Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/inOnJKdNtWTqSFgeaTHhiMasP_8.roa
File: inOnJKdNtWTqSFgeaTHhiMasP_8.roa (raw, json)
Hash identifier: wFA0JRvk0KVoQOuGzGP+bsM9eF3P8BV0Ix1aRNuwx2I=
Subject key identifier: 8A:73:A7:24:A7:4D:B5:64:EA:48:58:1E:69:31:E1:88:C6:AC:3F:FF
Certificate issuer: /CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Certificate serial: 01856F14E294888104FA49A00F9769EBEEC8
Authority key identifier: 0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/inOnJKdNtWTqSFgeaTHhiMasP_8.roa
Signing time: Sun 01 Jan 2023 20:45:17 +0000
ROA not before: Sun 01 Jan 2023 20:45:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1820
IP address blocks: 80.92.224.0/20 maxlen: 32
212.110.144.0/21 maxlen: 32
212.110.152.0/22 maxlen: 32
92.119.220.0/22 maxlen: 32
82.117.229.0/24 maxlen: 32
193.111.48.0/22 maxlen: 32
82.117.244.0/24 maxlen: 32
92.60.176.0/20 maxlen: 32
185.38.208.0/23 maxlen: 32
185.39.196.0/22 maxlen: 32
212.110.128.0/20 maxlen: 32
128.0.168.0/21 maxlen: 32
193.111.0.0/23 maxlen: 32
85.90.211.0/24 maxlen: 32
31.172.136.0/21 maxlen: 32
85.90.223.0/24 maxlen: 32
217.20.160.0/19 maxlen: 32
2a01:6b0::/32 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:14:e2:94:88:81:04:fa:49:a0:0f:97:69:eb:ee:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d87142bdc2b3f0d0848a0d800b6930b1abb34bc
Validity
Not Before: Jan 1 20:45:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8a73a724a74db564ea48581e6931e188c6ac3fff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:11:fe:49:ef:cc:0a:11:84:e6:7e:47:80:43:
11:c9:55:86:82:dd:43:ca:10:05:44:5f:16:82:ef:
2e:60:ab:6d:2c:99:18:23:45:94:82:f1:a7:a6:1e:
c9:fb:66:48:4f:63:c1:5f:d5:6d:69:e6:35:70:44:
8c:49:35:3a:cd:47:b1:a8:08:25:a9:0b:dd:32:f4:
ce:38:aa:b0:02:7b:da:0f:06:f1:71:62:dd:6d:ad:
e2:c5:42:b7:51:7b:e8:63:1a:2f:be:a1:04:f9:65:
48:06:10:ae:d2:9f:ec:3f:3d:e9:11:f3:b9:c6:c2:
a5:bf:08:3f:2d:43:5e:50:c0:6e:c3:dd:41:9e:82:
57:13:40:60:0c:16:c0:c1:e0:49:60:1e:2b:b1:d5:
6b:b1:bc:a0:c7:6d:36:b4:08:c4:ba:8d:93:c3:d4:
ef:9f:f9:45:2e:af:90:51:0d:70:09:88:34:6a:9b:
85:a3:31:7b:00:74:f1:54:fe:1c:dd:7e:11:70:1d:
99:ce:24:a3:d5:a5:ed:09:dd:31:05:7e:72:7b:04:
c7:a3:d3:33:03:28:5c:05:1b:3b:df:07:5f:12:81:
5d:47:c5:fa:d9:d4:a9:6b:95:ab:bd:1a:06:41:1b:
ec:f5:81:2f:91:4e:b5:9f:0e:ec:2c:72:77:2b:d4:
2a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:73:A7:24:A7:4D:B5:64:EA:48:58:1E:69:31:E1:88:C6:AC:3F:FF
X509v3 Authority Key Identifier:
keyid:0D:87:14:2B:DC:2B:3F:0D:08:48:A0:D8:00:B6:93:0B:1A:BB:34:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYcUK9wrPw0ISKDYALaTCxq7NLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/inOnJKdNtWTqSFgeaTHhiMasP_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8f8cc0-f693-421c-bc54-a31708d40391/1/DYcUK9wrPw0ISKDYALaTCxq7NLw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.172.136.0/21
