Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/0305cd-0d71-420a-be38-5ccd5e9ce004/1/8z59Ta26p9_R9YTcdimTL3zPRyM.roa
File: 8z59Ta26p9_R9YTcdimTL3zPRyM.roa (raw, json)
Hash identifier: zI/4Rz23Uhl63elxG1m2C2SUTHOb7dOIzAFYCu6Ht1o=
Subject key identifier: F3:3E:7D:4D:AD:BA:A7:DF:D1:F5:84:DC:76:29:93:2F:7C:CF:47:23
Certificate issuer: /CN=07db23a5e2550ff974ca5f41917ac867d50e35e9
Certificate serial: 0186D71835159F37EAB25BBD67D804F1DD38
Authority key identifier: 07:DB:23:A5:E2:55:0F:F9:74:CA:5F:41:91:7A:C8:67:D5:0E:35:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9sjpeJVD_l0yl9BkXrIZ9UONek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/0305cd-0d71-420a-be38-5ccd5e9ce004/1/8z59Ta26p9_R9YTcdimTL3zPRyM.roa
Signing time: Sun 12 Mar 2023 18:32:13 +0000
ROA not before: Sun 12 Mar 2023 18:32:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44136
IP address blocks: 185.20.12.0/22 maxlen: 24
91.201.60.0/22 maxlen: 24
46.16.232.0/21 maxlen: 24
2a02:28f0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d7:18:35:15:9f:37:ea:b2:5b:bd:67:d8:04:f1:dd:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07db23a5e2550ff974ca5f41917ac867d50e35e9
Validity
Not Before: Mar 12 18:32:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f33e7d4dadbaa7dfd1f584dc7629932f7ccf4723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3c:7b:c4:07:dc:bd:59:21:d4:7c:51:cd:e9:
04:d1:52:de:be:2c:62:44:e6:96:e8:4d:87:b5:9f:
a5:62:48:f7:5b:75:ad:6e:2b:ed:c3:11:c7:24:0c:
fd:25:fd:25:73:6b:46:1e:b0:9c:98:ee:e4:76:51:
79:17:36:20:19:3a:0c:5d:c2:0a:7a:e5:99:72:b9:
dd:5c:df:58:5b:df:68:ab:40:74:0e:77:4b:87:2a:
06:06:c1:24:6d:4e:80:e2:0f:dd:68:7a:2d:14:3f:
67:d5:61:56:e3:e6:71:6c:f8:48:33:f8:bf:ff:8c:
43:31:1a:a9:f9:a8:0d:5c:ee:a3:7b:e1:f7:5b:16:
9e:84:b4:63:00:74:b2:f7:43:5b:c9:49:b4:2f:5a:
25:2e:94:31:60:02:2c:8b:2b:f3:e2:19:4c:81:bd:
d5:b2:0d:a0:7a:cf:e1:27:fe:5f:73:7e:f3:87:57:
07:8f:c7:64:78:ca:e5:34:e8:cf:0f:21:44:05:45:
42:88:62:ee:d9:5e:52:cc:6a:25:e3:9e:9f:91:d3:
3b:14:f3:2e:a8:ff:1a:08:92:5b:0b:2e:98:45:cb:
da:2a:05:25:07:97:3c:bb:d3:00:78:40:f3:46:c7:
17:12:b7:60:ad:7e:1b:e9:8e:ae:0d:56:fc:6a:d0:
ff:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:3E:7D:4D:AD:BA:A7:DF:D1:F5:84:DC:76:29:93:2F:7C:CF:47:23
X509v3 Authority Key Identifier:
keyid:07:DB:23:A5:E2:55:0F:F9:74:CA:5F:41:91:7A:C8:67:D5:0E:35:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9sjpeJVD_l0yl9BkXrIZ9UONek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0305cd-0d71-420a-be38-5ccd5e9ce004/1/8z59Ta26p9_R9YTcdimTL3zPRyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/0305cd-0d71-420a-be38-5ccd5e9ce004/1/B9sjpeJVD_l0yl9BkXrIZ9UONek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.232.0/21
