Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Q9NNppSNt-hJ83ch_4tozXPQrvE.roa
File: Q9NNppSNt-hJ83ch_4tozXPQrvE.roa (raw, json)
Hash identifier: U+de/Z0xjIIolZ2ODWkCufFzlkkZY2doAnZLZLul5uw=
Subject key identifier: 43:D3:4D:A6:94:8D:B7:E8:49:F3:77:21:FF:8B:68:CD:73:D0:AE:F1
Certificate issuer: /CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Certificate serial: 0188292F1FC7B5000C76932E640FC1768B52
Authority key identifier: 1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Q9NNppSNt-hJ83ch_4tozXPQrvE.roa
Signing time: Wed 17 May 2023 10:08:54 +0000
ROA not before: Wed 17 May 2023 10:08:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200290
IP address blocks: 185.171.104.0/24 maxlen: 24
185.171.104.0/22 maxlen: 24
185.171.104.0/23 maxlen: 23
185.171.105.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:29:2f:1f:c7:b5:00:0c:76:93:2e:64:0f:c1:76:8b:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ddf5951c9ae79976d97e1d28e466a615119898b
Validity
Not Before: May 17 10:08:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=43d34da6948db7e849f37721ff8b68cd73d0aef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:b3:a0:4e:ae:94:b9:a7:7a:1b:c5:d1:f3:59:
ea:5f:35:94:26:42:c1:14:65:b7:ce:ba:42:f2:c0:
57:38:a3:51:f9:f5:1d:be:ac:b3:4a:3f:cf:41:ba:
5a:f7:5e:bc:34:cc:96:77:5a:89:72:e7:79:53:35:
9b:ee:28:c0:65:09:05:2d:3c:e6:27:bc:46:d4:80:
3f:74:05:db:d0:5e:98:0a:44:2b:c3:31:1a:67:14:
35:1d:a8:60:2b:a2:d4:6d:33:fd:03:3c:aa:78:27:
ec:1e:7b:cf:2e:89:77:ae:fb:70:a1:b0:77:5a:93:
c5:57:11:24:ca:2f:85:8b:e4:87:5c:af:da:3c:4f:
88:7f:e8:4a:90:22:16:6b:88:fd:ba:4f:de:9b:8a:
60:50:91:96:7d:14:73:ac:df:ac:03:6d:c3:73:fe:
1c:80:ea:da:03:89:77:bb:0f:7e:da:aa:12:6c:53:
8c:ee:e5:54:b0:74:27:f1:cd:94:1f:c1:4e:e9:4c:
83:d6:31:00:65:5d:3c:2b:9f:36:6c:75:0c:ed:65:
d0:88:46:c6:89:85:20:b5:82:e2:f6:9b:d2:3c:2b:
3c:89:1b:ce:86:da:69:c2:7a:2d:a5:f5:76:20:64:
ac:4c:80:c2:a8:a5:61:3a:d7:91:d3:ac:8f:bd:73:
51:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D3:4D:A6:94:8D:B7:E8:49:F3:77:21:FF:8B:68:CD:73:D0:AE:F1
X509v3 Authority Key Identifier:
keyid:1D:DF:59:51:C9:AE:79:97:6D:97:E1:D2:8E:46:6A:61:51:19:89:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Q9NNppSNt-hJ83ch_4tozXPQrvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/2df786-52d5-438b-8b56-0e96b1ffb247/1/Hd9ZUcmueZdtl-HSjkZqYVEZiYs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.171.104.0/22
