Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/gNMQCev1SlCVrqCzRnT3CKXAlKQ.roa
File: gNMQCev1SlCVrqCzRnT3CKXAlKQ.roa (raw, json)
Hash identifier: He9DDGShI12AQj/iknb9VU6Jze/+vsexNjw3yL8L6Qk=
Subject key identifier: 80:D3:10:09:EB:F5:4A:50:95:AE:A0:B3:46:74:F7:08:A5:C0:94:A4
Certificate issuer: /CN=93515f25986e4b572a78b109d995c9ddf5da1266
Certificate serial: 01856F429C5B584F25EA38761F28F159E611
Authority key identifier: 93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/gNMQCev1SlCVrqCzRnT3CKXAlKQ.roa
Signing time: Sun 01 Jan 2023 21:35:14 +0000
ROA not before: Sun 01 Jan 2023 21:35:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60855
IP address blocks: 143.126.251.0/24 maxlen: 24
143.126.250.0/24 maxlen: 24
143.126.250.0/23 maxlen: 23
143.126.249.0/24 maxlen: 24
143.126.248.0/23 maxlen: 23
143.126.248.0/24 maxlen: 24
143.126.255.0/24 maxlen: 24
143.126.203.0/24 maxlen: 24
143.126.100.0/24 maxlen: 24
143.126.211.0/24 maxlen: 24
143.126.221.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:42:9c:5b:58:4f:25:ea:38:76:1f:28:f1:59:e6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93515f25986e4b572a78b109d995c9ddf5da1266
Validity
Not Before: Jan 1 21:35:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=80d31009ebf54a5095aea0b34674f708a5c094a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f4:68:6c:b3:96:b8:ad:40:ef:49:01:b7:2e:
ae:94:5d:1a:4b:03:4b:91:71:09:43:ff:cc:bf:31:
ae:08:69:e8:bd:f3:1f:5b:62:b4:c6:73:ab:b0:3b:
1d:0f:69:60:1b:e7:9d:0c:69:aa:bb:30:51:58:84:
a4:f6:ce:63:50:c5:4c:12:41:43:d2:12:1c:6d:cd:
35:26:61:f7:7b:75:eb:83:d1:84:20:61:5d:1a:52:
8f:e5:f2:c3:b3:9d:3c:15:8c:69:37:6d:7a:d3:26:
5b:53:9f:2b:6f:23:26:84:76:af:b4:aa:2e:96:c7:
b4:61:e2:43:f6:52:a3:f9:b4:fe:ad:10:e9:14:50:
5f:c5:47:fa:e5:fc:44:79:76:3a:84:1c:a7:21:88:
a6:7c:95:9a:f3:8b:a7:f9:75:2b:a7:06:be:0b:f6:
7b:a5:7d:c1:5b:37:98:25:fc:85:1c:33:bc:7a:9f:
1d:71:1a:6f:ee:83:05:0b:cb:f1:52:17:c4:c3:92:
35:39:de:9a:c1:ef:04:ae:39:90:1e:f6:26:14:15:
2a:56:07:e1:07:e1:46:73:dc:0d:98:47:c0:d3:88:
41:72:c7:a3:04:2d:d4:28:15:7e:ad:e5:12:ec:3d:
33:0f:95:0f:0a:41:37:38:a6:7d:56:fd:9a:cf:89:
e4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:D3:10:09:EB:F5:4A:50:95:AE:A0:B3:46:74:F7:08:A5:C0:94:A4
X509v3 Authority Key Identifier:
keyid:93:51:5F:25:98:6E:4B:57:2A:78:B1:09:D9:95:C9:DD:F5:DA:12:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/gNMQCev1SlCVrqCzRnT3CKXAlKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/84b03b-5619-4272-947f-13d51328a9f7/1/k1FfJZhuS1cqeLEJ2ZXJ3fXaEmY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.126.100.0/24
