Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/x0A769QGPKyYS1SjcPoJ50cQL1E.roa
File: x0A769QGPKyYS1SjcPoJ50cQL1E.roa (raw, json)
Hash identifier: RDhtsy45zuqsDkfhnFhgu7ErjxsN6hIJUIyecvoPVgs=
Subject key identifier: C7:40:3B:EB:D4:06:3C:AC:98:4B:54:A3:70:FA:09:E7:47:10:2F:51
Certificate issuer: /CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Certificate serial: 01856E790C89BE35E7532A58AC9811F740FB
Authority key identifier: 09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/x0A769QGPKyYS1SjcPoJ50cQL1E.roa
Signing time: Sun 01 Jan 2023 17:55:04 +0000
ROA not before: Sun 01 Jan 2023 17:55:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203443
IP address blocks: 185.132.12.0/23 maxlen: 23
185.132.14.0/23 maxlen: 23
185.126.164.0/23 maxlen: 23
185.126.166.0/23 maxlen: 23
185.127.68.0/23 maxlen: 23
185.127.70.0/23 maxlen: 23
185.127.76.0/23 maxlen: 23
185.127.78.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:79:0c:89:be:35:e7:53:2a:58:ac:98:11:f7:40:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09e2af08cf6e12e2304fb3bdec64cfbcedaa8522
Validity
Not Before: Jan 1 17:55:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7403bebd4063cac984b54a370fa09e747102f51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:63:5e:b7:ab:40:83:f2:1b:ae:24:d5:21:c2:
68:87:67:6c:22:f2:28:51:75:6b:db:6f:01:03:f4:
7c:54:8b:24:bc:67:fa:f2:87:b8:79:df:fc:2f:40:
9d:d8:d7:e0:b8:0b:6b:16:50:1a:95:c6:b6:0e:17:
f0:de:96:21:ef:d9:fb:60:7b:93:65:b7:39:9c:2d:
1d:95:23:a5:4f:1b:fa:c5:18:47:f6:30:33:08:1a:
8e:f3:b3:14:99:7b:91:30:6c:e8:9c:1d:65:7c:3b:
9a:83:a7:86:16:5b:fb:a3:fb:b8:aa:40:81:cc:4e:
ec:fa:ef:a6:b9:56:69:48:57:43:4f:c5:8d:d0:fa:
9d:4f:76:05:df:b8:cc:a1:15:43:81:14:10:00:58:
1f:f4:9d:c0:e6:ab:32:c7:2f:89:e2:91:a6:f1:73:
b0:da:93:bd:9d:be:2f:f1:e5:60:02:bf:4d:c1:39:
a0:15:62:6d:d1:8e:a7:be:ca:19:cd:bb:38:e2:f5:
7b:80:d6:40:3d:0e:e1:e5:a4:c2:72:80:38:ef:68:
36:71:e0:77:12:3e:c9:1a:52:16:0f:8f:22:32:7f:
c6:27:5f:ad:f9:fc:d2:9b:71:1b:a8:fb:0d:7d:53:
42:5e:6b:c0:2e:24:11:ef:1c:04:8a:5b:e7:de:23:
48:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:40:3B:EB:D4:06:3C:AC:98:4B:54:A3:70:FA:09:E7:47:10:2F:51
X509v3 Authority Key Identifier:
keyid:09:E2:AF:08:CF:6E:12:E2:30:4F:B3:BD:EC:64:CF:BC:ED:AA:85:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CeKvCM9uEuIwT7O97GTPvO2qhSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/x0A769QGPKyYS1SjcPoJ50cQL1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/19d3cd-6610-43f0-83eb-70a1af51dfbe/1/CeKvCM9uEuIwT7O97GTPvO2qhSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.164.0/22
