Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/zpqB8bEdQb4HHMvP9oDd9s7xC0k.roa
File: zpqB8bEdQb4HHMvP9oDd9s7xC0k.roa (raw, json)
Hash identifier: qIRqb0R7NZ9NUdoSDBdaKBSOyVzZv4f7pl5WT97GjpE=
Subject key identifier: CE:9A:81:F1:B1:1D:41:BE:07:1C:CB:CF:F6:80:DD:F6:CE:F1:0B:49
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 01856C6EF0EB6A8D57FDD07942A49E2DA792
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/zpqB8bEdQb4HHMvP9oDd9s7xC0k.roa
Signing time: Sun 01 Jan 2023 08:24:48 +0000
ROA not before: Sun 01 Jan 2023 08:24:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5606
IP address blocks: 89.39.6.0/24 maxlen: 24
176.223.114.0/24 maxlen: 24
92.114.3.0/24 maxlen: 24
92.114.2.0/24 maxlen: 24
93.174.160.0/24 maxlen: 24
84.247.23.0/24 maxlen: 24
93.174.167.0/24 maxlen: 24
188.240.0.0/24 maxlen: 24
185.220.184.0/24 maxlen: 24
185.220.186.0/24 maxlen: 24
185.220.185.0/24 maxlen: 24
185.248.139.0/24 maxlen: 24
45.67.39.0/24 maxlen: 24
193.200.63.0/24 maxlen: 24
193.200.62.0/24 maxlen: 24
45.82.28.0/23 maxlen: 23
188.241.73.0/24 maxlen: 24
188.241.74.0/23 maxlen: 23
193.16.144.0/24 maxlen: 24
45.67.36.0/24 maxlen: 24
45.67.38.0/24 maxlen: 24
31.14.21.0/24 maxlen: 24
45.14.238.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6e:f0:eb:6a:8d:57:fd:d0:79:42:a4:9e:2d:a7:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 1 08:24:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce9a81f1b11d41be071ccbcff680ddf6cef10b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:6a:49:c9:8a:04:e2:b8:72:a4:4f:26:37:
b1:52:c2:c1:c1:8a:de:aa:4a:04:4e:a6:0c:6e:f1:
77:16:49:bc:87:2c:08:e9:5a:33:18:47:ab:2f:cd:
1f:4d:60:bb:28:e1:63:7f:3e:83:dc:ae:a6:d4:1a:
fe:4f:b5:a0:02:fe:0a:e8:d2:1b:77:1d:5a:50:42:
48:69:7d:a9:18:2e:1f:fe:f2:8c:fa:d9:99:da:5b:
93:c4:6f:14:88:65:d1:5d:64:22:a0:f5:a5:b7:da:
c9:d1:fa:7b:f1:30:c3:70:9e:cf:99:97:24:14:83:
87:69:ab:48:30:23:e3:96:ec:3b:54:93:1d:86:50:
a9:86:7c:d3:cb:25:b3:61:11:c0:29:52:c9:52:69:
01:41:11:c9:ab:53:3b:37:f8:a7:15:e8:47:65:c0:
9f:b2:53:ce:ea:46:84:7f:65:77:c1:3e:7e:a2:e3:
a2:4d:dd:f9:f4:c3:c5:e7:f2:4a:f0:50:f1:a3:ba:
c0:bb:fa:0b:63:b8:bf:24:2a:73:99:74:7c:a4:9a:
c8:de:92:a0:9f:14:0c:f4:c4:3d:05:b0:5b:2d:4f:
d2:1b:0d:7e:b7:0a:ba:0d:30:91:72:c2:a2:79:a5:
f0:8a:6b:ac:9f:08:e9:a5:d6:13:b2:84:b8:78:dc:
1d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9A:81:F1:B1:1D:41:BE:07:1C:CB:CF:F6:80:DD:F6:CE:F1:0B:49
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/zpqB8bEdQb4HHMvP9oDd9s7xC0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.21.0/24
