Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/cORB4I7ejFqC9BRP0BR47boft10.roa
File: cORB4I7ejFqC9BRP0BR47boft10.roa (raw, json)
Hash identifier: UmqxdC3ZnZivkTm7BGQPwRRmBVQSJLRfBWOaXqW4exw=
Subject key identifier: 70:E4:41:E0:8E:DE:8C:5A:82:F4:14:4F:D0:14:78:ED:BA:1F:B7:5D
Certificate issuer: /CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Certificate serial: 01856F66FB6783FA72805F3A3671AF095F3D
Authority key identifier: 7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/cORB4I7ejFqC9BRP0BR47boft10.roa
Signing time: Sun 01 Jan 2023 22:14:58 +0000
ROA not before: Sun 01 Jan 2023 22:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9558
IP address blocks: 194.24.250.0/24 maxlen: 24
194.24.251.0/24 maxlen: 24
217.195.145.0/24 maxlen: 24
217.195.144.0/24 maxlen: 24
2a06:2340:1000::/44 maxlen: 44
2a06:2340:2000::/44 maxlen: 44
2a0d:9e40:1000::/36 maxlen: 36
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:66:fb:67:83:fa:72:80:5f:3a:36:71:af:09:5f:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f1d0e3298bed3a7f39fb3b244ed918bf6c4d7bf
Validity
Not Before: Jan 1 22:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=70e441e08ede8c5a82f4144fd01478edba1fb75d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:73:80:94:f8:60:ab:50:d3:d5:66:5e:a7:04:
8f:4b:ff:5e:ff:c3:12:a3:23:13:cd:48:3b:3f:ee:
72:d4:79:9e:d8:dc:b5:e9:31:06:ec:ba:29:b2:19:
f0:2c:e3:79:e1:a7:83:fa:f0:31:9e:4f:c2:48:15:
3d:2e:3d:a5:ed:25:e5:13:59:5e:f3:60:b8:ac:62:
4c:c6:49:ed:5d:59:5e:da:b6:d7:a8:0d:a7:57:33:
2a:3d:0d:d1:05:df:fe:d1:25:ad:a3:41:92:cd:36:
6f:8a:ed:79:e8:1a:88:45:e1:9f:df:7e:31:2d:31:
e6:43:8f:0f:15:e6:a0:2f:2e:73:f5:7d:42:9d:1d:
63:08:bf:ce:af:db:af:30:16:8f:61:45:50:51:fc:
84:b3:31:d5:8c:d0:32:da:0c:9e:7c:73:60:f3:e8:
2e:f6:e0:bf:bf:a4:09:d3:83:62:7c:75:e6:82:23:
f6:c5:bb:8c:ba:1e:d6:aa:57:86:11:3a:7c:e4:6b:
c4:1a:98:94:13:5a:04:01:e8:26:5a:1c:73:03:75:
40:ca:2f:ad:ce:58:49:40:b3:6f:59:0f:b2:a5:1d:
76:e3:82:21:75:6b:7d:53:02:2a:06:66:55:0d:2b:
af:21:04:93:1c:ea:f3:46:d8:f9:f3:d5:6a:48:97:
85:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E4:41:E0:8E:DE:8C:5A:82:F4:14:4F:D0:14:78:ED:BA:1F:B7:5D
X509v3 Authority Key Identifier:
keyid:7F:1D:0E:32:98:BE:D3:A7:F3:9F:B3:B2:44:ED:91:8B:F6:C4:D7:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fx0OMpi-06fzn7OyRO2Ri_bE178.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/cORB4I7ejFqC9BRP0BR47boft10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/e6506e-7685-48e7-a583-21af3dee8ee9/1/fx0OMpi-06fzn7OyRO2Ri_bE178.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.250.0/23
