Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa
File: e9VXKHpKA-K95D3gY32SF-43mN4.roa (raw, json)
Hash identifier: /O5BMROCzGEGLwbWjhQvwhpotR3PusLAdpU8ZEmdz5E=
Subject key identifier: 7B:D5:57:28:7A:4A:03:E2:BD:E4:3D:E0:63:7D:92:17:EE:37:98:DE
Certificate issuer: /CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Certificate serial: 01856F670997651D4A85CA2F454CEE1EA2ED
Authority key identifier: CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa
Signing time: Sun 01 Jan 2023 22:15:01 +0000
ROA not before: Sun 01 Jan 2023 22:15:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202779
IP address blocks: 213.173.96.0/19 maxlen: 19
213.244.248.0/21 maxlen: 21
185.154.156.0/24 maxlen: 24
185.154.159.0/24 maxlen: 24
185.154.157.0/24 maxlen: 24
185.154.158.0/24 maxlen: 24
91.201.220.0/24 maxlen: 24
91.201.220.0/22 maxlen: 22
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:67:09:97:65:1d:4a:85:ca:2f:45:4c:ee:1e:a2:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc777a08a4564548b518ec3864b341e1fa5225ea
Validity
Not Before: Jan 1 22:15:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7bd557287a4a03e2bde43de0637d9217ee3798de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:0c:86:14:83:43:57:70:3f:4e:61:02:bb:1a:
1b:e0:49:be:7c:d9:05:02:67:59:84:ba:7d:22:a9:
0f:76:69:87:c9:bf:c1:1e:fc:c3:fc:d4:0d:aa:27:
4e:d8:78:88:87:1b:c9:72:fe:8c:24:4b:5b:22:57:
b9:91:36:fe:18:b6:89:1b:70:e4:50:1f:07:b5:f5:
e5:66:43:f1:a5:3a:26:19:a5:49:89:ce:56:e9:1f:
5b:9a:81:41:b6:ff:3d:e3:d6:9b:2c:db:1a:77:f6:
39:0d:a7:af:07:8e:d3:ba:e9:ad:0b:3f:ab:0a:b4:
f6:f7:18:e9:42:03:d6:a9:ce:8e:2a:dd:68:3d:ea:
fe:5d:ab:cc:ab:da:35:a6:77:87:05:88:a9:a7:f7:
9e:7b:b0:19:1a:9a:9e:27:8b:2e:2b:c5:a9:da:90:
c5:ca:6a:b0:d6:b9:28:2a:1e:37:11:4e:71:11:02:
dc:95:b3:aa:b2:c2:70:96:7b:0c:d3:bb:38:0d:af:
02:34:0c:11:8d:85:34:ff:93:58:08:dd:15:f4:be:
df:c5:c8:4e:56:e4:09:94:73:e6:21:c9:9e:1c:64:
49:1d:5b:77:b3:55:dc:24:64:59:cc:a2:a6:7d:87:
2a:da:01:3b:51:ab:90:97:54:dd:fb:bf:16:be:b8:
e5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D5:57:28:7A:4A:03:E2:BD:E4:3D:E0:63:7D:92:17:EE:37:98:DE
X509v3 Authority Key Identifier:
keyid:CC:77:7A:08:A4:56:45:48:B5:18:EC:38:64:B3:41:E1:FA:52:25:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/e9VXKHpKA-K95D3gY32SF-43mN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/a72a4b-0693-4d1b-9bfc-767b0cc80c08/1/zHd6CKRWRUi1GOw4ZLNB4fpSJeo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.220.0/22
185.154.156.0/22
