Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/08F3YKw2B7_aVoocAB7Y0G2u9wk.roa
File: 08F3YKw2B7_aVoocAB7Y0G2u9wk.roa (raw, json)
Hash identifier: 98MiWEdj6vBrZ3VjUL2afI7CJHudz7OHZNW6HJAmKgY=
Subject key identifier: D3:C1:77:60:AC:36:07:BF:DA:56:8A:1C:00:1E:D8:D0:6D:AE:F7:09
Certificate issuer: /CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Certificate serial: 018649558B734F9DEA851E2DA29E61E814A2
Authority key identifier: E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/08F3YKw2B7_aVoocAB7Y0G2u9wk.roa
Signing time: Mon 13 Feb 2023 05:53:08 +0000
ROA not before: Mon 13 Feb 2023 05:53:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 94.188.215.0/24 maxlen: 24
94.188.214.0/24 maxlen: 24
94.188.225.0/24 maxlen: 24
94.188.226.0/24 maxlen: 24
94.188.224.0/24 maxlen: 24
94.188.229.0/24 maxlen: 24
94.188.231.0/24 maxlen: 24
94.188.227.0/24 maxlen: 24
94.188.239.0/24 maxlen: 24
94.188.201.0/24 maxlen: 24
94.188.202.0/24 maxlen: 24
94.188.211.0/24 maxlen: 24
94.188.212.0/24 maxlen: 24
94.188.137.0/24 maxlen: 24
92.61.230.0/24 maxlen: 24
92.61.228.0/24 maxlen: 24
92.61.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:55:8b:73:4f:9d:ea:85:1e:2d:a2:9e:61:e8:14:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2d5bb401180e55f5c165d47908dff4fe29a0d86
Validity
Not Before: Feb 13 05:53:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d3c17760ac3607bfda568a1c001ed8d06daef709
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a4:50:e1:84:56:ac:ed:13:a3:1c:70:09:57:
0a:45:d3:c8:af:0f:43:c9:2a:c7:d0:8f:18:78:0c:
59:a9:b4:2f:e5:7a:20:93:6d:d7:89:5e:a0:d3:ea:
92:4b:71:42:f7:c1:74:2d:8e:7c:0c:69:fd:bb:e0:
2a:e3:f8:9c:45:82:8e:eb:8a:70:57:3a:5c:f7:46:
08:f8:12:f0:4b:3e:f6:10:77:a8:32:02:b9:8e:0f:
a2:4d:8e:b9:f6:a7:e1:10:6f:7f:31:b2:74:78:b9:
06:8c:c4:4d:1b:bf:9a:c3:28:b9:68:4e:61:d2:d0:
b2:53:46:a8:c6:08:0d:03:ac:5f:9a:ce:ff:57:88:
28:5e:eb:02:b4:0f:87:0e:7d:e7:ab:ec:52:61:5e:
7b:9d:00:81:6c:2e:57:84:ee:6b:0d:ce:40:99:c3:
1c:a3:b9:86:fe:77:b2:fe:f6:ef:47:4f:f7:22:a9:
cb:6b:ac:fc:6a:2f:51:86:a2:9e:0b:80:f1:04:e4:
c9:c1:b6:87:83:5b:32:7c:3c:fd:70:74:82:3f:f6:
34:e9:d5:34:a2:4f:cf:36:17:6c:7c:95:d8:82:0f:
c3:9d:1f:11:1c:18:18:6d:c7:c6:6d:1a:f4:57:2f:
fe:10:7c:25:c8:57:8e:9b:7f:d5:83:7d:8f:29:33:
cd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:C1:77:60:AC:36:07:BF:DA:56:8A:1C:00:1E:D8:D0:6D:AE:F7:09
X509v3 Authority Key Identifier:
keyid:E2:D5:BB:40:11:80:E5:5F:5C:16:5D:47:90:8D:FF:4F:E2:9A:0D:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4tW7QBGA5V9cFl1HkI3_T-KaDYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/08F3YKw2B7_aVoocAB7Y0G2u9wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/86297a-d219-4567-9171-421e6bc7e2e8/1/4tW7QBGA5V9cFl1HkI3_T-KaDYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.228.0/24
