Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/g90XrslHhJXB2fA3zacaj4uI-40.roa
File: g90XrslHhJXB2fA3zacaj4uI-40.roa (raw, json)
Hash identifier: 6IUkU7q0OczdQ5N99u+4vShK6igxat+Zqq2dbXgnX40=
Subject key identifier: 83:DD:17:AE:C9:47:84:95:C1:D9:F0:37:CD:A7:1A:8F:8B:88:FB:8D
Certificate issuer: /CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Certificate serial: 018572A7E5968ABA72562ECD661144702416
Authority key identifier: C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/g90XrslHhJXB2fA3zacaj4uI-40.roa
Signing time: Mon 02 Jan 2023 13:24:43 +0000
ROA not before: Mon 02 Jan 2023 13:24:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 205451
IP address blocks: 195.47.232.0/24 maxlen: 24
185.117.112.0/22 maxlen: 22
2a0c:3180::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:a7:e5:96:8a:ba:72:56:2e:cd:66:11:44:70:24:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3a49f65a3d680c428fd94d67e65a2709f0292cf
Validity
Not Before: Jan 2 13:24:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=83dd17aec9478495c1d9f037cda71a8f8b88fb8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a6:21:a9:d5:92:cc:fa:2e:25:90:3c:a0:10:
9e:2e:6b:c7:35:aa:ba:71:c7:21:dc:77:32:41:3e:
44:2e:2a:a1:7c:42:41:f6:c9:f1:bc:1b:70:90:e7:
f8:5d:29:81:15:3c:d4:9a:27:b8:65:93:be:5f:3e:
01:97:c0:90:47:5e:8f:2f:68:af:f2:48:42:5b:ed:
74:8a:ed:e2:c7:1d:ef:c6:c0:97:d6:70:e6:82:d4:
44:62:e0:1b:9d:21:31:4d:f2:5a:6c:6a:16:e0:04:
3a:98:23:66:69:cd:60:e0:19:b5:dd:8a:a1:d7:88:
b6:b6:74:b9:8d:04:a3:ec:ce:bf:8c:4c:65:bf:88:
b6:35:8a:93:7a:a0:17:dd:53:43:26:9e:90:a8:fd:
9f:02:1c:fa:df:10:31:0f:df:1e:12:c7:72:68:ef:
65:a4:89:91:a8:5e:ba:ea:f7:25:2d:74:e1:69:2d:
f0:82:82:36:a8:61:da:00:82:30:de:97:57:78:08:
2b:3e:c0:74:05:63:c7:d8:a4:fc:e1:39:ba:0d:be:
ef:c5:56:24:99:85:1e:ce:d7:75:08:87:cd:01:81:
e5:c8:d2:d5:cd:d1:d8:f6:f3:49:e2:1e:61:75:cf:
36:67:ed:1c:15:c4:7a:b3:08:be:ef:43:cf:40:ff:
9e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:DD:17:AE:C9:47:84:95:C1:D9:F0:37:CD:A7:1A:8F:8B:88:FB:8D
X509v3 Authority Key Identifier:
keyid:C3:A4:9F:65:A3:D6:80:C4:28:FD:94:D6:7E:65:A2:70:9F:02:92:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/g90XrslHhJXB2fA3zacaj4uI-40.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/04e8dd-de3c-47fa-a024-f33797e39bb2/1/w6SfZaPWgMQo_ZTWfmWicJ8Cks8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.112.0/22
195.47.232.0/24
IPv6:
2a0c:3180::/32
Signature Algorithm: sha256WithRSAEncryption
