Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0rqRswQY-5n-CqqSbsqq3IDzHLo.roa
File: 0rqRswQY-5n-CqqSbsqq3IDzHLo.roa (raw, json)
Hash identifier: FuIr4Ab6jxFcTeG/F1SS/YaiTGlxqSwhWY2OvrK6sTw=
Subject key identifier: D2:BA:91:B3:04:18:FB:99:FE:0A:AA:92:6E:CA:AA:DC:80:F3:1C:BA
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 01856F14A74AEA25587151A0FA7681948448
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0rqRswQY-5n-CqqSbsqq3IDzHLo.roa
Signing time: Sun 01 Jan 2023 20:45:02 +0000
ROA not before: Sun 01 Jan 2023 20:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 28761
IP address blocks: 195.26.81.0/24 maxlen: 24
195.26.82.0/23 maxlen: 23
195.26.80.0/24 maxlen: 24
188.191.16.0/22 maxlen: 22
188.191.16.0/24 maxlen: 24
188.191.17.0/24 maxlen: 24
188.191.24.0/24 maxlen: 24
188.191.18.0/24 maxlen: 24
188.191.19.0/24 maxlen: 24
188.191.25.0/24 maxlen: 24
188.191.26.0/24 maxlen: 24
188.191.27.0/24 maxlen: 24
185.76.80.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:a7:4a:ea:25:58:71:51:a0:fa:76:81:94:84:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 1 20:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d2ba91b30418fb99fe0aaa926ecaaadc80f31cba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:7d:a7:b6:33:96:45:ff:f3:73:5e:0b:c4:af:
20:a9:85:13:57:3c:87:f9:df:1a:13:cf:45:4b:58:
54:62:e1:fb:35:a0:37:5b:99:51:cb:0f:47:c4:5a:
6e:c5:a5:b1:90:a6:a1:20:33:15:73:94:da:eb:49:
86:23:bc:51:e4:91:08:45:8c:a9:aa:98:77:89:6c:
b5:15:b5:fc:2c:0c:44:3f:64:46:43:0b:82:09:14:
e5:f1:0d:22:02:c2:5f:3d:f0:2f:a9:5e:d0:9f:dc:
46:0c:eb:c3:fa:6c:62:9b:01:2e:9e:4b:e6:c3:7e:
7d:8d:cf:7b:bf:71:59:c6:47:cb:05:60:5a:e0:69:
20:39:91:a7:fa:00:92:19:bf:71:77:0d:3f:9e:a4:
2d:14:a9:b1:05:64:24:bf:11:a3:9c:d1:48:20:e0:
7f:af:6b:c2:65:9b:ac:46:97:34:77:cf:4f:fd:cb:
0f:cf:d8:7f:fb:45:df:0d:75:85:ff:0e:99:7d:29:
78:c2:39:14:e1:96:2d:c1:31:cb:61:b0:14:e3:e9:
1a:d0:6e:9a:f4:79:a6:3e:d7:2c:26:17:ba:99:50:
96:0a:a8:4a:bc:6e:04:9c:f7:cb:f6:f3:6c:b4:2a:
57:49:b1:08:a6:6f:29:b4:11:4e:e9:e9:f4:08:61:
0c:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:BA:91:B3:04:18:FB:99:FE:0A:AA:92:6E:CA:AA:DC:80:F3:1C:BA
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/0rqRswQY-5n-CqqSbsqq3IDzHLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.80.0/24
188.191.16.0/22
188.191.24.0/22
195.26.80.0/22
Signature Algorithm: sha256WithRSAEncryption
51:e0:30:71:31:f1:13:7c:5e:77:fc:6a:82:98:5f:0b:1d:73:
7f:06:96:70:e7:f0:b5:11:1d:7f:c0:5b:8e:68:48:67:e4:0a:
4c:70:b4:6b:ab:8c:a6:dc:f8:86:5e:11:d8:94:6d:b0:f5:6f:
8f:f0:55:57:fd:e7:b5:51:8a:20:6d:4b:9a:e6:ae:24:50:b6:
42:92:42:3a:2b:ba:c9:e2:10:96:5a:3f:b2:40:4a:51:7d:c6:
45:ad:fe:62:2f:0d:9c:ee:1e:36:c8:c2:38:d4:f2:d0:17:ee:
d4:24:a3:a8:87:42:a7:2d:51:d7:06:0b:79:8c:78:d3:a9:c5:
c5:a5:b4:db:81:46:2b:cb:2c:1e:7b:e9:b7:87:0f:e6:ca:67:
3f:45:0f:f7:74:69:64:fe:48:da:09:16:fb:23:0c:90:2e:5b:
1e:91:c2:89:f1:98:16:bb:84:49:e3:ee:5b:2f:07:9f:93:74:
e1:4c:15:1c:ce:b4:6e:b8:bb:bb:b4:7c:1c:01:ca:7a:77:5e:
b8:b9:04:85:b7:62:d8:5e:26:1f:bb:db:f1:de:cd:c6:df:ff:
d5:c5:35:69:4e:14:2a:e0:a7:4a:11:70:57:24:1e:d0:ca:4b:
59:00:8f:83:af:b9:ff:1a:e3:d6:f4:f7:23:67:b0:f9:67:20:
14:46:2d:f9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvFKdK6iVYcVGg+naBlIRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjMwMTAxMjA0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmJhOTFiMzA0MThmYjk5ZmUwYWFhOTI2ZWNhYWFkYzgwZjMxY2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh32ntjOWRf/zc14LxK8gqYUTVzyH
+d8aE89FS1hUYuH7NaA3W5lRyw9HxFpuxaWxkKahIDMVc5Ta60mGI7xR5JEIRYyp
qph3iWy1FbX8LAxEP2RGQwuCCRTl8Q0iAsJfPfAvqV7Qn9xGDOvD+mximwEunkvm
w359jc97v3FZxkfLBWBa4GkgOZGn+gCSGb9xdw0/nqQtFKmxBWQkvxGjnNFIIOB/
r2vCZZusRpc0d89P/csPz9h/+0XfDXWF/w6ZfSl4wjkU4ZYtwTHLYbAU4+ka0G6a
9HmmPtcsJhe6mVCWCqhKvG4EnPfL9vNstCpXSbEIpm8ptBFO6en0CGEMNwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNK6kbMEGPuZ/gqqkm7KqtyA8xy6MB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvMHJxUnN3UVktNW4tQ3FxU2JzcXEzSUR6SExvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuUxQAwQC
vL8QAwQCvL8YAwQCwxpQMA0GCSqGSIb3DQEBCwUAA4IBAQBR4DBxMfETfF53/GqC
mF8LHXN/BpZw5/C1ER1/wFuOaEhn5ApMcLRrq4ym3PiGXhHYlG2w9W+P8FVX/ee1
UYogbUua5q4kULZCkkI6K7rJ4hCWWj+yQEpRfcZFrf5iLw2c7h42yMI41PLQF+7U
JKOoh0KnLVHXBgt5jHjTqcXFpbTbgUYryywee+m3hw/mymc/RQ/3dGlk/kjaCRb7
IwyQLlsekcKJ8ZgWu4RJ4+5bLwefk3ThTBUczrRuuLu7tHwcAcp6d164uQSFt2LY
XiYfu9vx3s3G3//VxTVpThQq4KdKEXBXJB7QyktZAI+Dr7n/GuPW9PcjZ7D5ZyAU
Ri35
-----END CERTIFICATE-----
Generated at Thu Sep 7 14:42:50 2023 by rpki-client on console-ams.rpki-client.org