Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7OMEzPJZ_KmIOZovuboifR_kvWA.roa
File: 7OMEzPJZ_KmIOZovuboifR_kvWA.roa (raw, json)
Hash identifier: Z8uVVF87SvlDXLSzJ17lCq4md3zu0FoXl+WMAtxbmm8=
Subject key identifier: EC:E3:04:CC:F2:59:FC:A9:88:39:9A:2F:B9:BA:22:7D:1F:E4:BD:60
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 0185F9B5031A3F661DA0EF82108A4FFB536A
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7OMEzPJZ_KmIOZovuboifR_kvWA.roa
Signing time: Sat 28 Jan 2023 18:47:47 +0000
ROA not before: Sat 28 Jan 2023 18:47:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8100
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.152.0/21 maxlen: 24
80.90.180.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Feb 2023 17:57:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:f9:b5:03:1a:3f:66:1d:a0:ef:82:10:8a:4f:fb:53:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 28 18:47:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ece304ccf259fca988399a2fb9ba227d1fe4bd60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fe:27:04:67:7a:70:76:a4:e2:d0:a0:8c:27:
dd:69:74:05:b5:a6:81:72:c6:54:ac:f7:bb:6f:be:
74:de:0e:54:19:a3:66:17:26:9b:17:63:3a:9e:27:
db:4e:f9:0d:ad:ef:53:d9:1f:9d:0d:ac:43:3a:81:
0a:11:8d:c5:90:27:f1:a1:22:a3:08:d2:73:7f:89:
9c:a4:f8:92:04:d6:93:56:01:a8:25:30:e1:7b:91:
44:b1:74:e4:54:4e:50:af:9d:47:d5:5d:5d:0f:2d:
80:61:df:0b:80:75:4d:e9:91:32:2f:5d:d0:98:3d:
77:48:84:ca:a3:86:34:1a:3f:3e:d5:4a:67:4c:4b:
55:e2:4b:26:e6:fe:66:e4:a3:ff:da:14:d6:f9:b0:
00:5d:29:30:b0:21:ec:c6:c3:c3:ea:74:ce:7b:2b:
b1:4e:24:c8:82:98:0e:b7:0f:cc:50:ff:e7:86:62:
05:ca:0c:c6:bc:c9:e9:e3:af:b0:2a:fc:9d:d4:6e:
ea:fe:44:91:d6:88:00:24:ec:37:99:fb:6c:d8:40:
3d:24:fd:a5:a4:f4:93:70:74:d9:8a:62:98:48:9e:
30:bb:9e:d2:c3:95:f5:a8:6d:73:c0:32:13:d1:0b:
10:df:31:40:91:c5:a0:05:ef:6e:62:7e:c6:0d:fe:
e4:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:E3:04:CC:F2:59:FC:A9:88:39:9A:2F:B9:BA:22:7D:1F:E4:BD:60
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/7OMEzPJZ_KmIOZovuboifR_kvWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.180.0/22
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
91:03:b0:3a:7d:4c:d9:14:59:33:04:c5:ce:2f:b1:14:b5:3f:
a5:1f:05:4c:a0:b7:c1:fb:ae:43:76:e3:98:2a:29:01:28:57:
b0:2c:48:83:ac:0c:72:26:51:7a:75:0f:55:8c:31:e9:29:96:
40:ea:ec:21:31:14:9b:79:a3:8c:25:eb:0a:6e:db:fe:48:5c:
76:c3:1d:85:7e:e6:cc:62:06:b5:1d:8a:38:35:ab:2c:db:13:
c2:78:81:5b:8b:6f:6b:b2:41:8b:a5:89:1c:d3:1a:86:cf:c3:
89:8e:22:9d:36:9e:8c:bb:4c:21:99:92:3e:6a:08:61:02:ec:
10:ad:93:bd:f9:0f:21:d4:96:49:76:2d:db:96:9b:a2:96:76:
b8:ba:17:76:1c:e3:b3:61:2c:e6:d9:2c:76:83:a6:d2:34:5a:
35:04:fc:d7:8d:0c:55:da:90:c1:24:89:3e:37:c6:01:56:91:
93:81:84:d1:c1:ee:0c:df:94:82:86:02:29:45:fb:77:62:13:
a7:9d:64:ca:45:4c:c7:90:6f:e5:06:f7:05:e1:53:06:c3:02:
fb:92:90:10:5a:ad:01:5f:ee:4c:4e:e1:8f:fd:13:09:a5:95:
81:ad:0b:7f:69:7e:f3:4a:91:07:be:fe:31:7b:8b:7d:9c:65:
b4:66:3b:2f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYX5tQMaP2YdoO+CEIpP+1NqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMTI4MTg0NzQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2UzMDRjY2YyNTlmY2E5ODgzOTlhMmZiOWJhMjI3ZDFmZTRiZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP4nBGd6cHak4tCgjCfdaXQFtaaB
csZUrPe7b7503g5UGaNmFyabF2M6nifbTvkNre9T2R+dDaxDOoEKEY3FkCfxoSKj
CNJzf4mcpPiSBNaTVgGoJTDhe5FEsXTkVE5Qr51H1V1dDy2AYd8LgHVN6ZEyL13Q
mD13SITKo4Y0Gj8+1UpnTEtV4ksm5v5m5KP/2hTW+bAAXSkwsCHsxsPD6nTOeyux
TiTIgpgOtw/MUP/nhmIFygzGvMnp46+wKvyd1G7q/kSR1ogAJOw3mfts2EA9JP2l
pPSTcHTZimKYSJ4wu57Sw5X1qG1zwDIT0QsQ3zFAkcWgBe9uYn7GDf7kVQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOzjBMzyWfypiDmaL7m6In0f5L1gMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvN09NRXpQSlpfS21JT1pvdnVib2lmUl9rdldBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUFq0AwQD
X4yYAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQCRA7A6fUzZFFkzBMXOL7EUtT+l
HwVMoLfB+65DduOYKikBKFewLEiDrAxyJlF6dQ9VjDHpKZZA6uwhMRSbeaOMJesK
btv+SFx2wx2FfubMYga1HYo4Nass2xPCeIFbi29rskGLpYkc0xqGz8OJjiKdNp6M
u0whmZI+aghhAuwQrZO9+Q8h1JZJdi3blpuilna4uhd2HOOzYSzm2Sx2g6bSNFo1
BPzXjQxV2pDBJIk+N8YBVpGTgYTRwe4M35SChgIpRft3YhOnnWTKRUzHkG/lBvcF
4VMGwwL7kpAQWq0BX+5MTuGP/RMJpZWBrQt/aX7zSpEHvv4xe4t9nGW0Zjsv
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:15 2024 by rpki-client on console-fra.rpki-client.org