Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/o5Zd3oTEzSDdQKbzCPAKYRdywc8.roa
File: o5Zd3oTEzSDdQKbzCPAKYRdywc8.roa (raw, json)
Hash identifier: J4oyEEQtdI2WSLkzN2cbeGsNluaXoFGU27Mbk6kdEec=
Subject key identifier: A3:96:5D:DE:84:C4:CD:20:DD:40:A6:F3:08:F0:0A:61:17:72:C1:CF
Certificate issuer: /CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Certificate serial: 0188D882169D07862FC33CCC28858E0398EA
Authority key identifier: 17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/o5Zd3oTEzSDdQKbzCPAKYRdywc8.roa
Signing time: Tue 20 Jun 2023 11:13:04 +0000
ROA not before: Tue 20 Jun 2023 11:13:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25156
IP address blocks: 85.89.128.0/21 maxlen: 21
85.89.128.0/19 maxlen: 19
2a00:65c0::/32 maxlen: 32
2a00:65c0:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:d8:82:16:9d:07:86:2f:c3:3c:cc:28:85:8e:03:98:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dbd5acf1f9c75d18a1f75031114c48f0b23363
Validity
Not Before: Jun 20 11:13:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a3965dde84c4cd20dd40a6f308f00a611772c1cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:23:35:8c:4b:b0:33:da:73:cf:80:e3:60:09:
9a:18:82:6f:00:19:e0:3f:83:d2:13:c2:ed:e4:b1:
a4:76:52:70:2f:78:74:08:11:b3:ad:37:83:50:03:
88:98:fe:ab:97:8d:a7:fc:e2:38:d2:33:54:b8:f6:
44:2d:4f:7f:61:18:dd:18:87:67:54:86:70:68:35:
62:d5:fe:72:c2:fe:05:7d:7a:8d:52:84:7f:7e:25:
3d:e9:49:84:db:99:34:97:96:18:74:c6:7d:52:8c:
a1:34:ee:14:9f:45:c5:21:ff:4c:0d:2d:fe:0f:51:
04:d5:8c:61:72:bc:30:a7:44:19:74:44:a7:d5:a4:
7a:2c:fb:eb:b6:4e:bd:d5:a7:d5:c1:da:8c:ed:b0:
49:17:31:60:ad:d3:7a:56:0f:0b:a7:04:bb:e4:2c:
9a:c1:8b:6c:a6:8a:16:aa:e0:90:0d:0f:0e:c6:41:
53:10:d1:63:9d:46:ea:df:37:4f:c6:0b:ce:a2:22:
96:e1:0e:25:96:91:ec:65:23:2e:8f:5e:1c:88:8c:
d2:12:36:7c:ee:f4:6a:c6:fe:37:88:de:9c:4b:35:
fa:26:49:73:1d:6f:09:66:ea:44:8e:29:08:c1:05:
3a:a9:b0:5b:c7:93:1f:03:96:d0:d0:66:67:1e:c5:
3f:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:96:5D:DE:84:C4:CD:20:DD:40:A6:F3:08:F0:0A:61:17:72:C1:CF
X509v3 Authority Key Identifier:
keyid:17:DB:D5:AC:F1:F9:C7:5D:18:A1:F7:50:31:11:4C:48:F0:B2:33:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9vVrPH5x10YofdQMRFMSPCyM2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/o5Zd3oTEzSDdQKbzCPAKYRdywc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/29199f-f6cc-448a-bfd4-581db87c821e/1/F9vVrPH5x10YofdQMRFMSPCyM2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.89.128.0/19
IPv6:
