Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/lWSp0d1dW-LnV0jgUqGJ_onhuzk.roa
File: lWSp0d1dW-LnV0jgUqGJ_onhuzk.roa (raw, json)
Hash identifier: U7DcCbQm0BovJ/jakL/JfE033ZN4TMFO0WB/wjsk5c0=
Subject key identifier: 95:64:A9:D1:DD:5D:5B:E2:E7:57:48:E0:52:A1:89:FE:89:E1:BB:39
Certificate issuer: /CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Certificate serial: 01864A9CBAF70098EFD4B86EBF8608317F18
Authority key identifier: C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/lWSp0d1dW-LnV0jgUqGJ_onhuzk.roa
Signing time: Mon 13 Feb 2023 11:50:30 +0000
ROA not before: Mon 13 Feb 2023 11:50:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16342
IP address blocks: 85.89.160.0/20 maxlen: 20
77.237.0.0/19 maxlen: 19
85.89.176.0/20 maxlen: 20
185.67.216.0/22 maxlen: 22
185.67.217.0/24 maxlen: 24
185.67.216.0/24 maxlen: 24
185.67.218.0/24 maxlen: 24
185.67.219.0/24 maxlen: 24
31.182.0.0/15 maxlen: 18
217.113.224.0/20 maxlen: 20
2a03:af80::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 08:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4a:9c:ba:f7:00:98:ef:d4:b8:6e:bf:86:08:31:7f:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7983b3a9758fcbe78733d9155aed266c882a23c
Validity
Not Before: Feb 13 11:50:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=9564a9d1dd5d5be2e75748e052a189fe89e1bb39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:96:7c:ba:56:42:01:cc:f6:e1:dc:73:30:a8:
6f:7f:66:46:2a:c7:c4:2d:71:16:80:7c:f6:e9:ae:
f8:13:dd:96:62:58:e7:97:31:a8:f6:e4:dc:16:97:
6e:4f:27:c5:b4:b1:b1:bf:b9:81:e6:4a:37:60:e1:
5e:27:d1:58:b7:bb:af:44:8a:1d:14:5e:a9:69:dc:
65:02:11:a8:60:47:e8:13:d9:d0:29:44:88:72:b9:
86:7a:05:27:d7:4c:ca:71:1d:77:74:ae:98:0f:44:
1d:83:70:e9:42:1f:65:e7:66:33:8e:d5:3b:54:0b:
93:c7:4a:1e:a8:59:1d:49:5a:f0:a9:6d:48:ad:df:
c3:ce:66:d8:4f:ce:02:81:1d:a7:51:e7:88:a8:ed:
eb:a0:fd:50:a9:0d:8d:e8:23:75:47:24:06:39:49:
89:cf:f9:11:4f:59:0e:9a:be:5f:08:3e:6a:5e:de:
fb:2a:fd:95:f0:f3:03:0d:79:f2:d0:28:32:56:1f:
19:08:0b:84:3d:ef:f8:a0:9a:52:91:0e:db:26:df:
e5:ba:81:68:1b:f7:0a:58:69:55:e2:7f:23:e8:d7:
74:6d:27:50:cf:55:fc:08:fe:3f:c9:e8:20:5c:95:
f5:63:c1:69:6d:06:9e:00:7c:c2:42:88:78:34:3a:
91:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:64:A9:D1:DD:5D:5B:E2:E7:57:48:E0:52:A1:89:FE:89:E1:BB:39
X509v3 Authority Key Identifier:
keyid:C7:98:3B:3A:97:58:FC:BE:78:73:3D:91:55:AE:D2:66:C8:82:A2:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x5g7OpdY_L54cz2RVa7SZsiCojw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/lWSp0d1dW-LnV0jgUqGJ_onhuzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/811d16-b513-47ed-9e71-238405f2cde9/1/x5g7OpdY_L54cz2RVa7SZsiCojw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.182.0.0/15
