Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/N7_XoQO1HoLa-0MroApPZVV1GHo.roa
File: N7_XoQO1HoLa-0MroApPZVV1GHo.roa (raw, json)
Hash identifier: ZhOxG2yJGmCe3lCmJkOgLdGmdyecKIvKV6s/IMS7Ols=
Subject key identifier: 37:BF:D7:A1:03:B5:1E:82:DA:FB:43:2B:A0:0A:4F:65:55:75:18:7A
Certificate issuer: /CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Certificate serial: 018572BA6BD9D5F4F6E985099E804A40E29F
Authority key identifier: F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/N7_XoQO1HoLa-0MroApPZVV1GHo.roa
Signing time: Mon 02 Jan 2023 13:44:58 +0000
ROA not before: Mon 02 Jan 2023 13:44:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57595
IP address blocks: 176.221.77.0/24 maxlen: 24
185.22.144.0/24 maxlen: 24
185.22.144.0/22 maxlen: 22
185.22.145.0/24 maxlen: 24
176.221.75.0/24 maxlen: 24
176.221.76.0/24 maxlen: 24
176.221.73.0/24 maxlen: 24
176.221.72.0/21 maxlen: 21
176.221.74.0/24 maxlen: 24
176.221.78.0/24 maxlen: 24
176.221.72.0/24 maxlen: 24
185.22.147.0/24 maxlen: 24
185.22.146.0/24 maxlen: 24
176.221.79.0/24 maxlen: 24
2a00:4440::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:ba:6b:d9:d5:f4:f6:e9:85:09:9e:80:4a:40:e2:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f26681caa1d37e5899ba27dfbc36960e06b5d3f2
Validity
Not Before: Jan 2 13:44:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=37bfd7a103b51e82dafb432ba00a4f655575187a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:fd:f5:2b:96:1e:4d:7f:94:4f:28:ab:25:fb:
19:2b:a2:90:35:18:e6:5a:7b:73:3b:d0:b3:a1:75:
fa:f4:49:d3:ea:bb:26:cb:3d:9e:90:3a:ed:96:b6:
68:db:50:48:29:cc:1a:b4:01:62:49:08:57:00:d3:
2a:df:4f:c9:b5:44:aa:19:86:58:9c:d0:1f:43:9b:
3b:e6:b1:88:6b:4b:26:b1:91:a9:cc:eb:91:ee:7e:
12:7f:8d:f2:35:15:1a:0d:00:97:65:2e:7e:28:1e:
62:15:f4:42:8e:ea:af:f9:46:6a:52:ad:d5:63:89:
da:0c:4a:b6:b1:53:73:7b:94:69:d6:aa:af:03:0e:
77:98:71:cd:d0:47:97:bf:49:34:f3:e5:95:0d:d0:
17:63:7c:9d:68:6e:e3:53:1c:7c:b8:ce:67:4f:bc:
7f:4c:af:57:08:73:03:8a:6c:9f:e8:54:c7:3c:02:
4b:73:75:02:7c:3c:79:d3:19:3e:ac:35:87:b0:e1:
bd:d6:43:cc:a2:4f:d5:30:db:c2:a7:aa:70:7d:b6:
c8:52:2f:59:9c:4e:a2:ee:9e:8c:99:6f:12:7b:a2:
10:e4:29:1d:ff:36:2e:43:21:43:d5:ec:12:9a:1f:
76:79:17:55:a5:0e:41:3d:cf:d6:63:bd:60:05:73:
f2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:BF:D7:A1:03:B5:1E:82:DA:FB:43:2B:A0:0A:4F:65:55:75:18:7A
X509v3 Authority Key Identifier:
keyid:F2:66:81:CA:A1:D3:7E:58:99:BA:27:DF:BC:36:96:0E:06:B5:D3:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8maByqHTfliZuiffvDaWDga10_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/N7_XoQO1HoLa-0MroApPZVV1GHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/caeeb6-8017-4c22-a81c-64075c2ae463/1/8maByqHTfliZuiffvDaWDga10_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.72.0/21
