Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/r7FEBrKRB2LRAVs-8vYVeiwe--k.roa
File: r7FEBrKRB2LRAVs-8vYVeiwe--k.roa (raw, json)
Hash identifier: N3+ej7Mr3Z1tDwQnJdzaZ48ImTHZmwu+nKbf+VeSiaI=
Subject key identifier: AF:B1:44:06:B2:91:07:62:D1:01:5B:3E:F2:F6:15:7A:2C:1E:FB:E9
Certificate issuer: /CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Certificate serial: 01856ED4C8D0D32241D3D742C9682F66379E
Authority key identifier: F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/r7FEBrKRB2LRAVs-8vYVeiwe--k.roa
Signing time: Sun 01 Jan 2023 19:35:16 +0000
ROA not before: Sun 01 Jan 2023 19:35:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42369
IP address blocks: 94.176.160.0/23 maxlen: 23
94.176.160.0/24 maxlen: 24
185.235.147.0/24 maxlen: 24
94.176.161.0/24 maxlen: 24
188.240.51.0/24 maxlen: 24
2a10:8b40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:c8:d0:d3:22:41:d3:d7:42:c9:68:2f:66:37:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f80e017cf1711519b0ff9f65858c491b2fa5d40b
Validity
Not Before: Jan 1 19:35:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afb14406b2910762d1015b3ef2f6157a2c1efbe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:e9:f0:6d:12:7e:6f:da:9c:17:48:69:64:52:
f2:c3:e0:8c:ec:71:66:49:35:17:b8:67:f8:95:0d:
cd:62:68:fe:e4:8f:83:8c:d8:4c:26:45:99:f5:97:
0d:a6:52:35:bc:4c:79:f2:22:3d:9f:0b:d4:7d:39:
e6:c7:7e:db:a2:a4:ec:1b:01:12:ee:b4:bd:4d:83:
f1:bd:1f:3d:4a:86:8b:d7:97:2a:76:95:61:a4:db:
eb:4b:d2:73:c8:5c:f0:93:8f:a1:6c:54:02:a8:bc:
ff:22:85:0f:44:e1:fc:93:4b:fe:69:2a:7b:ff:8c:
3c:19:72:f6:da:79:78:5c:98:44:a0:99:73:67:6b:
df:6c:cc:48:10:85:41:16:fd:be:d5:0d:e3:20:0f:
95:3e:ce:99:ad:90:8c:2a:5d:6a:d8:fe:ff:05:ca:
3f:7c:f7:0e:b8:bc:6d:05:79:8b:8a:3d:fa:e9:c9:
ec:f5:f7:24:94:ad:61:bb:f2:05:3a:39:6e:4d:fb:
06:23:f6:81:5e:32:2d:c9:60:dc:9d:71:5d:f0:24:
f1:87:5c:cd:dd:8d:04:ba:ba:d5:90:77:fc:6b:8a:
a3:00:06:c4:29:4a:6d:3a:bc:30:e5:3a:4a:c4:3a:
cb:1e:ab:05:bd:93:60:28:34:db:3c:5f:55:27:88:
13:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:B1:44:06:B2:91:07:62:D1:01:5B:3E:F2:F6:15:7A:2C:1E:FB:E9
X509v3 Authority Key Identifier:
keyid:F8:0E:01:7C:F1:71:15:19:B0:FF:9F:65:85:8C:49:1B:2F:A5:D4:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-A4BfPFxFRmw_59lhYxJGy-l1As.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/r7FEBrKRB2LRAVs-8vYVeiwe--k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/2dc136-400d-40e7-ad86-8ce60a5c8b1f/1/1-A4BfPFxFRmw_59lhYxJGy-l1As.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.176.160.0/23
185.235.147.0/24
188.240.51.0/24
IPv6:
2a10:8b40::/32
