Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cncq1YjMltofbRf22EfjwIlhyF4.roa
File: cncq1YjMltofbRf22EfjwIlhyF4.roa (raw, json)
Hash identifier: Kr0fl0IVHqel2mutpZNRu19dDQWrqRFqNuxkho3x0GE=
Subject key identifier: 72:77:2A:D5:88:CC:96:DA:1F:6D:17:F6:D8:47:E3:C0:89:61:C8:5E
Certificate issuer: /CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Certificate serial: 0189F7A6BB09862ADD41C1A5A1DD15D0473F
Authority key identifier: E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cncq1YjMltofbRf22EfjwIlhyF4.roa
Signing time: Tue 15 Aug 2023 05:24:06 +0000
ROA not before: Tue 15 Aug 2023 05:24:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39486
IP address blocks: 171.22.248.0/22 maxlen: 24
194.116.248.0/22 maxlen: 24
193.42.224.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:f7:a6:bb:09:86:2a:dd:41:c1:a5:a1:dd:15:d0:47:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d0c49a0e97e0d5f3ced3b7b6b9f72ca0cb53d6
Validity
Not Before: Aug 15 05:24:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=72772ad588cc96da1f6d17f6d847e3c08961c85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:09:29:62:38:b7:9c:16:42:7f:e2:1e:ff:4c:
70:5a:3d:e1:d2:ae:b3:e5:4f:4b:f1:41:a4:15:ce:
06:48:57:57:29:b8:64:7d:7a:c6:46:e5:c8:0f:e3:
6e:b0:4f:b7:44:01:a8:13:1e:be:21:b8:1d:2f:63:
dd:ce:3c:09:14:df:41:fb:d4:65:d7:60:f9:ff:e2:
48:b8:23:a2:98:49:59:22:d2:00:90:d9:a4:a2:12:
a3:be:9d:2b:7d:6a:cd:09:6f:4c:6b:61:5c:9b:43:
a2:04:45:3a:77:d9:27:52:cf:b7:96:ea:45:aa:fd:
e3:86:59:0a:71:5b:18:db:15:fd:c5:2d:6c:5e:03:
e5:85:f8:24:ac:70:d2:6f:f6:b6:82:14:c6:bb:04:
50:3e:35:11:36:19:c7:67:8d:81:95:04:c1:52:9b:
a7:10:8f:8e:c2:33:1d:e9:78:15:7b:2c:b5:4c:1f:
48:f6:28:3d:f1:25:78:28:fc:de:90:7c:94:19:59:
ed:b1:40:1c:65:31:c7:93:02:7c:95:c5:95:e7:23:
9a:31:46:a3:26:02:5f:d6:97:0e:27:c2:32:50:a7:
92:e4:d4:b5:21:b5:5c:e9:4c:87:e7:9f:ff:8c:57:
ff:8d:72:ac:a1:0a:a5:7d:d3:cd:d3:ec:36:76:9a:
d8:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:77:2A:D5:88:CC:96:DA:1F:6D:17:F6:D8:47:E3:C0:89:61:C8:5E
X509v3 Authority Key Identifier:
keyid:E2:D0:C4:9A:0E:97:E0:D5:F3:CE:D3:B7:B6:B9:F7:2C:A0:CB:53:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tDEmg6X4NXzztO3trn3LKDLU9Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/cncq1YjMltofbRf22EfjwIlhyF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/9f0f7a-11eb-4383-bc6a-4690a007141f/1/4tDEmg6X4NXzztO3trn3LKDLU9Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.22.248.0/22
193.42.224.0/22
