Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r6x_7i-qdRQPQbPVs6jH_qQFVmU.roa
File: r6x_7i-qdRQPQbPVs6jH_qQFVmU.roa (raw, json)
Hash identifier: ncDqrrLAZ9zboR/2iNX6Gz5jUrbxVejrRtCufHE6DZ0=
Subject key identifier: AF:AC:7F:EE:2F:AA:75:14:0F:41:B3:D5:B3:A8:C7:FE:A4:05:56:65
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018677BCA816578872A558B5D01FA598FC6D
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r6x_7i-qdRQPQbPVs6jH_qQFVmU.roa
Signing time: Wed 22 Feb 2023 06:08:17 +0000
ROA not before: Wed 22 Feb 2023 06:08:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210636
IP address blocks: 217.74.20.0/24 maxlen: 24
91.190.106.0/24 maxlen: 24
185.241.211.0/24 maxlen: 24
45.83.30.0/23 maxlen: 23
45.80.156.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:77:bc:a8:16:57:88:72:a5:58:b5:d0:1f:a5:98:fc:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Feb 22 06:08:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=afac7fee2faa75140f41b3d5b3a8c7fea4055665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0e:7a:88:6b:74:9c:e0:4d:87:87:b5:2b:9c:
4b:9a:47:6a:e9:85:5f:b9:30:aa:d9:ab:a8:3a:30:
8b:c1:81:17:07:81:43:a0:2a:64:59:0c:18:ed:91:
14:d1:8c:8d:17:73:6b:e5:f1:36:e1:e6:ed:11:ef:
67:0b:b4:56:1e:21:f5:6a:d0:0e:55:fa:08:f2:8f:
3c:c4:7e:25:84:f6:c7:58:16:e4:50:51:d1:6c:31:
a4:c6:3e:e7:13:1a:f5:1b:83:ac:98:b5:a1:2f:31:
9a:50:d1:dd:b5:a3:e3:f5:e5:d6:dd:46:49:7d:9a:
e8:ea:01:64:2f:23:e4:2a:fd:15:bb:7a:d6:5f:06:
1c:6d:c9:83:e3:ac:af:08:94:37:7b:4e:56:0a:67:
9b:7f:ae:48:ab:34:af:6f:a5:b4:51:e5:a3:d1:50:
be:cf:fd:5b:e8:7d:dc:da:58:a2:94:ca:f5:5e:c4:
56:79:38:6c:38:dc:b6:fa:f3:99:99:83:05:04:3b:
71:d8:c4:06:77:77:13:28:be:7d:a1:b4:73:0d:a6:
0e:cc:64:1c:b4:08:41:62:0c:41:cb:85:99:80:c4:
93:bd:83:fa:0a:18:d5:b5:ca:f7:64:d7:73:a8:01:
d7:83:8c:76:7d:96:e2:81:b8:db:fb:c4:10:53:4f:
90:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:AC:7F:EE:2F:AA:75:14:0F:41:B3:D5:B3:A8:C7:FE:A4:05:56:65
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/r6x_7i-qdRQPQbPVs6jH_qQFVmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.156.0/24
45.83.30.0/23
91.190.106.0/24
185.241.211.0/24
217.74.20.0/24
Signature Algorithm: sha256WithRSAEncryption
88:51:9b:d7:57:13:b7:42:c7:c7:e3:45:23:db:16:66:f2:de:
e9:29:c9:6e:34:f3:7f:16:dc:06:fb:9b:32:ad:d8:c2:c9:ae:
bf:79:f5:16:ca:d7:1f:f9:36:8b:d5:f8:7f:3b:91:1e:d3:61:
97:4e:39:45:7e:f2:41:ff:10:f0:c3:9f:4a:db:f5:54:de:95:
b1:70:ee:75:d7:2b:77:8a:70:8d:88:b7:26:d9:85:a1:4c:24:
ac:1f:70:ed:8e:17:25:4b:d4:4e:7b:7c:6f:95:41:b2:7a:d5:
12:4b:21:2b:41:82:4b:7d:d6:d1:6c:25:34:a7:48:28:cf:54:
d0:9b:6e:13:7a:0e:e6:e5:ce:47:6a:05:8e:0d:8d:58:27:04:
02:b9:32:e1:e6:41:07:ec:35:68:e9:52:ab:ad:a2:42:c6:3b:
1f:88:78:8b:b8:4c:2f:a6:14:13:6d:e2:76:ec:2b:11:3f:ef:
c8:9b:dc:fd:ff:77:83:15:fe:83:83:ce:88:bf:96:8a:2f:d2:
f7:62:78:c7:59:2f:c5:94:f6:da:d6:71:1f:ac:fb:2c:e1:0f:
5b:50:3e:a5:b7:cc:b8:ba:88:d0:e3:f5:23:96:f0:73:49:71:
01:86:9b:da:d4:d4:18:ec:b3:32:20:2f:a8:4e:2d:ac:30:97:
90:ab:6b:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZ3vKgWV4hypVi10B+lmPxtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwMjIyMDYwODE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmFjN2ZlZTJmYWE3NTE0MGY0MWIzZDViM2E4YzdmZWE0MDU1NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2w56iGt0nOBNh4e1K5xLmkdq6YVf
uTCq2auoOjCLwYEXB4FDoCpkWQwY7ZEU0YyNF3Nr5fE24ebtEe9nC7RWHiH1atAO
VfoI8o88xH4lhPbHWBbkUFHRbDGkxj7nExr1G4OsmLWhLzGaUNHdtaPj9eXW3UZJ
fZro6gFkLyPkKv0Vu3rWXwYcbcmD46yvCJQ3e05WCmebf65IqzSvb6W0UeWj0VC+
z/1b6H3c2liilMr1XsRWeThsONy2+vOZmYMFBDtx2MQGd3cTKL59obRzDaYOzGQc
tAhBYgxBy4WZgMSTvYP6ChjVtcr3ZNdzqAHXg4x2fZbigbjb+8QQU0+Q5QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFK+sf+4vqnUUD0Gz1bOox/6kBVZlMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvcjZ4XzdpLXFkUlFQUWJQVnM2akhfcVFGVm1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCcAwQB
LVMeAwQAW75qAwQAufHTAwQA2UoUMA0GCSqGSIb3DQEBCwUAA4IBAQCIUZvXVxO3
QsfH40Uj2xZm8t7pKcluNPN/FtwG+5syrdjCya6/efUWytcf+TaL1fh/O5Ee02GX
TjlFfvJB/xDww59K2/VU3pWxcO511yt3inCNiLcm2YWhTCSsH3DtjhclS9ROe3xv
lUGyetUSSyErQYJLfdbRbCU0p0goz1TQm24Teg7m5c5HagWODY1YJwQCuTLh5kEH
7DVo6VKrraJCxjsfiHiLuEwvphQTbeJ27CsRP+/Im9z9/3eDFf6Dg86Iv5aKL9L3
YnjHWS/FlPba1nEfrPss4Q9bUD6lt8y4uojQ4/UjlvBzSXEBhpva1NQY7LMyIC+o
Ti2sMJeQq2uZ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:03 2023 by rpki-client on console-fra.rpki-client.org