2a00:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
83:04:fd:1e:d9:74:8a:28:f5:84:18:45:74:5a:a7:21:97:5b:
4e:4a:6d:61:a2:41:10:3e:19:b5:44:32:48:ad:25:f3:6d:07:
01:64:78:5a:f2:3d:ff:b8:1a:32:9c:2e:b4:35:f4:f5:3c:7a:
b2:3d:d8:b6:49:4d:f2:07:05:a8:29:3b:b4:c7:29:4e:7f:76:
f4:03:5b:9b:77:d9:a9:08:62:9d:9f:84:5f:04:11:ed:02:74:
cb:7a:07:45:71:6e:4d:aa:06:8f:55:ca:b3:84:0d:53:d4:02:
f1:c2:c7:13:10:f2:cf:a5:cc:be:ab:15:ff:4f:2b:4e:74:7e:
ea:45:9c:9d:be:56:c2:73:88:12:26:9f:7c:ce:70:02:e1:db:
93:d9:b3:c9:de:db:cc:92:16:a6:8f:7f:e5:c1:94:2f:3a:c5:
04:93:a3:a6:2e:d7:b8:e0:4b:34:cb:8c:25:9b:dd:93:45:27:
51:e4:1d:a8:24:4c:9a:0a:ec:de:bd:9b:0b:b1:43:1e:c8:dc:
70:41:76:08:11:39:ce:ee:77:4e:69:16:4b:55:6f:b9:6a:af:
1c:c3:e9:9a:64:4e:8f:79:27:6b:ae:be:31:e5:f7:1d:f7:d6:
04:b1:82:08:42:e6:a2:b6:e3:dc:ed:94:36:66:2a:c2:55:49:
5a:53:26:98
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYjYghadB4YvwzzMKIWOA5jqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGJkNWFjZjFmOWM3NWQxOGExZjc1MDMxMTE0YzQ4ZjBi
MjMzNjMwHhcNMjMwNjIwMTExMzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk2NWRkZTg0YzRjZDIwZGQ0MGE2ZjMwOGYwMGE2MTE3NzJjMWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqCM1jEuwM9pzz4DjYAmaGIJvABng
P4PSE8Lt5LGkdlJwL3h0CBGzrTeDUAOImP6rl42n/OI40jNUuPZELU9/YRjdGIdn
VIZwaDVi1f5ywv4FfXqNUoR/fiU96UmE25k0l5YYdMZ9UoyhNO4Un0XFIf9MDS3+
D1EE1Yxhcrwwp0QZdESn1aR6LPvrtk691afVwdqM7bBJFzFgrdN6Vg8LpwS75Cya
wYtspooWquCQDQ8OxkFTENFjnUbq3zdPxgvOoiKW4Q4llpHsZSMuj14ciIzSEjZ8
7vRqxv43iN6cSzX6JklzHW8JZupEjikIwQU6qbBbx5MfA5bQ0GZnHsU/tQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKOWXd6ExM0g3UCm8wjwCmEXcsHPMB8GA1UdIwQY
MBaAFBfb1azx+cddGKH3UDERTEjwsjNjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQt
NTgxZGI4N2M4MjFlLzEvbzVaZDNvVEV6U0RkUUtiekNQQUtZUmR5d2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8yOTE5OWYtZjZjYy00NDhhLWJmZDQtNTgxZGI4N2M4MjFl
LzEvRjl2VnJQSDV4MTBZb2ZkUU1SRk1TUEN5TTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFVVmAMA0E
AgACMAcDBQAqAGXAMA0GCSqGSIb3DQEBCwUAA4IBAQCDBP0e2XSKKPWEGEV0Wqch
l1tOSm1hokEQPhm1RDJIrSXzbQcBZHha8j3/uBoynC60NfT1PHqyPdi2SU3yBwWo
KTu0xylOf3b0A1ubd9mpCGKdn4RfBBHtAnTLegdFcW5NqgaPVcqzhA1T1ALxwscT
EPLPpcy+qxX/TytOdH7qRZydvlbCc4gSJp98znAC4duT2bPJ3tvMkhamj3/lwZQv
OsUEk6OmLte44Es0y4wlm92TRSdR5B2oJEyaCuzevZsLsUMeyNxwQXYIETnO7ndO
aRZLVW+5aq8cw+maZE6PeSdrrr4x5fcd99YEsYIIQuaituPc7ZQ2ZirCVUlaUyaY
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:51:35 2024 by rpki-client on console-fra.rpki-client.org