Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/QPCx9V4zM4VVLHr6UovUq7R0oTo.roa
File: QPCx9V4zM4VVLHr6UovUq7R0oTo.roa (raw, json)
Hash identifier: 5nMzFwtY1BSfrRDHKygc3TTmjuvOvLEexIm39JdSd/o=
Subject key identifier: 40:F0:B1:F5:5E:33:33:85:55:2C:7A:FA:52:8B:D4:AB:B4:74:A1:3A
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 01856F6FF8CB1C90AD71324EEDBF43196E4F
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/QPCx9V4zM4VVLHr6UovUq7R0oTo.roa
Signing time: Sun 01 Jan 2023 22:24:47 +0000
ROA not before: Sun 01 Jan 2023 22:24:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47285
IP address blocks: 194.147.150.0/24 maxlen: 24
185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
45.139.8.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
2a12:2600::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:6f:f8:cb:1c:90:ad:71:32:4e:ed:bf:43:19:6e:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Jan 1 22:24:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=40f0b1f55e333385552c7afa528bd4abb474a13a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:88:3a:d4:61:e6:82:e1:d3:ec:61:17:ca:
7c:66:e8:92:a9:f1:a4:5c:99:00:11:85:a3:48:3a:
15:d1:83:92:b6:22:90:18:bd:06:55:1e:ce:c2:54:
87:59:64:80:13:6a:82:b8:47:7c:a6:5b:82:64:3d:
5f:f3:4c:96:2d:1e:8a:b3:62:05:d0:a5:e0:d4:95:
be:00:92:a1:9b:bb:c7:0c:1d:e2:36:13:08:47:a5:
0d:45:7a:33:a6:b5:0b:39:d6:2e:6b:1c:ea:a2:eb:
d1:3c:cc:12:26:2b:cf:e1:5c:c2:d5:3d:74:d9:c0:
bf:97:bc:ae:5f:f1:3c:c8:9b:e8:18:8a:f5:f2:eb:
a1:19:66:38:5b:72:1a:ff:67:6b:76:3c:e5:40:e4:
de:c1:28:a4:2b:91:59:ab:51:e5:ca:4b:36:48:f4:
d8:a7:c5:bb:c2:ba:b7:28:73:75:22:eb:3e:d3:17:
1f:dc:84:74:f4:2e:73:3d:d0:c6:8a:02:fa:c1:3c:
b3:fc:af:98:90:70:37:c1:19:39:9f:2e:6e:71:ff:
84:ce:57:43:53:49:2e:b8:59:ef:05:0f:ba:96:4e:
69:fe:de:61:fc:9d:ad:5c:e3:2b:87:ce:cd:50:1e:
ac:52:e3:8a:8a:53:d6:79:e0:ce:99:ae:aa:bd:fa:
f5:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:F0:B1:F5:5E:33:33:85:55:2C:7A:FA:52:8B:D4:AB:B4:74:A1:3A
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/QPCx9V4zM4VVLHr6UovUq7R0oTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/24
185.105.236.0/24
185.105.238.0/24
194.147.150.0/24
194.180.209.0/24
IPv6:
2a12:2600::/29
Signature Algorithm: sha256WithRSAEncryption
7e:42:7d:eb:eb:9d:49:6e:e8:8f:57:5a:65:ba:3f:ee:49:06:
c4:81:71:88:f3:2c:70:66:6f:eb:cd:05:a3:ff:3d:c9:42:d6:
e2:6c:8b:58:fc:eb:1b:b7:80:66:97:76:62:62:c2:54:4c:93:
41:f1:27:53:ce:10:d7:ce:31:5d:e1:39:d1:06:b9:48:e7:b4:
b8:88:b2:ee:43:a4:9a:a2:df:82:ac:1f:fc:43:2b:14:da:db:
92:54:73:6b:9d:ac:63:87:54:5f:42:8e:39:73:1a:d9:20:52:
3e:39:12:11:d2:f6:b3:63:fc:17:43:43:fb:8a:27:04:97:d2:
cc:1f:ca:c1:fe:15:73:00:0d:a0:75:1b:e0:cc:80:59:23:d3:
7e:b1:a2:90:f5:56:66:e2:a4:78:3c:7f:2a:52:e2:0c:cf:4f:
cf:d8:0b:1f:95:28:72:69:52:4e:c0:03:81:48:01:7e:be:a6:
f8:68:51:cd:49:1a:05:89:de:d7:71:83:09:d2:c6:8c:30:ad:
c4:fb:63:1f:5e:8f:3b:a6:9c:84:bd:99:dc:35:44:2a:9a:c6:
c5:a5:45:e3:0f:95:4d:e1:dc:9e:53:53:77:1b:a4:25:22:3f:
74:51:26:51:7a:a5:84:0f:49:c8:25:0f:b0:b8:ac:47:b2:61:
16:3f:1d:3c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVvb/jLHJCtcTJO7b9DGW5PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjMwMTAxMjIyNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGYwYjFmNTVlMzMzMzg1NTUyYzdhZmE1MjhiZDRhYmI0NzRhMTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+WIOtRh5oLh0+xhF8p8ZuiSqfGk
XJkAEYWjSDoV0YOStiKQGL0GVR7OwlSHWWSAE2qCuEd8pluCZD1f80yWLR6Ks2IF
0KXg1JW+AJKhm7vHDB3iNhMIR6UNRXozprULOdYuaxzqouvRPMwSJivP4VzC1T10
2cC/l7yuX/E8yJvoGIr18uuhGWY4W3Ia/2drdjzlQOTewSikK5FZq1Hlyks2SPTY
p8W7wrq3KHN1Ius+0xcf3IR09C5zPdDGigL6wTyz/K+YkHA3wRk5ny5ucf+EzldD
U0kuuFnvBQ+6lk5p/t5h/J2tXOMrh87NUB6sUuOKilPWeeDOma6qvfr1sQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFEDwsfVeMzOFVSx6+lKL1Ku0dKE6MB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvUVBDeDlWNHpNNFZWTEhyNlVvdlVxN1Iwb1RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALYsIAwQA
uWnsAwQAuWnuAwQAwpOWAwQAwrTRMA0EAgACMAcDBQMqEiYAMA0GCSqGSIb3DQEB
CwUAA4IBAQB+Qn3r651JbuiPV1pluj/uSQbEgXGI8yxwZm/rzQWj/z3JQtbibItY
/Osbt4Bml3ZiYsJUTJNB8SdTzhDXzjFd4TnRBrlI57S4iLLuQ6Saot+CrB/8QysU
2tuSVHNrnaxjh1RfQo45cxrZIFI+ORIR0vazY/wXQ0P7iicEl9LMH8rB/hVzAA2g
dRvgzIBZI9N+saKQ9VZm4qR4PH8qUuIMz0/P2AsflShyaVJOwAOBSAF+vqb4aFHN
SRoFid7XcYMJ0saMMK3E+2MfXo87ppyEvZncNUQqmsbFpUXjD5VN4dyeU1N3G6Ql
Ij90USZReqWED0nIJQ+wuKxHsmEWPx08
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org