Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/zI6tevRSBPOSSTf7SJKuHwtbYzY.roa
File: zI6tevRSBPOSSTf7SJKuHwtbYzY.roa (raw, json)
Hash identifier: xUek+d7oJnGEYQdSYOe6VJ8Z3dN5weSb8i0MdB2xKw4=
Subject key identifier: CC:8E:AD:7A:F4:52:04:F3:92:49:37:FB:48:92:AE:1F:0B:5B:63:36
Certificate issuer: /CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Certificate serial: 018570B086BBDED6671CA0673CA2735FBCC1
Authority key identifier: E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/zI6tevRSBPOSSTf7SJKuHwtbYzY.roa
Signing time: Mon 02 Jan 2023 04:14:55 +0000
ROA not before: Mon 02 Jan 2023 04:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34354
IP address blocks: 89.221.120.0/24 maxlen: 24
89.221.120.0/23 maxlen: 23
89.221.122.0/23 maxlen: 23
89.221.124.0/23 maxlen: 23
89.221.126.0/23 maxlen: 23
89.221.112.0/23 maxlen: 23
85.158.72.0/23 maxlen: 23
85.158.74.0/23 maxlen: 23
85.158.76.0/23 maxlen: 23
85.158.78.0/23 maxlen: 23
89.221.114.0/23 maxlen: 23
89.221.116.0/23 maxlen: 23
89.221.118.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:b0:86:bb:de:d6:67:1c:a0:67:3c:a2:73:5f:bc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a1b36552f9daccb92ac5c3b44b426d643749e2
Validity
Not Before: Jan 2 04:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc8ead7af45204f3924937fb4892ae1f0b5b6336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:eb:d3:1a:bb:8c:de:73:e0:ed:b3:54:6f:82:
2f:c9:82:40:8f:b6:d0:f1:c6:50:fe:fb:6e:aa:2d:
9e:f9:37:fa:e4:df:c8:08:d6:83:0e:dc:5b:aa:5f:
be:1f:1a:8b:e5:6d:68:d7:e7:02:7d:c7:d6:37:0b:
4d:1e:6d:ee:51:9b:76:d5:bf:1a:31:06:27:d5:a1:
29:6b:28:04:03:12:54:13:d9:d0:e0:47:b8:3c:c6:
9b:71:c1:8e:16:9f:b2:da:24:68:ed:d7:3b:43:9f:
aa:52:93:f0:0d:c7:bd:2b:d5:24:81:eb:e8:b6:6b:
aa:55:d8:72:7a:ba:9c:cf:a9:3d:09:ed:09:1b:cc:
9b:03:44:75:cd:ea:7a:85:1a:1f:1b:fe:56:19:89:
94:d7:7f:a6:f4:9a:66:59:b8:20:98:9b:10:84:2a:
e3:b0:b0:ea:e7:95:69:a2:af:db:e3:69:29:3c:6f:
f2:f9:ad:50:a0:30:1a:59:6b:16:d2:bd:ad:f2:8d:
30:1e:f4:23:bc:2f:ee:db:dd:f5:1d:67:ee:b2:76:
0c:f1:60:2f:ed:61:bc:f8:77:2a:66:97:69:ad:14:
d9:48:04:6d:aa:3a:19:52:d2:73:04:db:03:f0:1c:
47:24:66:7b:8c:57:01:bd:e4:cc:af:45:b7:d4:2b:
7b:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:8E:AD:7A:F4:52:04:F3:92:49:37:FB:48:92:AE:1F:0B:5B:63:36
X509v3 Authority Key Identifier:
keyid:E5:A1:B3:65:52:F9:DA:CC:B9:2A:C5:C3:B4:4B:42:6D:64:37:49:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5aGzZVL52sy5KsXDtEtCbWQ3SeI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/zI6tevRSBPOSSTf7SJKuHwtbYzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b8ea5b-3dd4-4374-a793-c5e6d23f8b09/1/5aGzZVL52sy5KsXDtEtCbWQ3SeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.158.72.0/21
