH3EWMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xL3BiZjF5Uk80NFFMWmJRNGVqdzBidmgwZmNSWS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAFesKAD
BAC565MDBAC88DMDBADCIb8wDQQCAAIwBwMFACoQi0AwDQYJKoZIhvcNAQELBQAD
ggEBAA5F1Kn0SSawSvxzW8EESDtrm6TJsjMaBd0/wxvAfAf/8VxG2q978bzxiNgs
OrcsVdt6NyTRiZV3s1VG1gTI/YojV+6M6Sy1yjqY4zjstmtu45+5IH98gaEF+JXs
YReg6lmYpFmxBLoI63ikKEHDnx0gIqcXSbez81GKyLCitQUYcVFaaL9xAn/dO4sJ
Exp6X+TnCWP6nsS34HCOFRG3oXw6mw+GWDMwzbeYMnRSoTKxJZadz6yoMdTgYTdY
L0b/F+rRvlX7VNfDI8LadxP2bNHYw6tv5r1Dm0PST9Vk4sGJBphV1Giehu+lyGUH
8YB7zQR2xZ+AmHik4a046VA8UOk=
Generated at Sat Oct 28 15:33:25 2023 by rpki-client on console-ams.rpki-client.org