Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/8GQSQWqVSsRRkzXg1ZJHxldciqc.roa
File: 8GQSQWqVSsRRkzXg1ZJHxldciqc.roa (raw, json)
Hash identifier: z2r7NHPTBOLSJJv1ZvZgxMqGeUZWIogm/eZQfBLWf7w=
Subject key identifier: F0:64:12:41:6A:95:4A:C4:51:93:35:E0:D5:92:47:C6:57:5C:8A:A7
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0185E7A9F3C629B093199CF566D4458FCB4E
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/8GQSQWqVSsRRkzXg1ZJHxldciqc.roa
Signing time: Wed 25 Jan 2023 06:42:32 +0000
ROA not before: Wed 25 Jan 2023 06:42:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 134450
IP address blocks: 185.160.64.0/24 maxlen: 32
185.153.148.0/24 maxlen: 32
194.150.72.0/24 maxlen: 32
185.161.68.0/24 maxlen: 32
185.201.189.0/24 maxlen: 32
185.201.191.0/24 maxlen: 32
Validation: Failed, certificate revoked on Fri 28 Jul 2023 10:36:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e7:a9:f3:c6:29:b0:93:19:9c:f5:66:d4:45:8f:cb:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Jan 25 06:42:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f06412416a954ac4519335e0d59247c6575c8aa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:67:0d:c1:15:ab:8f:4b:e0:97:6f:c7:df:84:
ef:fd:a8:06:b2:fe:38:49:f1:b3:8c:74:d9:a8:3d:
8b:a2:a3:23:8f:8f:fc:71:db:2f:7b:6d:b9:d5:da:
0d:f3:1a:a9:39:f8:9c:6f:98:ab:03:5c:22:f3:5d:
ed:92:bd:46:41:92:44:f6:11:35:5b:4a:76:ca:10:
3e:8f:9a:62:1d:1e:82:50:f9:c5:c6:b8:49:cf:bf:
b5:62:d5:19:60:0f:77:0e:a4:74:ad:b7:e1:ec:05:
fa:de:82:fc:e6:cd:b5:73:cd:94:e4:60:af:de:d6:
43:c1:b0:5e:9b:4e:77:04:cc:dd:ce:ca:68:1e:b1:
03:30:fc:af:e7:8f:93:05:94:d3:9f:81:ba:50:c1:
7c:c1:5b:65:e5:2f:c7:59:ac:7a:42:b8:74:4c:f4:
f4:68:f9:5f:89:e3:47:f7:a4:d8:7a:9b:bd:79:5b:
52:2e:d7:06:6b:5d:25:96:f6:d1:26:ec:67:00:e3:
b3:6c:d2:a6:93:85:5d:74:d9:d4:d0:b5:2b:7b:0c:
4b:da:9c:6c:25:ce:e1:81:fd:3e:40:1b:9c:4e:23:
a8:f8:81:e4:0c:79:b6:33:5f:ea:5c:6a:8e:d3:43:
bc:5e:63:0d:12:67:9e:b6:8e:1f:a1:6b:4b:d7:2e:
19:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:64:12:41:6A:95:4A:C4:51:93:35:E0:D5:92:47:C6:57:5C:8A:A7
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/8GQSQWqVSsRRkzXg1ZJHxldciqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.148.0/24
185.160.64.0/24
185.161.68.0/24
185.201.189.0/24
185.201.191.0/24
194.150.72.0/24
Signature Algorithm: sha256WithRSAEncryption
71:49:3e:73:eb:90:3c:d4:3f:ca:4f:15:5c:3a:b7:88:c2:55:
7f:ab:6a:9c:67:ff:65:0b:0f:65:50:41:a9:1f:a3:a2:43:be:
6b:d1:87:2d:31:ac:b1:3c:b2:82:80:86:92:d9:1f:1a:83:a2:
d4:c0:a6:74:62:25:cd:66:8d:7e:5d:3a:f5:28:18:db:c6:35:
40:32:cf:41:b9:cc:84:b1:8a:c9:43:6e:7c:6d:21:3e:c1:2f:
75:4e:db:d1:7f:c2:56:1b:7a:6b:d5:61:19:72:ae:3c:85:15:
70:1b:6e:77:65:31:3c:64:bb:fb:ba:e8:70:f3:6a:04:a0:39:
4a:06:9b:97:3c:99:67:34:01:db:cd:3e:e6:7c:4a:19:6c:bf:
3d:8e:04:8b:6e:7c:ab:f1:fe:7f:80:ff:c8:8e:79:48:91:f2:
89:10:57:f4:f8:56:69:c3:c1:5b:3c:44:d2:51:04:0e:b8:b5:
62:48:c4:59:f2:d4:1d:12:44:86:9f:e7:d4:27:b1:92:a2:91:
35:6a:88:ee:09:13:dc:be:48:7d:ce:d6:e0:27:7f:e4:90:08:
a7:72:3e:0b:0e:39:37:46:c1:43:b1:e4:99:60:cb:3f:9b:09:
32:bb:ca:7c:7f:16:3f:ce:8e:36:45:ba:fc:a9:18:4e:88:fe:
67:71:77:a9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYXnqfPGKbCTGZz1ZtRFj8tOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMTI1MDY0MjMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDY0MTI0MTZhOTU0YWM0NTE5MzM1ZTBkNTkyNDdjNjU3NWM4YWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2cNwRWrj0vgl2/H34Tv/agGsv44
SfGzjHTZqD2LoqMjj4/8cdsve2251doN8xqpOficb5irA1wi813tkr1GQZJE9hE1
W0p2yhA+j5piHR6CUPnFxrhJz7+1YtUZYA93DqR0rbfh7AX63oL85s21c82U5GCv
3tZDwbBem053BMzdzspoHrEDMPyv54+TBZTTn4G6UMF8wVtl5S/HWax6Qrh0TPT0
aPlfieNH96TYepu9eVtSLtcGa10llvbRJuxnAOOzbNKmk4VddNnU0LUrewxL2pxs
Jc7hgf0+QBucTiOo+IHkDHm2M1/qXGqO00O8XmMNEmeeto4foWtL1y4ZXwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFPBkEkFqlUrEUZM14NWSR8ZXXIqnMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvOEdRU1FXcVZTc1JSa3pYZzFaSkh4bGRjaXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuZmUAwQA
uaBAAwQAuaFEAwQAucm9AwQAucm/AwQAwpZIMA0GCSqGSIb3DQEBCwUAA4IBAQBx
ST5z65A81D/KTxVcOreIwlV/q2qcZ/9lCw9lUEGpH6OiQ75r0YctMayxPLKCgIaS
2R8ag6LUwKZ0YiXNZo1+XTr1KBjbxjVAMs9BucyEsYrJQ258bSE+wS91TtvRf8JW
G3pr1WEZcq48hRVwG253ZTE8ZLv7uuhw82oEoDlKBpuXPJlnNAHbzT7mfEoZbL89
jgSLbnyr8f5/gP/IjnlIkfKJEFf0+FZpw8FbPETSUQQOuLViSMRZ8tQdEkSGn+fU
J7GSopE1aojuCRPcvkh9ztbgJ3/kkAincj4LDjk3RsFDseSZYMs/mwkyu8p8fxY/
zo42Rbr8qRhOiP5ncXep
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:46 2024 by rpki-client on console-fra.rpki-client.org