Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/CkL8pTTMSQ1rEPRC8t2oFmmtk6Y.roa
File: CkL8pTTMSQ1rEPRC8t2oFmmtk6Y.roa (raw, json)
Hash identifier: ufmsh1wg8VORl2DsQ3n+FEtSaagCsgZQGRG3HccQAGM=
Subject key identifier: 0A:42:FC:A5:34:CC:49:0D:6B:10:F4:42:F2:DD:A8:16:69:AD:93:A6
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0185CF2E522F31F57A9F48A2DB668C2F5483
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/CkL8pTTMSQ1rEPRC8t2oFmmtk6Y.roa
Signing time: Fri 20 Jan 2023 12:36:37 +0000
ROA not before: Fri 20 Jan 2023 12:36:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:2e:52:2f:31:f5:7a:9f:48:a2:db:66:8c:2f:54:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 20 12:36:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0a42fca534cc490d6b10f442f2dda81669ad93a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fe:8f:5d:6a:bb:98:44:36:ab:da:10:89:c8:
4b:9a:02:d3:04:e8:46:6e:26:3d:81:89:a2:7a:9d:
ee:99:9f:38:85:67:2b:c1:e7:fe:c4:3d:89:6d:11:
fb:ac:de:18:a6:c4:d4:2a:70:34:f1:25:4e:2c:a1:
45:f3:de:8b:6d:23:95:0f:a9:82:9c:d1:f0:e9:c8:
ae:35:31:8e:1b:34:3a:46:ea:cb:1f:62:c5:0b:d0:
b0:8d:91:47:8f:8d:d4:8d:3b:c3:4b:f9:64:9d:ab:
7a:6b:dd:d3:95:c9:49:e5:49:26:63:72:7d:4d:e1:
f9:a1:f8:92:d3:9a:98:11:81:34:ed:48:b1:f8:f0:
06:39:2a:50:4a:0a:67:7c:9a:6a:c9:45:af:2c:fd:
62:95:95:f6:8f:3f:c9:88:2d:a9:46:cb:43:3e:1c:
75:c8:93:d1:e2:b9:9d:51:a7:6b:07:81:1f:4c:07:
14:d2:87:4b:bd:1a:e0:3f:f0:22:95:c3:94:0c:b5:
b4:f3:fd:3c:96:fd:8d:ee:98:58:e1:c2:5c:fd:45:
80:f0:71:51:74:9a:25:f2:73:22:f7:f4:87:7a:46:
77:27:aa:ad:9a:1b:52:ed:32:ad:a9:33:1b:57:94:
26:84:78:8c:7b:c3:29:89:b9:a5:e0:4e:bf:9c:f3:
cc:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:42:FC:A5:34:CC:49:0D:6B:10:F4:42:F2:DD:A8:16:69:AD:93:A6
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/CkL8pTTMSQ1rEPRC8t2oFmmtk6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.42.255
89.43.44.0/24
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.99.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
17:c1:9b:82:ba:bd:ac:ec:9f:03:3d:c5:1d:fb:c6:22:44:58:
91:24:b4:f1:f5:5a:2f:a2:9f:67:23:7a:ac:92:fb:6f:80:ef:
27:68:0e:bc:9b:c2:48:cd:01:03:7d:35:69:e3:79:07:dd:18:
1f:3f:92:66:87:9b:9c:b8:ca:7b:9e:b3:c7:f1:84:53:e6:ad:
63:88:ad:ef:3d:bd:3c:9f:68:1c:66:f6:97:03:5d:ae:fd:e4:
7c:6c:4f:9b:fb:22:61:cc:9f:e3:27:a9:b6:4b:74:e6:1e:56:
20:f2:d3:57:8f:8d:ab:1a:b4:a7:03:15:ac:ee:bc:64:77:c8:
7e:24:4c:0a:cb:9b:6e:1b:86:10:f7:0c:af:e7:82:b7:e6:08:
b0:dd:f5:1b:88:42:51:e1:e0:35:fb:c7:ce:53:fd:3a:80:cb:
9b:50:3d:d6:0f:16:84:96:6c:52:56:aa:fc:44:42:b1:72:88:
5e:8f:8a:36:76:96:c1:14:5b:28:2f:e2:f9:96:5f:1d:d3:f7:
36:66:e6:8f:f7:ab:55:56:5b:19:62:6f:b6:98:ae:23:09:41:
21:20:0a:e7:d9:08:ce:18:39:a6:0a:5b:3b:22:53:76:29:db:
e8:79:51:18:8a:16:8f:ac:a4:40:47:67:64:3b:ac:6e:63:db:
e1:e7:aa:22
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYXPLlIvMfV6n0ii22aML1SDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwMTIwMTIzNjM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQyZmNhNTM0Y2M0OTBkNmIxMGY0NDJmMmRkYTgxNjY5YWQ5M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv6PXWq7mEQ2q9oQichLmgLTBOhG
biY9gYmiep3umZ84hWcrwef+xD2JbRH7rN4YpsTUKnA08SVOLKFF896LbSOVD6mC
nNHw6ciuNTGOGzQ6RurLH2LFC9CwjZFHj43UjTvDS/lknat6a93TlclJ5UkmY3J9
TeH5ofiS05qYEYE07Uix+PAGOSpQSgpnfJpqyUWvLP1ilZX2jz/JiC2pRstDPhx1
yJPR4rmdUadrB4EfTAcU0odLvRrgP/AilcOUDLW08/08lv2N7phY4cJc/UWA8HFR
dJol8nMi9/SHekZ3J6qtmhtS7TKtqTMbV5QmhHiMe8Mpibml4E6/nPPMcwIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFApC/KU0zEkNaxD0QvLdqBZprZOmMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvQ2tMOHBUVE1TUTFyRVBSQzh0Mm9GbW10azZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8MAwDBANZKygDBABZ
KyoDBABZKywDBABZK0kDBABdcZ4DBABdcjcDBABdcmMDBAC81RIDBAG810gDBAC8
8A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEAF8Gbgrq9rOyf
Az3FHfvGIkRYkSS08fVaL6KfZyN6rJL7b4DvJ2gOvJvCSM0BA301aeN5B90YHz+S
ZoebnLjKe56zx/GEU+atY4it7z29PJ9oHGb2lwNdrv3kfGxPm/siYcyf4yeptkt0
5h5WIPLTV4+Nqxq0pwMVrO68ZHfIfiRMCsubbhuGEPcMr+eCt+YIsN31G4hCUeHg
NfvHzlP9OoDLm1A91g8WhJZsUlaq/ERCsXKIXo+KNnaWwRRbKC/i+ZZfHdP3Nmbm
j/erVVZbGWJvtpiuIwlBISAK59kIzhg5pgpbOyJTdinb6HlRGIoWj6ykQEdnZDus
bmPb4eeqIg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org