Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa
File: j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa (raw, json)
Hash identifier: eFtQiQY61qHKD0Mk6zdCBBS1OOVP5k4v8Im5+uLe5bE=
Subject key identifier: 8F:F7:B9:CE:F5:31:04:40:69:72:CD:DF:F9:D2:34:73:F3:BC:71:E1
Certificate issuer: /CN=a088b0547f09fe9224050d70a523da5bedbe0738
Certificate serial: 0185D6C07CED5C0A08EED3C76F942C19423F
Authority key identifier: A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa
Signing time: Sat 21 Jan 2023 23:53:37 +0000
ROA not before: Sat 21 Jan 2023 23:53:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212027
IP address blocks: 37.230.138.0/24 maxlen: 24
81.16.176.0/24 maxlen: 24
81.16.177.0/24 maxlen: 24
91.208.92.0/24 maxlen: 24
194.213.3.0/24 maxlen: 24
213.170.135.0/24 maxlen: 24
45.143.196.0/22 maxlen: 22
2a10:e780::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:d6:c0:7c:ed:5c:0a:08:ee:d3:c7:6f:94:2c:19:42:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a088b0547f09fe9224050d70a523da5bedbe0738
Validity
Not Before: Jan 21 23:53:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8ff7b9cef53104406972cddff9d23473f3bc71e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:27:ef:2c:82:68:2d:0a:73:0a:e4:84:d7:e0:
ed:46:e8:a5:de:e0:fb:c3:e7:7b:5e:e5:c2:cd:8f:
86:cf:24:57:0c:82:f2:1e:f1:50:b9:9e:aa:7b:11:
2a:4d:c4:3a:20:dd:40:49:d9:11:a1:71:2b:05:25:
3a:45:69:70:ca:4c:ce:86:62:5f:59:d8:a0:8e:fe:
e9:2b:47:5c:f0:8c:5d:31:55:40:21:fe:49:25:a7:
6a:a0:33:60:42:e7:f5:14:a5:1c:e7:dd:a8:8c:56:
ae:1c:7b:62:63:12:2f:f5:d8:07:70:6c:1a:0d:41:
30:e0:8a:79:c6:46:f2:9a:77:4f:46:0b:5d:7a:c3:
9f:a2:d2:91:f9:ed:70:23:9f:a0:d9:21:01:f3:ed:
71:43:66:ec:08:3a:25:40:87:c9:66:49:26:c3:2a:
9f:68:06:9e:49:ec:ea:ab:db:f7:b4:72:83:45:32:
7f:0e:13:1a:1e:34:62:dc:1b:1d:b2:cb:5a:71:a0:
57:95:80:da:3f:a5:18:60:eb:09:5b:5b:aa:03:fd:
3b:60:1b:10:8a:08:97:46:c2:e1:21:62:ce:29:15:
f1:16:d0:e4:61:40:ef:fc:76:5b:3f:1c:6f:f2:76:
c0:ce:76:1a:cd:4d:aa:48:b0:12:e0:37:b4:6c:34:
78:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:F7:B9:CE:F5:31:04:40:69:72:CD:DF:F9:D2:34:73:F3:BC:71:E1
X509v3 Authority Key Identifier:
keyid:A0:88:B0:54:7F:09:FE:92:24:05:0D:70:A5:23:DA:5B:ED:BE:07:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/j_e5zvUxBEBpcs3f-dI0c_O8ceE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/d90635-b282-4e86-9e53-df82fa897326/1/oIiwVH8J_pIkBQ1wpSPaW-2-Bzg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.138.0/24
45.143.196.0/22
81.16.176.0/23
91.208.92.0/24
194.213.3.0/24
