Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/XRbkrDLD8Ql5U77wDgp_SNNQwds.roa
File: XRbkrDLD8Ql5U77wDgp_SNNQwds.roa (raw, json)
Hash identifier: P0pohqOpUpvCXHysSEc4TnOY9jjXhcpuSzS/5Y4vwcs=
Subject key identifier: 5D:16:E4:AC:32:C3:F1:09:79:53:BE:F0:0E:0A:7F:48:D3:50:C1:DB
Certificate issuer: /CN=776405e0283743cf52180d5b13812dfba3ded7fc
Certificate serial: 0185BF939A4E039769AD125289E2C06C9217
Authority key identifier: 77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/XRbkrDLD8Ql5U77wDgp_SNNQwds.roa
Signing time: Tue 17 Jan 2023 11:53:19 +0000
ROA not before: Tue 17 Jan 2023 11:53:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43128
IP address blocks: 212.44.112.0/24 maxlen: 24
212.44.113.0/24 maxlen: 24
212.44.118.0/24 maxlen: 24
212.44.120.0/24 maxlen: 24
212.44.119.0/24 maxlen: 24
212.44.126.0/23 maxlen: 24
146.247.24.0/22 maxlen: 24
185.148.72.0/22 maxlen: 24
212.44.96.0/20 maxlen: 24
212.44.96.0/19 maxlen: 24
2a02:ec::/32 maxlen: 48
2a02:e8::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:bf:93:9a:4e:03:97:69:ad:12:52:89:e2:c0:6c:92:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=776405e0283743cf52180d5b13812dfba3ded7fc
Validity
Not Before: Jan 17 11:53:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d16e4ac32c3f1097953bef00e0a7f48d350c1db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ff:96:b7:54:91:50:20:04:3b:69:01:2e:2f:
8d:94:c5:cd:3d:b6:01:14:32:92:37:1b:e5:6e:fb:
86:e0:32:3d:f5:10:d7:86:11:88:bf:f2:d1:20:60:
8c:ff:30:7e:cb:b2:2c:d5:bb:0b:33:c9:24:50:7b:
5b:1f:8e:90:6d:a2:9b:6d:9e:39:5c:3a:38:8b:8e:
46:5a:65:7e:d8:82:9a:eb:79:de:c8:36:33:a7:67:
48:47:b8:fb:31:c1:79:c4:0a:5b:b1:8d:21:32:b6:
f2:90:cc:3c:3e:4a:cc:98:ed:2a:e7:1e:7d:77:a2:
f7:1c:8a:ba:89:6a:f2:95:ae:b9:ef:22:a8:df:c3:
c7:e7:dc:6a:5b:cf:17:aa:1a:3a:85:82:bd:ea:c2:
85:5c:ca:a7:b2:6f:4c:a3:98:72:c7:bc:6b:b2:6b:
c7:bd:3c:59:59:99:a3:b7:d8:8a:f7:b5:e1:9d:ea:
b6:7a:62:e5:f9:fb:37:00:e3:b0:f3:56:cf:cb:9a:
b5:48:94:49:8c:1b:ff:4d:f6:b6:f0:d5:60:dc:ad:
03:35:45:9b:59:b0:1c:a6:1d:cc:c7:19:a9:37:32:
2a:62:c6:13:37:b4:eb:b0:3c:e5:4a:08:87:6b:db:
07:60:24:70:b4:2d:96:ed:a2:0f:d1:81:8f:0f:b3:
a4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:16:E4:AC:32:C3:F1:09:79:53:BE:F0:0E:0A:7F:48:D3:50:C1:DB
X509v3 Authority Key Identifier:
keyid:77:64:05:E0:28:37:43:CF:52:18:0D:5B:13:81:2D:FB:A3:DE:D7:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/XRbkrDLD8Ql5U77wDgp_SNNQwds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/363586-9b80-457b-bdf0-6ca52e029cbe/1/d2QF4Cg3Q89SGA1bE4Et-6Pe1_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.247.24.0/22