185.22.144.0/22
IPv6:
2a00:4440::/32
Signature Algorithm: sha256WithRSAEncryption
03:74:fd:45:c8:8b:05:e9:50:20:70:a7:70:f9:aa:6d:f2:39:
80:e3:a7:12:58:9a:b6:bb:24:49:6b:cd:e3:45:3f:18:20:12:
d9:cd:25:f6:6d:9d:27:16:50:c3:6b:b8:63:1b:bd:f1:82:3e:
e6:ef:53:95:ee:ff:5b:19:8f:de:0a:bb:dd:84:5c:60:56:cf:
8f:09:b1:91:8b:15:2e:64:d0:a3:90:54:91:e3:88:1c:81:b7:
df:6c:bc:ee:d6:ff:83:53:6b:b5:ce:8a:a7:39:0e:de:40:62:
16:6b:f6:4d:5f:7f:0d:37:bb:86:35:b2:26:68:66:54:97:79:
0d:0e:bb:78:31:15:9e:e1:8f:c3:1a:31:43:e2:ba:8f:a0:40:
3f:4f:9a:24:60:4c:a6:90:53:67:3d:b2:4c:c0:b7:6f:5f:27:
4a:9b:79:94:14:84:a9:a0:9e:7f:68:54:1c:16:cd:bc:13:f7:
41:5b:30:16:74:0e:58:ac:30:fd:14:42:81:fa:a7:8e:e7:38:
74:10:db:8e:d1:56:93:c8:8c:91:5d:b4:85:37:a3:ec:34:3e:
55:7e:28:f5:55:34:12:82:8d:d3:fc:8a:3b:a4:10:9b:98:c3:
03:89:22:f0:0f:67:ed:2a:b3:9f:2f:aa:90:2d:6c:a1:af:49:
75:f1:ad:19
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyumvZ1fT26YUJnoBKQOKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYyNjY4MWNhYTFkMzdlNTg5OWJhMjdkZmJjMzY5NjBlMDZi
NWQzZjIwHhcNMjMwMTAyMTM0NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2JmZDdhMTAzYjUxZTgyZGFmYjQzMmJhMDBhNGY2NTU1NzUxODdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/31K5YeTX+UTyirJfsZK6KQNRjm
WntzO9CzoXX69EnT6rsmyz2ekDrtlrZo21BIKcwatAFiSQhXANMq30/JtUSqGYZY
nNAfQ5s75rGIa0smsZGpzOuR7n4Sf43yNRUaDQCXZS5+KB5iFfRCjuqv+UZqUq3V
Y4naDEq2sVNze5Rp1qqvAw53mHHN0EeXv0k08+WVDdAXY3ydaG7jUxx8uM5nT7x/
TK9XCHMDimyf6FTHPAJLc3UCfDx50xk+rDWHsOG91kPMok/VMNvCp6pwfbbIUi9Z
nE6i7p6MmW8Se6IQ5Ckd/zYuQyFD1ewSmh92eRdVpQ5BPc/WY71gBXPy0QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDe/16EDtR6C2vtDK6AKT2VVdRh6MB8GA1UdIwQY
MBaAFPJmgcqh035Ymbon37w2lg4GtdPyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMt
NjQwNzVjMmFlNDYzLzEvTjdfWG9RTzFIb0xhLTBNcm9BcFBaVlYxR0hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jYWVlYjYtODAxNy00YzIyLWE4MWMtNjQwNzVjMmFlNDYz
LzEvOG1hQnlxSFRmbGladWlmZnZEYVdEZ2ExMF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsN1IAwQC
uRaQMA0EAgACMAcDBQAqAERAMA0GCSqGSIb3DQEBCwUAA4IBAQADdP1FyIsF6VAg
cKdw+apt8jmA46cSWJq2uyRJa83jRT8YIBLZzSX2bZ0nFlDDa7hjG73xgj7m71OV
7v9bGY/eCrvdhFxgVs+PCbGRixUuZNCjkFSR44gcgbffbLzu1v+DU2u1zoqnOQ7e
QGIWa/ZNX38NN7uGNbImaGZUl3kNDrt4MRWe4Y/DGjFD4rqPoEA/T5okYEymkFNn
PbJMwLdvXydKm3mUFISpoJ5/aFQcFs28E/dBWzAWdA5YrDD9FEKB+qeO5zh0ENuO
0VaTyIyRXbSFN6PsND5Vfij1VTQSgo3T/Io7pBCbmMMDiSLwD2ftKrOfL6qQLWyh
r0l18a0Z
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:38 2024 by rpki-client on console-fra.rpki-client.org