Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa
File: 55Q-VauPnG8d2_whgAA5Z6XaXlc.roa (raw, json)
Hash identifier: bgZdTKriSy9PWk5qGLeAcZrk4FHpIlM1Rej0tFJkm4g=
Subject key identifier: E7:94:3E:55:AB:8F:9C:6F:1D:DB:FC:21:80:00:39:67:A5:DA:5E:57
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018B617407DF3D085E6DF27BED6C6B7CA8B9
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa
Signing time: Tue 24 Oct 2023 11:31:15 +0000
ROA not before: Tue 24 Oct 2023 11:31:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204650
IP address blocks: 185.243.49.0/24 maxlen: 24
185.243.48.0/22 maxlen: 22
185.26.32.0/23 maxlen: 24
185.124.172.0/22 maxlen: 24
178.239.159.0/24 maxlen: 24
185.26.34.0/23 maxlen: 24
185.124.173.0/24 maxlen: 24
185.124.175.0/24 maxlen: 24
37.32.47.0/24 maxlen: 24
2a00:7040::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:74:07:df:3d:08:5e:6d:f2:7b:ed:6c:6b:7c:a8:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Oct 24 11:31:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e7943e55ab8f9c6f1ddbfc2180003967a5da5e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7d:2b:9b:1c:58:85:a3:3b:bd:fd:24:1d:4a:
db:a2:a7:56:9b:a6:f7:bd:ee:15:01:05:71:f6:d5:
32:ff:9c:a0:79:66:63:8d:bb:e2:2e:a1:bb:c7:f4:
91:4b:61:7a:e7:6c:b7:3a:dd:f3:91:7c:58:56:ba:
13:46:c5:de:4f:c2:6d:1a:2f:03:cf:11:ed:1c:bf:
75:31:e6:91:01:ef:73:c3:88:ac:7a:9c:84:21:35:
71:7c:eb:b2:e0:a0:b5:cd:36:78:cb:57:e2:e6:f1:
8f:3e:66:86:a2:73:a6:25:e7:b6:1f:97:6f:90:28:
29:31:d4:e5:13:f3:90:c3:7f:07:0e:4e:bb:d1:31:
2f:58:ae:91:08:39:10:83:fb:f3:ad:74:f1:97:1c:
96:01:1d:1a:0d:14:ae:df:dd:31:63:be:f2:b7:d5:
4e:4a:5b:87:13:25:b8:b5:ae:67:d2:46:66:0e:08:
b3:26:95:63:4f:90:69:12:8c:76:8e:5b:45:b2:90:
04:4a:ef:aa:f4:f0:0a:8a:56:fd:20:14:6a:3f:44:
2a:64:70:2f:4b:7b:fb:bf:d5:b8:10:33:70:ea:ac:
50:70:da:29:ae:4a:e2:87:01:74:69:81:b0:90:7e:
40:24:94:f1:2c:6d:75:b7:13:a8:0b:b5:ab:41:45:
94:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:94:3E:55:AB:8F:9C:6F:1D:DB:FC:21:80:00:39:67:A5:DA:5E:57
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/55Q-VauPnG8d2_whgAA5Z6XaXlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.47.0/24
178.239.159.0/24
185.26.32.0/22
185.124.172.0/22
185.243.48.0/22
IPv6:
2a00:7040::/32
Signature Algorithm: sha256WithRSAEncryption
c7:6f:89:31:7a:a6:6b:a2:61:1a:21:f3:0f:c5:18:13:c8:35:
be:d5:ab:de:79:59:a8:0c:74:7b:b1:aa:94:6a:47:7c:38:5a:
f9:ca:c4:c4:14:4c:f2:3e:43:6f:96:dd:37:38:e7:ae:17:2a:
54:cf:14:6a:c4:5f:b4:b2:aa:f9:2b:1e:82:db:48:55:17:bc:
8d:b4:d9:be:98:76:2b:7e:93:d0:71:4c:79:00:25:bd:bd:3a:
2c:83:d6:f9:57:2d:cd:28:e9:66:92:c2:c0:3a:25:15:d6:92:
73:1d:2d:7e:3c:af:fe:3d:e0:ab:98:3a:a9:54:40:e9:9b:ce:
50:12:2f:ba:98:38:c2:6f:0c:19:b1:bb:29:db:b1:ab:c3:32:
28:2c:c1:11:bc:1d:7c:a3:7a:98:85:a5:da:c5:35:9b:6a:db:
81:27:35:58:c9:2e:73:4c:7b:42:fe:4c:18:5b:bc:c2:69:fa:
ec:4e:07:e1:af:46:22:eb:1b:25:b1:38:b2:d8:25:34:b5:26:
22:a0:00:9c:aa:b2:21:2a:18:37:68:24:25:fb:59:22:a3:1b:
e2:dd:35:b1:a9:77:81:7e:02:c5:5f:d3:0f:81:a1:77:25:75:
77:78:79:47:fe:70:af:fb:da:12:61:e5:9d:80:15:3b:fd:56:
df:15:d0:73
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYthdAffPQhebfJ77WxrfKi5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMxMDI0MTEzMTE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzk0M2U1NWFiOGY5YzZmMWRkYmZjMjE4MDAwMzk2N2E1ZGE1ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv30rmxxYhaM7vf0kHUrboqdWm6b3
ve4VAQVx9tUy/5ygeWZjjbviLqG7x/SRS2F652y3Ot3zkXxYVroTRsXeT8JtGi8D
zxHtHL91MeaRAe9zw4isepyEITVxfOuy4KC1zTZ4y1fi5vGPPmaGonOmJee2H5dv
kCgpMdTlE/OQw38HDk670TEvWK6RCDkQg/vzrXTxlxyWAR0aDRSu390xY77yt9VO
SluHEyW4ta5n0kZmDgizJpVjT5BpEox2jltFspAESu+q9PAKilb9IBRqP0QqZHAv
S3v7v9W4EDNw6qxQcNoprkrihwF0aYGwkH5AJJTxLG11txOoC7WrQUWU9wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOeUPlWrj5xvHdv8IYAAOWel2l5XMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvNTVRLVZhdVBuRzhkMl93aGdBQTVaNlhhWGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJSAvAwQA
su+fAwQCuRogAwQCuXysAwQCufMwMA0EAgACMAcDBQAqAHBAMA0GCSqGSIb3DQEB
CwUAA4IBAQDHb4kxeqZromEaIfMPxRgTyDW+1aveeVmoDHR7saqUakd8OFr5ysTE
FEzyPkNvlt03OOeuFypUzxRqxF+0sqr5Kx6C20hVF7yNtNm+mHYrfpPQcUx5ACW9
vTosg9b5Vy3NKOlmksLAOiUV1pJzHS1+PK/+PeCrmDqpVEDpm85QEi+6mDjCbwwZ
sbsp27GrwzIoLMERvB18o3qYhaXaxTWbatuBJzVYyS5zTHtC/kwYW7zCafrsTgfh
r0Yi6xslsTiy2CU0tSYioACcqrIhKhg3aCQl+1kioxvi3TWxqXeBfgLFX9MPgaF3
JXV3eHlH/nCv+9oSYeWdgBU7/VbfFdBz
-----END CERTIFICATE-----
Generated at Tue Oct 24 15:15:35 2023 by rpki-client on console-fra.rpki-client.org