26:7c:bf:b8:1a:68:5f:99:bb:4b:1d:61:6a:2d:b5:5f:4d:57:
6e:c5:44:2e:a8:26:0f:e8:f2:5c:41:5b:b3:f6:2c:0d:eb:ee:
37:d4:f9:b0:b3:29:ea:42:b3:74:66:4f:90:5d:83:2e:2a:1b:
1c:ee:db:6c:20:c1:41:8f:90:ce:8c:4d:7f:b4:02:e0:69:a7:
04:bd:6c:a5:dd:95:7b:4d:42:f8:10:b3:c7:a3:2f:31:d5:5d:
44:02:06:7e:f1:3e:b6:b2:fb:5e:13:db:f0:25:63:8b:fe:b2:
7e:77:c9:00:05:d0:a8:20:e6:1a:41:01:e2:c6:97:45:69:28:
2b:60:63:86:de:6c:53:72:32:96:99:7f:39:09:22:d6:4b:a1:
9b:6b:0b:2d:34:20:6b:5a:bb:79:95:77:33:1d:45:4f:2c:7d:
53:fd:6c:24:24:5f:32:fa:c2:a0:73:e7:a7:71:7f:03:c9:2d:
ae:de:53:bb:5c:bf:a3:42:01:6f:17:6c:77:0a:75:eb:c9:70:
dc:d1:d1:5f:b2:8f:ff:b0:fd:5d:3e:2f:7f:4f:b6:f8:37:a8:
bb:85:b3:37:bc:4c:5d:38:30:08:ad:82:be:6e:26:54:e6:f1:
f4:5f:80:3f:c0:f3:2f:ad:c7:de:f9:26:f7:04:1a:9f:c6:f9:
ca:7d:9c:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyp+WWirpyVi7NZhFEcCQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYTQ5ZjY1YTNkNjgwYzQyOGZkOTRkNjdlNjVhMjcwOWYw
MjkyY2YwHhcNMjMwMTAyMTMyNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2RkMTdhZWM5NDc4NDk1YzFkOWYwMzdjZGE3MWE4ZjhiODhmYjhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaYhqdWSzPouJZA8oBCeLmvHNaq6
ccch3HcyQT5ELiqhfEJB9snxvBtwkOf4XSmBFTzUmie4ZZO+Xz4Bl8CQR16PL2iv
8khCW+10iu3ixx3vxsCX1nDmgtREYuAbnSExTfJabGoW4AQ6mCNmac1g4Bm13Yqh
14i2tnS5jQSj7M6/jExlv4i2NYqTeqAX3VNDJp6QqP2fAhz63xAxD98eEsdyaO9l
pImRqF666vclLXThaS3wgoI2qGHaAIIw3pdXeAgrPsB0BWPH2KT84Tm6Db7vxVYk
mYUeztd1CIfNAYHlyNLVzdHY9vNJ4h5hdc82Z+0cFcR6swi+70PPQP+eOwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIPdF67JR4SVwdnwN82nGo+LiPuNMB8GA1UdIwQY
MBaAFMOkn2Wj1oDEKP2U1n5lonCfApLPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQt
ZjMzNzk3ZTM5YmIyLzEvZzkwWHJzbEhoSlhCMmZBM3phY2FqNHVJLTQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8wNGU4ZGQtZGUzYy00N2ZhLWEwMjQtZjMzNzk3ZTM5YmIy
LzEvdzZTZlphUFdnTVFvX1pUV2ZtV2ljSjhDa3M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXVwAwQA
wy/oMA0EAgACMAcDBQAqDDGAMA0GCSqGSIb3DQEBCwUAA4IBAQAmfL+4GmhfmbtL
HWFqLbVfTVduxUQuqCYP6PJcQVuz9iwN6+431PmwsynqQrN0Zk+QXYMuKhsc7tts
IMFBj5DOjE1/tALgaacEvWyl3ZV7TUL4ELPHoy8x1V1EAgZ+8T62svteE9vwJWOL
/rJ+d8kABdCoIOYaQQHixpdFaSgrYGOG3mxTcjKWmX85CSLWS6GbawstNCBrWrt5
lXczHUVPLH1T/WwkJF8y+sKgc+encX8DyS2u3lO7XL+jQgFvF2x3CnXryXDc0dFf
so//sP1dPi9/T7b4N6i7hbM3vExdODAIrYK+biZU5vH0X4A/wPMvrcfe+Sb3BBqf
xvnKfZzx
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:18:51 2024 by rpki-client on console-fra.rpki-client.org