92.61.230.0/24
92.61.238.0/24
94.188.137.0/24
94.188.201.0-94.188.202.255
94.188.211.0-94.188.212.255
94.188.214.0/23
94.188.224.0/22
94.188.229.0/24
94.188.231.0/24
94.188.239.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b4:c8:d7:35:a8:81:8b:6c:c1:b9:b6:e1:29:7b:6e:f8:d8:
fe:16:d0:75:35:06:79:7b:fb:15:0a:ba:7a:20:e0:a1:6f:9d:
00:27:ee:33:81:82:14:d8:e0:99:74:5b:4e:bf:b0:62:78:c6:
37:ea:d2:dd:76:84:91:e7:80:2f:7b:e1:25:49:a6:78:65:3f:
28:99:07:49:af:9a:bd:e5:65:b8:77:b7:2c:42:26:d2:f5:5f:
c3:e9:e8:d5:38:9e:86:fc:aa:fb:c8:4b:a2:56:5d:b8:08:7a:
1f:8c:a7:d2:e7:fb:76:ba:3e:0b:23:88:52:de:49:81:96:83:
ee:ee:58:45:5f:85:4f:f7:8e:19:4d:5e:ba:13:37:a8:e2:f5:
48:5d:de:b1:45:7d:bc:e9:e9:2b:48:0e:be:ea:d9:23:0c:54:
be:f9:d6:5f:a3:9d:62:89:69:21:bc:e6:f8:74:2e:bf:81:71:
d5:d8:bb:f4:ab:30:2f:6e:45:85:08:95:0d:ec:b2:b9:1d:48:
d5:cf:ad:1f:06:f0:54:77:9e:8b:7f:68:0d:27:8e:fd:ee:5e:
42:e1:0b:42:76:fe:44:cc:65:c9:28:61:eb:dd:75:38:7f:66:
99:63:80:24:6d:71:66:b1:83:0d:b3:15:12:63:4d:7f:55:7e:
97:f5:7d:23
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYZJVYtzT53qhR4top5h6BSiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyZDViYjQwMTE4MGU1NWY1YzE2NWQ0NzkwOGRmZjRmZTI5
YTBkODYwHhcNMjMwMjEzMDU1MzA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2MxNzc2MGFjMzYwN2JmZGE1NjhhMWMwMDFlZDhkMDZkYWVmNzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6RQ4YRWrO0ToxxwCVcKRdPIrw9D
ySrH0I8YeAxZqbQv5Xogk23XiV6g0+qSS3FC98F0LY58DGn9u+Aq4/icRYKO64pw
Vzpc90YI+BLwSz72EHeoMgK5jg+iTY659qfhEG9/MbJ0eLkGjMRNG7+awyi5aE5h
0tCyU0aoxggNA6xfms7/V4goXusCtA+HDn3nq+xSYV57nQCBbC5XhO5rDc5AmcMc
o7mG/ney/vbvR0/3IqnLa6z8ai9RhqKeC4DxBOTJwbaHg1syfDz9cHSCP/Y06dU0
ok/PNhdsfJXYgg/DnR8RHBgYbcfGbRr0Vy/+EHwlyFeOm3/Vg32PKTPNEwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFNPBd2CsNge/2laKHAAe2NBtrvcJMB8GA1UdIwQY
MBaAFOLVu0ARgOVfXBZdR5CN/0/img2GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEt
NDIxZTZiYzdlMmU4LzEvMDhGM1lLdzJCN19hVm9vY0FCN1kwRzJ1OXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS84NjI5N2EtZDIxOS00NTY3LTkxNzEtNDIxZTZiYzdlMmU4
LzEvNHRXN1FCR0E1VjljRmwxSGtJM19ULUthRFlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAXD3kAwQA
XD3mAwQAXD3uAwQAXryJMAwDBABevMkDBABevMowDAMEAF680wMEAF681AMEAV68
1gMEAl684AMEAF685QMEAF685wMEAF687zANBgkqhkiG9w0BAQsFAAOCAQEAWrTI
1zWogYtswbm24Sl7bvjY/hbQdTUGeXv7FQq6eiDgoW+dACfuM4GCFNjgmXRbTr+w
YnjGN+rS3XaEkeeAL3vhJUmmeGU/KJkHSa+aveVluHe3LEIm0vVfw+no1Tiehvyq
+8hLolZduAh6H4yn0uf7dro+CyOIUt5JgZaD7u5YRV+FT/eOGU1euhM3qOL1SF3e
sUV9vOnpK0gOvurZIwxUvvnWX6OdYolpIbzm+HQuv4Fx1di79KswL25FhQiVDeyy
uR1I1c+tHwbwVHeei39oDSeO/e5eQuELQnb+RMxlyShh6911OH9mmWOAJG1xZrGD
DbMVEmNNf1V+l/V9Iw==
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:19:30 2024 by rpki-client on console-fra.rpki-client.org