143.126.203.0/24
143.126.211.0/24
143.126.221.0/24
143.126.248.0/22
143.126.255.0/24
Signature Algorithm: sha256WithRSAEncryption
93:16:23:0e:57:7b:0e:5a:b6:c2:c0:2d:05:83:b1:a3:0d:56:
0e:3b:52:dd:75:85:d1:64:93:d3:cf:fb:ec:d0:33:89:2c:b1:
7a:1a:80:43:dc:be:47:58:18:22:bb:46:52:b2:16:59:48:69:
45:24:2e:bd:51:59:00:39:9f:41:6c:c4:4c:16:0c:95:c1:e0:
6d:4d:2c:ac:32:00:f4:15:4c:62:55:76:ca:7d:8b:14:0a:76:
62:1b:70:dd:58:df:87:21:9f:1e:05:7c:22:7b:d3:f5:10:f3:
0a:73:6b:fe:fc:99:4f:0e:29:b7:45:c3:59:0a:64:89:39:2b:
a9:6b:d4:1d:6d:0a:08:01:da:c7:a4:05:5c:ea:6a:5b:30:97:
72:d1:0d:20:e8:1a:d9:8e:ef:63:ce:4a:21:ed:96:49:cd:02:
b5:3c:90:df:c0:bf:12:39:68:99:16:60:0e:c3:d9:98:83:8b:
e2:05:0b:d8:01:2e:a7:eb:b8:17:ed:2c:f5:8b:82:a9:b7:bf:
cf:a1:62:12:2f:20:ef:97:af:9c:60:83:b8:b4:83:9b:ec:6a:
07:1a:ff:80:fb:96:40:d7:a5:b9:b7:17:85:66:2d:75:0d:78:
a6:95:67:c6:59:75:10:6e:7e:ab:e6:10:4f:c7:f2:51:ab:04:
25:e8:77:6c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVvQpxbWE8l6jh2HyjxWeYRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNTE1ZjI1OTg2ZTRiNTcyYTc4YjEwOWQ5OTVjOWRkZjVk
YTEyNjYwHhcNMjMwMTAxMjEzNTE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MGQzMTAwOWViZjU0YTUwOTVhZWEwYjM0Njc0ZjcwOGE1YzA5NGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvRobLOWuK1A70kBty6ulF0aSwNL
kXEJQ//MvzGuCGnovfMfW2K0xnOrsDsdD2lgG+edDGmquzBRWISk9s5jUMVMEkFD
0hIcbc01JmH3e3Xrg9GEIGFdGlKP5fLDs508FYxpN2160yZbU58rbyMmhHavtKou
lse0YeJD9lKj+bT+rRDpFFBfxUf65fxEeXY6hBynIYimfJWa84un+XUrpwa+C/Z7
pX3BWzeYJfyFHDO8ep8dcRpv7oMFC8vxUhfEw5I1Od6awe8ErjmQHvYmFBUqVgfh
B+FGc9wNmEfA04hBcsejBC3UKBV+reUS7D0zD5UPCkE3OKZ9Vv2az4nk4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIDTEAnr9UpQla6gs0Z09wilwJSkMB8GA1UdIwQY
MBaAFJNRXyWYbktXKnixCdmVyd312hJmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2Yt
MTNkNTEzMjhhOWY3LzEvZ05NUUNldjFTbENWcnFDelJuVDNDS1hBbEtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS84NGIwM2ItNTYxOS00MjcyLTk0N2YtMTNkNTEzMjhhOWY3
LzEvazFGZkpaaHVTMWNxZUxFSjJaWEozZlhhRW1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAj35kAwQA
j37LAwQAj37TAwQAj37dAwQCj374AwQAj37/MA0GCSqGSIb3DQEBCwUAA4IBAQCT
FiMOV3sOWrbCwC0Fg7GjDVYOO1LddYXRZJPTz/vs0DOJLLF6GoBD3L5HWBgiu0ZS
shZZSGlFJC69UVkAOZ9BbMRMFgyVweBtTSysMgD0FUxiVXbKfYsUCnZiG3DdWN+H
IZ8eBXwie9P1EPMKc2v+/JlPDim3RcNZCmSJOSupa9QdbQoIAdrHpAVc6mpbMJdy
0Q0g6BrZju9jzkoh7ZZJzQK1PJDfwL8SOWiZFmAOw9mYg4viBQvYAS6n67gX7Sz1
i4Kpt7/PoWISLyDvl6+cYIO4tIOb7GoHGv+A+5ZA16W5txeFZi11DXimlWfGWXUQ
bn6r5hBPx/JRqwQl6Hds
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:42 2024 by rpki-client on console-fra.rpki-client.org