Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/CbERz5fHmuKJKkVFpY-LqSDoY30.roa
File: CbERz5fHmuKJKkVFpY-LqSDoY30.roa (raw, json)
Hash identifier: c9nNZ22zW/JIdjtU356uUPQPdp5rxnwnDHHX/meApWE=
Subject key identifier: 09:B1:11:CF:97:C7:9A:E2:89:2A:45:45:A5:8F:8B:A9:20:E8:63:7D
Certificate issuer: /CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Certificate serial: 01856C8A5756B0A0D3DB886054086700DED6
Authority key identifier: 1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/CbERz5fHmuKJKkVFpY-LqSDoY30.roa
Signing time: Sun 01 Jan 2023 08:54:43 +0000
ROA not before: Sun 01 Jan 2023 08:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207614
IP address blocks: 185.133.4.0/22 maxlen: 24
185.238.84.0/22 maxlen: 24
45.128.236.0/22 maxlen: 24
2a0f:4200::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:8a:57:56:b0:a0:d3:db:88:60:54:08:67:00:de:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d0c7e7bb27c533a997d277cadd417ec7bd284f0
Validity
Not Before: Jan 1 08:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09b111cf97c79ae2892a4545a58f8ba920e8637d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:41:df:a8:f0:3b:b2:18:65:d6:e6:83:67:
08:c2:1b:02:c3:ad:59:f5:74:57:e1:cc:95:94:0e:
57:ef:53:d8:79:60:2b:3b:9d:50:91:be:fe:0c:d6:
6a:7b:88:26:ee:56:93:26:3d:1a:2c:fb:ff:8d:4e:
e1:76:99:71:81:c3:26:d3:8c:be:c7:b4:6a:bd:61:
dc:a1:b0:f1:4e:d3:23:8b:63:3a:8d:54:c4:27:1a:
da:b9:3f:7e:25:89:aa:52:b0:15:d9:dc:39:c2:29:
98:36:99:63:f3:de:fc:98:9a:46:7f:10:31:d4:34:
e1:f2:f5:3e:b1:98:28:fc:22:c2:f2:58:14:a7:eb:
d4:b7:53:8b:98:e2:f3:de:fd:a8:bc:f0:1a:5d:39:
35:b5:d5:dc:e0:07:f8:a1:4a:4a:1a:b9:0a:92:9c:
82:d5:3a:44:2d:49:15:f5:6d:1f:90:81:1b:34:a1:
cb:93:e1:15:15:c0:fb:a6:3e:96:20:68:3e:21:e1:
3f:49:80:fe:20:bc:b7:c3:17:4f:87:c3:48:26:81:
97:f9:d0:d4:c4:c4:72:0e:77:eb:0c:8e:63:c7:59:
5d:ab:bf:49:12:ea:a5:35:0d:13:f9:7d:c0:ab:f9:
48:9f:af:12:39:07:9a:69:2b:81:92:59:e7:02:16:
cf:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:B1:11:CF:97:C7:9A:E2:89:2A:45:45:A5:8F:8B:A9:20:E8:63:7D
X509v3 Authority Key Identifier:
keyid:1D:0C:7E:7B:B2:7C:53:3A:99:7D:27:7C:AD:D4:17:EC:7B:D2:84:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HQx-e7J8UzqZfSd8rdQX7HvShPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/CbERz5fHmuKJKkVFpY-LqSDoY30.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/ddd349-ac50-43e5-a88a-b28f07b2f45b/1/HQx-e7J8UzqZfSd8rdQX7HvShPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.236.0/22
185.133.4.0/22
185.238.84.0/22
