Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_N--efR3BVGd5xRTCNCq01SJCHs.roa
File: _N--efR3BVGd5xRTCNCq01SJCHs.roa (raw, json)
Hash identifier: 6Onfwukd3+d0vUJKfUmwhajsCBZsJGgUjJ7aNNWgLYY=
Subject key identifier: FC:DF:BE:79:F4:77:05:51:9D:E7:14:53:08:D0:AA:D3:54:89:08:7B
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 018847B9491C2E62ACB0DFF52D7E2ECAEC6C
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_N--efR3BVGd5xRTCNCq01SJCHs.roa
Signing time: Tue 23 May 2023 08:28:24 +0000
ROA not before: Tue 23 May 2023 08:28:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202492
IP address blocks: 164.215.100.0/24 maxlen: 24
46.23.104.0/22 maxlen: 22
85.158.148.0/22 maxlen: 22
85.158.147.0/24 maxlen: 24
37.128.200.0/22 maxlen: 22
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:47:b9:49:1c:2e:62:ac:b0:df:f5:2d:7e:2e:ca:ec:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 23 08:28:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fcdfbe79f47705519de7145308d0aad35489087b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ce:af:53:9c:69:8f:46:66:74:8e:83:6f:f7:
2e:d0:2d:07:47:0a:6b:4b:fb:7b:2f:67:89:17:8e:
9e:d0:0a:01:d0:56:25:97:9a:17:28:59:69:e1:55:
93:c8:6c:d7:d5:3b:d3:5f:ad:30:c7:2c:d5:b3:f4:
22:7d:90:1a:a9:e2:b2:d1:3c:9c:a9:a6:81:ad:02:
49:fe:84:5d:f3:2d:c6:6f:4d:c0:ed:06:a6:54:41:
2e:75:37:f0:79:44:c4:1c:3d:69:bc:fa:05:4f:c8:
fc:39:35:41:ba:49:e6:85:00:b0:3f:41:34:2e:ab:
73:fb:fa:05:2d:3e:66:28:68:a9:f2:bc:22:20:c1:
7d:72:87:58:f4:9c:90:33:3d:4c:96:00:e5:11:75:
7f:dc:c5:39:91:81:af:f2:65:b6:14:d9:09:0a:5d:
dd:b5:dd:13:17:9b:16:4e:75:5e:82:10:77:17:96:
1e:c2:85:a9:96:c4:a5:5d:b7:5a:06:74:f7:c9:e5:
4c:c6:46:53:b2:0d:0f:cb:35:ff:fd:8f:5f:46:8f:
72:49:44:3f:11:bb:05:bb:fd:ce:f1:db:e9:f9:15:
f3:d9:9f:c2:df:a9:f8:74:76:57:85:ba:64:27:1d:
0d:7c:d3:e6:15:6e:e2:f7:15:6e:da:97:84:68:cf:
5c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:DF:BE:79:F4:77:05:51:9D:E7:14:53:08:D0:AA:D3:54:89:08:7B
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/_N--efR3BVGd5xRTCNCq01SJCHs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
37.128.200.0/22
46.23.104.0/22
85.158.147.0-85.158.151.255
164.215.100.0/24
Signature Algorithm: sha256WithRSAEncryption
29:96:08:b6:c1:f4:cf:01:24:f0:5a:15:13:59:98:7b:57:71:
8b:ee:b6:9c:ca:f9:e9:aa:06:34:a1:c0:d6:c6:34:56:a5:72:
0d:53:a5:b8:6e:fb:fd:7f:8f:4d:5c:c7:f4:0c:6c:c2:a0:f7:
67:41:d7:f9:d8:ae:1f:30:b0:da:a8:b0:42:35:cd:b0:71:72:
b0:83:24:2d:41:6f:f6:ea:a1:6d:ab:b6:11:9a:4a:96:2d:1f:
04:bd:3b:3b:8e:3e:29:2e:7e:c3:83:58:2b:7a:5a:40:94:8c:
9c:36:19:6b:50:24:8a:89:17:6b:33:2f:87:95:d4:c0:94:23:
51:42:be:31:5c:35:7b:2c:88:28:b1:98:0f:e5:95:ef:e4:bd:
73:89:a2:41:1d:f8:2d:5c:57:15:eb:3d:6c:86:7a:aa:c7:17:
cb:6d:22:84:22:10:cf:2a:94:c6:bf:46:a4:60:28:dd:16:4a:
87:99:ff:f5:9a:87:18:d6:b0:ce:ad:ea:e4:0c:c8:84:4f:de:
de:be:e8:ce:5c:2b:f9:65:c9:f5:41:5e:76:c9:8c:84:cd:a3:
e8:00:8f:ff:c7:47:73:33:1f:b1:68:6c:13:bf:1c:51:07:b9:
33:38:fc:d1:d5:8a:0e:25:99:9c:9d:20:c7:cd:20:8a:86:d6:
e7:23:38:87
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYhHuUkcLmKssN/1LX4uyuxsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNTIzMDgyODI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2RmYmU3OWY0NzcwNTUxOWRlNzE0NTMwOGQwYWFkMzU0ODkwODdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArc6vU5xpj0ZmdI6Db/cu0C0HRwpr
S/t7L2eJF46e0AoB0FYll5oXKFlp4VWTyGzX1TvTX60wxyzVs/QifZAaqeKy0Tyc
qaaBrQJJ/oRd8y3Gb03A7QamVEEudTfweUTEHD1pvPoFT8j8OTVBuknmhQCwP0E0
Lqtz+/oFLT5mKGip8rwiIMF9codY9JyQMz1MlgDlEXV/3MU5kYGv8mW2FNkJCl3d
td0TF5sWTnVeghB3F5YewoWplsSlXbdaBnT3yeVMxkZTsg0PyzX//Y9fRo9ySUQ/
EbsFu/3O8dvp+RXz2Z/C36n4dHZXhbpkJx0NfNPmFW7i9xVu2peEaM9cEwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFPzfvnn0dwVRnecUUwjQqtNUiQh7MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvX04tLWVmUjNCVkdkNXhSVENOQ3EwMVNKQ0hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCBQrwAwQC
BQr8AwQCJYDIAwQCLhdoMAwDBABVnpMDBANVnpADBACk12QwDQYJKoZIhvcNAQEL
BQADggEBACmWCLbB9M8BJPBaFRNZmHtXcYvutpzK+emqBjShwNbGNFalcg1Tpbhu
+/1/j01cx/QMbMKg92dB1/nYrh8wsNqosEI1zbBxcrCDJC1Bb/bqoW2rthGaSpYt
HwS9OzuOPikufsODWCt6WkCUjJw2GWtQJIqJF2szL4eV1MCUI1FCvjFcNXssiCix
mA/lle/kvXOJokEd+C1cVxXrPWyGeqrHF8ttIoQiEM8qlMa/RqRgKN0WSoeZ//Wa
hxjWsM6t6uQMyIRP3t6+6M5cK/llyfVBXnbJjITNo+gAj//HR3MzH7FobBO/HFEH
uTM4/NHVig4lmZydIMfNIIqG1ucjOIc=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org