Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/14AAnPIXOK9dQKb-o9sKaGHuFyk.roa
File: 14AAnPIXOK9dQKb-o9sKaGHuFyk.roa (raw, json)
Hash identifier: GjsEDAR0Zclbuf2omNC/21/k3ZK9M4AFzUqlODqsEXg=
Subject key identifier: D7:80:00:9C:F2:17:38:AF:5D:40:A6:FE:A3:DB:0A:68:61:EE:17:29
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01860A3B6EA16491AAC4D85CB9DB9BB7BCBF
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/14AAnPIXOK9dQKb-o9sKaGHuFyk.roa
Signing time: Tue 31 Jan 2023 23:48:32 +0000
ROA not before: Tue 31 Jan 2023 23:48:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58212
IP address blocks: 185.236.8.0/24 maxlen: 24
185.236.11.0/24 maxlen: 24
185.255.112.0/24 maxlen: 24
85.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0a:3b:6e:a1:64:91:aa:c4:d8:5c:b9:db:9b:b7:bc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 31 23:48:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d780009cf21738af5d40a6fea3db0a6861ee1729
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f8:14:49:d4:1a:3f:47:f6:84:4a:11:66:5b:
e7:14:7c:d7:a6:96:7e:99:0e:11:d2:90:92:27:bd:
26:d4:2a:a7:98:47:16:82:33:00:e4:e2:cb:f2:5d:
e1:ca:14:e8:81:c9:8d:03:bb:85:44:99:aa:42:71:
f0:34:a5:18:86:e9:e1:61:54:4e:60:af:f6:c4:86:
dc:af:2c:f0:d2:c4:2e:eb:fe:3b:21:50:12:b4:2e:
e1:dc:71:57:2b:26:dc:99:7d:d3:bc:95:49:1d:78:
b8:a0:21:65:27:3e:b0:c6:59:b0:f8:a8:ab:d0:a6:
44:41:32:28:f2:1a:c9:41:c9:49:6d:1e:ac:c5:49:
54:79:c1:3c:45:0c:a2:80:18:a0:0c:24:ac:f7:30:
e9:25:41:dd:33:a1:39:dc:9d:b2:b3:76:d4:0b:4f:
06:df:fc:54:0c:7d:0f:2d:f6:32:89:d1:58:ee:8c:
79:a4:ca:aa:3b:c7:ec:a2:7f:d6:9e:b8:87:c5:4c:
96:3a:b7:58:d9:85:c2:a3:e2:02:70:65:f9:c3:45:
a6:cf:7e:66:52:aa:78:61:9c:9f:b0:a9:27:8c:2c:
b3:b8:e7:7f:1b:b1:89:8c:6b:da:20:77:38:b5:d0:
db:f3:f3:7f:67:7c:7b:77:e3:34:91:81:37:30:b7:
ec:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:80:00:9C:F2:17:38:AF:5D:40:A6:FE:A3:DB:0A:68:61:EE:17:29
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/14AAnPIXOK9dQKb-o9sKaGHuFyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.117.243.0/24
185.236.8.0/24
185.236.11.0/24
185.255.112.0/24
Signature Algorithm: sha256WithRSAEncryption
21:06:64:4a:f6:f2:1c:59:04:20:3b:8e:de:57:07:cc:da:a0:
be:b0:41:53:3a:c3:28:f4:6f:0f:48:d6:8e:62:4b:53:88:73:
8d:c6:d3:8e:df:3a:b2:c7:5f:97:66:de:2b:4f:06:f0:2f:7a:
22:fd:44:97:97:b1:a8:c3:e4:23:d9:61:d8:f5:fb:e6:2a:e2:
2d:1f:2b:1e:0c:05:69:b9:71:b5:2f:5a:84:4f:4b:f6:dc:cc:
39:2e:b0:3a:14:75:5f:af:97:1f:0c:03:c7:0f:c6:9d:86:53:
11:56:45:01:09:db:28:c1:65:60:72:1d:aa:8a:72:ae:7c:75:
c2:75:f6:25:e0:06:c7:db:a2:43:9f:d6:5d:41:9e:d7:fb:aa:
10:85:f0:a2:29:f9:00:fd:cc:68:19:c2:81:74:38:56:c8:7d:
20:29:bb:12:1b:4e:a9:22:a6:55:9b:5d:c2:86:04:c3:c0:44:
5d:88:b3:32:79:08:f5:36:c1:2b:cf:67:ee:66:37:d3:3d:4a:
81:6b:d9:0b:c7:76:1f:2f:fe:f2:7d:d7:99:ff:06:79:11:5f:
f8:8c:f3:bc:70:e2:67:c4:18:3b:29:ba:d4:2f:62:02:80:8a:
40:72:c7:e9:53:99:3f:73:19:9d:14:d4:65:bb:26:23:6f:63:
ee:a1:4a:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYYKO26hZJGqxNhcudubt7y/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwMTMxMjM0ODMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzgwMDA5Y2YyMTczOGFmNWQ0MGE2ZmVhM2RiMGE2ODYxZWUxNzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvgUSdQaP0f2hEoRZlvnFHzXppZ+
mQ4R0pCSJ70m1CqnmEcWgjMA5OLL8l3hyhTogcmNA7uFRJmqQnHwNKUYhunhYVRO
YK/2xIbcryzw0sQu6/47IVAStC7h3HFXKybcmX3TvJVJHXi4oCFlJz6wxlmw+Kir
0KZEQTIo8hrJQclJbR6sxUlUecE8RQyigBigDCSs9zDpJUHdM6E53J2ys3bUC08G
3/xUDH0PLfYyidFY7ox5pMqqO8fson/WnriHxUyWOrdY2YXCo+ICcGX5w0Wmz35m
Uqp4YZyfsKknjCyzuOd/G7GJjGvaIHc4tdDb8/N/Z3x7d+M0kYE3MLfsxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNeAAJzyFzivXUCm/qPbCmhh7hcpMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvMTRBQW5QSVhPSzlkUUtiLW85c0thR0h1RnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVXXzAwQA
uewIAwQAuewLAwQAuf9wMA0GCSqGSIb3DQEBCwUAA4IBAQAhBmRK9vIcWQQgO47e
VwfM2qC+sEFTOsMo9G8PSNaOYktTiHONxtOO3zqyx1+XZt4rTwbwL3oi/USXl7Go
w+Qj2WHY9fvmKuItHyseDAVpuXG1L1qET0v23Mw5LrA6FHVfr5cfDAPHD8adhlMR
VkUBCdsowWVgch2qinKufHXCdfYl4AbH26JDn9ZdQZ7X+6oQhfCiKfkA/cxoGcKB
dDhWyH0gKbsSG06pIqZVm13ChgTDwERdiLMyeQj1NsErz2fuZjfTPUqBa9kLx3Yf
L/7yfdeZ/wZ5EV/4jPO8cOJnxBg7KbrUL2ICgIpAcsfpU5k/cxmdFNRluyYjb2Pu
oUrA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:34 2023 by rpki-client on console-fra.rpki-client.org