IPv6:
2a0f:4200::/29
Signature Algorithm: sha256WithRSAEncryption
d1:3a:01:93:c8:a4:89:32:ba:55:46:9f:a9:d7:5a:f6:2d:36:
53:93:a3:66:b3:95:3d:22:01:6f:70:62:17:45:9a:dc:74:80:
ff:f7:f0:46:21:76:b5:8c:d8:83:82:57:77:20:51:fd:67:03:
14:4f:ed:b8:19:d6:7f:10:0e:b3:4a:15:51:0a:cd:97:5e:bf:
7c:d8:98:32:03:8b:a6:bb:75:bb:14:fd:a3:7e:ae:f5:37:4d:
6e:a9:8f:e0:29:e6:a1:80:3f:0a:8d:bb:0a:49:28:b8:0b:82:
de:76:10:8d:a1:86:92:14:b2:9d:0e:11:dd:a3:69:6e:a2:10:
28:a3:b5:d3:d0:5f:7f:07:1f:62:9a:8c:4b:9c:4a:5f:a7:5d:
fd:8c:44:73:59:cf:3a:e6:08:bf:b2:d2:32:ed:7b:cb:15:fb:
95:f3:9c:8b:8d:7e:af:8c:c9:7a:39:5b:8f:2b:57:e4:59:6f:
9e:a6:15:2e:a3:3a:77:fd:1c:bc:da:d9:b4:2b:64:1b:d3:23:
f6:65:cb:4d:f0:84:73:5b:1e:35:cf:13:65:94:84:9c:57:ac:
89:34:80:93:95:ee:58:2f:18:73:10:43:36:49:40:c0:4d:1e:
f6:bf:de:d2:42:6a:14:43:d9:28:28:8d:7b:0f:8b:c6:29:d0:
fd:4c:cd:28
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsildWsKDT24hgVAhnAN7WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkMGM3ZTdiYjI3YzUzM2E5OTdkMjc3Y2FkZDQxN2VjN2Jk
Mjg0ZjAwHhcNMjMwMTAxMDg1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWIxMTFjZjk3Yzc5YWUyODkyYTQ1NDVhNThmOGJhOTIwZTg2MzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl1B36jwO7IYZdbmg2cIwhsCw61Z
9XRX4cyVlA5X71PYeWArO51Qkb7+DNZqe4gm7laTJj0aLPv/jU7hdplxgcMm04y+
x7RqvWHcobDxTtMji2M6jVTEJxrauT9+JYmqUrAV2dw5wimYNplj8978mJpGfxAx
1DTh8vU+sZgo/CLC8lgUp+vUt1OLmOLz3v2ovPAaXTk1tdXc4Af4oUpKGrkKkpyC
1TpELUkV9W0fkIEbNKHLk+EVFcD7pj6WIGg+IeE/SYD+ILy3wxdPh8NIJoGX+dDU
xMRyDnfrDI5jx1ldq79JEuqlNQ0T+X3Aq/lIn68SOQeaaSuBklnnAhbP5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAmxEc+Xx5riiSpFRaWPi6kg6GN9MB8GA1UdIwQY
MBaAFB0MfnuyfFM6mX0nfK3UF+x70oTwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEt
YjI4ZjA3YjJmNDViLzEvQ2JFUno1ZkhtdUtKS2tWRnBZLUxxU0RvWTMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9kZGQzNDktYWM1MC00M2U1LWE4OGEtYjI4ZjA3YjJmNDVi
LzEvSFF4LWU3SjhVenFaZlNkOHJkUVg3SHZTaFBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLYDsAwQC
uYUEAwQCue5UMA0EAgACMAcDBQMqD0IAMA0GCSqGSIb3DQEBCwUAA4IBAQDROgGT
yKSJMrpVRp+p11r2LTZTk6Nms5U9IgFvcGIXRZrcdID/9/BGIXa1jNiDgld3IFH9
ZwMUT+24GdZ/EA6zShVRCs2XXr982JgyA4umu3W7FP2jfq71N01uqY/gKeahgD8K
jbsKSSi4C4LedhCNoYaSFLKdDhHdo2luohAoo7XT0F9/Bx9imoxLnEpfp139jERz
Wc865gi/stIy7XvLFfuV85yLjX6vjMl6OVuPK1fkWW+ephUuozp3/Ry82tm0K2Qb
0yP2ZctN8IRzWx41zxNllIScV6yJNICTle5YLxhzEEM2SUDATR72v97SQmoUQ9ko
KI17D4vGKdD9TM0o
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:44 2024 by rpki-client on console-fra.rpki-client.org