Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/zoB6u9pIZCJuyJcqROLfjOk0ie0.roa
File: zoB6u9pIZCJuyJcqROLfjOk0ie0.roa (raw, json)
Hash identifier: 8/wdlC1Puir/ri0Bnn9jAahGpolYyGM9Jhcvv4l0X3U=
Subject key identifier: CE:80:7A:BB:DA:48:64:22:6E:C8:97:2A:44:E2:DF:8C:E9:34:89:ED
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018BDDBAB0DA4BEF8B8867D9D1263B1136A3
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/zoB6u9pIZCJuyJcqROLfjOk0ie0.roa
Signing time: Fri 17 Nov 2023 14:41:21 +0000
ROA not before: Fri 17 Nov 2023 14:41:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204746
IP address blocks: 86.38.35.0/24 maxlen: 24
89.117.223.0/24 maxlen: 24
89.117.246.0/24 maxlen: 24
89.117.243.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:dd:ba:b0:da:4b:ef:8b:88:67:d9:d1:26:3b:11:36:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Nov 17 14:41:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce807abbda4864226ec8972a44e2df8ce93489ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:92:40:30:0f:40:b7:f3:3a:5b:d1:ca:94:cc:
7b:90:1f:6a:f7:42:c5:04:5b:94:ce:07:bf:bd:b3:
8c:6e:ee:8e:33:55:d1:82:a5:99:3d:a3:7d:57:18:
96:63:3c:77:e3:bc:a5:33:4a:82:4d:5b:ca:de:a3:
ed:b6:f8:23:92:0a:f2:a8:75:1f:20:33:79:1c:6c:
9c:c1:c8:87:8b:b1:7f:86:d0:f2:c6:5f:f2:67:3b:
d7:d4:60:dd:3e:22:19:a0:60:1d:87:98:7a:74:6e:
6a:5b:0d:1e:7e:25:4e:a3:8d:3c:6e:61:9e:3a:12:
0b:5a:b1:b2:7f:e0:a9:e0:df:bd:fa:40:d6:c0:af:
01:5b:3c:8a:85:07:df:43:bd:7e:1c:b5:02:5a:90:
8f:7d:7b:60:6b:3d:13:04:6f:48:55:40:41:30:cf:
d6:ed:97:ff:f7:84:a6:e6:e9:59:64:c0:41:a7:b8:
25:e1:19:ff:28:ad:91:61:01:a3:6c:a3:cd:6c:0d:
3c:3b:1c:63:9e:26:ec:c7:51:b0:ee:d7:79:93:14:
02:14:64:67:e0:33:33:89:92:21:49:76:ad:fe:a7:
8b:dc:4a:fc:f6:3e:f6:26:ce:e2:07:0c:9e:0a:7a:
ef:70:0c:d0:49:8e:5b:42:09:ec:05:7d:19:69:1e:
4e:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:80:7A:BB:DA:48:64:22:6E:C8:97:2A:44:E2:DF:8C:E9:34:89:ED
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/zoB6u9pIZCJuyJcqROLfjOk0ie0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.35.0/24
89.117.223.0/24
89.117.243.0/24
89.117.246.0/24
Signature Algorithm: sha256WithRSAEncryption
21:d5:7b:e8:54:a2:64:47:8c:d3:8c:6c:4e:24:e0:da:bb:30:
6e:5d:e7:89:89:3b:c2:0b:7b:53:ba:c6:cc:5c:ff:1e:7a:ee:
82:85:cc:f1:d8:d9:a2:fa:6c:75:e9:fb:13:72:64:b5:48:e0:
34:c6:da:5d:08:6f:ef:7d:2d:f6:d9:68:b1:04:c9:3c:01:b7:
e8:de:20:52:85:67:ca:81:b7:38:03:cc:7c:34:17:a8:6d:06:
02:88:33:86:3f:8c:63:65:64:49:a7:7e:29:45:f3:5f:c2:33:
48:b6:0d:c2:91:87:28:d2:ef:60:bd:1a:92:fd:1f:0a:1b:f4:
2e:b2:e5:06:8c:cb:51:c6:34:64:79:49:47:ae:ca:77:01:3e:
69:52:43:23:1a:a4:8a:f1:9f:c2:e7:f6:d3:3f:e7:be:f0:43:
80:5c:f1:ff:a7:77:4c:00:5e:e8:f5:c5:45:3b:31:28:e5:e5:
b8:51:41:b1:2c:a8:83:85:4a:49:62:1d:a3:ed:db:99:8e:55:
d3:77:6f:21:95:d7:0f:4c:94:53:35:80:26:82:44:a6:0b:58:
b0:b2:63:9f:97:5b:0a:3b:33:59:7a:0d:f9:d5:d6:80:df:1c:
6c:d4:56:f6:67:90:f7:bb:df:aa:30:80:40:42:66:f6:91:f1:
a3:48:a6:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYvdurDaS++LiGfZ0SY7ETajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjMxMTE3MTQ0MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTgwN2FiYmRhNDg2NDIyNmVjODk3MmE0NGUyZGY4Y2U5MzQ4OWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZJAMA9At/M6W9HKlMx7kB9q90LF
BFuUzge/vbOMbu6OM1XRgqWZPaN9VxiWYzx347ylM0qCTVvK3qPttvgjkgryqHUf
IDN5HGycwciHi7F/htDyxl/yZzvX1GDdPiIZoGAdh5h6dG5qWw0efiVOo408bmGe
OhILWrGyf+Cp4N+9+kDWwK8BWzyKhQffQ71+HLUCWpCPfXtgaz0TBG9IVUBBMM/W
7Zf/94Sm5ulZZMBBp7gl4Rn/KK2RYQGjbKPNbA08Oxxjnibsx1Gw7td5kxQCFGRn
4DMziZIhSXat/qeL3Er89j72Js7iBwyeCnrvcAzQSY5bQgnsBX0ZaR5OQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM6AervaSGQibsiXKkTi34zpNIntMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvem9CNnU5cElaQ0p1eUpjcVJPTGZqT2swaWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAViYjAwQA
WXXfAwQAWXXzAwQAWXX2MA0GCSqGSIb3DQEBCwUAA4IBAQAh1XvoVKJkR4zTjGxO
JODauzBuXeeJiTvCC3tTusbMXP8eeu6Chczx2Nmi+mx16fsTcmS1SOA0xtpdCG/v
fS322WixBMk8Abfo3iBShWfKgbc4A8x8NBeobQYCiDOGP4xjZWRJp34pRfNfwjNI
tg3CkYco0u9gvRqS/R8KG/QusuUGjMtRxjRkeUlHrsp3AT5pUkMjGqSK8Z/C5/bT
P+e+8EOAXPH/p3dMAF7o9cVFOzEo5eW4UUGxLKiDhUpJYh2j7duZjlXTd28hldcP
TJRTNYAmgkSmC1iwsmOfl1sKOzNZeg351daA3xxs1Fb2Z5D3u9+qMIBAQmb2kfGj
SKZp
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:46 2024 by rpki-client on console-fra.rpki-client.org