Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eWtSSpG4VDHt-iDn77DbfpLHExw.roa
File: eWtSSpG4VDHt-iDn77DbfpLHExw.roa (raw, json)
Hash identifier: gBkO5V6sAwyUaCjLIx2kGaS2VLzNtVFtDitLIC4Wf0Y=
Subject key identifier: 79:6B:52:4A:91:B8:54:31:ED:FA:20:E7:EF:B0:DB:7E:92:C7:13:1C
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01856D9414DEA8FACD3025262540704732FE
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eWtSSpG4VDHt-iDn77DbfpLHExw.roa
Signing time: Sun 01 Jan 2023 13:44:59 +0000
ROA not before: Sun 01 Jan 2023 13:44:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138687
IP address blocks: 85.158.148.0/24 maxlen: 24
85.158.151.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:94:14:de:a8:fa:cd:30:25:26:25:40:70:47:32:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jan 1 13:44:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=796b524a91b85431edfa20e7efb0db7e92c7131c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d9:72:a1:55:4c:60:5d:0b:b9:98:f6:b8:6e:
62:bb:1f:0f:72:d2:38:5f:6a:93:91:00:6c:db:7a:
80:90:b6:e9:a5:95:41:81:c2:56:d5:b0:1b:fd:de:
3b:87:09:00:f0:ab:3f:22:d8:cd:01:0a:4a:14:1c:
81:0a:92:c6:af:9d:00:9b:ba:22:fa:43:dc:d6:8f:
50:b6:95:3d:fc:21:bb:8b:b4:b3:e6:b8:5d:b5:6e:
bd:98:a8:15:25:c8:5c:56:9e:c4:ff:ac:4d:32:e8:
73:e2:86:80:7b:1e:2a:1d:7f:7f:2d:66:38:b1:93:
90:82:9d:a3:98:bd:36:89:8d:fc:d2:d8:01:62:67:
5a:7e:b9:6e:68:9a:84:7e:75:e3:0d:df:55:06:2a:
67:e8:92:84:bd:51:e5:c0:2d:b5:3c:29:d9:22:36:
7e:ba:2f:4f:0d:fa:4f:02:a0:ed:e1:e5:33:6a:0b:
15:b9:86:f2:6e:84:2e:fd:97:5a:22:bb:33:e3:74:
33:83:c1:b7:9f:3e:c3:49:36:95:bb:75:97:57:16:
f0:26:ae:20:5d:31:b3:39:48:66:84:26:4a:39:01:
20:ee:3e:76:bd:e2:a9:09:16:60:10:7a:b7:5c:23:
8e:09:77:43:0a:ae:d1:a2:d9:cf:de:e8:47:06:0b:
68:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:6B:52:4A:91:B8:54:31:ED:FA:20:E7:EF:B0:DB:7E:92:C7:13:1C
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/eWtSSpG4VDHt-iDn77DbfpLHExw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.148.0/24
85.158.151.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:22:da:46:03:f6:3c:84:4a:75:5f:76:cd:c5:88:b5:91:3c:
19:b3:68:1d:60:73:e6:e1:54:b2:a1:e7:b2:08:03:06:a7:a4:
2d:cf:f7:43:fc:56:e1:53:0f:09:e0:e8:e1:83:55:d7:4d:25:
9f:42:46:bb:74:9e:3c:4b:31:b9:02:2d:b7:99:96:48:d1:cf:
f2:41:11:89:da:20:b2:83:f4:7f:cf:eb:89:9e:73:ee:26:1d:
4f:62:b4:14:1a:94:02:37:ec:15:40:52:e6:e4:91:8e:9a:3d:
cc:64:17:b7:31:02:20:5e:c6:34:53:10:af:59:2e:9b:56:fd:
34:cd:12:d1:22:a3:c7:07:c3:9c:47:af:9d:18:a7:88:be:89:
18:38:9e:df:27:56:e0:7e:26:2f:aa:17:33:fd:b2:20:13:55:
bf:61:bd:6b:03:f9:d5:9b:ad:7c:0f:c8:49:90:27:d4:49:aa:
b9:bd:c5:1f:38:ac:e7:c2:9a:72:a3:9e:e4:a8:eb:95:f1:68:
26:e4:a2:14:47:92:f8:28:67:31:2e:47:ba:6f:bc:0e:3d:15:
95:f0:1c:b1:49:be:e8:6a:57:c0:5c:ff:f9:c6:61:cb:5d:8b:
5f:ba:3b:1d:a8:a9:eb:e9:d8:58:5b:bc:97:c2:67:70:1b:59:
c3:9f:7a:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVtlBTeqPrNMCUmJUBwRzL+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMTAxMTM0NDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTZiNTI0YTkxYjg1NDMxZWRmYTIwZTdlZmIwZGI3ZTkyYzcxMzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9lyoVVMYF0LuZj2uG5iux8PctI4
X2qTkQBs23qAkLbppZVBgcJW1bAb/d47hwkA8Ks/ItjNAQpKFByBCpLGr50Am7oi
+kPc1o9QtpU9/CG7i7Sz5rhdtW69mKgVJchcVp7E/6xNMuhz4oaAex4qHX9/LWY4
sZOQgp2jmL02iY380tgBYmdafrluaJqEfnXjDd9VBipn6JKEvVHlwC21PCnZIjZ+
ui9PDfpPAqDt4eUzagsVuYbyboQu/ZdaIrsz43Qzg8G3nz7DSTaVu3WXVxbwJq4g
XTGzOUhmhCZKOQEg7j52veKpCRZgEHq3XCOOCXdDCq7RotnP3uhHBgtoGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHlrUkqRuFQx7fog5++w236SxxMcMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvZVd0U1NwRzRWREh0LWlEbjc3RGJmcExIRXh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVZ6UAwQA
VZ6XMA0GCSqGSIb3DQEBCwUAA4IBAQCfItpGA/Y8hEp1X3bNxYi1kTwZs2gdYHPm
4VSyoeeyCAMGp6Qtz/dD/FbhUw8J4Ojhg1XXTSWfQka7dJ48SzG5Ai23mZZI0c/y
QRGJ2iCyg/R/z+uJnnPuJh1PYrQUGpQCN+wVQFLm5JGOmj3MZBe3MQIgXsY0UxCv
WS6bVv00zRLRIqPHB8OcR6+dGKeIvokYOJ7fJ1bgfiYvqhcz/bIgE1W/Yb1rA/nV
m618D8hJkCfUSaq5vcUfOKznwppyo57kqOuV8Wgm5KIUR5L4KGcxLke6b7wOPRWV
8ByxSb7oalfAXP/5xmHLXYtfujsdqKnr6dhYW7yXwmdwG1nDn3qq
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:51 2023 by rpki-client on console-ams.rpki-client.org