Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/iWNKX0zKlpX2inJWW3Ct8zspTlg.roa
File: iWNKX0zKlpX2inJWW3Ct8zspTlg.roa (raw, json)
Hash identifier: Kgw9Ho3pgusuoonCtXDiRctcYJeDlw/DkXRuRe/nCIc=
Subject key identifier: 89:63:4A:5F:4C:CA:96:95:F6:8A:72:56:5B:70:AD:F3:3B:29:4E:58
Certificate issuer: /CN=8f3818554a51808eefb829ec7465a3222f270123
Certificate serial: 01856C53CB4DDD20C5BB1F6E16537EB8B200
Authority key identifier: 8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/iWNKX0zKlpX2inJWW3Ct8zspTlg.roa
Signing time: Sun 01 Jan 2023 07:55:08 +0000
ROA not before: Sun 01 Jan 2023 07:55:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34829
IP address blocks: 213.135.90.0/23 maxlen: 23
213.135.88.0/23 maxlen: 23
213.135.88.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 28 Mar 2023 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:53:cb:4d:dd:20:c5:bb:1f:6e:16:53:7e:b8:b2:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f3818554a51808eefb829ec7465a3222f270123
Validity
Not Before: Jan 1 07:55:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=89634a5f4cca9695f68a72565b70adf33b294e58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:99:43:ee:17:28:ae:b2:19:b6:e4:fe:e4:1a:
0a:e9:dc:ff:b2:a2:8f:52:ae:0c:a5:d0:a3:6e:79:
26:b8:09:82:8b:24:c8:32:6d:35:72:3f:e5:f6:3e:
43:db:8a:e7:f2:76:a0:60:21:73:c6:23:3a:bf:de:
e6:2e:11:57:51:5c:73:32:d5:fa:6d:e3:e7:2e:c4:
de:63:27:ab:47:cc:2c:f2:da:4a:18:c5:68:df:c1:
75:8f:63:f3:84:73:6d:12:27:63:5c:62:de:8d:72:
a4:66:d6:54:d4:ed:4d:6c:b7:89:dd:ec:4c:72:c8:
ba:b4:88:fe:1c:ea:95:52:71:5c:fd:a5:54:3b:c6:
34:57:3c:a4:df:28:18:cb:42:b3:b7:34:1c:c9:bd:
f2:3f:15:c1:f3:a4:78:61:e7:c2:42:66:85:0b:fc:
e9:b0:0c:3f:d1:6f:da:80:fb:b2:6d:cf:35:c1:b6:
39:de:35:35:80:6f:c1:08:ce:aa:55:a0:8a:ce:2a:
9f:a0:47:81:fe:4e:7b:45:d6:c9:d0:e4:47:b5:20:
be:0b:bf:9f:83:9d:e5:18:f9:18:28:44:b9:c1:59:
f2:e4:a9:80:4a:56:df:d4:98:42:e7:33:25:62:7d:
f1:3f:1d:76:5c:a9:2e:a6:57:53:c9:32:a2:26:0f:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:63:4A:5F:4C:CA:96:95:F6:8A:72:56:5B:70:AD:F3:3B:29:4E:58
X509v3 Authority Key Identifier:
keyid:8F:38:18:55:4A:51:80:8E:EF:B8:29:EC:74:65:A3:22:2F:27:01:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jzgYVUpRgI7vuCnsdGWjIi8nASM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/iWNKX0zKlpX2inJWW3Ct8zspTlg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/09dba4-1c93-49d6-8888-bfb4ba30e45a/1/jzgYVUpRgI7vuCnsdGWjIi8nASM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.135.88.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:2f:bf:ce:a5:b3:5c:d1:11:e8:dc:34:c7:8a:93:57:cc:c1:
06:6c:48:38:f4:0d:95:19:33:83:5d:d9:cb:18:7d:89:84:70:
d0:06:f0:1a:78:ef:00:16:13:c0:35:1e:b0:43:8d:06:42:ac:
96:d6:4b:46:b0:af:20:b4:81:11:cd:52:1c:a1:01:c4:8a:77:
e3:56:0d:24:7d:71:06:97:3e:85:86:77:e7:b3:0e:f3:17:70:
ab:8f:c0:27:a1:ac:f3:a4:ee:1f:88:f2:3f:da:3a:20:ab:01:
9b:d6:4d:c4:97:28:8d:a6:57:44:b8:8a:b9:b8:4e:e4:c5:36:
95:d8:f9:0c:1a:60:75:35:a0:dd:05:7a:cc:d3:c8:9f:eb:d9:
c1:c8:af:00:43:f8:8b:51:cc:fc:0d:47:d3:b2:c3:21:38:5c:
c7:e5:5a:63:40:8f:7c:4f:58:de:a3:d9:ee:f6:f1:25:30:f5:
d3:a2:16:63:91:05:a8:f7:e8:0b:12:3e:a3:48:9f:9a:a2:3c:
15:d6:ae:59:b2:d0:07:6d:b0:73:67:ca:93:a5:9a:b0:6c:52:
bc:1d:fe:4d:25:b9:39:88:47:10:67:b2:89:a4:a7:ec:bc:d0:
4e:3c:0b:a4:8f:81:14:70:31:38:be:1c:1a:0c:92:23:88:1c:
15:4b:df:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsU8tN3SDFux9uFlN+uLIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMzgxODU1NGE1MTgwOGVlZmI4MjllYzc0NjVhMzIyMmYy
NzAxMjMwHhcNMjMwMTAxMDc1NTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTYzNGE1ZjRjY2E5Njk1ZjY4YTcyNTY1YjcwYWRmMzNiMjk0ZTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJlD7hcorrIZtuT+5BoK6dz/sqKP
Uq4MpdCjbnkmuAmCiyTIMm01cj/l9j5D24rn8nagYCFzxiM6v97mLhFXUVxzMtX6
bePnLsTeYyerR8ws8tpKGMVo38F1j2PzhHNtEidjXGLejXKkZtZU1O1NbLeJ3exM
csi6tIj+HOqVUnFc/aVUO8Y0Vzyk3ygYy0KztzQcyb3yPxXB86R4YefCQmaFC/zp
sAw/0W/agPuybc81wbY53jU1gG/BCM6qVaCKziqfoEeB/k57RdbJ0ORHtSC+C7+f
g53lGPkYKES5wVny5KmASlbf1JhC5zMlYn3xPx12XKkupldTyTKiJg/fWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIljSl9MypaV9opyVltwrfM7KU5YMB8GA1UdIwQY
MBaAFI84GFVKUYCO77gp7HRloyIvJwEjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgt
YmZiNGJhMzBlNDVhLzEvaVdOS1gwektscFgyaW5KV1czQ3Q4enNwVGxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni8wOWRiYTQtMWM5My00OWQ2LTg4ODgtYmZiNGJhMzBlNDVh
LzEvanpnWVZVcFJnSTd2dUNuc2RHV2pJaThuQVNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC1YdYMA0G
CSqGSIb3DQEBCwUAA4IBAQCsL7/OpbNc0RHo3DTHipNXzMEGbEg49A2VGTODXdnL
GH2JhHDQBvAaeO8AFhPANR6wQ40GQqyW1ktGsK8gtIERzVIcoQHEinfjVg0kfXEG
lz6Fhnfnsw7zF3Crj8AnoazzpO4fiPI/2jogqwGb1k3ElyiNpldEuIq5uE7kxTaV
2PkMGmB1NaDdBXrM08if69nByK8AQ/iLUcz8DUfTssMhOFzH5VpjQI98T1jeo9nu
9vElMPXTohZjkQWo9+gLEj6jSJ+aojwV1q5ZstAHbbBzZ8qTpZqwbFK8Hf5NJbk5
iEcQZ7KJpKfsvNBOPAukj4EUcDE4vhwaDJIjiBwVS9+4
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:36 2024 by rpki-client on console-fra.rpki-client.org