Signature Algorithm: sha256WithRSAEncryption
95:f5:a8:a3:a0:ef:d2:54:fe:8b:c3:0a:f6:f0:8c:07:bc:ce:
60:fe:ac:c7:83:e3:b4:6b:a9:e0:b0:6c:68:a7:b8:3a:fa:d9:
a8:cb:91:9f:1a:13:df:91:8c:45:9f:ed:ff:1f:fd:2d:50:de:
73:51:a5:7d:b5:05:f7:5e:72:3b:45:ef:b7:79:ce:74:f7:63:
c6:95:22:26:77:3c:88:15:5c:0c:5e:1d:4a:26:83:fa:23:b3:
2b:12:a0:01:32:86:79:2c:50:8f:ac:81:08:58:dc:b0:b8:00:
20:d0:aa:37:b1:10:c2:df:f6:22:f6:9a:92:48:58:72:f7:8a:
b0:fa:6a:a7:6b:41:8a:d8:47:34:8b:75:f2:88:de:7c:35:f6:
0f:43:e9:52:98:ba:7b:ee:4f:a8:c8:11:05:60:be:ee:56:6f:
18:3b:f9:e9:f2:b7:1d:1c:26:9a:a2:d4:54:0b:07:3d:d1:e4:
0e:4c:17:a1:a1:41:79:08:7b:74:1d:a1:f4:2c:af:80:c9:33:
78:d4:33:7b:e7:e6:0e:71:18:61:14:48:ea:f1:91:ed:7f:4a:
f4:71:e3:9f:e9:c0:9e:17:c2:e7:55:4a:e3:fc:e0:77:0b:8e:
75:08:36:db:ea:21:82:c9:19:e9:6b:e3:bf:85:9b:60:05:23:
cb:4c:c7:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYgpLx/HtQAMdpMuZA/BdotSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZGY1OTUxYzlhZTc5OTc2ZDk3ZTFkMjhlNDY2YTYxNTEx
OTg5OGIwHhcNMjMwNTE3MTAwODU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0M2QzNGRhNjk0OGRiN2U4NDlmMzc3MjFmZjhiNjhjZDczZDBhZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArLOgTq6Uuad6G8XR81nqXzWUJkLB
FGW3zrpC8sBXOKNR+fUdvqyzSj/PQbpa9168NMyWd1qJcud5UzWb7ijAZQkFLTzm
J7xG1IA/dAXb0F6YCkQrwzEaZxQ1HahgK6LUbTP9AzyqeCfsHnvPLol3rvtwobB3
WpPFVxEkyi+Fi+SHXK/aPE+If+hKkCIWa4j9uk/em4pgUJGWfRRzrN+sA23Dc/4c
gOraA4l3uw9+2qoSbFOM7uVUsHQn8c2UH8FO6UyD1jEAZV08K582bHUM7WXQiEbG
iYUgtYLi9pvSPCs8iRvOhtppwnotpfV2IGSsTIDCqKVhOteR06yPvXNRUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEPTTaaUjbfoSfN3If+LaM1z0K7xMB8GA1UdIwQY
MBaAFB3fWVHJrnmXbZfh0o5GamFRGYmLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYt
MGU5NmIxZmZiMjQ3LzEvUTlOTnBwU050LWhKODNjaF80dG96WFBRcnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi8yZGY3ODYtNTJkNS00MzhiLThiNTYtMGU5NmIxZmZiMjQ3
LzEvSGQ5WlVjbXVlWmR0bC1IU2prWnFZVkVaaVlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuatoMA0G
CSqGSIb3DQEBCwUAA4IBAQCV9aijoO/SVP6Lwwr28IwHvM5g/qzHg+O0a6ngsGxo
p7g6+tmoy5GfGhPfkYxFn+3/H/0tUN5zUaV9tQX3XnI7Re+3ec5092PGlSImdzyI
FVwMXh1KJoP6I7MrEqABMoZ5LFCPrIEIWNywuAAg0Ko3sRDC3/Yi9pqSSFhy94qw
+mqna0GK2Ec0i3XyiN58NfYPQ+lSmLp77k+oyBEFYL7uVm8YO/np8rcdHCaaotRU
Cwc90eQOTBehoUF5CHt0HaH0LK+AyTN41DN75+YOcRhhFEjq8ZHtf0r0ceOf6cCe
F8LnVUrj/OB3C451CDbb6iGCyRnpa+O/hZtgBSPLTMe4
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:27:52 2024 by rpki-client on console-fra.rpki-client.org