89.221.112.0/20
Signature Algorithm: sha256WithRSAEncryption
b6:a9:0e:85:d8:b5:01:56:9f:45:aa:c4:49:58:28:10:30:e3:
18:08:ed:d2:df:32:8f:bd:f1:39:78:56:c3:75:18:e2:81:fb:
58:bc:d5:ce:fa:2e:12:cf:0c:9e:38:40:61:77:32:a3:c7:51:
ad:c6:76:39:48:71:79:1a:31:7e:df:ed:8c:84:0b:30:28:5c:
3b:d8:13:31:7f:eb:d4:02:e2:1a:0b:a7:d2:1d:4e:65:43:83:
d7:32:40:8a:fd:9f:68:0b:73:5f:c4:b4:e0:59:b1:2b:fa:f2:
0f:fd:74:17:89:c8:e2:0f:a8:1b:2d:c1:a4:14:34:93:77:26:
43:53:6e:17:e8:5e:59:11:52:20:89:6f:3f:38:0f:76:48:d0:
2e:3c:e2:07:f6:30:d9:03:b1:36:dc:16:d5:ea:e6:81:f2:92:
60:65:0d:93:af:e4:e2:39:c1:97:e2:27:a2:0a:96:be:38:35:
1c:87:9b:20:4d:e2:28:0e:de:d1:f3:a7:67:64:1c:44:ca:61:
17:85:92:6c:b2:60:68:1a:f9:5c:22:13:c2:e3:23:9b:62:07:
2c:d6:c7:46:b5:a6:8a:37:9a:33:31:f2:26:40:3e:dd:da:22:
36:72:1c:25:79:46:57:b9:5f:8d:e9:37:b6:09:de:0d:7b:c2:
24:4b:1e:47
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVwsIa73tZnHKBnPKJzX7zBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTFiMzY1NTJmOWRhY2NiOTJhYzVjM2I0NGI0MjZkNjQz
NzQ5ZTIwHhcNMjMwMTAyMDQxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzhlYWQ3YWY0NTIwNGYzOTI0OTM3ZmI0ODkyYWUxZjBiNWI2MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+vTGruM3nPg7bNUb4IvyYJAj7bQ
8cZQ/vtuqi2e+Tf65N/ICNaDDtxbql++HxqL5W1o1+cCfcfWNwtNHm3uUZt21b8a
MQYn1aEpaygEAxJUE9nQ4Ee4PMabccGOFp+y2iRo7dc7Q5+qUpPwDce9K9Ukgevo
tmuqVdhyerqcz6k9Ce0JG8ybA0R1zep6hRofG/5WGYmU13+m9JpmWbggmJsQhCrj
sLDq55Vpoq/b42kpPG/y+a1QoDAaWWsW0r2t8o0wHvQjvC/u2931HWfusnYM8WAv
7WG8+HcqZpdprRTZSARtqjoZUtJzBNsD8BxHJGZ7jFcBveTMr0W31Ct7pwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyOrXr0UgTzkkk3+0iSrh8LW2M2MB8GA1UdIwQY
MBaAFOWhs2VS+drMuSrFw7RLQm1kN0niMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMt
YzVlNmQyM2Y4YjA5LzEvekk2dGV2UlNCUE9TU1RmN1NKS3VId3RiWXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iOGVhNWItM2RkNC00Mzc0LWE3OTMtYzVlNmQyM2Y4YjA5
LzEvNWFHelpWTDUyc3k1S3NYRHRFdENiV1EzU2VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDVZ5IAwQE
Wd1wMA0GCSqGSIb3DQEBCwUAA4IBAQC2qQ6F2LUBVp9FqsRJWCgQMOMYCO3S3zKP
vfE5eFbDdRjigftYvNXO+i4SzwyeOEBhdzKjx1GtxnY5SHF5GjF+3+2MhAswKFw7
2BMxf+vUAuIaC6fSHU5lQ4PXMkCK/Z9oC3NfxLTgWbEr+vIP/XQXicjiD6gbLcGk
FDSTdyZDU24X6F5ZEVIgiW8/OA92SNAuPOIH9jDZA7E23BbV6uaB8pJgZQ2Tr+Ti
OcGX4ieiCpa+ODUch5sgTeIoDt7R86dnZBxEymEXhZJssmBoGvlcIhPC4yObYgcs
1sdGtaaKN5ozMfImQD7d2iI2chwleUZXuV+N6Te2Cd4Ne8IkSx5H
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:09 2024 by rpki-client on console-ams.rpki-client.org