80.92.224.0/20
82.117.229.0/24
82.117.244.0/24
85.90.211.0/24
85.90.223.0/24
92.60.176.0/20
92.119.220.0/22
128.0.168.0/21
185.38.208.0/23
185.39.196.0/22
193.111.0.0/23
193.111.48.0/22
212.110.128.0-212.110.155.255
217.20.160.0/19
IPv6:
2a01:6b0::/32
Signature Algorithm: sha256WithRSAEncryption
01:76:90:7c:27:46:e5:98:73:1d:22:be:51:e1:e3:0c:03:a4:
da:04:ff:85:e7:54:23:48:f5:20:bb:e0:77:27:91:9f:0e:69:
dc:c6:16:4c:85:a1:0c:10:dc:76:c6:30:f7:18:c9:ec:46:22:
10:5e:0a:fa:48:69:70:2b:90:9b:8b:6d:ab:be:06:c8:55:86:
d0:45:c2:e0:fb:62:c1:d0:82:ab:c5:5a:a5:07:c6:fd:14:d0:
68:08:c3:05:1d:b4:5d:ec:58:5c:3b:a7:8a:e0:13:77:55:40:
99:41:25:7a:b9:55:96:59:e2:28:63:9f:ff:22:0b:86:34:02:
ac:4f:b4:01:40:f4:66:27:f6:7e:eb:cc:10:84:bf:d2:82:88:
73:64:d8:06:5e:7e:22:6a:28:7d:31:8c:5b:de:35:45:fe:a1:
58:26:2c:ee:57:69:8d:6d:e4:a4:a5:6c:83:8e:0a:03:7d:0f:
72:a5:e9:46:05:45:33:ca:50:ff:17:ac:09:a9:31:a9:65:b1:
17:a9:c2:60:4e:fb:d1:6e:a1:4a:fa:d5:2c:18:fb:c9:69:b1:
a0:21:47:3f:59:1d:64:e2:c4:a0:83:91:ec:07:74:ad:4e:45:
00:69:76:01:bb:22:50:2a:3a:cc:eb:a5:b6:f6:02:92:2d:41:
bb:bc:d4:11
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAYVvFOKUiIEE+kmgD5dp6+7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkODcxNDJiZGMyYjNmMGQwODQ4YTBkODAwYjY5MzBiMWFi
YjM0YmMwHhcNMjMwMTAxMjA0NTE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTczYTcyNGE3NGRiNTY0ZWE0ODU4MWU2OTMxZTE4OGM2YWMzZmZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAixH+Se/MChGE5n5HgEMRyVWGgt1D
yhAFRF8Wgu8uYKttLJkYI0WUgvGnph7J+2ZIT2PBX9VtaeY1cESMSTU6zUexqAgl
qQvdMvTOOKqwAnvaDwbxcWLdba3ixUK3UXvoYxovvqEE+WVIBhCu0p/sPz3pEfO5
xsKlvwg/LUNeUMBuw91BnoJXE0BgDBbAweBJYB4rsdVrsbygx202tAjEuo2Tw9Tv
n/lFLq+QUQ1wCYg0apuFozF7AHTxVP4c3X4RcB2ZziSj1aXtCd0xBX5yewTHo9Mz
AyhcBRs73wdfEoFdR8X62dSpa5WrvRoGQRvs9YEvkU61nw7sLHJ3K9QqAwIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFIpzpySnTbVk6khYHmkx4YjGrD//MB8GA1UdIwQY
MBaAFA2HFCvcKz8NCEig2AC2kwsauzS8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQt
YTMxNzA4ZDQwMzkxLzEvaW5PbkpLZE50V1RxU0ZnZWFUSGhpTWFzUF84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZjhjYzAtZjY5My00MjFjLWJjNTQtYTMxNzA4ZDQwMzkx
LzEvRFljVUs5d3JQdzBJU0tEWUFMYVRDeHE3Tkx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwaAQCAAEwYgMEAx+siAME
BFBc4AMEAFJ15QMEAFJ19AMEAFVa0wMEAFVa3wMEBFw8sAMEAlx33AMEA4AAqAME
Abkm0AMEArknxAMEAcFvAAMEAsFvMDAMAwQH1G6AAwQC1G6YAwQF2RSgMA0EAgAC
MAcDBQAqAQawMA0GCSqGSIb3DQEBCwUAA4IBAQABdpB8J0blmHMdIr5R4eMMA6Ta
BP+F51QjSPUgu+B3J5GfDmncxhZMhaEMENx2xjD3GMnsRiIQXgr6SGlwK5Cbi22r
vgbIVYbQRcLg+2LB0IKrxVqlB8b9FNBoCMMFHbRd7FhcO6eK4BN3VUCZQSV6uVWW
WeIoY5//IguGNAKsT7QBQPRmJ/Z+68wQhL/SgohzZNgGXn4iaih9MYxb3jVF/qFY
JizuV2mNbeSkpWyDjgoDfQ9ypelGBUUzylD/F6wJqTGpZbEXqcJgTvvRbqFK+tUs
GPvJabGgIUc/WR1k4sSgg5HsB3StTkUAaXYBuyJQKjrM66W29gKSLUG7vNQR
-----END CERTIFICATE-----
Generated at Mon Jan 1 15:15:10 2024 by rpki-client on console-fra.rpki-client.org