Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/8RR5gTcL7iZupZG8Wtu4DtCeuz0.roa
File: 8RR5gTcL7iZupZG8Wtu4DtCeuz0.roa (raw, json)
Hash identifier: 5+hpQsbHfipxIS5ZwT5JczgbFsfqWvo29JIc2boOZF8=
Subject key identifier: F1:14:79:81:37:0B:EE:26:6E:A5:91:BC:5A:DB:B8:0E:D0:9E:BB:3D
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01886A504378127413C209D7ABDBCBF45F1A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/8RR5gTcL7iZupZG8Wtu4DtCeuz0.roa
Signing time: Tue 30 May 2023 01:40:25 +0000
ROA not before: Tue 30 May 2023 01:40:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 149457
IP address blocks: 185.233.17.0/24 maxlen: 24
85.92.114.0/24 maxlen: 24
85.92.115.0/24 maxlen: 24
185.233.18.0/24 maxlen: 24
193.107.218.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:6a:50:43:78:12:74:13:c2:09:d7:ab:db:cb:f4:5f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: May 30 01:40:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f1147981370bee266ea591bc5adbb80ed09ebb3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:28:95:d9:5e:b9:1a:0d:38:93:c6:1c:7a:0a:
65:5e:2a:b0:80:66:b3:2e:01:3e:99:e8:5c:ef:c1:
14:08:d0:9e:60:a3:ae:6d:67:e4:28:c1:a2:0b:3f:
82:f7:83:e1:15:f1:86:8e:6f:2b:52:81:01:5a:b9:
87:06:19:d9:31:d1:d9:cf:78:85:cc:da:41:9c:41:
b9:47:83:f9:68:14:2c:ec:7f:57:72:4d:bc:a6:3f:
b9:bd:be:48:c8:c8:91:aa:7b:17:d8:ac:94:f8:51:
b4:b5:2f:c3:2a:83:1d:5a:4f:a2:84:84:98:76:36:
e8:c8:de:a2:39:1b:c1:c5:36:12:05:dd:73:10:be:
71:3e:39:1d:ad:df:c7:e1:ac:d5:40:d4:78:73:b6:
69:87:36:4d:38:ac:97:3a:8b:92:95:f5:c2:ed:db:
36:fc:e5:b1:10:bf:70:b0:8f:46:82:7a:64:c8:b4:
ff:f0:e7:a6:49:d0:16:6c:62:87:ab:35:3d:a2:85:
b0:e0:fc:5c:62:9d:13:9f:b9:b6:93:8a:b4:79:05:
3d:36:5b:c4:e0:68:1f:43:1a:65:f4:7c:bd:bf:75:
4a:f5:02:2b:93:b2:2e:f7:92:9f:c5:3f:27:11:a0:
6d:d7:41:05:d6:0b:5f:a1:53:e9:c8:1e:aa:fe:17:
c4:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:14:79:81:37:0B:EE:26:6E:A5:91:BC:5A:DB:B8:0E:D0:9E:BB:3D
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/8RR5gTcL7iZupZG8Wtu4DtCeuz0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.114.0/23
185.233.17.0-185.233.18.255
193.107.218.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:3b:e3:17:94:f9:58:0b:d6:77:59:32:fc:2a:8f:e9:85:90:
0a:22:66:31:3b:94:7b:8f:6a:3d:82:cd:74:77:ae:08:bd:a9:
a0:d7:1c:b8:82:91:82:c7:b6:72:5f:31:7b:fa:38:03:d6:a2:
dc:9f:84:69:b1:43:a7:be:ac:33:0a:3f:d9:d5:e9:94:4e:ce:
32:a3:c5:d1:47:c6:0f:c0:44:1d:36:de:81:9a:96:ff:ac:44:
d8:be:ae:ce:a6:d1:8b:24:0e:5a:52:4a:7c:3d:ca:35:64:a3:
8c:1c:ca:55:89:cc:73:3a:8f:7a:81:0b:e2:6e:b0:a0:9a:ae:
76:8d:34:da:16:27:a7:83:75:ba:cc:27:92:e2:a3:9f:cc:cc:
72:48:1c:6d:a9:65:9e:55:c0:18:de:15:2a:52:a4:b1:d9:a2:
0f:3b:81:5d:78:20:00:61:64:b2:76:e8:77:34:54:ed:6f:16:
9c:0f:5e:a3:ac:68:42:3a:34:22:74:05:b7:4e:92:94:85:68:
a7:3b:ed:8e:d4:44:15:d5:e6:a5:83:0f:02:1d:3e:57:8d:df:
c3:48:81:9d:08:70:df:cb:95:37:97:a1:27:fe:18:90:f6:aa:
46:1c:c8:1f:d7:be:76:3f:25:15:49:18:bb:1d:7b:a7:b2:68:
95:34:c2:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYhqUEN4EnQTwgnXq9vL9F8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjMwNTMwMDE0MDI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTE0Nzk4MTM3MGJlZTI2NmVhNTkxYmM1YWRiYjgwZWQwOWViYjNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhiiV2V65Gg04k8YcegplXiqwgGaz
LgE+mehc78EUCNCeYKOubWfkKMGiCz+C94PhFfGGjm8rUoEBWrmHBhnZMdHZz3iF
zNpBnEG5R4P5aBQs7H9Xck28pj+5vb5IyMiRqnsX2KyU+FG0tS/DKoMdWk+ihISY
djboyN6iORvBxTYSBd1zEL5xPjkdrd/H4azVQNR4c7ZphzZNOKyXOouSlfXC7ds2
/OWxEL9wsI9GgnpkyLT/8OemSdAWbGKHqzU9ooWw4PxcYp0Tn7m2k4q0eQU9NlvE
4GgfQxpl9Hy9v3VK9QIrk7Iu95KfxT8nEaBt10EF1gtfoVPpyB6q/hfEZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFPEUeYE3C+4mbqWRvFrbuA7Qnrs9MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvOFJSNWdUY0w3aVp1cFpHOFd0dTREdENldXowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBVVxyMAwD
BAC56REDBAC56RIDBADBa9owDQYJKoZIhvcNAQELBQADggEBAJ474xeU+VgL1ndZ
Mvwqj+mFkAoiZjE7lHuPaj2CzXR3rgi9qaDXHLiCkYLHtnJfMXv6OAPWotyfhGmx
Q6e+rDMKP9nV6ZROzjKjxdFHxg/ARB023oGalv+sRNi+rs6m0YskDlpSSnw9yjVk
o4wcylWJzHM6j3qBC+JusKCarnaNNNoWJ6eDdbrMJ5Lio5/MzHJIHG2pZZ5VwBje
FSpSpLHZog87gV14IABhZLJ26Hc0VO1vFpwPXqOsaEI6NCJ0BbdOkpSFaKc77Y7U
RBXV5qWDDwIdPleN38NIgZ0IcN/LlTeXoSf+GJD2qkYcyB/XvnY/JRVJGLsde6ey
aJU0wtg=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:46 2023 by rpki-client on console-ams.rpki-client.org