185.127.68.0/22
185.127.76.0/22
185.132.12.0/22
Signature Algorithm: sha256WithRSAEncryption
30:19:24:1c:fa:fb:eb:7f:06:4a:34:fc:5e:27:e3:2f:bc:32:
49:4b:b9:6d:7c:96:bf:d6:97:5a:4d:d0:5a:a9:fc:8f:be:5e:
7e:6a:4c:6d:fe:14:d3:f8:2b:ae:5c:7c:97:c8:ba:e2:cc:24:
33:b7:f2:e4:3e:b4:b9:e3:de:57:80:66:a3:67:d5:fd:1b:fa:
e7:d7:55:a6:58:2c:5f:f5:61:29:c6:94:df:61:a9:08:92:79:
11:40:20:47:ef:ab:08:75:6d:9e:c2:3b:12:b8:85:e9:ba:ca:
ab:2e:01:cf:1d:52:fb:a1:80:44:ae:86:ce:3e:68:a7:06:63:
18:38:2c:df:96:22:75:91:4f:ce:61:15:11:53:91:aa:1c:26:
13:bc:a4:5b:9e:38:98:52:5e:9b:bf:5d:53:8b:61:9a:f5:71:
aa:8f:a7:8f:d0:4b:af:0c:e2:a3:b4:f1:92:b4:ae:f4:77:bf:
f5:d1:58:30:d2:c1:4e:91:db:de:3f:50:d4:ab:57:7f:41:49:
ba:5a:85:f9:f8:24:bd:82:5d:9b:a9:a1:84:13:00:04:69:79:
5c:d1:ce:0c:2a:bc:82:df:b5:21:60:e0:58:a2:52:8a:6c:29:
45:22:b5:94:54:b6:24:e0:73:01:45:a1:14:95:97:19:80:5c:
b4:df:33:9d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVueQyJvjXnUypYrJgR90D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZTJhZjA4Y2Y2ZTEyZTIzMDRmYjNiZGVjNjRjZmJjZWRh
YTg1MjIwHhcNMjMwMTAxMTc1NTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzQwM2JlYmQ0MDYzY2FjOTg0YjU0YTM3MGZhMDllNzQ3MTAyZjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgWNet6tAg/IbriTVIcJoh2dsIvIo
UXVr228BA/R8VIskvGf68oe4ed/8L0Cd2NfguAtrFlAalca2Dhfw3pYh79n7YHuT
Zbc5nC0dlSOlTxv6xRhH9jAzCBqO87MUmXuRMGzonB1lfDuag6eGFlv7o/u4qkCB
zE7s+u+muVZpSFdDT8WN0PqdT3YF37jMoRVDgRQQAFgf9J3A5qsyxy+J4pGm8XOw
2pO9nb4v8eVgAr9NwTmgFWJt0Y6nvsoZzbs44vV7gNZAPQ7h5aTCcoA472g2ceB3
Ej7JGlIWD48iMn/GJ1+t+fzSm3EbqPsNfVNCXmvALiQR7xwEilvn3iNIHQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMdAO+vUBjysmEtUo3D6CedHEC9RMB8GA1UdIwQY
MBaAFAnirwjPbhLiME+zvexkz7ztqoUiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWIt
NzBhMWFmNTFkZmJlLzEveDBBNzY5UUdQS3lZUzFTamNQb0o1MGNRTDFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xOWQzY2QtNjYxMC00M2YwLTgzZWItNzBhMWFmNTFkZmJl
LzEvQ2VLdkNNOXVFdUl3VDdPOTdHVFB2TzJxaFNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuX6kAwQC
uX9EAwQCuX9MAwQCuYQMMA0GCSqGSIb3DQEBCwUAA4IBAQAwGSQc+vvrfwZKNPxe
J+MvvDJJS7ltfJa/1pdaTdBaqfyPvl5+akxt/hTT+CuuXHyXyLrizCQzt/LkPrS5
495XgGajZ9X9G/rn11WmWCxf9WEpxpTfYakIknkRQCBH76sIdW2ewjsSuIXpusqr
LgHPHVL7oYBErobOPminBmMYOCzfliJ1kU/OYRURU5GqHCYTvKRbnjiYUl6bv11T
i2Ga9XGqj6eP0EuvDOKjtPGStK70d7/10Vgw0sFOkdveP1DUq1d/QUm6WoX5+CS9
gl2bqaGEEwAEaXlc0c4MKryC37UhYOBYolKKbClFIrWUVLYk4HMBRaEUlZcZgFy0
3zOd
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:06 2024 by rpki-client on console-fra.rpki-client.org