Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/aIzoV9HylqOJQYYDC7cfpd74rtg.roa
File: aIzoV9HylqOJQYYDC7cfpd74rtg.roa (raw, json)
Hash identifier: h+0+M4l19OX5MnJ8SvCfVx80BRiaeY5kK+E9+AQ3bLY=
Subject key identifier: 68:8C:E8:57:D1:F2:96:A3:89:41:86:03:0B:B7:1F:A5:DE:F8:AE:D8
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01866AD2B0AA23191ED7A5DD2A7B01ABD263
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/aIzoV9HylqOJQYYDC7cfpd74rtg.roa
Signing time: Sun 19 Feb 2023 17:57:17 +0000
ROA not before: Sun 19 Feb 2023 17:57:17 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 138968
IP address blocks: 185.125.200.0/22 maxlen: 24
95.140.152.0/21 maxlen: 24
80.90.180.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:6a:d2:b0:aa:23:19:1e:d7:a5:dd:2a:7b:01:ab:d2:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Feb 19 17:57:17 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=688ce857d1f296a3894186030bb71fa5def8aed8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:57:5d:26:74:8f:ab:d3:bc:d4:0d:a0:41:
d4:b8:f5:c7:df:ff:70:d8:d0:85:f1:4c:3e:56:77:
7f:ff:fb:f3:41:04:b9:a3:b5:17:ae:be:50:89:3b:
9c:e8:79:14:19:ff:2d:bf:6f:e5:ee:6d:18:ab:65:
0e:46:a5:bb:f1:58:5a:ed:9c:08:ea:c7:f8:1a:df:
de:34:94:68:79:3b:8f:97:13:fb:59:ab:7b:6f:24:
7c:0b:23:30:17:4b:70:ec:08:c7:d0:d5:82:9e:50:
3b:0e:c3:e1:2e:4a:43:c1:89:c1:8d:23:ab:59:74:
c0:a8:e1:36:f3:cd:83:89:f4:dd:92:1a:97:2d:5d:
61:d0:f8:37:d0:fd:77:69:f0:13:7a:e6:08:32:68:
dc:91:75:5b:f6:96:6e:32:3e:e4:e9:56:9d:33:87:
da:c6:71:04:d0:9d:5a:20:ae:54:51:0d:6e:03:b7:
2d:01:09:79:c1:42:05:5e:61:bf:bf:9c:18:34:15:
6b:eb:38:e0:49:8b:17:a3:0c:c8:a8:60:13:cf:b1:
df:f8:e0:6a:e8:f3:24:dc:40:17:39:d5:f1:15:7f:
9c:e7:89:59:8f:ba:a8:da:3d:af:79:93:52:ac:a1:
d8:f9:45:4a:57:b7:f1:56:de:94:ca:39:d8:83:bd:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:8C:E8:57:D1:F2:96:A3:89:41:86:03:0B:B7:1F:A5:DE:F8:AE:D8
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/aIzoV9HylqOJQYYDC7cfpd74rtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.180.0/22
95.140.152.0/21
185.125.200.0/22
Signature Algorithm: sha256WithRSAEncryption
63:43:89:a4:e8:ff:31:bd:5f:a5:64:e1:ac:ce:3d:fc:bb:c3:
d5:e6:58:8e:7a:04:09:46:24:95:d4:02:20:d1:fd:c8:0c:fa:
b1:e4:20:5f:82:2b:56:97:19:ea:4e:7f:7c:44:76:c2:46:24:
d6:46:78:87:93:d5:43:fa:22:f4:d9:3f:fd:6e:31:71:ad:8e:
a9:4e:da:68:b7:b6:0a:56:af:dd:17:da:73:37:9b:a5:03:13:
2c:0f:a9:6b:18:87:16:59:b8:e4:47:3b:9e:a7:51:62:be:bf:
e2:2f:57:a4:5c:ec:d3:37:2e:63:94:5d:f9:59:48:e0:a6:fb:
8e:3c:8f:5e:d9:eb:9a:7a:1e:17:42:59:82:6f:c1:69:7f:a4:
2a:06:74:d0:3a:67:25:ce:ee:7e:08:4d:53:88:df:da:45:e5:
8e:31:9a:5b:78:70:dc:45:3d:26:e0:56:93:3f:23:89:6b:b3:
4c:a7:fb:43:d0:09:ea:99:c3:4f:f4:45:32:d5:4c:f6:fa:04:
31:85:b5:9a:a2:eb:db:a8:11:19:21:22:17:1c:94:fa:11:8f:
cc:d6:eb:05:05:19:c5:fb:fe:68:f4:0c:ae:5c:4d:58:9b:a8:
e2:15:31:1b:59:2b:0c:72:fb:fe:6e:41:8d:2c:f2:a6:40:13:
2d:41:d1:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYZq0rCqIxke16XdKnsBq9JjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMjE5MTc1NzE3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODhjZTg1N2QxZjI5NmEzODk0MTg2MDMwYmI3MWZhNWRlZjhhZWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4pXXSZ0j6vTvNQNoEHUuPXH3/9w
2NCF8Uw+Vnd///vzQQS5o7UXrr5QiTuc6HkUGf8tv2/l7m0Yq2UORqW78Vha7ZwI
6sf4Gt/eNJRoeTuPlxP7Wat7byR8CyMwF0tw7AjH0NWCnlA7DsPhLkpDwYnBjSOr
WXTAqOE2882DifTdkhqXLV1h0Pg30P13afATeuYIMmjckXVb9pZuMj7k6VadM4fa
xnEE0J1aIK5UUQ1uA7ctAQl5wUIFXmG/v5wYNBVr6zjgSYsXowzIqGATz7Hf+OBq
6PMk3EAXOdXxFX+c54lZj7qo2j2veZNSrKHY+UVKV7fxVt6UyjnYg72/0QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGiM6FfR8pajiUGGAwu3H6Xe+K7YMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvYUl6b1Y5SHlscU9KUVlZREM3Y2ZwZDc0cnRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUFq0AwQD
X4yYAwQCuX3IMA0GCSqGSIb3DQEBCwUAA4IBAQBjQ4mk6P8xvV+lZOGszj38u8PV
5liOegQJRiSV1AIg0f3IDPqx5CBfgitWlxnqTn98RHbCRiTWRniHk9VD+iL02T/9
bjFxrY6pTtpot7YKVq/dF9pzN5ulAxMsD6lrGIcWWbjkRzuep1Fivr/iL1ekXOzT
Ny5jlF35WUjgpvuOPI9e2euaeh4XQlmCb8Fpf6QqBnTQOmclzu5+CE1TiN/aReWO
MZpbeHDcRT0m4FaTPyOJa7NMp/tD0AnqmcNP9EUy1Uz2+gQxhbWaouvbqBEZISIX
HJT6EY/M1usFBRnF+/5o9AyuXE1Ym6jiFTEbWSsMcvv+bkGNLPKmQBMtQdFB
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:33 2023 by rpki-client on console-ams.rpki-client.org