Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/b86gfOC3U_ZYnCrJTIpssGmQYuM.roa
File: b86gfOC3U_ZYnCrJTIpssGmQYuM.roa (raw, json)
Hash identifier: c1LzmnSCnUd7EvVXMafRxCq/5FAAsNvQ0paHc0JtfkA=
Subject key identifier: 6F:CE:A0:7C:E0:B7:53:F6:58:9C:2A:C9:4C:8A:6C:B0:69:90:62:E3
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 01856DC1C78B58035BCB224D3DC804AB795A
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/b86gfOC3U_ZYnCrJTIpssGmQYuM.roa
Signing time: Sun 01 Jan 2023 14:34:54 +0000
ROA not before: Sun 01 Jan 2023 14:34:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3285
IP address blocks: 95.140.144.0/21 maxlen: 24
80.90.176.0/22 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 18 Apr 2023 19:02:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:c1:c7:8b:58:03:5b:cb:22:4d:3d:c8:04:ab:79:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 14:34:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6fcea07ce0b753f6589c2ac94c8a6cb0699062e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:41:0c:b5:b7:e5:fb:b8:78:c2:66:04:d4:57:
49:0c:ca:6b:a5:05:11:07:26:21:d4:b9:e6:15:fa:
4e:c4:e3:c4:27:26:a7:3f:9f:ed:47:2c:c8:c7:fb:
d7:32:56:be:93:c0:d7:8a:70:8c:0a:df:5f:02:4f:
a8:47:a9:25:2c:e0:1a:86:b3:2a:33:30:6c:f8:04:
61:a7:e7:04:bc:5b:99:ae:d3:a1:35:2c:95:41:d1:
e3:68:c6:12:cc:d2:c2:81:14:fa:b4:4e:05:34:d8:
00:4b:e4:ba:23:eb:2e:9e:ab:e2:47:47:3b:f3:e1:
c5:d7:a1:94:ac:a2:e2:0d:88:17:13:7f:a4:cf:7a:
24:a1:91:7b:71:53:f0:4b:f3:46:54:2b:81:aa:c6:
f8:77:e8:f1:c1:c7:47:f5:16:23:a0:36:f4:15:63:
51:5d:19:57:9e:a2:e8:bc:56:71:2e:2e:f8:6e:e9:
30:a2:7e:fd:c6:47:a4:e4:b3:90:91:a9:c7:0c:82:
74:90:b4:5c:6b:b4:6c:95:40:ad:da:16:2c:4d:57:
88:de:f8:75:76:76:d6:d7:cb:1c:e5:00:8d:e0:8b:
6e:ad:53:29:0f:d1:36:eb:5d:46:39:04:55:f0:24:
ed:94:32:08:4e:9f:32:46:82:49:e7:c7:aa:8e:d7:
88:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:CE:A0:7C:E0:B7:53:F6:58:9C:2A:C9:4C:8A:6C:B0:69:90:62:E3
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/b86gfOC3U_ZYnCrJTIpssGmQYuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0/22
95.140.144.0/21
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
44:5d:67:aa:5e:c3:0d:5e:45:d7:45:ad:81:26:3c:c0:8c:a9:
75:5f:00:01:37:e8:39:10:2a:3f:b9:70:b5:f5:57:73:ba:a8:
e1:29:d6:f3:31:d4:2e:05:16:1e:5d:b2:1d:2e:d7:63:ef:f6:
e3:83:a3:ba:c9:20:18:17:c7:b9:2a:a6:f1:93:1e:e7:05:93:
65:66:66:b7:61:a1:df:0d:c1:ea:2f:42:15:f3:7a:89:4f:95:
27:d5:58:b9:d9:b6:6f:3b:e1:04:96:80:d2:8d:5a:a3:9c:d8:
86:24:53:17:f7:fa:53:93:ba:92:f7:7e:5f:80:d3:be:9d:cc:
87:57:b1:f2:dd:0d:15:6c:b4:aa:c6:d8:29:98:10:ad:e8:9b:
47:af:d5:b5:5c:ee:05:11:86:54:85:bc:23:19:fc:49:06:ce:
a7:3c:b3:76:74:4c:40:b6:05:2e:ff:bf:8f:74:ae:e4:93:44:
07:b7:d3:f4:62:0b:8b:29:11:05:4c:b1:b7:49:d0:31:10:b9:
74:89:ca:30:7e:da:b2:ac:e7:02:57:f3:2f:2a:d3:36:24:d0:
18:bb:1c:10:c9:3d:20:fb:14:57:93:f9:66:7d:ed:a0:7a:a2:
b4:10:cc:17:c3:6a:c2:58:16:0d:c3:3a:ac:71:7b:61:36:b2:
36:3f:32:93
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtwceLWANbyyJNPcgEq3laMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjMwMTAxMTQzNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmNlYTA3Y2UwYjc1M2Y2NTg5YzJhYzk0YzhhNmNiMDY5OTA2MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3EEMtbfl+7h4wmYE1FdJDMprpQUR
ByYh1LnmFfpOxOPEJyanP5/tRyzIx/vXMla+k8DXinCMCt9fAk+oR6klLOAahrMq
MzBs+ARhp+cEvFuZrtOhNSyVQdHjaMYSzNLCgRT6tE4FNNgAS+S6I+sunqviR0c7
8+HF16GUrKLiDYgXE3+kz3okoZF7cVPwS/NGVCuBqsb4d+jxwcdH9RYjoDb0FWNR
XRlXnqLovFZxLi74bukwon79xkek5LOQkanHDIJ0kLRca7RslUCt2hYsTVeI3vh1
dnbW18sc5QCN4IturVMpD9E2611GOQRV8CTtlDIITp8yRoJJ58eqjteIqwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG/OoHzgt1P2WJwqyUyKbLBpkGLjMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvYjg2Z2ZPQzNVX1pZbkNySlRJcHNzR21RWXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCUFqwAwQD
X4yQMA0EAgACMAcDBQAqABgYMA0GCSqGSIb3DQEBCwUAA4IBAQBEXWeqXsMNXkXX
Ra2BJjzAjKl1XwABN+g5ECo/uXC19VdzuqjhKdbzMdQuBRYeXbIdLtdj7/bjg6O6
ySAYF8e5Kqbxkx7nBZNlZma3YaHfDcHqL0IV83qJT5Un1Vi52bZvO+EEloDSjVqj
nNiGJFMX9/pTk7qS935fgNO+ncyHV7Hy3Q0VbLSqxtgpmBCt6JtHr9W1XO4FEYZU
hbwjGfxJBs6nPLN2dExAtgUu/7+PdK7kk0QHt9P0YguLKREFTLG3SdAxELl0icow
ftqyrOcCV/MvKtM2JNAYuxwQyT0g+xRXk/lmfe2geqK0EMwXw2rCWBYNwzqscXth
NrI2PzKT
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:23 2024 by rpki-client on console-ams.rpki-client.org