213.170.135.0/24
IPv6:
2a10:e780::/40
Signature Algorithm: sha256WithRSAEncryption
00:53:af:08:a0:33:a4:9c:77:cf:6f:7c:29:2b:78:b2:06:47:
ef:13:9d:3b:18:61:c5:28:d2:41:18:68:e0:76:e0:de:05:50:
58:44:7e:cd:83:37:b3:fd:c9:c3:e2:20:98:4e:fd:46:e2:ab:
57:3b:78:a7:61:06:d6:c0:3d:4e:3c:60:47:df:a9:ea:19:19:
09:ce:8c:1e:29:8c:f2:35:c6:fa:31:73:2e:49:9c:8b:9b:90:
47:9d:46:2f:d7:04:5f:9c:f9:26:23:9d:f2:c3:09:12:55:d4:
41:14:8e:d3:4c:f0:fc:0b:49:d2:49:01:59:b1:94:e1:96:e0:
45:49:9a:a7:cb:9e:6e:06:40:6b:3b:56:05:17:88:79:e7:9c:
91:43:ed:77:1e:da:71:50:d2:01:c6:f2:6c:7f:dd:71:e0:3d:
f5:48:02:ff:c8:97:83:01:28:9c:38:c6:f4:7b:ac:c3:01:1a:
2b:a2:f2:b7:98:96:ea:5d:c9:13:f4:ef:4b:50:bf:0c:5c:b3:
b9:2e:de:52:f6:46:f2:41:0f:e3:a5:c2:2b:83:20:43:61:ac:
40:76:a2:c4:08:8d:04:9f:5a:6c:7f:f8:99:d4:b9:5a:4a:a6:
a4:ed:8f:36:db:65:4f:a7:ce:b9:72:76:49:20:1a:f1:e9:12:
61:2a:55:d6
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYXWwHztXAoI7tPHb5QsGUI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwODhiMDU0N2YwOWZlOTIyNDA1MGQ3MGE1MjNkYTViZWRi
ZTA3MzgwHhcNMjMwMTIxMjM1MzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmY3YjljZWY1MzEwNDQwNjk3MmNkZGZmOWQyMzQ3M2YzYmM3MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSfvLIJoLQpzCuSE1+DtRuil3uD7
w+d7XuXCzY+GzyRXDILyHvFQuZ6qexEqTcQ6IN1ASdkRoXErBSU6RWlwykzOhmJf
Wdigjv7pK0dc8IxdMVVAIf5JJadqoDNgQuf1FKUc592ojFauHHtiYxIv9dgHcGwa
DUEw4Ip5xkbymndPRgtdesOfotKR+e1wI5+g2SEB8+1xQ2bsCDolQIfJZkkmwyqf
aAaeSezqq9v3tHKDRTJ/DhMaHjRi3BsdsstacaBXlYDaP6UYYOsJW1uqA/07YBsQ
igiXRsLhIWLOKRXxFtDkYUDv/HZbPxxv8nbAznYazU2qSLAS4De0bDR44wIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFI/3uc71MQRAaXLN3/nSNHPzvHHhMB8GA1UdIwQY
MBaAFKCIsFR/Cf6SJAUNcKUj2lvtvgc4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMt
ZGY4MmZhODk3MzI2LzEval9lNXp2VXhCRUJwY3MzZi1kSTBjX084Y2VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9kOTA2MzUtYjI4Mi00ZTg2LTllNTMtZGY4MmZhODk3MzI2
LzEvb0lpd1ZIOEpfcElrQlExd3BTUGFXLTItQnpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAqBAIAATAkAwQAJeaKAwQC
LY/EAwQBURCwAwQAW9BcAwQAwtUDAwQA1aqHMA4EAgACMAgDBgAqEOeAADANBgkq
hkiG9w0BAQsFAAOCAQEAAFOvCKAzpJx3z298KSt4sgZH7xOdOxhhxSjSQRho4Hbg
3gVQWER+zYM3s/3Jw+IgmE79RuKrVzt4p2EG1sA9TjxgR9+p6hkZCc6MHimM8jXG
+jFzLkmci5uQR51GL9cEX5z5JiOd8sMJElXUQRSO00zw/AtJ0kkBWbGU4ZbgRUma
p8uebgZAaztWBReIeeeckUPtdx7acVDSAcbybH/dceA99UgC/8iXgwEonDjG9Hus
wwEaK6Lyt5iW6l3JE/TvS1C/DFyzuS7eUvZG8kEP46XCK4MgQ2GsQHaixAiNBJ9a
bH/4mdS5WkqmpO2PNttlT6fOuXJ2SSAa8ekSYSpV1g==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org