91.201.60.0/22
185.20.12.0/22
IPv6:
2a02:28f0::/29
Signature Algorithm: sha256WithRSAEncryption
66:56:a7:17:56:b1:01:58:9c:f4:da:fb:b3:6f:5f:46:9e:1c:
67:e8:3a:a1:13:d7:b0:45:69:4b:1a:77:cd:7c:ff:ec:67:78:
4d:5c:79:44:4f:91:7c:7e:84:4b:c8:d9:37:4c:80:5f:e1:f9:
85:e2:dd:4e:fa:be:56:c5:8a:1d:ed:76:2d:bf:30:3e:12:64:
ad:6a:db:fd:7e:ce:65:78:05:32:d5:78:4c:a7:a2:59:e4:df:
13:e5:85:62:88:84:77:81:e1:47:ea:45:45:c8:7f:5c:d7:c6:
e4:0b:04:25:6a:8a:33:ed:7f:48:be:51:af:8f:b3:8c:48:2a:
7d:d6:c2:8f:c8:f0:ba:cf:51:56:0a:fd:fb:6b:70:a1:d4:df:
59:2f:20:13:0b:c5:45:7e:df:fc:e8:b1:91:8d:b3:98:f8:6a:
14:69:4b:9c:07:a5:c2:14:4a:5d:0b:89:22:99:b2:29:a7:6f:
67:ae:be:2f:0a:e0:c0:37:ab:59:4b:9a:79:4d:9e:6f:8f:97:
84:7e:81:f0:01:5a:d3:e1:7b:1a:a4:86:3c:f0:62:7a:d5:ae:
9c:d2:b7:c9:da:e7:77:c7:77:ad:29:af:46:38:a6:bc:bf:92:
74:56:81:a1:01:93:fb:ec:79:c0:b4:4e:5c:58:9c:1a:cd:8f:
5e:12:fa:b1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYbXGDUVnzfqslu9Z9gE8d04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZGIyM2E1ZTI1NTBmZjk3NGNhNWY0MTkxN2FjODY3ZDUw
ZTM1ZTkwHhcNMjMwMzEyMTgzMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzNlN2Q0ZGFkYmFhN2RmZDFmNTg0ZGM3NjI5OTMyZjdjY2Y0NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDx7xAfcvVkh1HxRzekE0VLevixi
ROaW6E2HtZ+lYkj3W3WtbivtwxHHJAz9Jf0lc2tGHrCcmO7kdlF5FzYgGToMXcIK
euWZcrndXN9YW99oq0B0DndLhyoGBsEkbU6A4g/daHotFD9n1WFW4+ZxbPhIM/i/
/4xDMRqp+agNXO6je+H3WxaehLRjAHSy90NbyUm0L1olLpQxYAIsiyvz4hlMgb3V
sg2ges/hJ/5fc37zh1cHj8dkeMrlNOjPDyFEBUVCiGLu2V5SzGol456fkdM7FPMu
qP8aCJJbCy6YRcvaKgUlB5c8u9MAeEDzRscXErdgrX4b6Y6uDVb8atD/iwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPM+fU2tuqff0fWE3HYpky98z0cjMB8GA1UdIwQY
MBaAFAfbI6XiVQ/5dMpfQZF6yGfVDjXpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlzanBlSlZEX2wweWw5QmtYcklaOVVPTmVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi8wMzA1Y2QtMGQ3MS00MjBhLWJlMzgt
NWNjZDVlOWNlMDA0LzEvOHo1OVRhMjZwOV9SOVlUY2RpbVRMM3pQUnlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi8wMzA1Y2QtMGQ3MS00MjBhLWJlMzgtNWNjZDVlOWNlMDA0
LzEvQjlzanBlSlZEX2wweWw5QmtYcklaOVVPTmVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDLhDoAwQC
W8k8AwQCuRQMMA0EAgACMAcDBQMqAijwMA0GCSqGSIb3DQEBCwUAA4IBAQBmVqcX
VrEBWJz02vuzb19Gnhxn6DqhE9ewRWlLGnfNfP/sZ3hNXHlET5F8foRLyNk3TIBf
4fmF4t1O+r5WxYod7XYtvzA+EmStatv9fs5leAUy1XhMp6JZ5N8T5YViiIR3geFH
6kVFyH9c18bkCwQlaooz7X9IvlGvj7OMSCp91sKPyPC6z1FWCv37a3Ch1N9ZLyAT
C8VFft/86LGRjbOY+GoUaUucB6XCFEpdC4kimbIpp29nrr4vCuDAN6tZS5p5TZ5v
j5eEfoHwAVrT4XsapIY88GJ61a6c0rfJ2ud3x3etKa9GOKa8v5J0VoGhAZP77HnA
tE5cWJwazY9eEvqx
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:37:49 2024 by rpki-client on console-fra.rpki-client.org