Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/kn9YtUibzdDAHEwuwkNG8o27oJQ.roa
File: kn9YtUibzdDAHEwuwkNG8o27oJQ.roa (raw, json)
Hash identifier: Mmo47CXksaBumoarZhhSIo2MBL6ydMYEEbDpHPEOJpk=
Subject key identifier: 92:7F:58:B5:48:9B:CD:D0:C0:1C:4C:2E:C2:43:46:F2:8D:BB:A0:94
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 0186BCF1AEBB2092627C0E43F3052306284E
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/kn9YtUibzdDAHEwuwkNG8o27oJQ.roa
Signing time: Tue 07 Mar 2023 16:40:00 +0000
ROA not before: Tue 07 Mar 2023 16:40:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62257
IP address blocks: 194.147.150.0/24 maxlen: 24
194.147.170.0/24 maxlen: 24
194.36.172.0/24 maxlen: 24
194.36.173.0/24 maxlen: 24
194.36.175.0/24 maxlen: 24
45.139.9.0/24 maxlen: 24
194.180.208.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:bc:f1:ae:bb:20:92:62:7c:0e:43:f3:05:23:06:28:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Mar 7 16:40:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=927f58b5489bcdd0c01c4c2ec24346f28dbba094
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:59:0e:5e:8f:9e:72:c3:29:a3:52:92:3e:3f:
64:04:e0:23:eb:13:1c:03:d5:54:47:ea:49:ed:bd:
d8:b5:de:63:0a:07:45:98:49:5b:9e:f2:db:46:90:
7b:17:ba:0c:17:44:81:3c:82:99:db:6b:6e:db:0b:
34:8c:7c:15:13:e4:5a:12:48:b3:c7:fe:8e:3b:70:
c2:29:70:83:40:8d:5e:39:66:71:9e:5f:cc:f6:33:
d6:6a:8f:39:e0:dc:cd:21:d3:72:5f:8a:a2:7b:b3:
f3:e6:f5:e8:33:cc:94:1b:a1:4b:45:8f:80:95:86:
95:72:f9:ac:ed:15:43:e6:62:df:5e:de:86:aa:aa:
d8:7b:19:5c:c6:7c:c0:19:95:95:bb:84:9f:d1:e9:
9e:28:3d:dd:6f:ce:97:23:83:35:d4:ea:fb:0d:f7:
03:c8:19:d3:e7:34:71:57:fd:3e:db:1e:58:99:63:
d4:c0:0c:b9:f7:0f:06:d5:9e:0b:ea:d9:21:3b:84:
86:56:a5:bc:68:a5:74:9d:c9:4b:00:a3:4c:5d:6e:
fe:b3:67:f4:ff:29:10:c9:0b:3a:65:1e:5b:95:dc:
0e:82:70:5b:a3:2a:ed:96:ad:3e:2e:72:e2:d9:25:
a0:32:c0:87:3c:9e:43:93:52:58:73:44:cc:4d:6a:
56:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:7F:58:B5:48:9B:CD:D0:C0:1C:4C:2E:C2:43:46:F2:8D:BB:A0:94
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/kn9YtUibzdDAHEwuwkNG8o27oJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.9.0/24
194.36.172.0/23
194.36.175.0/24
194.147.150.0/24
194.147.170.0/24
194.180.208.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:f8:e2:70:51:b7:d2:66:54:1a:86:62:f5:22:f1:59:8d:d1:
63:b2:12:5a:21:e2:89:43:f6:2c:a0:9e:ad:0b:4d:25:e1:94:
dc:0e:0c:06:d8:69:e3:24:bc:4e:82:4b:5e:f5:63:51:99:b3:
84:a0:54:9a:2a:26:6c:f4:4e:cb:b1:8c:9d:e4:58:03:af:4e:
bc:56:9e:0e:1d:3b:37:fd:09:e0:07:8f:dc:ba:a9:73:a1:59:
37:10:18:8d:dc:7f:fe:c9:6f:39:13:99:59:f9:94:58:6e:c2:
4c:63:be:85:d4:c0:3f:69:3b:d4:f7:96:09:ca:0d:03:41:81:
88:74:5e:43:57:2c:91:93:23:14:2c:fa:d3:a9:3e:2e:f9:06:
61:63:ea:e3:50:31:04:33:43:e9:a9:28:20:c3:fe:d8:11:41:
e2:21:f6:da:d0:fc:83:60:e9:f1:ff:d7:62:dd:5e:17:db:7a:
98:73:57:c7:3c:5d:3b:75:e2:8a:c9:08:c8:23:bf:94:47:30:
03:14:47:e0:ad:3b:b8:df:17:ec:57:0d:0e:81:48:f5:f6:41:
f4:72:6c:ed:88:28:0f:a6:dc:e7:81:8e:48:7a:bf:ac:4f:d9:
9e:b5:41:9b:37:82:08:a9:00:17:a3:25:d7:5e:e0:71:e4:03:
7e:0f:dd:62
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYa88a67IJJifA5D8wUjBihOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjMwMzA3MTY0MDAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjdmNThiNTQ4OWJjZGQwYzAxYzRjMmVjMjQzNDZmMjhkYmJhMDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1kOXo+ecsMpo1KSPj9kBOAj6xMc
A9VUR+pJ7b3Ytd5jCgdFmElbnvLbRpB7F7oMF0SBPIKZ22tu2ws0jHwVE+RaEkiz
x/6OO3DCKXCDQI1eOWZxnl/M9jPWao854NzNIdNyX4qie7Pz5vXoM8yUG6FLRY+A
lYaVcvms7RVD5mLfXt6GqqrYexlcxnzAGZWVu4Sf0emeKD3db86XI4M11Or7DfcD
yBnT5zRxV/0+2x5YmWPUwAy59w8G1Z4L6tkhO4SGVqW8aKV0nclLAKNMXW7+s2f0
/ykQyQs6ZR5bldwOgnBboyrtlq0+LnLi2SWgMsCHPJ5Dk1JYc0TMTWpWRwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJJ/WLVIm83QwBxMLsJDRvKNu6CUMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEva245WXRVaWJ6ZERBSEV3dXdrTkc4bzI3b0pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALYsJAwQB
wiSsAwQAwiSvAwQAwpOWAwQAwpOqAwQBwrTQMA0GCSqGSIb3DQEBCwUAA4IBAQBu
+OJwUbfSZlQahmL1IvFZjdFjshJaIeKJQ/YsoJ6tC00l4ZTcDgwG2GnjJLxOgkte
9WNRmbOEoFSaKiZs9E7LsYyd5FgDr068Vp4OHTs3/QngB4/cuqlzoVk3EBiN3H/+
yW85E5lZ+ZRYbsJMY76F1MA/aTvU95YJyg0DQYGIdF5DVyyRkyMULPrTqT4u+QZh
Y+rjUDEEM0PpqSggw/7YEUHiIfba0PyDYOnx/9di3V4X23qYc1fHPF07deKKyQjI
I7+URzADFEfgrTu43xfsVw0OgUj19kH0cmztiCgPptzngY5Ier+sT9metUGbN4II
qQAXoyXXXuBx5AN+D91i
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:14 2023 by rpki-client on console-ams.rpki-client.org