213.173.96.0/19
213.244.248.0/21
Signature Algorithm: sha256WithRSAEncryption
39:4b:38:1e:b7:6a:60:cb:ac:7c:d8:50:96:83:9f:33:73:a3:
61:cb:4c:0f:70:14:d7:60:34:b5:f2:02:7f:0a:b7:ff:43:f1:
c2:5d:0b:b1:d4:d2:5d:ea:1a:b5:2d:78:27:84:73:e6:1f:80:
6a:4f:0f:23:54:4f:29:92:1a:81:4d:10:35:9f:fa:19:88:52:
16:df:b2:75:1a:32:4c:91:76:17:26:8d:b3:2f:8f:63:03:88:
86:3d:19:52:fb:93:63:82:7c:57:8c:fb:98:a6:3f:d0:16:c6:
36:9e:78:56:49:cb:51:77:dd:5b:b1:67:1d:44:99:c7:38:6d:
da:7a:5e:16:0e:f3:a7:a6:c0:c5:2f:d0:ef:31:66:b8:39:5e:
83:98:99:cb:f1:96:d0:58:7f:97:30:8e:6c:4d:ba:6a:e9:0d:
e9:ce:99:dc:3d:c5:b6:06:a0:1e:53:07:c6:aa:82:fd:e9:a0:
d6:1d:30:41:88:c3:ea:6e:0a:2a:01:8e:0c:6a:ba:78:cd:ee:
71:a4:a8:47:e4:76:c2:98:17:6a:17:83:cd:26:3b:6a:98:ea:
32:9f:d2:08:39:c5:38:e3:31:12:18:e6:04:3d:a7:f0:e4:6c:
e1:52:ff:4a:8c:83:a9:bb:28:15:50:8f:ec:95:c5:49:28:95:
70:23:ab:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVvZwmXZR1KhcovRUzuHqLtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNzc3YTA4YTQ1NjQ1NDhiNTE4ZWMzODY0YjM0MWUxZmE1
MjI1ZWEwHhcNMjMwMTAxMjIxNTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQ1NTcyODdhNGEwM2UyYmRlNDNkZTA2MzdkOTIxN2VlMzc5OGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7AyGFINDV3A/TmECuxob4Em+fNkF
AmdZhLp9IqkPdmmHyb/BHvzD/NQNqidO2HiIhxvJcv6MJEtbIle5kTb+GLaJG3Dk
UB8HtfXlZkPxpTomGaVJic5W6R9bmoFBtv8949abLNsad/Y5DaevB47TuumtCz+r
CrT29xjpQgPWqc6OKt1oPer+XavMq9o1pneHBYipp/eee7AZGpqeJ4suK8Wp2pDF
ymqw1rkoKh43EU5xEQLclbOqssJwlnsM07s4Da8CNAwRjYU0/5NYCN0V9L7fxchO
VuQJlHPmIcmeHGRJHVt3s1XcJGRZzKKmfYcq2gE7UauQl1Td+78WvrjlMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHvVVyh6SgPiveQ94GN9khfuN5jeMB8GA1UdIwQY
MBaAFMx3egikVkVItRjsOGSzQeH6UiXqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMt
NzY3YjBjYzgwYzA4LzEvZTlWWEtIcEtBLUs5NUQzZ1kzMlNGLTQzbU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9hNzJhNGItMDY5My00ZDFiLTliZmMtNzY3YjBjYzgwYzA4
LzEvekhkNkNLUldSVWkxR093NFpMTkI0ZnBTSmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8ncAwQC
uZqcAwQF1a1gAwQD1fT4MA0GCSqGSIb3DQEBCwUAA4IBAQA5Szget2pgy6x82FCW
g58zc6Nhy0wPcBTXYDS18gJ/Crf/Q/HCXQux1NJd6hq1LXgnhHPmH4BqTw8jVE8p
khqBTRA1n/oZiFIW37J1GjJMkXYXJo2zL49jA4iGPRlS+5NjgnxXjPuYpj/QFsY2
nnhWSctRd91bsWcdRJnHOG3ael4WDvOnpsDFL9DvMWa4OV6DmJnL8ZbQWH+XMI5s
Tbpq6Q3pzpncPcW2BqAeUwfGqoL96aDWHTBBiMPqbgoqAY4Marp4ze5xpKhH5HbC
mBdqF4PNJjtqmOoyn9IIOcU44zESGOYEPafw5GzhUv9KjIOpuygVUI/slcVJKJVw
I6s8
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:30 2023 by rpki-client on console-fra.rpki-client.org