Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pCFzqej-X0KN-i1QMi6x2xTFMgQ.roa
File: pCFzqej-X0KN-i1QMi6x2xTFMgQ.roa (raw, json)
Hash identifier: bHNmEwbw6KJBkju1ykylVRdXBeQlD81fupty3Cr+Fhc=
Subject key identifier: A4:21:73:A9:E8:FE:5F:42:8D:FA:2D:50:32:2E:B1:DB:14:C5:32:04
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01865DCC576A42C8CB3DEAED0E4FAC6B8FA4
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pCFzqej-X0KN-i1QMi6x2xTFMgQ.roa
Signing time: Fri 17 Feb 2023 05:15:18 +0000
ROA not before: Fri 17 Feb 2023 05:15:18 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208046
IP address blocks: 46.23.110.0/24 maxlen: 24
46.23.109.0/24 maxlen: 24
109.205.211.0/24 maxlen: 24
109.205.214.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:5d:cc:57:6a:42:c8:cb:3d:ea:ed:0e:4f:ac:6b:8f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Feb 17 05:15:18 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a42173a9e8fe5f428dfa2d50322eb1db14c53204
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:e0:04:90:c8:96:3d:db:4b:43:5f:12:9d:8a:
5a:b8:55:ff:f1:dd:4e:e0:b5:77:c9:e9:d1:e8:c3:
9a:af:33:08:82:8c:b1:eb:6d:5e:95:3f:9c:2d:2f:
25:26:d7:3f:1b:77:08:66:38:09:39:76:8e:89:c4:
02:5d:ab:2a:4a:76:04:87:cb:1b:e5:8c:cc:34:c4:
ab:2e:70:93:be:52:c9:a5:03:9f:4c:c0:26:6c:1a:
27:e8:f6:37:de:b5:b1:f5:3e:83:54:33:c4:c4:7b:
fe:69:3f:60:95:d4:1e:e6:d1:7c:08:5c:0f:03:4a:
5c:4f:c5:df:ad:1d:16:4c:20:8e:6f:c3:0e:83:26:
6c:56:61:f2:10:bd:61:ba:24:47:7e:85:7e:3a:3f:
f3:49:5d:de:91:3e:a5:95:20:ee:cd:16:cc:15:b3:
54:54:14:18:e4:90:c5:3c:85:81:f6:d1:a8:db:91:
14:be:3c:2f:3e:0b:42:6d:7a:2a:48:5d:dc:10:40:
76:cc:3e:0e:fd:de:40:67:20:f4:60:d8:36:23:6b:
1c:a8:68:83:90:bc:9e:fa:a0:8f:04:9b:e5:43:9e:
c5:88:d5:e8:dd:37:63:25:6d:6d:80:59:fc:aa:c6:
22:d9:99:85:fc:e6:da:f7:cc:19:70:7c:23:c6:04:
8f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:21:73:A9:E8:FE:5F:42:8D:FA:2D:50:32:2E:B1:DB:14:C5:32:04
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pCFzqej-X0KN-i1QMi6x2xTFMgQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.109.0-46.23.110.255
109.205.211.0/24
109.205.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:2f:18:1b:9d:64:b8:9b:30:22:ab:62:a4:f4:14:25:82:d5:
c2:49:d1:ce:0e:36:cb:9e:14:8e:cf:02:dc:66:87:03:9e:21:
b1:f9:17:bc:6d:7f:6a:6c:9d:b6:76:32:60:38:e7:c6:28:2a:
62:e8:e9:a4:28:3a:8b:6b:ae:c6:25:25:57:07:e7:92:6b:ce:
e3:e1:b9:42:35:a5:be:5a:35:ec:87:6f:db:0f:f6:b7:36:8c:
18:21:db:11:97:18:d7:e5:f2:77:63:0a:7d:24:00:01:4f:6c:
60:1a:13:44:12:1f:b6:ce:d7:ea:40:22:42:22:49:09:7b:00:
9b:25:1d:96:52:16:b6:15:71:63:d1:04:ba:14:a0:ff:95:56:
ac:3e:34:9b:46:66:bf:54:44:62:a9:04:a4:6a:73:f5:49:ef:
d8:78:96:f9:e1:0b:bf:67:59:59:00:1d:6d:b7:fd:04:9c:50:
c6:57:97:87:2c:23:75:05:fc:0c:c9:67:db:85:c7:7a:89:c0:
b8:d9:13:83:d7:61:08:8e:50:db:39:74:5e:cd:e0:46:40:5a:
87:8e:e4:2c:b8:83:1e:44:ef:36:22:d6:e5:a4:0a:7b:2e:93:
cd:12:ad:5b:3c:f8:18:8c:b4:46:75:8d:ac:5d:fc:8e:24:c6:
48:e3:2f:b3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYZdzFdqQsjLPertDk+sa4+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwMjE3MDUxNTE4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDIxNzNhOWU4ZmU1ZjQyOGRmYTJkNTAzMjJlYjFkYjE0YzUzMjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAieAEkMiWPdtLQ18SnYpauFX/8d1O
4LV3yenR6MOarzMIgoyx621elT+cLS8lJtc/G3cIZjgJOXaOicQCXasqSnYEh8sb
5YzMNMSrLnCTvlLJpQOfTMAmbBon6PY33rWx9T6DVDPExHv+aT9gldQe5tF8CFwP
A0pcT8XfrR0WTCCOb8MOgyZsVmHyEL1huiRHfoV+Oj/zSV3ekT6llSDuzRbMFbNU
VBQY5JDFPIWB9tGo25EUvjwvPgtCbXoqSF3cEEB2zD4O/d5AZyD0YNg2I2scqGiD
kLye+qCPBJvlQ57FiNXo3TdjJW1tgFn8qsYi2ZmF/Oba98wZcHwjxgSPIQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKQhc6no/l9CjfotUDIusdsUxTIEMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcENGenFlai1YMEtOLWkxUU1pNngyeFRGTWdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAuF20D
BAAuF24DBABtzdMDBABtzdYwDQYJKoZIhvcNAQELBQADggEBAMgvGBudZLibMCKr
YqT0FCWC1cJJ0c4ONsueFI7PAtxmhwOeIbH5F7xtf2psnbZ2MmA458YoKmLo6aQo
OotrrsYlJVcH55JrzuPhuUI1pb5aNeyHb9sP9rc2jBgh2xGXGNfl8ndjCn0kAAFP
bGAaE0QSH7bO1+pAIkIiSQl7AJslHZZSFrYVcWPRBLoUoP+VVqw+NJtGZr9URGKp
BKRqc/VJ79h4lvnhC79nWVkAHW23/QScUMZXl4csI3UF/AzJZ9uFx3qJwLjZE4PX
YQiOUNs5dF7N4EZAWoeO5Cy4gx5E7zYi1uWkCnsuk80SrVs8+BiMtEZ1jaxd/I4k
xkjjL7M=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org