Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_npTWQkvCGpVxG-7YNQUObPwfxo.roa
File: _npTWQkvCGpVxG-7YNQUObPwfxo.roa (raw, json)
Hash identifier: QPUpu01YtVxEvFGUoLHE0/Du0WdFVm2XpjAu8Wt2Qwo=
Subject key identifier: FE:7A:53:59:09:2F:08:6A:55:C4:6F:BB:60:D4:14:39:B3:F0:7F:1A
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 01892A99675063983C47FE0F8F155E377ED1
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_npTWQkvCGpVxG-7YNQUObPwfxo.roa
Signing time: Thu 06 Jul 2023 09:47:23 +0000
ROA not before: Thu 06 Jul 2023 09:47:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 185.126.82.0/24 maxlen: 24
176.125.248.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.194.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Jul 2023 09:37:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2a:99:67:50:63:98:3c:47:fe:0f:8f:15:5e:37:7e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Jul 6 09:47:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fe7a5359092f086a55c46fbb60d41439b3f07f1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:e2:53:34:09:04:f9:5c:13:d2:3b:51:95:
45:3d:50:70:19:07:51:ed:71:30:ef:da:ca:51:47:
8b:52:7c:cf:36:9f:cf:b5:ca:2a:06:19:b3:74:02:
64:80:e2:34:58:25:04:c0:81:dc:b4:9a:83:27:ee:
f6:2a:e4:70:f6:37:dc:4b:f8:4d:12:7f:7a:9e:a8:
f3:21:a8:68:44:77:ff:76:b1:48:37:80:ed:3b:3d:
ca:fc:8d:d4:46:cb:de:00:32:8f:ef:ea:5e:93:68:
cf:a2:75:36:7b:30:54:6e:a1:39:09:c9:fd:19:a1:
a8:15:b7:8d:c9:e8:ce:23:30:c2:4c:9c:4d:a1:5b:
d3:40:1c:cb:5b:15:54:99:3d:b4:8e:d8:ce:4f:02:
fb:ab:98:89:15:a1:79:2b:89:db:ce:02:15:e1:1a:
23:ce:81:76:bc:7b:f0:5c:92:6e:8c:8c:6a:89:c1:
1d:63:0a:b9:de:91:e9:ec:31:ce:f9:29:65:42:ab:
4e:60:98:24:af:f2:f7:7d:a5:f6:31:aa:4c:bd:80:
80:a3:bb:05:07:5d:c2:3d:de:bb:9b:79:3d:fb:72:
4b:fd:e4:44:5f:03:9e:e3:57:93:11:19:f3:5c:b3:
a6:49:a5:45:80:ac:62:09:02:32:cc:ef:46:28:1e:
e7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:7A:53:59:09:2F:08:6A:55:C4:6F:BB:60:D4:14:39:B3:F0:7F:1A
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/_npTWQkvCGpVxG-7YNQUObPwfxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.248.0/24
185.126.82.0/24
185.194.176.0/24
185.223.78.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:4a:20:45:33:78:ca:70:f5:65:13:d1:e9:d0:a7:ba:b5:7b:
27:f0:bb:4c:8c:f7:85:e5:34:65:2a:e8:c8:69:38:88:0e:2e:
7d:e5:16:02:67:94:70:d9:cb:9b:4d:0f:01:06:73:cf:9d:13:
c4:1d:95:d4:58:ce:64:b8:76:bc:ee:e0:f6:ed:c1:ac:19:37:
9f:bb:a8:df:a9:4f:34:ec:d7:7a:41:c5:a6:fb:85:19:d2:e8:
46:e4:b0:55:a9:56:91:23:15:40:dd:ca:7f:fb:e1:b9:8a:be:
55:29:a2:75:95:eb:de:ab:2e:7a:41:5f:50:2e:15:7b:43:25:
ea:9b:9d:9a:7e:f1:dc:96:d4:0f:6d:24:6b:82:39:c7:92:a8:
4d:f7:ee:0b:32:10:b8:e7:d4:12:da:18:90:4f:27:54:a5:6d:
e4:0a:df:d1:92:f3:1a:51:93:a4:8b:14:1b:da:88:c5:72:6e:
76:54:0e:78:35:85:1b:1b:4c:4f:32:db:79:81:84:92:c0:60:
c9:5a:f5:71:ba:98:3c:38:c2:3b:3f:60:c3:86:a1:a3:49:e6:
d9:cd:9f:35:69:52:27:17:f1:51:41:dd:21:55:6e:2e:c1:f9:
d6:e9:b2:ec:2c:ff:86:6a:85:99:d4:5b:d9:9b:e9:f6:65:7f:
e8:12:55:a7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYkqmWdQY5g8R/4PjxVeN37RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwNzA2MDk0NzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTdhNTM1OTA5MmYwODZhNTVjNDZmYmI2MGQ0MTQzOWIzZjA3ZjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBriUzQJBPlcE9I7UZVFPVBwGQdR
7XEw79rKUUeLUnzPNp/PtcoqBhmzdAJkgOI0WCUEwIHctJqDJ+72KuRw9jfcS/hN
En96nqjzIahoRHf/drFIN4DtOz3K/I3URsveADKP7+pek2jPonU2ezBUbqE5Ccn9
GaGoFbeNyejOIzDCTJxNoVvTQBzLWxVUmT20jtjOTwL7q5iJFaF5K4nbzgIV4Roj
zoF2vHvwXJJujIxqicEdYwq53pHp7DHO+SllQqtOYJgkr/L3faX2MapMvYCAo7sF
B13CPd67m3k9+3JL/eREXwOe41eTERnzXLOmSaVFgKxiCQIyzO9GKB7niQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP56U1kJLwhqVcRvu2DUFDmz8H8aMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvX25wVFdRa3ZDR3BWeEctN1lOUVVPYlB3ZnhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsH34AwQA
uX5SAwQAucKwAwQAud9OMA0GCSqGSIb3DQEBCwUAA4IBAQA7SiBFM3jKcPVlE9Hp
0Ke6tXsn8LtMjPeF5TRlKujIaTiIDi595RYCZ5Rw2cubTQ8BBnPPnRPEHZXUWM5k
uHa87uD27cGsGTefu6jfqU807Nd6QcWm+4UZ0uhG5LBVqVaRIxVA3cp/++G5ir5V
KaJ1leveqy56QV9QLhV7QyXqm52afvHcltQPbSRrgjnHkqhN9+4LMhC459QS2hiQ
TydUpW3kCt/RkvMaUZOkixQb2ojFcm52VA54NYUbG0xPMtt5gYSSwGDJWvVxupg8
OMI7P2DDhqGjSebZzZ81aVInF/FRQd0hVW4uwfnW6bLsLP+GaoWZ1FvZm+n2ZX/o
ElWn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org