Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/CeEPxhdX9pseEquSr8r7R7CsQ98.roa
File: CeEPxhdX9pseEquSr8r7R7CsQ98.roa (raw, json)
Hash identifier: A+JNwMRf8oqA6H+6U/HaIMD7Hb7e/RcwxhIEeEWYbCk=
Subject key identifier: 09:E1:0F:C6:17:57:F6:9B:1E:12:AB:92:AF:CA:FB:47:B0:AC:43:DF
Certificate issuer: /CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Certificate serial: 0188763C6F3D0C035E67252FE598C0BE5489
Authority key identifier: E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/CeEPxhdX9pseEquSr8r7R7CsQ98.roa
Signing time: Thu 01 Jun 2023 09:14:12 +0000
ROA not before: Thu 01 Jun 2023 09:14:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207594
IP address blocks: 85.116.152.0/22 maxlen: 22
85.116.152.0/21 maxlen: 21
85.116.148.0/22 maxlen: 22
85.116.158.0/24 maxlen: 24
85.116.159.0/24 maxlen: 24
85.116.156.0/23 maxlen: 23
185.30.80.0/22 maxlen: 22
185.68.192.0/22 maxlen: 22
2a00:a2a0::/32 maxlen: 32
2a05:10c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:76:3c:6f:3d:0c:03:5e:67:25:2f:e5:98:c0:be:54:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e14f264fa4a4c90dcb4a99cccec50c5508f44498
Validity
Not Before: Jun 1 09:14:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=09e10fc61757f69b1e12ab92afcafb47b0ac43df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:ba:70:c5:4c:0c:63:d7:fd:79:30:c4:dd:
bc:54:c7:3a:63:2f:7d:f8:c3:da:f9:3f:83:96:fc:
85:42:61:63:57:63:86:c1:f2:de:27:12:ae:36:a4:
d1:68:38:11:8a:46:ac:cb:55:72:22:38:9e:75:40:
91:b9:dc:83:9a:d8:7d:93:5b:d5:c8:4d:ef:61:4b:
f4:8c:28:5a:bf:21:2e:32:74:b8:a2:19:7b:c5:23:
c6:6a:f1:7e:41:23:d8:b8:96:65:f0:94:61:1f:9f:
a9:d6:b8:99:36:f4:f3:e9:61:9b:40:2c:ce:c8:01:
6e:be:0c:75:f6:85:66:05:a0:ca:bf:2f:ed:1a:d1:
20:a3:f8:6a:6c:fd:a5:c8:b8:6c:79:19:77:d5:3b:
dd:b2:4c:c7:01:95:61:a7:a5:f5:4b:50:96:c4:6f:
b0:34:9e:3e:b9:da:c5:b6:8e:0e:ea:05:fd:c6:a9:
9b:2a:73:f5:f3:8b:a2:55:3d:50:3d:a8:a9:fe:39:
05:49:d5:06:e0:a8:fd:8a:ad:58:2a:e2:96:4e:2c:
45:26:f5:18:65:29:ec:21:91:74:29:79:b2:90:96:
c6:ef:00:79:ae:a6:a7:37:6c:f5:ca:a8:ed:83:b0:
11:bd:02:c0:31:80:d2:1f:3d:7c:bd:87:30:f2:a3:
50:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E1:0F:C6:17:57:F6:9B:1E:12:AB:92:AF:CA:FB:47:B0:AC:43:DF
X509v3 Authority Key Identifier:
keyid:E1:4F:26:4F:A4:A4:C9:0D:CB:4A:99:CC:CE:C5:0C:55:08:F4:44:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/CeEPxhdX9pseEquSr8r7R7CsQ98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/4159c3-814d-4001-8527-139043749c48/1/4U8mT6SkyQ3LSpnMzsUMVQj0RJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.148.0-85.116.159.255
185.30.80.0/22
