Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/AHtSTl3FFakbazKwW4U6LbiyAbA.roa
File: AHtSTl3FFakbazKwW4U6LbiyAbA.roa (raw, json)
Hash identifier: 6cE7FQqpvIdZ6cNvPAryaAiSF2xTt6KHKcDS1tbr84A=
Subject key identifier: 00:7B:52:4E:5D:C5:15:A9:1B:6B:32:B0:5B:85:3A:2D:B8:B2:01:B0
Certificate issuer: /CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Certificate serial: 018571FA150D912C3EDC48EB34B3509B2C11
Authority key identifier: 07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/AHtSTl3FFakbazKwW4U6LbiyAbA.roa
Signing time: Mon 02 Jan 2023 10:14:52 +0000
ROA not before: Mon 02 Jan 2023 10:14:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201978
IP address blocks: 185.114.20.0/24 maxlen: 24
185.114.20.0/22 maxlen: 22
185.114.23.0/24 maxlen: 24
185.114.21.0/24 maxlen: 24
185.114.22.0/24 maxlen: 24
194.61.119.0/24 maxlen: 24
185.146.88.0/22 maxlen: 22
185.146.89.0/24 maxlen: 24
185.146.90.0/24 maxlen: 24
185.146.88.0/24 maxlen: 24
185.146.91.0/24 maxlen: 24
185.1.132.0/24 maxlen: 24
185.50.68.0/24 maxlen: 24
185.50.69.0/24 maxlen: 24
185.50.68.0/22 maxlen: 22
185.50.71.0/24 maxlen: 24
185.50.70.0/24 maxlen: 24
185.169.52.0/22 maxlen: 22
185.169.53.0/24 maxlen: 24
185.169.54.0/24 maxlen: 24
185.169.52.0/24 maxlen: 24
185.169.55.0/24 maxlen: 24
194.61.117.0/24 maxlen: 24
194.61.118.0/24 maxlen: 24
194.61.116.0/24 maxlen: 24
2a0a:3900::/29 maxlen: 29
2a01:a420::/29 maxlen: 29
2a0f:d500::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:15:0d:91:2c:3e:dc:48:eb:34:b3:50:9b:2c:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=078629f5f61fb25564284fbfeffb93c3ed44bfe2
Validity
Not Before: Jan 2 10:14:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=007b524e5dc515a91b6b32b05b853a2db8b201b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:c2:2f:91:98:8b:ef:05:a7:95:20:36:48:8f:
16:f1:1a:4d:de:0d:f9:5d:0f:ed:de:93:92:02:48:
6a:c7:6f:13:6d:5d:0c:e0:6a:03:cd:08:37:eb:17:
f1:f6:e7:94:fa:b2:18:72:87:f0:88:6d:42:84:9c:
51:d8:60:24:66:f5:86:a5:da:de:a8:e3:de:ea:68:
a0:48:bd:f5:b2:24:13:06:88:3f:14:a3:5b:15:50:
a5:54:7d:29:dc:59:71:e0:2a:6e:a9:9e:f6:6d:17:
18:48:3c:bd:0f:d7:e2:58:eb:99:60:96:d5:b5:b7:
c1:1f:9d:ac:b2:45:e5:19:57:14:23:2d:90:01:32:
df:55:0b:80:97:dd:87:70:7a:71:57:ab:80:70:2b:
d1:cb:ff:39:2f:ac:7f:4b:c7:b5:51:a2:fc:34:d9:
a0:c9:b0:68:55:63:ce:12:e0:98:0c:80:9b:e9:bd:
8f:56:26:bf:53:00:55:95:8d:1e:85:88:e7:4c:1c:
20:78:0b:40:d2:2d:e8:76:ef:2c:e0:4e:7f:b1:3b:
6e:bc:62:7c:0e:b8:51:0e:0f:3e:25:cc:7f:0d:a7:
a0:e8:2a:f2:d8:2b:dc:ff:97:e5:0d:84:ec:fb:2c:
98:29:ad:e0:cf:f0:e8:ed:02:60:aa:58:9c:84:86:
89:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:7B:52:4E:5D:C5:15:A9:1B:6B:32:B0:5B:85:3A:2D:B8:B2:01:B0
X509v3 Authority Key Identifier:
keyid:07:86:29:F5:F6:1F:B2:55:64:28:4F:BF:EF:FB:93:C3:ED:44:BF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/AHtSTl3FFakbazKwW4U6LbiyAbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/0618e4-7a64-460c-aaf9-63af2c4f4020/1/B4Yp9fYfslVkKE-_7_uTw-1Ev-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.132.0/24
185.50.68.0/22
185.114.20.0/22
185.146.88.0/22
185.169.52.0/22
194.61.116.0/22
IPv6:
2a01:a420::/29
2a0a:3900::/29
2a0f:d500::/29
Signature Algorithm: sha256WithRSAEncryption
56:45:49:c2:36:ba:af:50:ec:a7:9f:20:7d:86:b4:4d:ec:80:
f5:c2:f1:1e:43:94:5b:8f:20:53:d4:d0:86:c1:d5:6d:16:1c:
a8:7c:3a:11:76:d5:e5:24:2f:38:09:ab:c3:03:a0:04:2b:6a:
48:00:5b:05:e4:5e:9b:78:e2:45:af:bb:1a:ee:9c:dd:b2:d5:
ea:f2:e2:95:f7:50:3c:a4:2b:4f:f3:74:19:36:f3:41:b2:00:
98:4c:97:49:a6:de:37:d0:42:07:88:13:ad:75:fd:9f:e6:8f:
2c:e9:4b:e8:8d:7c:27:6d:40:b5:94:7f:4d:f4:38:a8:6a:ad:
04:56:bc:77:51:01:41:7d:99:88:ca:ac:89:9c:02:4a:f9:fa:
02:f1:a0:19:8f:e9:d4:a5:dd:83:70:dd:ed:0b:66:23:88:8f:
8c:cf:02:cd:9b:66:8e:dd:2c:86:5e:7b:1d:91:b0:65:8c:74:
45:12:57:cc:93:97:90:b3:e9:ad:8b:88:59:ea:56:b3:14:ca:
44:aa:3b:45:89:d7:8e:a0:70:a0:69:ea:59:38:ad:51:5c:12:
66:5a:3a:c7:cd:31:12:f3:30:1f:75:ed:13:ac:e2:d3:3c:77:
0d:70:b0:e0:71:84:60:ad:80:4c:58:7d:29:ac:cd:2c:3c:b0:
eb:de:bf:02
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYVx+hUNkSw+3EjrNLNQmywRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODYyOWY1ZjYxZmIyNTU2NDI4NGZiZmVmZmI5M2MzZWQ0
NGJmZTIwHhcNMjMwMTAyMTAxNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDdiNTI0ZTVkYzUxNWE5MWI2YjMyYjA1Yjg1M2EyZGI4YjIwMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy8IvkZiL7wWnlSA2SI8W8RpN3g35
XQ/t3pOSAkhqx28TbV0M4GoDzQg36xfx9ueU+rIYcofwiG1ChJxR2GAkZvWGpdre
qOPe6migSL31siQTBog/FKNbFVClVH0p3Flx4CpuqZ72bRcYSDy9D9fiWOuZYJbV
tbfBH52sskXlGVcUIy2QATLfVQuAl92HcHpxV6uAcCvRy/85L6x/S8e1UaL8NNmg
ybBoVWPOEuCYDICb6b2PVia/UwBVlY0ehYjnTBwgeAtA0i3odu8s4E5/sTtuvGJ8
DrhRDg8+Jcx/Daeg6Cry2Cvc/5flDYTs+yyYKa3gz/Do7QJgqlichIaJ9wIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFAB7Uk5dxRWpG2sysFuFOi24sgGwMB8GA1UdIwQY
MBaAFAeGKfX2H7JVZChPv+/7k8PtRL/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjkt
NjNhZjJjNGY0MDIwLzEvQUh0U1RsM0ZGYWtiYXpLd1c0VTZMYml5QWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8wNjE4ZTQtN2E2NC00NjBjLWFhZjktNjNhZjJjNGY0MDIw
LzEvQjRZcDlmWWZzbFZrS0UtXzdfdVR3LTFFdi1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAqBAIAATAkAwQAuQGEAwQC
uTJEAwQCuXIUAwQCuZJYAwQCuak0AwQCwj10MBsEAgACMBUDBQMqAaQgAwUDKgo5
AAMFAyoP1QAwDQYJKoZIhvcNAQELBQADggEBAFZFScI2uq9Q7KefIH2GtE3sgPXC
8R5DlFuPIFPU0IbB1W0WHKh8OhF21eUkLzgJq8MDoAQrakgAWwXkXpt44kWvuxru
nN2y1ery4pX3UDykK0/zdBk280GyAJhMl0mm3jfQQgeIE611/Z/mjyzpS+iNfCdt
QLWUf030OKhqrQRWvHdRAUF9mYjKrImcAkr5+gLxoBmP6dSl3YNw3e0LZiOIj4zP
As2bZo7dLIZeex2RsGWMdEUSV8yTl5Cz6a2LiFnqVrMUykSqO0WJ146gcKBp6lk4
rVFcEmZaOsfNMRLzMB917ROs4tM8dw1wsOBxhGCtgExYfSmszSw8sOvevwI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:36 2023 by rpki-client on console-ams.rpki-client.org