194.116.248.0/22
Signature Algorithm: sha256WithRSAEncryption
9e:58:70:05:20:12:21:4d:af:37:22:14:96:a7:1e:27:63:df:
23:f1:09:04:84:a0:71:aa:4f:f2:4f:e6:3e:80:96:8d:d8:66:
fc:50:6c:97:6b:f6:21:4c:f8:22:ea:ac:c3:ef:c4:41:3c:32:
47:6e:59:a0:d1:d0:08:7d:d5:8d:55:8b:b2:02:98:70:86:cc:
70:28:b8:ac:a6:0a:67:95:8f:97:b9:24:a2:35:23:83:fd:97:
c3:50:00:24:c3:ad:57:12:82:ca:3e:98:f3:1a:f1:4c:44:06:
97:39:e8:ed:3d:43:e6:eb:0d:21:89:ae:cb:3b:f3:bc:e9:05:
bd:38:28:e9:0b:96:24:3f:8d:d8:da:63:fc:c4:11:fd:64:61:
7c:09:3e:23:75:3c:d9:ac:fc:00:68:ec:7a:d9:da:42:8c:de:
ce:01:0c:9f:49:f0:7c:aa:6a:67:ed:11:b7:2e:f8:e4:9c:67:
d7:9f:83:12:cc:0f:39:5b:df:df:21:6e:a9:57:e4:aa:74:ca:
c0:98:a0:dd:ef:8d:9b:c1:c1:5c:f5:f5:ad:77:9a:04:48:32:
5f:09:5c:d6:12:05:2c:04:dc:d7:d4:5b:7d:47:80:e4:94:12:
24:b2:10:b2:44:50:ac:08:75:76:cd:12:10:ef:2c:2e:11:f0:
c4:e3:f1:4f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYn3prsJhirdQcGlod0V0Ec/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDBjNDlhMGU5N2UwZDVmM2NlZDNiN2I2YjlmNzJjYTBj
YjUzZDYwHhcNMjMwODE1MDUyNDA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc3MmFkNTg4Y2M5NmRhMWY2ZDE3ZjZkODQ3ZTNjMDg5NjFjODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggkpYji3nBZCf+Ie/0xwWj3h0q6z
5U9L8UGkFc4GSFdXKbhkfXrGRuXID+NusE+3RAGoEx6+IbgdL2PdzjwJFN9B+9Rl
12D5/+JIuCOimElZItIAkNmkohKjvp0rfWrNCW9Ma2Fcm0OiBEU6d9knUs+3lupF
qv3jhlkKcVsY2xX9xS1sXgPlhfgkrHDSb/a2ghTGuwRQPjURNhnHZ42BlQTBUpun
EI+OwjMd6XgVeyy1TB9I9ig98SV4KPzekHyUGVntsUAcZTHHkwJ8lcWV5yOaMUaj
JgJf1pcOJ8IyUKeS5NS1IbVc6UyH55//jFf/jXKsoQqlfdPN0+w2dprYlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHJ3KtWIzJbaH20X9thH48CJYcheMB8GA1UdIwQY
MBaAFOLQxJoOl+DV887Tt7a59yygy1PWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEt
NDY5MGEwMDcxNDFmLzEvY25jcTFZak1sdG9mYlJmMjJFZmp3SWxoeUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85ZjBmN2EtMTFlYi00MzgzLWJjNmEtNDY5MGEwMDcxNDFm
LzEvNHRERW1nNlg0Tlh6enRPM3RybjNMS0RMVTlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCqxb4AwQC
wSrgAwQCwnT4MA0GCSqGSIb3DQEBCwUAA4IBAQCeWHAFIBIhTa83IhSWpx4nY98j
8QkEhKBxqk/yT+Y+gJaN2Gb8UGyXa/YhTPgi6qzD78RBPDJHblmg0dAIfdWNVYuy
AphwhsxwKLispgpnlY+XuSSiNSOD/ZfDUAAkw61XEoLKPpjzGvFMRAaXOejtPUPm
6w0hia7LO/O86QW9OCjpC5YkP43Y2mP8xBH9ZGF8CT4jdTzZrPwAaOx62dpCjN7O
AQyfSfB8qmpn7RG3LvjknGfXn4MSzA85W9/fIW6pV+SqdMrAmKDd742bwcFc9fWt
d5oESDJfCVzWEgUsBNzX1Ft9R4DklBIkshCyRFCsCHV2zRIQ7ywuEfDE4/FP
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:23:31 2024 by rpki-client on console-fra.rpki-client.org