Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wQzo2gp0wfqg5Wzbw4JeeMmzH_A.roa
File: wQzo2gp0wfqg5Wzbw4JeeMmzH_A.roa (raw, json)
Hash identifier: 3L9j9Wg+k/1TKaHGmHQOrElrb2AlP+cXoWgZtisshFo=
Subject key identifier: C1:0C:E8:DA:0A:74:C1:FA:A0:E5:6C:DB:C3:82:5E:78:C9:B3:1F:F0
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0187C72853D04BC7C978C13270717BB7230A
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wQzo2gp0wfqg5Wzbw4JeeMmzH_A.roa
Signing time: Fri 28 Apr 2023 09:18:41 +0000
ROA not before: Fri 28 Apr 2023 09:18:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134176
IP address blocks: 85.209.254.0/24 maxlen: 32
185.190.81.0/24 maxlen: 24
185.137.182.0/24 maxlen: 32
79.174.20.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:c7:28:53:d0:4b:c7:c9:78:c1:32:70:71:7b:b7:23:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Apr 28 09:18:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c10ce8da0a74c1faa0e56cdbc3825e78c9b31ff0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0b:78:95:27:70:19:95:37:1d:c1:b3:02:5e:
df:33:12:02:46:05:d2:17:79:e4:5e:6a:0e:ca:c0:
ee:28:90:97:1b:75:d6:44:47:e5:ab:2f:6d:ff:d8:
a8:df:15:a2:75:10:4f:bc:07:bc:49:f5:21:29:a4:
f3:aa:fd:10:f6:fc:cd:1a:fa:c1:24:79:24:88:20:
f1:5b:82:e6:da:06:74:44:5f:4a:25:de:00:26:ba:
54:17:43:9b:bf:fe:e9:80:6e:4d:a0:94:97:77:52:
d3:f9:aa:2a:58:e6:7a:8d:aa:66:d9:ba:a7:cf:a6:
8c:fb:05:9c:ec:ed:12:a6:ba:43:3e:fd:59:9f:c5:
e1:37:d3:83:65:38:ca:a5:54:f3:2e:dd:fc:7e:09:
f3:17:42:23:20:6a:ec:7d:0a:b0:2e:33:34:d6:69:
07:13:b5:af:3e:31:96:e8:24:c1:c5:c8:ad:b2:31:
88:8e:d9:4a:92:0b:e0:61:30:e4:11:e1:a4:5e:0c:
c8:8b:1e:b8:de:96:eb:bb:69:f1:9b:75:02:df:bb:
0f:88:64:df:2e:41:7a:1e:d8:a7:1a:12:e2:37:72:
6a:a7:8f:76:4d:03:4d:e7:d6:b0:42:a3:5f:09:92:
6f:e8:19:7f:fb:85:5c:6f:a1:0c:fc:53:49:3d:ac:
ae:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:0C:E8:DA:0A:74:C1:FA:A0:E5:6C:DB:C3:82:5E:78:C9:B3:1F:F0
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/wQzo2gp0wfqg5Wzbw4JeeMmzH_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.20.0/24
85.209.254.0/24
185.137.182.0/24
185.190.81.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:b3:81:90:23:c1:7e:37:12:bf:0b:fb:b2:02:58:c9:24:e8:
90:bf:43:74:de:bd:ef:57:8c:c6:26:1f:ca:55:c4:c5:4d:03:
a4:03:54:29:48:57:a6:5c:f0:a4:da:f3:8c:0b:cd:16:d4:61:
fc:57:ac:85:41:fc:e4:10:56:29:3c:11:d2:73:bc:3c:54:c1:
0d:a7:84:05:19:25:93:9f:f8:99:86:77:c6:fa:c4:38:a9:c2:
68:15:85:8c:64:fa:19:b8:f3:ef:f8:1e:1a:2c:33:5b:dc:e7:
d3:a3:1c:26:a8:90:05:26:2e:08:bc:47:fe:b5:6b:e9:cd:d0:
67:3c:81:ea:91:2f:96:48:d6:e7:fb:a7:c1:3a:18:f8:cc:d1:
b1:12:5b:48:8f:6e:96:dc:f4:31:5b:49:0b:bc:94:10:c3:ce:
f9:56:23:ce:69:10:a7:c4:2f:71:21:64:b1:3c:5c:30:25:48:
42:73:9e:e3:11:b8:20:68:67:2c:56:e4:32:16:46:20:64:e8:
d7:4a:c6:d6:82:77:3c:66:7c:49:c0:a8:55:17:6e:ba:2b:72:
c3:14:f0:db:41:3d:bc:b1:ec:86:26:df:5e:90:42:f5:58:82:
17:c2:2b:e4:7f:08:95:1b:82:27:77:10:5d:0e:54:c5:4f:7e:
1b:1c:80:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYfHKFPQS8fJeMEycHF7tyMKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjMwNDI4MDkxODQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTBjZThkYTBhNzRjMWZhYTBlNTZjZGJjMzgyNWU3OGM5YjMxZmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwt4lSdwGZU3HcGzAl7fMxICRgXS
F3nkXmoOysDuKJCXG3XWREflqy9t/9io3xWidRBPvAe8SfUhKaTzqv0Q9vzNGvrB
JHkkiCDxW4Lm2gZ0RF9KJd4AJrpUF0Obv/7pgG5NoJSXd1LT+aoqWOZ6japm2bqn
z6aM+wWc7O0SprpDPv1Zn8XhN9ODZTjKpVTzLt38fgnzF0IjIGrsfQqwLjM01mkH
E7WvPjGW6CTBxcitsjGIjtlKkgvgYTDkEeGkXgzIix643pbru2nxm3UC37sPiGTf
LkF6HtinGhLiN3Jqp492TQNN59awQqNfCZJv6Bl/+4Vcb6EM/FNJPayukQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMEM6NoKdMH6oOVs28OCXnjJsx/wMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvd1F6bzJncDB3ZnFnNVd6Ync0SmVlTW16SF9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT64UAwQA
VdH+AwQAuYm2AwQAub5RMA0GCSqGSIb3DQEBCwUAA4IBAQC1s4GQI8F+NxK/C/uy
AljJJOiQv0N03r3vV4zGJh/KVcTFTQOkA1QpSFemXPCk2vOMC80W1GH8V6yFQfzk
EFYpPBHSc7w8VMENp4QFGSWTn/iZhnfG+sQ4qcJoFYWMZPoZuPPv+B4aLDNb3OfT
oxwmqJAFJi4IvEf+tWvpzdBnPIHqkS+WSNbn+6fBOhj4zNGxEltIj26W3PQxW0kL
vJQQw875ViPOaRCnxC9xIWSxPFwwJUhCc57jEbggaGcsVuQyFkYgZOjXSsbWgnc8
ZnxJwKhVF266K3LDFPDbQT28seyGJt9ekEL1WIIXwivkfwiVG4IndxBdDlTFT34b
HIB2
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:35:55 2024 by rpki-client on console-fra.rpki-client.org