Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/eICcM6Al9_xuxQRC_oq40NVYatg.roa
File: eICcM6Al9_xuxQRC_oq40NVYatg.roa (raw, json)
Hash identifier: ydN47AvnfxMIiHox6eSlUSQM4u2v8gpRe/TJaGjYwog=
Subject key identifier: 78:80:9C:33:A0:25:F7:FC:6E:C5:04:42:FE:8A:B8:D0:D5:58:6A:D8
Certificate issuer: /CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Certificate serial: 01856C9CE23E68487CF808D071C97B55E52E
Authority key identifier: 89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/eICcM6Al9_xuxQRC_oq40NVYatg.roa
Signing time: Sun 01 Jan 2023 09:14:58 +0000
ROA not before: Sun 01 Jan 2023 09:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13000
IP address blocks: 91.195.158.0/23 maxlen: 23
193.150.36.0/23 maxlen: 23
91.195.190.0/23 maxlen: 23
195.88.128.0/23 maxlen: 23
62.182.224.0/21 maxlen: 21
91.195.134.0/23 maxlen: 23
91.214.24.0/22 maxlen: 22
87.101.64.0/20 maxlen: 24
193.34.112.0/22 maxlen: 22
193.93.92.0/22 maxlen: 24
195.3.200.0/22 maxlen: 22
195.3.203.0/24 maxlen: 24
89.200.224.0/21 maxlen: 24
91.200.24.0/22 maxlen: 22
87.239.192.0/21 maxlen: 21
188.137.0.0/17 maxlen: 24
195.66.73.0/24 maxlen: 24
95.131.32.0/21 maxlen: 24
2a02:c40::/32 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:9c:e2:3e:68:48:7c:f8:08:d0:71:c9:7b:55:e5:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89a6cd9f4beb7b0c04d31ffe5c674a87a7739d21
Validity
Not Before: Jan 1 09:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78809c33a025f7fc6ec50442fe8ab8d0d5586ad8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:45:fd:c7:5a:c6:26:9a:a6:2c:1d:84:fe:39:
70:6a:65:9e:ad:47:19:59:d6:64:46:48:7c:73:06:
8b:ba:7c:3c:98:07:b1:b7:26:36:81:eb:f5:93:eb:
c0:01:8d:0f:fe:8a:b5:f0:dd:f1:e0:9b:d8:7a:e9:
e5:9e:51:d2:f2:dc:a8:f0:65:06:51:99:47:9d:97:
bb:13:39:89:51:bb:7b:b0:bd:37:12:c3:f1:bd:1b:
27:25:8c:6c:d6:0a:9e:2f:4e:85:59:d1:34:5f:61:
f7:cf:2d:ba:c4:79:eb:3c:c0:e2:02:d2:ff:b0:37:
34:12:f9:da:6a:e5:e8:cc:f3:41:3f:cd:bc:dd:4e:
41:d2:c1:f4:6a:6f:e3:2c:14:ad:7f:88:60:37:0f:
d8:bc:fc:46:90:82:0d:9e:6d:92:a7:9a:c4:93:5e:
36:55:60:6e:f3:c1:96:be:a3:e4:dd:f9:e2:2e:08:
f6:33:f5:1d:7e:18:59:5d:ed:08:bf:ff:90:e7:45:
eb:86:b3:49:53:53:25:38:59:8a:2f:17:c2:63:34:
7c:9d:a2:f9:39:ed:8b:5d:68:12:dc:66:f5:26:2c:
9f:9f:e4:5d:f0:3a:f2:77:6d:be:d8:61:c3:10:9f:
c0:d9:c1:7f:2f:cf:bd:76:c4:9e:67:04:32:5d:4e:
20:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:80:9C:33:A0:25:F7:FC:6E:C5:04:42:FE:8A:B8:D0:D5:58:6A:D8
X509v3 Authority Key Identifier:
keyid:89:A6:CD:9F:4B:EB:7B:0C:04:D3:1F:FE:5C:67:4A:87:A7:73:9D:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iabNn0vrewwE0x_-XGdKh6dznSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/eICcM6Al9_xuxQRC_oq40NVYatg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/99a4cc-4720-4a64-aa06-1f924495fcdd/1/iabNn0vrewwE0x_-XGdKh6dznSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.224.0/21
