Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ZITkY9F5t5oCJ1vlmIHFqulfxDY.roa
File: ZITkY9F5t5oCJ1vlmIHFqulfxDY.roa (raw, json)
Hash identifier: FTEgpTLc0xnWCLutIXeNA/gUMLJVmEbRxf742eZDvZw=
Subject key identifier: 64:84:E4:63:D1:79:B7:9A:02:27:5B:E5:98:81:C5:AA:E9:5F:C4:36
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01888CA5212DC51E0C4A2A37A99438357AC6
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ZITkY9F5t5oCJ1vlmIHFqulfxDY.roa
Signing time: Mon 05 Jun 2023 17:40:12 +0000
ROA not before: Mon 05 Jun 2023 17:40:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
188.215.73.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8c:a5:21:2d:c5:1e:0c:4a:2a:37:a9:94:38:35:7a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jun 5 17:40:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6484e463d179b79a02275be59881c5aae95fc436
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:84:fa:0e:68:8c:8e:71:f3:55:59:d8:bf:
22:ce:f0:1c:2a:b5:4d:6d:57:04:55:12:e3:3a:0b:
23:84:e9:43:e0:d8:0c:f5:ff:db:65:f0:5a:ac:56:
95:44:e3:e5:c7:79:44:28:0b:22:2c:4e:ab:65:79:
92:a0:00:19:da:16:dc:18:bc:67:b3:9e:ee:2c:3b:
ef:3a:25:8b:ce:1f:08:25:a3:26:43:cc:84:5b:2b:
14:ec:87:dc:c0:c1:2c:40:d1:cf:e2:64:c2:cf:42:
10:72:b2:29:51:04:77:1c:dc:c7:74:bb:8c:a4:84:
6a:0d:7a:b1:23:3b:48:90:ed:4e:b2:63:30:47:47:
0f:55:d4:45:f8:c2:36:83:b6:ac:d6:eb:52:3a:d5:
da:0b:45:c1:aa:97:70:02:21:0d:83:ed:85:5e:54:
bc:d0:d7:4e:e6:db:dd:21:3f:8b:53:80:d5:c4:1b:
25:57:2e:5a:37:96:f1:47:ae:8f:83:dd:fb:63:69:
25:c3:c1:28:78:ed:c3:15:88:c8:99:be:e3:22:61:
25:b2:43:98:44:22:25:97:e8:bc:98:9f:0f:1d:e5:
7a:4a:8c:bb:f2:a0:b6:01:4e:83:8d:4d:9c:6e:36:
7d:1a:96:d3:7c:ab:3c:23:cc:d1:be:49:a6:06:f8:
7e:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:84:E4:63:D1:79:B7:9A:02:27:5B:E5:98:81:C5:AA:E9:5F:C4:36
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/ZITkY9F5t5oCJ1vlmIHFqulfxDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.39.252.0/24
89.43.40.0/24
89.43.42.0/24
89.43.44.0-89.43.46.255
89.43.73.0/24
93.113.158.0/24
93.114.55.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
48:6f:b7:67:2c:0b:3f:bf:b5:b2:bf:62:5b:ff:f0:b9:b2:97:
58:81:c5:5e:3a:a2:6e:eb:9a:b9:48:06:cb:ae:0e:b2:24:ae:
e2:e9:16:5c:ee:d8:28:7c:4e:8e:62:98:5f:b4:99:3d:3c:cc:
98:55:d4:e5:dc:70:44:b3:7f:b4:1c:70:95:e4:bc:67:2e:fb:
d9:82:17:78:e7:48:66:4e:90:ef:dc:99:5b:6c:3b:aa:06:6e:
42:9a:96:42:b7:b9:e2:05:25:4e:df:4d:7d:ae:31:13:8c:e3:
1b:13:1b:75:6d:0e:98:e8:12:0e:3a:18:75:42:24:71:db:da:
e4:72:6f:49:86:d3:cb:f1:34:a9:7e:06:16:46:18:01:a6:30:
40:b3:28:73:b1:2c:54:59:e0:13:23:38:fd:e4:38:3b:ea:be:
e2:c7:d5:2c:14:ef:4c:bd:dc:0c:e9:35:70:d3:ce:c6:37:70:
f0:3c:ff:3d:87:11:c7:20:27:e6:29:62:c4:ae:bc:ab:94:38:
86:3a:62:ae:fb:6f:73:0c:9f:5a:fb:f5:54:3f:af:c5:02:c6:
4a:75:67:d7:84:46:71:11:47:06:c3:04:c3:bb:b4:9b:7b:4f:
6f:0c:aa:ce:76:85:41:3e:f4:e6:19:e2:f4:94:04:cc:0d:c2:
92:0b:82:ba
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAYiMpSEtxR4MSio3qZQ4NXrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjMwNjA1MTc0MDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg0ZTQ2M2QxNzliNzlhMDIyNzViZTU5ODgxYzVhYWU5NWZjNDM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFKE+g5ojI5x81VZ2L8izvAcKrVN
bVcEVRLjOgsjhOlD4NgM9f/bZfBarFaVROPlx3lEKAsiLE6rZXmSoAAZ2hbcGLxn
s57uLDvvOiWLzh8IJaMmQ8yEWysU7IfcwMEsQNHP4mTCz0IQcrIpUQR3HNzHdLuM
pIRqDXqxIztIkO1OsmMwR0cPVdRF+MI2g7as1utSOtXaC0XBqpdwAiENg+2FXlS8
0NdO5tvdIT+LU4DVxBslVy5aN5bxR66Pg937Y2klw8EoeO3DFYjImb7jImElskOY
RCIll+i8mJ8PHeV6Soy78qC2AU6DjU2cbjZ9GpbTfKs8I8zRvkmmBvh+/wIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFGSE5GPRebeaAidb5ZiBxarpX8Q2MB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvWklUa1k5RjV0NW9DSjF2bG1JSEZxdWxmeERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTBuBAIAATBoAwQAVcx9
AwQAVcx/AwQAVmpQAwQAWSGjAwQDWSIIAwQAWSf8AwQAWSsoAwQAWSsqMAwDBAJZ
KywDBABZKy4DBABZK0kDBABdcZ4DBABdcjcDBABdcrsDBAC81RIDBAG810gDBAC8
8A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0BAQsFAAOCAQEASG+3ZywLP7+1
sr9iW//wubKXWIHFXjqibuuauUgGy64OsiSu4ukWXO7YKHxOjmKYX7SZPTzMmFXU
5dxwRLN/tBxwleS8Zy772YIXeOdIZk6Q79yZW2w7qgZuQpqWQre54gUlTt9Nfa4x
E4zjGxMbdW0OmOgSDjoYdUIkcdva5HJvSYbTy/E0qX4GFkYYAaYwQLMoc7EsVFng
EyM4/eQ4O+q+4sfVLBTvTL3cDOk1cNPOxjdw8Dz/PYcRxyAn5ilixK68q5Q4hjpi
rvtvcwyfWvv1VD+vxQLGSnVn14RGcRFHBsMEw7u0m3tPbwyqznaFQT705hni9JQE
zA3CkguCug==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org