Signature Algorithm: sha256WithRSAEncryption
3e:84:a3:5f:3f:2a:3b:17:23:7c:3a:85:fc:6c:c1:a7:86:85:
2f:40:14:eb:3c:b0:1d:88:3d:2d:25:73:c1:dc:dc:dd:ba:ed:
c7:2d:b9:e2:47:a8:c7:19:4d:fb:2c:86:54:39:14:10:e2:bb:
e6:67:8d:6a:d5:4c:56:e6:27:ab:9e:5b:09:aa:4a:b5:8c:11:
ee:26:69:1d:d6:10:af:4c:14:35:70:cc:5f:08:ab:2a:67:de:
5a:60:e4:54:e3:33:4f:af:2a:a7:90:4a:e5:6d:d9:56:86:e8:
f0:3a:2a:4a:c9:99:b9:de:26:02:31:e1:26:09:b6:f9:10:1c:
a0:ef:99:41:ff:8b:6c:b6:70:68:f5:d7:73:45:00:8f:d0:72:
87:93:82:d3:1c:7a:75:d6:e5:9c:5f:bb:59:7a:50:23:fb:5a:
ad:bb:ea:01:c6:30:cd:83:b0:74:2d:1b:21:ec:d1:fe:29:a1:
81:91:9b:b0:8a:4b:95:52:77:22:5a:e0:12:49:71:5e:21:8b:
f8:9d:fd:b3:33:86:74:c1:ec:d1:b9:f9:66:d9:5b:99:51:58:
69:a5:06:56:23:61:9f:91:36:d8:44:83:33:d4:63:e2:26:f6:
d6:2d:32:2e:cd:f7:97:72:b0:5e:4d:d5:a5:6d:69:5c:0a:93:
c2:13:65:c2
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYVu1MjQ0yJB09dCyWgvZjeeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MGUwMTdjZjE3MTE1MTliMGZmOWY2NTg1OGM0OTFiMmZh
NWQ0MGIwHhcNMjMwMTAxMTkzNTE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmIxNDQwNmIyOTEwNzYyZDEwMTViM2VmMmY2MTU3YTJjMWVmYmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOnwbRJ+b9qcF0hpZFLyw+CM7HFm
STUXuGf4lQ3NYmj+5I+DjNhMJkWZ9ZcNplI1vEx58iI9nwvUfTnmx37boqTsGwES
7rS9TYPxvR89SoaL15cqdpVhpNvrS9JzyFzwk4+hbFQCqLz/IoUPROH8k0v+aSp7
/4w8GXL22nl4XJhEoJlzZ2vfbMxIEIVBFv2+1Q3jIA+VPs6ZrZCMKl1q2P7/Bco/
fPcOuLxtBXmLij366cns9fcklK1hu/IFOjluTfsGI/aBXjItyWDcnXFd8CTxh1zN
3Y0EurrVkHf8a4qjAAbEKUptOrww5TpKxDrLHqsFvZNgKDTbPF9VJ4gT4QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFK+xRAaykQdi0QFbPvL2FXosHvvpMB8GA1UdIwQY
MBaAFPgOAXzxcRUZsP+fZYWMSRsvpdQLMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1BNEJmUEZ4RlJtd181OWxoWXhKR3ktbDFBcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2
LThjZTYwYTVjOGIxZi8xL3I3RkVCcktSQjJMUkFWcy04dllWZWl3ZS0tay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvODcvMmRjMTM2LTQwMGQtNDBlNy1hZDg2LThjZTYwYTVjOGIx
Zi8xLzEtQTRCZlBGeEZSbXdfNTlsaFl4Skd5LWwxQXMuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwOgYIKwYBBQUHAQcBAf8EKzApMBgEAgABMBIDBAFesKAD
BAC565MDBAC88DMwDQQCAAIwBwMFACoQi0AwDQYJKoZIhvcNAQELBQADggEBAD6E
o18/KjsXI3w6hfxswaeGhS9AFOs8sB2IPS0lc8Hc3N267cctueJHqMcZTfsshlQ5
FBDiu+ZnjWrVTFbmJ6ueWwmqSrWMEe4maR3WEK9MFDVwzF8Iqypn3lpg5FTjM0+v
KqeQSuVt2VaG6PA6KkrJmbneJgIx4SYJtvkQHKDvmUH/i2y2cGj113NFAI/QcoeT
gtMcenXW5Zxfu1l6UCP7Wq276gHGMM2DsHQtGyHs0f4poYGRm7CKS5VSdyJa4BJJ
cV4hi/id/bMzhnTB7NG5+WbZW5lRWGmlBlYjYZ+RNthEgzPUY+Im9tYtMi7N95dy
sF5N1aVtaVwKk8ITZcI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:35 2023 by rpki-client on console-ams.rpki-client.org