Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pQBFt9iADGMb5UvH-JQVSpXvUXU.roa
File: pQBFt9iADGMb5UvH-JQVSpXvUXU.roa (raw, json)
Hash identifier: cqthA71Kw073DrvHg+2CrWcb1C3tojEO/Wk51k1O4mA=
Subject key identifier: A5:00:45:B7:D8:80:0C:63:1B:E5:4B:C7:F8:94:15:4A:95:EF:51:75
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 01873CFEF74B5FE34F8587C2C2A6241FD071
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pQBFt9iADGMb5UvH-JQVSpXvUXU.roa
Signing time: Sat 01 Apr 2023 13:25:54 +0000
ROA not before: Sat 01 Apr 2023 13:25:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 164.215.103.0/24 maxlen: 24
85.158.146.0/24 maxlen: 24
109.205.210.0/24 maxlen: 24
5.10.240.0/22 maxlen: 22
5.10.252.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:3c:fe:f7:4b:5f:e3:4f:85:87:c2:c2:a6:24:1f:d0:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Apr 1 13:25:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a50045b7d8800c631be54bc7f894154a95ef5175
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:f9:60:6f:2d:ce:98:ab:95:e6:8e:2c:ea:75:
4e:35:ac:91:1e:b4:ae:c8:68:18:55:d4:1f:d4:40:
6f:6a:89:60:2e:9d:2f:1b:cd:25:be:ca:a1:97:40:
54:b7:35:15:07:5b:6a:05:9b:0a:87:55:86:80:a5:
c8:14:78:38:b4:80:1b:b2:fc:00:ab:53:8f:15:cd:
6a:16:7a:c1:af:b5:c3:21:a1:4f:1e:fb:db:29:cb:
df:f5:cf:cd:ee:2a:a5:97:b8:2a:57:7e:6e:43:07:
ca:90:a9:4e:3c:d6:cd:5f:5e:1f:bc:83:c4:9d:72:
7b:1a:c0:62:97:c5:b7:52:ca:e2:a7:86:74:27:04:
6f:f7:26:6f:53:35:af:c2:4c:4a:49:f1:83:67:3f:
74:2a:4e:38:60:7c:28:cd:ad:19:1d:b4:39:9f:c8:
d1:61:77:37:11:34:37:3a:f4:09:03:81:d1:d7:f3:
94:a5:ea:49:1c:85:70:22:83:40:03:12:24:5e:64:
41:c2:a8:ba:a9:dd:e4:70:1c:9d:30:20:b5:13:36:
b8:e7:68:38:f4:58:64:94:41:93:5a:ad:28:8c:2a:
53:8b:f5:51:c1:d6:25:59:89:76:28:16:45:b1:14:
b1:fb:66:ca:89:9c:9e:89:46:d6:ea:0b:cc:d4:38:
81:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:00:45:B7:D8:80:0C:63:1B:E5:4B:C7:F8:94:15:4A:95:EF:51:75
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/pQBFt9iADGMb5UvH-JQVSpXvUXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.240.0/22
5.10.252.0/22
85.158.146.0/24
109.205.210.0/24
164.215.103.0/24
Signature Algorithm: sha256WithRSAEncryption
d6:a9:ef:db:35:ce:34:7b:67:71:bc:a4:66:0a:02:72:e9:e0:
db:83:58:2e:98:74:ac:e9:e5:c3:22:64:04:df:d8:e7:41:4a:
9f:c1:9e:f1:87:33:ca:b9:11:d8:c7:2d:04:b0:44:17:d1:21:
ba:20:e4:11:f1:1c:7b:38:cf:75:f1:01:20:4c:19:84:51:41:
60:c4:d5:0e:75:f4:9e:cc:2d:69:13:e7:ab:17:0e:e0:c6:74:
ef:8b:57:f3:f6:ee:9c:0d:a9:e0:9e:56:b5:ce:2a:61:22:3b:
96:a2:f8:d4:b6:ee:05:b6:89:ef:bf:36:87:ce:f9:be:11:70:
dc:ab:cf:9d:35:59:b6:6c:31:78:34:11:30:ac:52:9f:8b:1c:
ce:b7:d7:5e:84:13:21:23:8d:a8:7b:1e:8d:4a:00:6f:a1:00:
aa:15:bb:ca:b7:fd:41:9c:80:07:be:d1:17:67:32:3b:04:8e:
27:27:43:ea:04:a2:17:02:28:46:e9:dd:e6:18:4d:cc:f4:e9:
e5:ef:09:7c:36:94:96:6f:98:5d:07:44:38:1f:84:39:03:33:
39:dc:d1:40:50:f4:b4:8d:c1:c8:56:5f:65:95:c9:88:ad:00:
cd:b9:22:0c:e3:f0:1a:a9:88:98:48:d7:83:3f:e3:eb:70:fa:
b6:9f:d4:31
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYc8/vdLX+NPhYfCwqYkH9BxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjMwNDAxMTMyNTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTAwNDViN2Q4ODAwYzYzMWJlNTRiYzdmODk0MTU0YTk1ZWY1MTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4vlgby3OmKuV5o4s6nVONayRHrSu
yGgYVdQf1EBvaolgLp0vG80lvsqhl0BUtzUVB1tqBZsKh1WGgKXIFHg4tIAbsvwA
q1OPFc1qFnrBr7XDIaFPHvvbKcvf9c/N7iqll7gqV35uQwfKkKlOPNbNX14fvIPE
nXJ7GsBil8W3Usrip4Z0JwRv9yZvUzWvwkxKSfGDZz90Kk44YHwoza0ZHbQ5n8jR
YXc3ETQ3OvQJA4HR1/OUpepJHIVwIoNAAxIkXmRBwqi6qd3kcBydMCC1Eza452g4
9FhklEGTWq0ojCpTi/VRwdYlWYl2KBZFsRSx+2bKiZyeiUbW6gvM1DiBxQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKUARbfYgAxjG+VLx/iUFUqV71F1MB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvcFFCRnQ5aUFER01iNVV2SC1KUVZTcFh2VVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBQrwAwQC
BQr8AwQAVZ6SAwQAbc3SAwQApNdnMA0GCSqGSIb3DQEBCwUAA4IBAQDWqe/bNc40
e2dxvKRmCgJy6eDbg1gumHSs6eXDImQE39jnQUqfwZ7xhzPKuRHYxy0EsEQX0SG6
IOQR8Rx7OM918QEgTBmEUUFgxNUOdfSezC1pE+erFw7gxnTvi1fz9u6cDangnla1
ziphIjuWovjUtu4FtonvvzaHzvm+EXDcq8+dNVm2bDF4NBEwrFKfixzOt9dehBMh
I42oex6NSgBvoQCqFbvKt/1BnIAHvtEXZzI7BI4nJ0PqBKIXAihG6d3mGE3M9Onl
7wl8NpSWb5hdB0Q4H4Q5AzM53NFAUPS0jcHIVl9llcmIrQDNuSIM4/AaqYiYSNeD
P+PrcPq2n9Qx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:01 2023 by rpki-client on console-fra.rpki-client.org