185.68.192.0/22
IPv6:
2a00:a2a0::/32
2a05:10c0::/29
Signature Algorithm: sha256WithRSAEncryption
61:91:d6:3d:89:2c:af:25:e5:c0:d5:2b:ed:d6:3e:d0:3c:8d:
a6:14:08:20:38:b9:f8:c7:c6:1a:12:3d:a3:59:bd:fd:0b:81:
05:a5:bd:a8:7e:d2:6f:bd:d2:0f:1f:6a:73:10:bd:7d:24:1d:
cf:58:31:2f:72:7d:38:fb:2b:02:5b:53:0f:56:11:8c:e6:a0:
cc:ee:bd:0b:19:44:aa:b6:c0:78:0f:44:ba:d4:eb:c8:04:6c:
c0:49:f2:4b:4f:b7:2b:7d:67:eb:c3:68:2f:ab:f3:15:23:3f:
4a:67:ff:4c:d3:96:5f:26:db:e8:c9:47:99:be:1d:c3:bd:5e:
3c:5b:bb:bb:f3:a9:02:3d:39:5a:29:66:e8:69:4b:86:33:c5:
38:e2:3d:b7:ed:dc:70:ba:24:97:22:cd:c8:af:1d:76:a2:dc:
a2:0d:9e:a1:a2:6e:1c:26:d5:ff:70:ad:c6:a0:fd:3d:da:96:
24:6f:0f:bc:ae:f9:9b:da:16:ce:8a:16:61:18:3d:f8:2d:9c:
9d:42:4e:d8:84:fd:66:2a:33:ec:41:a3:c2:cf:f7:c0:20:4a:
94:cf:d6:d2:79:8c:60:d4:73:e2:40:10:70:1f:93:51:b0:03:
3f:8f:fe:56:48:50:31:d2:34:3b:bd:8d:9d:60:f2:47:77:a5:
83:40:a3:87
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYh2PG89DANeZyUv5ZjAvlSJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNGYyNjRmYTRhNGM5MGRjYjRhOTljY2NlYzUwYzU1MDhm
NDQ0OTgwHhcNMjMwNjAxMDkxNDEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWUxMGZjNjE3NTdmNjliMWUxMmFiOTJhZmNhZmI0N2IwYWM0M2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPK6cMVMDGPX/XkwxN28VMc6Yy99
+MPa+T+DlvyFQmFjV2OGwfLeJxKuNqTRaDgRikasy1VyIjiedUCRudyDmth9k1vV
yE3vYUv0jChavyEuMnS4ohl7xSPGavF+QSPYuJZl8JRhH5+p1riZNvTz6WGbQCzO
yAFuvgx19oVmBaDKvy/tGtEgo/hqbP2lyLhseRl31TvdskzHAZVhp6X1S1CWxG+w
NJ4+udrFto4O6gX9xqmbKnP184uiVT1QPaip/jkFSdUG4Kj9iq1YKuKWTixFJvUY
ZSnsIZF0KXmykJbG7wB5rqanN2z1yqjtg7ARvQLAMYDSHz18vYcw8qNQMwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAnhD8YXV/abHhKrkq/K+0ewrEPfMB8GA1UdIwQY
MBaAFOFPJk+kpMkNy0qZzM7FDFUI9ESYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1Mjct
MTM5MDQzNzQ5YzQ4LzEvQ2VFUHhoZFg5cHNlRXF1U3I4cjdSN0NzUTk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy80MTU5YzMtODE0ZC00MDAxLTg1MjctMTM5MDQzNzQ5YzQ4
LzEvNFU4bVQ2U2t5UTNMU3BuTXpzVU1WUWowUkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAgBAIAATAaMAwDBAJVdJQD
BAVVdIADBAK5HlADBAK5RMAwFAQCAAIwDgMFACoAoqADBQMqBRDAMA0GCSqGSIb3
DQEBCwUAA4IBAQBhkdY9iSyvJeXA1Svt1j7QPI2mFAggOLn4x8YaEj2jWb39C4EF
pb2oftJvvdIPH2pzEL19JB3PWDEvcn04+ysCW1MPVhGM5qDM7r0LGUSqtsB4D0S6
1OvIBGzASfJLT7crfWfrw2gvq/MVIz9KZ/9M05ZfJtvoyUeZvh3DvV48W7u786kC
PTlaKWboaUuGM8U44j237dxwuiSXIs3Irx12otyiDZ6hom4cJtX/cK3GoP092pYk
bw+8rvmb2hbOihZhGD34LZydQk7YhP1mKjPsQaPCz/fAIEqUz9bSeYxg1HPiQBBw
H5NRsAM/j/5WSFAx0jQ7vY2dYPJHd6WDQKOH
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:09:48 2024 by rpki-client on console-fra.rpki-client.org