Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qFOHav7-A-f0teeXGBDl1ARwfF8.roa
File: qFOHav7-A-f0teeXGBDl1ARwfF8.roa (raw, json)
Hash identifier: abeu1YVx8dFcM5TWawv/5RaRLGLlPdk9lF4ptpNM6/0=
Subject key identifier: A8:53:87:6A:FE:FE:03:E7:F4:B5:E7:97:18:10:E5:D4:04:70:7C:5F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01863A7D3193ADD570CBFF3F45A013B934D2
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qFOHav7-A-f0teeXGBDl1ARwfF8.roa
Signing time: Fri 10 Feb 2023 08:42:08 +0000
ROA not before: Fri 10 Feb 2023 08:42:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211434
IP address blocks: 192.71.206.0/24 maxlen: 24
194.71.106.0/24 maxlen: 24
194.68.22.0/23 maxlen: 23
194.132.172.0/23 maxlen: 24
192.36.200.0/24 maxlen: 24
192.121.118.0/23 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:3a:7d:31:93:ad:d5:70:cb:ff:3f:45:a0:13:b9:34:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 10 08:42:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a853876afefe03e7f4b5e7971810e5d404707c5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:a3:a8:da:6f:47:b9:0e:04:e9:f3:3a:88:35:
e4:37:4b:ec:0a:b3:92:fd:c6:aa:85:0d:9e:e0:ea:
73:cb:a8:f1:65:8f:b3:1a:05:28:6f:0d:fd:a7:ff:
76:a4:05:b1:29:10:b6:a1:63:17:5e:62:42:4f:1b:
40:26:ad:8b:49:9a:ee:38:92:d9:c4:48:58:b3:e4:
82:13:6e:71:47:66:39:ee:a8:c3:5a:f5:42:b1:ea:
14:e0:c7:a2:99:5b:74:de:52:eb:95:21:b1:68:13:
4f:20:bc:dd:f8:ff:51:83:0d:c3:a5:67:0a:05:5d:
82:f6:03:13:f1:89:b7:91:af:b9:8a:fa:eb:3a:26:
18:63:52:7e:29:12:ec:eb:20:0a:52:c3:c5:27:c3:
3a:43:2e:41:af:42:db:fa:52:08:b1:e4:99:6d:c3:
22:2a:c5:33:34:8c:01:58:c3:1d:c8:b4:16:a9:8a:
a0:8b:87:b3:f8:a2:32:a1:5a:5c:57:ae:50:08:96:
61:b0:05:5b:ae:5b:0d:5a:7d:22:b8:7e:b5:f9:c9:
51:5f:fa:a3:90:74:0c:35:74:09:2b:0a:ce:99:da:
a3:75:e4:f0:96:02:68:34:9e:71:74:d9:4b:c6:b8:
a8:03:ec:80:b1:5b:b2:5b:1c:f9:ce:39:3e:0b:dd:
43:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:53:87:6A:FE:FE:03:E7:F4:B5:E7:97:18:10:E5:D4:04:70:7C:5F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/qFOHav7-A-f0teeXGBDl1ARwfF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.200.0/24
192.71.206.0/24
192.121.118.0/23
194.68.22.0/23
194.71.106.0/24
194.132.172.0/23
Signature Algorithm: sha256WithRSAEncryption
a1:b0:0c:e9:4d:48:ca:02:bf:11:68:43:93:d9:7f:e7:12:17:
8f:5a:f2:21:c4:9e:40:5d:f9:98:6e:ef:b1:98:61:91:76:7f:
99:d8:c6:df:4e:c6:00:e7:6f:72:d5:26:86:5e:45:00:d7:e0:
9b:1c:bf:e4:1b:3f:62:3c:46:03:21:9e:06:33:17:eb:45:1b:
97:6c:fe:5d:e5:19:43:85:98:a6:f5:30:a4:7a:90:6f:92:97:
2d:a3:77:66:65:9e:dd:f1:8a:cf:16:0a:89:d5:ba:21:6c:3b:
13:43:b5:db:5b:7a:bf:40:bc:6f:36:5e:c4:cd:1a:74:8b:69:
23:69:81:06:af:f5:b0:2e:80:39:f5:52:37:91:da:40:11:da:
18:22:7f:0f:c1:36:37:22:af:94:b2:7f:99:58:9e:bc:1a:9a:
82:dc:55:99:a1:31:c2:5c:a0:86:64:74:f8:20:ad:75:f0:21:
f3:20:97:a1:f9:38:c5:c4:d5:90:9b:06:c7:10:5c:7b:4c:29:
f7:da:0f:41:d1:af:2f:c2:9a:5d:9f:10:bf:40:cd:0a:9e:63:
80:e5:60:d9:9a:04:0d:0a:b0:e8:27:a2:7b:c1:c9:98:c4:92:
39:c7:27:cf:c5:78:75:66:80:5b:55:1d:5f:1e:bc:a1:ba:1e:
e1:f9:31:69
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYY6fTGTrdVwy/8/RaATuTTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMjEwMDg0MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODUzODc2YWZlZmUwM2U3ZjRiNWU3OTcxODEwZTVkNDA0NzA3YzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKOo2m9HuQ4E6fM6iDXkN0vsCrOS
/caqhQ2e4Opzy6jxZY+zGgUobw39p/92pAWxKRC2oWMXXmJCTxtAJq2LSZruOJLZ
xEhYs+SCE25xR2Y57qjDWvVCseoU4MeimVt03lLrlSGxaBNPILzd+P9Rgw3DpWcK
BV2C9gMT8Ym3ka+5ivrrOiYYY1J+KRLs6yAKUsPFJ8M6Qy5Br0Lb+lIIseSZbcMi
KsUzNIwBWMMdyLQWqYqgi4ez+KIyoVpcV65QCJZhsAVbrlsNWn0iuH61+clRX/qj
kHQMNXQJKwrOmdqjdeTwlgJoNJ5xdNlLxrioA+yAsVuyWxz5zjk+C91D3QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKhTh2r+/gPn9LXnlxgQ5dQEcHxfMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvcUZPSGF2Ny1BLWYwdGVlWEdCRGwxQVJ3ZkY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAwCTIAwQA
wEfOAwQBwHl2AwQBwkQWAwQAwkdqAwQBwoSsMA0GCSqGSIb3DQEBCwUAA4IBAQCh
sAzpTUjKAr8RaEOT2X/nEhePWvIhxJ5AXfmYbu+xmGGRdn+Z2MbfTsYA529y1SaG
XkUA1+CbHL/kGz9iPEYDIZ4GMxfrRRuXbP5d5RlDhZim9TCkepBvkpcto3dmZZ7d
8YrPFgqJ1bohbDsTQ7XbW3q/QLxvNl7EzRp0i2kjaYEGr/WwLoA59VI3kdpAEdoY
In8PwTY3Iq+Usn+ZWJ68GpqC3FWZoTHCXKCGZHT4IK118CHzIJeh+TjFxNWQmwbH
EFx7TCn32g9B0a8vwppdnxC/QM0KnmOA5WDZmgQNCrDoJ6J7wcmYxJI5xyfPxXh1
ZoBbVR1fHryhuh7h+TFp
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org