185.148.72.0/22
212.44.96.0/19
IPv6:
2a02:e8::/32
2a02:ec::/32
Signature Algorithm: sha256WithRSAEncryption
49:11:b5:28:05:d8:f4:28:0b:77:87:c9:75:92:33:68:e3:42:
84:c2:ed:54:82:6d:db:5c:8f:43:7a:d7:8e:da:fc:52:f0:11:
0a:6c:99:19:c1:44:64:d4:12:48:7b:65:09:94:57:78:fd:d9:
bd:fc:41:22:b7:d9:6c:3b:cb:fd:6b:8d:0b:18:7b:0d:ce:a8:
0a:69:93:bc:ea:4c:28:3e:5d:7b:22:90:82:dd:c3:d9:59:18:
9c:a4:5c:5c:de:62:65:33:e8:fe:9f:6c:dd:cb:dd:cf:4e:7b:
d6:bd:1c:ef:3f:77:f2:c1:4d:0f:10:51:f7:2d:e1:ea:72:1d:
64:86:e5:d9:39:d7:4d:1f:12:52:c4:4b:09:b6:9d:0b:ec:74:
2e:31:8f:9e:a6:eb:ee:6f:bc:3e:65:7e:7a:a9:ad:c8:7c:f8:
bc:d0:d8:1f:55:6d:e0:78:a0:c0:95:65:fc:9a:42:ec:47:2a:
0d:ee:31:02:be:7e:49:00:db:47:58:36:38:92:2e:24:44:68:
b9:13:3d:b7:44:87:3c:9e:86:f6:d7:c0:ee:23:b9:17:0d:6a:
e7:e3:56:97:66:21:1d:5b:ce:de:4e:ca:72:4b:f6:b6:6e:17:
a1:81:a8:94:55:38:8c:f5:96:6a:10:46:7e:96:20:36:50:bd:
30:37:63:6b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYW/k5pOA5dprRJSieLAbJIXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NjQwNWUwMjgzNzQzY2Y1MjE4MGQ1YjEzODEyZGZiYTNk
ZWQ3ZmMwHhcNMjMwMTE3MTE1MzE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE2ZTRhYzMyYzNmMTA5Nzk1M2JlZjAwZTBhN2Y0OGQzNTBjMWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgv+Wt1SRUCAEO2kBLi+NlMXNPbYB
FDKSNxvlbvuG4DI99RDXhhGIv/LRIGCM/zB+y7Is1bsLM8kkUHtbH46QbaKbbZ45
XDo4i45GWmV+2IKa63neyDYzp2dIR7j7McF5xApbsY0hMrbykMw8PkrMmO0q5x59
d6L3HIq6iWryla657yKo38PH59xqW88Xqho6hYK96sKFXMqnsm9Mo5hyx7xrsmvH
vTxZWZmjt9iK97Xhneq2emLl+fs3AOOw81bPy5q1SJRJjBv/Tfa28NVg3K0DNUWb
WbAcph3MxxmpNzIqYsYTN7TrsDzlSgiHa9sHYCRwtC2W7aIP0YGPD7OkVQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFF0W5Kwyw/EJeVO+8A4Kf0jTUMHbMB8GA1UdIwQY
MBaAFHdkBeAoN0PPUhgNWxOBLfuj3tf8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAt
NmNhNTJlMDI5Y2JlLzEvWFJia3JETEQ4UWw1VTc3d0RncF9TTk5Rd2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi8zNjM1ODYtOWI4MC00NTdiLWJkZjAtNmNhNTJlMDI5Y2Jl
LzEvZDJRRjRDZzNRODlTR0ExYkU0RXQtNlBlMV93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCkvcYAwQC
uZRIAwQF1CxgMBQEAgACMA4DBQAqAgDoAwUAKgIA7DANBgkqhkiG9w0BAQsFAAOC
AQEASRG1KAXY9CgLd4fJdZIzaONChMLtVIJt21yPQ3rXjtr8UvARCmyZGcFEZNQS
SHtlCZRXeP3ZvfxBIrfZbDvL/WuNCxh7Dc6oCmmTvOpMKD5deyKQgt3D2VkYnKRc
XN5iZTPo/p9s3cvdz0571r0c7z938sFNDxBR9y3h6nIdZIbl2TnXTR8SUsRLCbad
C+x0LjGPnqbr7m+8PmV+eqmtyHz4vNDYH1Vt4HigwJVl/JpC7EcqDe4xAr5+SQDb
R1g2OJIuJERouRM9t0SHPJ6G9tfA7iO5Fw1q5+NWl2YhHVvO3k7Kckv2tm4XoYGo
lFU4jPWWahBGfpYgNlC9MDdjaw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:39 2024 by rpki-client on console-fra.rpki-client.org