217.195.144.0/23
IPv6:
2a06:2340:1000::/44
2a06:2340:2000::/44
2a0d:9e40:1000::/36
Signature Algorithm: sha256WithRSAEncryption
37:23:46:9a:0e:51:7b:33:7f:5f:1a:03:1b:28:a6:e0:ed:88:
ac:39:df:4c:e0:18:27:dc:1d:bb:84:aa:3b:0c:33:bb:1a:1a:
bb:b0:7f:b6:0f:49:5e:99:c5:69:fc:b1:1d:8e:12:ec:be:dd:
70:73:77:f5:08:d2:67:00:a9:53:22:bd:56:00:56:8d:ae:b8:
9a:0c:be:c6:64:f9:47:3a:01:2b:e6:69:bc:3b:5c:17:a2:c4:
a9:53:02:82:c6:a2:5c:c4:2d:b2:56:d7:4f:f8:a4:c3:e7:d1:
40:df:b5:f5:5f:87:cb:2c:aa:54:b3:07:d2:ed:bf:45:4f:c4:
87:d1:19:80:b1:ee:6f:66:9b:2f:d5:5d:3e:45:ef:8e:55:73:
1b:63:fe:d7:ce:c2:27:04:ba:d9:7e:b6:ab:27:21:0d:ec:bb:
98:fb:65:8c:e6:ab:20:ac:2a:60:cb:62:9c:50:54:dd:85:f1:
f6:34:59:84:29:0e:03:87:54:22:fc:1a:8c:0f:7a:77:75:eb:
2d:e1:da:4d:5c:01:7e:9d:cd:16:f3:ba:44:9b:ed:b2:07:c2:
28:40:7b:7c:91:07:df:f6:13:9f:09:dc:1f:15:cf:1f:a7:e2:
c7:51:84:2f:bc:a2:3e:fd:4b:50:1b:72:38:5e:72:61:ce:d2:
1d:ea:29:84
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYVvZvtng/pygF86NnGvCV89MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmMWQwZTMyOThiZWQzYTdmMzlmYjNiMjQ0ZWQ5MThiZjZj
NGQ3YmYwHhcNMjMwMTAxMjIxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGU0NDFlMDhlZGU4YzVhODJmNDE0NGZkMDE0NzhlZGJhMWZiNzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznOAlPhgq1DT1WZepwSPS/9e/8MS
oyMTzUg7P+5y1Hme2Ny16TEG7LopshnwLON54aeD+vAxnk/CSBU9Lj2l7SXlE1le
82C4rGJMxkntXVle2rbXqA2nVzMqPQ3RBd/+0SWto0GSzTZviu156BqIReGf334x
LTHmQ48PFeagLy5z9X1CnR1jCL/Or9uvMBaPYUVQUfyEszHVjNAy2gyefHNg8+gu
9uC/v6QJ04NifHXmgiP2xbuMuh7WqleGETp85GvEGpiUE1oEAegmWhxzA3VAyi+t
zlhJQLNvWQ+ypR1244IhdWt9UwIqBmZVDSuvIQSTHOrzRtj589VqSJeFaQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFHDkQeCO3oxagvQUT9AUeO26H7ddMB8GA1UdIwQY
MBaAFH8dDjKYvtOn85+zskTtkYv2xNe/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMt
MjFhZjNkZWU4ZWU5LzEvY09SQjRJN2VqRnFDOUJSUDBCUjQ3Ym9mdDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9lNjUwNmUtNzY4NS00OGU3LWE1ODMtMjFhZjNkZWU4ZWU5
LzEvZngwT01waS0wNmZ6bjdPeVJPMlJpX2JFMTc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjASBAIAATAMAwQBwhj6AwQB
2cOQMCAEAgACMBoDBwQqBiNAEAADBwQqBiNAIAADBgQqDZ5AEDANBgkqhkiG9w0B
AQsFAAOCAQEANyNGmg5RezN/XxoDGyim4O2IrDnfTOAYJ9wdu4SqOwwzuxoau7B/
tg9JXpnFafyxHY4S7L7dcHN39QjSZwCpUyK9VgBWja64mgy+xmT5RzoBK+ZpvDtc
F6LEqVMCgsaiXMQtslbXT/ikw+fRQN+19V+HyyyqVLMH0u2/RU/Eh9EZgLHub2ab
L9VdPkXvjlVzG2P+187CJwS62X62qychDey7mPtljOarIKwqYMtinFBU3YXx9jRZ
hCkOA4dUIvwajA96d3XrLeHaTVwBfp3NFvO6RJvtsgfCKEB7fJEH3/YTnwncHxXP
H6fix1GEL7yiPv1LUBtyOF5yYc7SHeophA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-fra.rpki-client.org