Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/b-99AS4oqhkhpTc75yWcGXFh6vw.roa
File: b-99AS4oqhkhpTc75yWcGXFh6vw.roa (raw, json)
Hash identifier: QM9a2Kx7qY1ThOaDejIo6OUppYdxZSVywTe2txeyXPA=
Subject key identifier: 6F:EF:7D:01:2E:28:AA:19:21:A5:37:3B:E7:25:9C:19:71:61:EA:FC
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01866DFCEB9A62D4952BE73B7F4A4AFB1666
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/b-99AS4oqhkhpTc75yWcGXFh6vw.roa
Signing time: Mon 20 Feb 2023 08:42:17 +0000
ROA not before: Mon 20 Feb 2023 08:42:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.100.0/24 maxlen: 24
164.215.103.0/24 maxlen: 24
164.215.102.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6d:fc:eb:9a:62:d4:95:2b:e7:3b:7f:4a:4a:fb:16:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 20 08:42:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fef7d012e28aa1921a5373be7259c197161eafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:9c:77:b6:58:cc:4d:30:00:ed:ac:66:e4:4b:
2f:50:7f:36:9d:68:91:64:15:ad:31:49:65:9c:d0:
52:51:07:cf:ac:dc:8c:b9:06:b5:8c:66:3a:45:6d:
c6:eb:fb:63:9d:b5:b2:82:95:bb:58:04:7f:67:7e:
7a:fb:c2:8d:ef:6f:17:75:6c:08:0b:9a:82:e9:6a:
72:e3:be:91:ee:78:90:09:81:3d:0b:9c:d5:ae:b2:
79:fb:54:ed:cb:59:d6:71:bf:45:1d:26:80:f1:65:
a6:8a:c9:e7:7b:b5:14:f9:72:28:f5:3c:2e:af:7e:
2f:30:90:e2:1c:e8:1f:db:df:0b:a7:cb:60:66:a4:
38:b7:db:1e:da:d9:c1:dd:07:ee:27:ca:cc:10:ad:
51:32:92:83:34:58:1d:ae:1d:fe:d9:11:30:47:b1:
ff:e8:28:f6:be:7f:07:3a:0e:71:0c:16:6f:28:56:
80:d4:b6:a2:5f:14:eb:9f:54:39:1a:ca:c7:84:c1:
24:5e:bd:c6:bb:f0:9a:90:95:19:b5:4b:b3:7f:26:
cc:b8:62:e5:e7:d0:24:80:b3:ec:a1:da:f6:24:e5:
14:cd:85:4e:49:bf:c2:ec:4f:12:bc:e2:40:a1:05:
47:20:fd:e6:16:97:14:40:fa:bf:96:6e:e4:42:bb:
ff:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:EF:7D:01:2E:28:AA:19:21:A5:37:3B:E7:25:9C:19:71:61:EA:FC
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/b-99AS4oqhkhpTc75yWcGXFh6vw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
109.205.210.0/24
164.215.100.0/24
164.215.102.0/23
Signature Algorithm: sha256WithRSAEncryption
14:78:2e:86:d7:8e:54:61:f1:56:b3:eb:d2:91:ad:5e:f8:17:
61:c7:c8:65:0f:90:a7:da:0a:ba:05:65:c7:a4:2d:37:7f:81:
a8:21:4c:32:24:e3:cb:93:bc:2c:9a:7a:e0:5a:d6:4f:11:5e:
4f:f7:82:34:b6:67:70:72:54:af:e1:a0:1a:89:29:28:14:25:
83:d9:9a:c3:7c:a7:d5:68:4b:d1:df:a4:6a:6b:53:3e:cc:f5:
6a:1c:df:ba:8b:d2:9d:e1:8c:7c:34:89:e9:6e:b7:6e:48:25:
47:18:d7:81:20:e4:ea:45:01:07:25:28:a7:65:0d:82:db:2e:
86:55:41:9c:86:08:6d:e2:6a:73:c9:81:e2:b2:b5:29:9e:07:
93:ce:25:3e:35:24:3e:bc:7f:73:0f:04:68:00:c0:3b:ef:cf:
2d:49:2e:d1:d4:34:59:dc:11:39:79:b6:bb:f8:81:3e:de:87:
fa:71:fd:88:3c:74:ed:0b:48:b8:24:ce:a7:de:bf:ef:33:e7:
0e:1e:7d:07:e3:18:f5:e7:f8:90:77:ec:45:73:c3:d0:10:2b:
df:5f:ff:ea:ce:df:82:ed:0b:af:7f:c2:24:b4:b7:94:a4:bb:
e6:00:f1:e7:49:8b:f1:42:8b:7a:d0:da:01:bd:0d:6a:fe:07:
4a:1e:8a:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYZt/OuaYtSVK+c7f0pK+xZmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjIwMDg0MjE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmVmN2QwMTJlMjhhYTE5MjFhNTM3M2JlNzI1OWMxOTcxNjFlYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi5x3tljMTTAA7axm5EsvUH82nWiR
ZBWtMUllnNBSUQfPrNyMuQa1jGY6RW3G6/tjnbWygpW7WAR/Z356+8KN728XdWwI
C5qC6Wpy476R7niQCYE9C5zVrrJ5+1Tty1nWcb9FHSaA8WWmisnne7UU+XIo9Twu
r34vMJDiHOgf298Lp8tgZqQ4t9se2tnB3QfuJ8rMEK1RMpKDNFgdrh3+2REwR7H/
6Cj2vn8HOg5xDBZvKFaA1LaiXxTrn1Q5GsrHhMEkXr3Gu/CakJUZtUuzfybMuGLl
59AkgLPsodr2JOUUzYVOSb/C7E8SvOJAoQVHIP3mFpcUQPq/lm7kQrv/UwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG/vfQEuKKoZIaU3O+clnBlxYer8MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvYi05OUFTNG9xaGtocFRjNzV5V2NHWEZoNnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBQrwAwQC
BQr8AwQAbc3SAwQApNdkAwQBpNdmMA0GCSqGSIb3DQEBCwUAA4IBAQAUeC6G145U
YfFWs+vSka1e+Bdhx8hlD5Cn2gq6BWXHpC03f4GoIUwyJOPLk7wsmnrgWtZPEV5P
94I0tmdwclSv4aAaiSkoFCWD2ZrDfKfVaEvR36Rqa1M+zPVqHN+6i9Kd4Yx8NInp
brduSCVHGNeBIOTqRQEHJSinZQ2C2y6GVUGchght4mpzyYHisrUpngeTziU+NSQ+
vH9zDwRoAMA7788tSS7R1DRZ3BE5eba7+IE+3of6cf2IPHTtC0i4JM6n3r/vM+cO
Hn0H4xj15/iQd+xFc8PQECvfX//qzt+C7Quvf8IktLeUpLvmAPHnSYvxQot60NoB
vQ1q/gdKHopD
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org