77.237.0.0/19
85.89.160.0/19
185.67.216.0/22
217.113.224.0/20
IPv6:
2a03:af80::/29
Signature Algorithm: sha256WithRSAEncryption
7a:9e:0c:df:80:0f:a0:31:85:24:fa:e0:1d:7f:a0:e4:15:5e:
29:2e:f7:9f:f1:4f:dc:3a:0f:90:b3:c8:2d:c9:93:3f:71:cd:
dc:c0:bc:ea:81:5c:8d:81:ba:a1:01:2c:37:ad:05:77:99:94:
68:cb:d0:7f:07:d7:1c:2e:13:c6:5c:92:83:99:9b:1b:56:f4:
43:b6:d7:0e:92:8f:1c:8b:cc:ac:a6:95:90:bd:62:27:fc:c6:
cd:16:fd:bf:24:45:df:c7:c1:6f:f0:25:b4:32:e7:3c:35:55:
40:5a:b5:ce:bd:b7:4a:ab:b4:e2:41:dc:89:a2:eb:ce:b8:a4:
f6:94:4d:5f:b0:d4:50:b7:11:e1:70:ae:b7:ec:6f:bf:40:c7:
a4:58:e7:aa:ae:9e:69:57:90:38:2b:21:ee:f6:38:8d:2e:66:
76:f8:c0:db:89:d1:fc:d1:92:50:cf:6e:a2:10:d4:c0:d7:cd:
d7:15:60:09:b6:fc:25:51:97:99:e0:74:a6:5d:53:c9:5c:0f:
92:c0:38:2e:9a:7b:44:0e:a4:8b:10:65:27:5d:ba:b4:95:09:
df:bf:ed:7f:1a:91:6b:79:8b:92:2a:05:3e:70:7c:c0:01:a2:
24:34:80:2b:48:87:04:74:66:41:88:83:b5:a2:f2:08:33:d3:
ca:c2:55:f5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYZKnLr3AJjv1Lhuv4YIMX8YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3OTgzYjNhOTc1OGZjYmU3ODczM2Q5MTU1YWVkMjY2Yzg4
MmEyM2MwHhcNMjMwMjEzMTE1MDMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTY0YTlkMWRkNWQ1YmUyZTc1NzQ4ZTA1MmExODlmZTg5ZTFiYjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJZ8ulZCAcz24dxzMKhvf2ZGKsfE
LXEWgHz26a74E92WYljnlzGo9uTcFpduTyfFtLGxv7mB5ko3YOFeJ9FYt7uvRIod
FF6padxlAhGoYEfoE9nQKUSIcrmGegUn10zKcR13dK6YD0Qdg3DpQh9l52YzjtU7
VAuTx0oeqFkdSVrwqW1Ird/DzmbYT84CgR2nUeeIqO3roP1QqQ2N6CN1RyQGOUmJ
z/kRT1kOmr5fCD5qXt77Kv2V8PMDDXny0CgyVh8ZCAuEPe/4oJpSkQ7bJt/luoFo
G/cKWGlV4n8j6Nd0bSdQz1X8CP4/yeggXJX1Y8FpbQaeAHzCQoh4NDqRSwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJVkqdHdXVvi51dI4FKhif6J4bs5MB8GA1UdIwQY
MBaAFMeYOzqXWPy+eHM9kVWu0mbIgqI8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEt
MjM4NDA1ZjJjZGU5LzEvbFdTcDBkMWRXLUxuVjBqZ1VxR0pfb25odXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MTFkMTYtYjUxMy00N2VkLTllNzEtMjM4NDA1ZjJjZGU5
LzEveDVnN09wZFlfTDU0Y3oyUlZhN1Nac2lDb2p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMBH7YDBAVN
7QADBAVVWaADBAK5Q9gDBATZceAwDQQCAAIwBwMFAyoDr4AwDQYJKoZIhvcNAQEL
BQADggEBAHqeDN+AD6AxhST64B1/oOQVXiku95/xT9w6D5CzyC3Jkz9xzdzAvOqB
XI2BuqEBLDetBXeZlGjL0H8H1xwuE8ZckoOZmxtW9EO21w6SjxyLzKymlZC9Yif8
xs0W/b8kRd/HwW/wJbQy5zw1VUBatc69t0qrtOJB3Imi6864pPaUTV+w1FC3EeFw
rrfsb79Ax6RY56qunmlXkDgrIe72OI0uZnb4wNuJ0fzRklDPbqIQ1MDXzdcVYAm2
/CVRl5ngdKZdU8lcD5LAOC6ae0QOpIsQZSddurSVCd+/7X8akWt5i5IqBT5wfMAB
oiQ0gCtIhwR0ZkGIg7Wi8ggz08rCVfU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:04:23 2024 by rpki-client on console-ams.rpki-client.org