Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RZQLCEsZnSpFsJo4gOOTmm5-GSk.roa
File: RZQLCEsZnSpFsJo4gOOTmm5-GSk.roa (raw, json)
Hash identifier: WuDTKzY4WvtM+uKZV4AAg4aZQN0dGCO/cn+Hqe+SffY=
Subject key identifier: 45:94:0B:08:4B:19:9D:2A:45:B0:9A:38:80:E3:93:9A:6E:7E:19:29
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 0186E19954B813AE87488D844855DEBC6FB2
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RZQLCEsZnSpFsJo4gOOTmm5-GSk.roa
Signing time: Tue 14 Mar 2023 19:29:27 +0000
ROA not before: Tue 14 Mar 2023 19:29:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57043
IP address blocks: 185.125.200.0/23 maxlen: 24
95.140.158.0/23 maxlen: 24
80.90.179.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Apr 2023 08:50:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e1:99:54:b8:13:ae:87:48:8d:84:48:55:de:bc:6f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Mar 14 19:29:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=45940b084b199d2a45b09a3880e3939a6e7e1929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7a:0d:9e:3b:4d:9f:70:8a:be:ed:81:6c:e7:
cc:ca:a5:d4:73:81:99:bb:c6:02:22:f4:f7:cb:3c:
eb:69:6f:b8:09:38:3e:dc:c6:d4:97:5e:c5:41:3a:
b3:3f:0e:a8:11:4f:c6:1b:37:94:54:82:96:01:63:
b9:db:8b:98:c4:ba:c6:2c:29:1e:d5:7e:d3:c6:ff:
12:7d:02:7c:de:c2:ea:b4:c8:14:e3:06:29:b2:6e:
0a:24:ea:40:b1:77:d4:46:88:03:8e:0c:52:09:a1:
87:69:fc:96:a1:1a:af:b3:d8:6b:36:7f:80:5f:94:
f8:8f:e7:d7:05:66:4e:39:a0:bd:07:80:a7:97:2f:
64:fc:78:f8:d9:09:9e:4a:61:db:5f:d6:f1:c9:b2:
9c:d0:df:ea:95:d4:b1:29:4f:8f:f9:9b:f8:c3:1d:
ce:1c:ae:63:76:af:f6:43:4b:32:37:71:bb:4d:cd:
98:d1:b0:28:83:dc:c5:bf:a2:05:ca:01:e0:82:97:
9b:2f:d7:e7:92:9d:e4:c4:f9:d3:3c:8b:ee:d1:59:
dc:f0:29:d4:34:16:2c:44:51:1f:07:a6:90:91:d8:
58:0c:94:23:9c:b5:11:b8:1b:34:a7:46:72:17:d6:
37:20:ae:f1:32:1e:a3:b3:3d:c2:06:c7:fe:48:3d:
10:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:94:0B:08:4B:19:9D:2A:45:B0:9A:38:80:E3:93:9A:6E:7E:19:29
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/RZQLCEsZnSpFsJo4gOOTmm5-GSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.179.0/24
95.140.158.0/23
185.125.200.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:c7:a8:58:bc:29:08:41:05:cf:5c:88:45:67:47:0c:7f:2b:
de:b6:98:3e:10:8a:7b:d4:7c:79:6a:a4:5d:a1:07:25:ed:fa:
ad:30:c7:f8:f0:f1:9a:57:4d:11:59:11:58:f5:4c:ad:43:d3:
cf:89:5a:e7:ec:05:75:af:05:04:23:e7:ad:4f:dd:33:bb:fe:
16:d4:2c:5d:89:0b:0f:af:5c:27:d4:f6:54:59:71:33:0e:cb:
03:a6:5d:35:09:a2:4d:ea:03:3e:83:50:28:6d:4d:eb:e7:c2:
09:b0:41:ab:d7:43:5e:c7:20:96:4b:99:0b:cd:b8:5c:fc:a8:
93:11:6a:81:fe:db:73:f8:f8:9e:04:e3:90:89:0f:c2:71:69:
99:bc:ca:0a:5f:86:06:cb:93:94:2b:a2:c2:b0:dd:0e:65:b4:
7f:09:34:40:80:e1:fd:f2:38:3d:3d:06:f6:a0:58:56:cd:3e:
30:5d:bf:e2:71:34:fc:78:0f:cc:b2:07:82:e4:b9:6f:94:03:
d6:a8:42:9f:ae:9f:57:03:64:f7:1e:b9:2a:bd:0e:df:58:75:
ba:b3:36:56:5a:95:47:41:41:6f:fb:b6:66:a0:9c:e3:3c:7a:
34:26:b1:30:f6:42:6a:9b:12:61:d0:5b:6e:98:e3:c0:1d:9b:
36:f3:bb:87
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYbhmVS4E66HSI2ESFXevG+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMzE0MTkyOTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk0MGIwODRiMTk5ZDJhNDViMDlhMzg4MGUzOTM5YTZlN2UxOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnoNnjtNn3CKvu2BbOfMyqXUc4GZ
u8YCIvT3yzzraW+4CTg+3MbUl17FQTqzPw6oEU/GGzeUVIKWAWO524uYxLrGLCke
1X7Txv8SfQJ83sLqtMgU4wYpsm4KJOpAsXfURogDjgxSCaGHafyWoRqvs9hrNn+A
X5T4j+fXBWZOOaC9B4Cnly9k/Hj42QmeSmHbX9bxybKc0N/qldSxKU+P+Zv4wx3O
HK5jdq/2Q0syN3G7Tc2Y0bAog9zFv6IFygHggpebL9fnkp3kxPnTPIvu0Vnc8CnU
NBYsRFEfB6aQkdhYDJQjnLURuBs0p0ZyF9Y3IK7xMh6jsz3CBsf+SD0QewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEWUCwhLGZ0qRbCaOIDjk5pufhkpMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvUlpRTENFc1puU3BGc0pvNGdPT1RtbTUtR1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUFqzAwQB
X4yeAwQBuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQBLx6hYvCkIQQXPXIhFZ0cMfyve
tpg+EIp71Hx5aqRdoQcl7fqtMMf48PGaV00RWRFY9UytQ9PPiVrn7AV1rwUEI+et
T90zu/4W1CxdiQsPr1wn1PZUWXEzDssDpl01CaJN6gM+g1AobU3r58IJsEGr10Ne
xyCWS5kLzbhc/KiTEWqB/ttz+PieBOOQiQ/CcWmZvMoKX4YGy5OUK6LCsN0OZbR/
CTRAgOH98jg9PQb2oFhWzT4wXb/icTT8eA/MsgeC5LlvlAPWqEKfrp9XA2T3Hrkq
vQ7fWHW6szZWWpVHQUFv+7ZmoJzjPHo0JrEw9kJqmxJh0FtumOPAHZs287uH
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org