87.101.64.0/20
87.239.192.0/21
89.200.224.0/21
91.195.134.0/23
91.195.158.0/23
91.195.190.0/23
91.200.24.0/22
91.214.24.0/22
95.131.32.0/21
188.137.0.0/17
193.34.112.0/22
193.93.92.0/22
193.150.36.0/23
195.3.200.0/22
195.66.73.0/24
195.88.128.0/23
IPv6:
2a02:c40::/32
Signature Algorithm: sha256WithRSAEncryption
15:17:7d:28:b5:35:65:74:83:28:57:d2:48:8a:1e:35:60:9f:
6d:d4:1f:fe:d6:d1:75:4c:40:85:4f:8f:28:62:d3:9a:74:db:
09:82:e7:a4:7a:88:99:09:f1:a0:03:dc:b2:a4:ed:2b:9a:d9:
74:e6:da:c0:03:45:30:90:78:ef:3d:58:f2:d1:c4:a6:cf:a8:
ca:f3:be:e4:63:cd:b2:58:bc:4b:16:ac:30:e6:2b:f1:f3:9f:
53:b2:d2:28:86:2c:4e:e8:2a:ef:db:47:6e:e3:7c:8a:a8:dc:
8f:56:9a:7f:36:ee:f8:41:a3:28:79:c7:27:af:ac:c1:5d:32:
6a:46:96:0d:8e:e2:62:78:04:22:54:e9:e5:89:98:76:78:fb:
37:cc:03:37:20:ea:20:38:e0:95:be:62:f3:30:1b:ec:79:82:
3f:5d:c6:e6:94:f4:4f:e4:36:3a:71:35:d2:ee:e4:48:79:f8:
1c:a1:07:60:28:cf:0f:99:59:41:35:08:67:61:25:fa:da:7d:
8d:90:12:d4:a0:da:ca:aa:df:a9:66:05:96:f7:69:d2:cf:65:
45:68:24:2e:89:7d:de:6e:5d:53:e3:5b:cc:71:c1:39:b7:ca:
13:3f:06:65:8f:0a:24:bd:61:61:77:13:22:a0:5f:65:ee:d0:
f2:aa:9f:e5
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYVsnOI+aEh8+AjQccl7VeUuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YTZjZDlmNGJlYjdiMGMwNGQzMWZmZTVjNjc0YTg3YTc3
MzlkMjEwHhcNMjMwMTAxMDkxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODgwOWMzM2EwMjVmN2ZjNmVjNTA0NDJmZThhYjhkMGQ1NTg2YWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EX9x1rGJpqmLB2E/jlwamWerUcZ
WdZkRkh8cwaLunw8mAextyY2gev1k+vAAY0P/oq18N3x4JvYeunlnlHS8tyo8GUG
UZlHnZe7EzmJUbt7sL03EsPxvRsnJYxs1gqeL06FWdE0X2H3zy26xHnrPMDiAtL/
sDc0EvnaauXozPNBP8283U5B0sH0am/jLBStf4hgNw/YvPxGkIINnm2Sp5rEk142
VWBu88GWvqPk3fniLgj2M/UdfhhZXe0Iv/+Q50XrhrNJU1MlOFmKLxfCYzR8naL5
Oe2LXWgS3Gb1Jiyfn+Rd8Dryd22+2GHDEJ/A2cF/L8+9dsSeZwQyXU4gSQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFHiAnDOgJff8bsUEQv6KuNDVWGrYMB8GA1UdIwQY
MBaAFImmzZ9L63sMBNMf/lxnSoenc50hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYt
MWY5MjQ0OTVmY2RkLzEvZUlDY002QWw5X3h1eFFSQ19vcTQwTlZZYXRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni85OWE0Y2MtNDcyMC00YTY0LWFhMDYtMWY5MjQ0OTVmY2Rk
LzEvaWFiTm4wdnJld3dFMHhfLVhHZEtoNmR6blNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAz624AME
BFdlQAMEA1fvwAMEA1nI4AMEAVvDhgMEAVvDngMEAVvDvgMEAlvIGAMEAlvWGAME
A1+DIAMEB7yJAAMEAsEicAMEAsFdXAMEAcGWJAMEAsMDyAMEAMNCSQMEAcNYgDAN
BAIAAjAHAwUAKgIMQDANBgkqhkiG9w0BAQsFAAOCAQEAFRd9KLU1ZXSDKFfSSIoe
NWCfbdQf/tbRdUxAhU+PKGLTmnTbCYLnpHqImQnxoAPcsqTtK5rZdObawANFMJB4
7z1Y8tHEps+oyvO+5GPNsli8SxasMOYr8fOfU7LSKIYsTugq79tHbuN8iqjcj1aa
fzbu+EGjKHnHJ6+swV0yakaWDY7iYngEIlTp5YmYdnj7N8wDNyDqIDjglb5i8zAb
7HmCP13G5pT0T+Q2OnE10u7kSHn4HKEHYCjPD5lZQTUIZ2El+tp9jZAS1KDayqrf
qWYFlvdp0s9lRWgkLol93m5dU+NbzHHBObfKEz8GZY8KJL1hYXcTIqBfZe7Q8qqf
5Q==
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:20 2024 by rpki-client on console-fra.rpki-client.org