45.14.238.0/24
45.67.36.0/24
45.67.38.0/23
45.82.28.0/23
84.247.23.0/24
89.39.6.0/24
92.114.2.0/23
93.174.160.0/24
93.174.167.0/24
176.223.114.0/24
185.220.184.0-185.220.186.255
185.248.139.0/24
188.240.0.0/24
188.241.73.0-188.241.75.255
193.16.144.0/24
193.200.62.0/23
Signature Algorithm: sha256WithRSAEncryption
33:9d:8b:18:6b:b4:2c:80:55:b2:95:3a:b9:7e:bb:1f:5c:09:
e5:9e:de:10:42:04:06:80:91:27:fa:72:7f:47:15:cd:33:11:
b5:e9:60:e5:4e:e9:0b:63:c1:66:55:a8:d9:5c:18:dd:fb:59:
3a:b9:c3:8c:b0:b1:1e:2e:9d:ce:cf:ff:e9:18:48:8d:c2:6d:
e3:67:8f:38:6a:77:ce:be:6c:b6:94:6f:56:80:31:23:e5:c5:
52:35:31:5b:1c:c7:31:11:de:f8:06:8a:73:53:d3:7d:63:f6:
b5:bc:29:a9:a4:08:db:9b:06:0c:2e:7c:61:1d:6c:36:bf:f2:
7e:b0:01:76:a9:64:6c:98:bb:d9:88:d6:51:5c:6b:2d:2c:f8:
4b:de:77:c2:84:f0:9f:41:b3:c8:f6:42:e4:99:0a:93:0b:97:
0d:d7:4f:27:7c:54:c0:55:00:34:7c:51:0c:a4:ee:8e:92:75:
17:77:f1:7a:94:ae:b5:ee:b9:e1:18:4f:8c:0c:64:32:7c:2e:
8a:be:c4:ab:0c:d1:6e:bd:5e:55:00:a2:a6:e3:a9:8c:7d:5a:
74:3a:a5:1f:fa:b0:66:f3:40:83:83:70:39:bd:f2:eb:62:f5:
c1:a4:06:8a:c2:21:b2:f8:b0:2d:92:09:18:78:8b:cb:d1:34:
48:9c:5f:3e
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAYVsbvDrao1X/dB5QqSeLaeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjMwMTAxMDgyNDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTlhODFmMWIxMWQ0MWJlMDcxY2NiY2ZmNjgwZGRmNmNlZjEwYjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvRJqScmKBOK4cqRPJjexUsLBwYre
qkoETqYMbvF3Fkm8hywI6VozGEerL80fTWC7KOFjfz6D3K6m1Br+T7WgAv4K6NIb
dx1aUEJIaX2pGC4f/vKM+tmZ2luTxG8UiGXRXWQioPWlt9rJ0fp78TDDcJ7PmZck
FIOHaatIMCPjluw7VJMdhlCphnzTyyWzYRHAKVLJUmkBQRHJq1M7N/inFehHZcCf
slPO6kaEf2V3wT5+ouOiTd359MPF5/JK8FDxo7rAu/oLY7i/JCpzmXR8pJrI3pKg
nxQM9MQ9BbBbLU/SGw1+twq6DTCRcsKieaXwimusnwjppdYTsoS4eNwdowIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFM6agfGxHUG+BxzLz/aA3fbO8QtJMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvenBxQjhiRWRRYjRISE12UDlvRGQ5czd4QzBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAfDhUD
BAAtDu4DBAAtQyQDBAEtQyYDBAEtUhwDBABU9xcDBABZJwYDBAFccgIDBABdrqAD
BABdrqcDBACw33IwDAMEA7ncuAMEALncugMEALn4iwMEALzwADAMAwQAvPFJAwQC
vPFIAwQAwRCQAwQBwcg+MA0GCSqGSIb3DQEBCwUAA4IBAQAznYsYa7QsgFWylTq5
frsfXAnlnt4QQgQGgJEn+nJ/RxXNMxG16WDlTukLY8FmVajZXBjd+1k6ucOMsLEe
Lp3Oz//pGEiNwm3jZ484anfOvmy2lG9WgDEj5cVSNTFbHMcxEd74BopzU9N9Y/a1
vCmppAjbmwYMLnxhHWw2v/J+sAF2qWRsmLvZiNZRXGstLPhL3nfChPCfQbPI9kLk
mQqTC5cN108nfFTAVQA0fFEMpO6OknUXd/F6lK617rnhGE+MDGQyfC6KvsSrDNFu
vV5VAKKm46mMfVp0OqUf+rBm80CDg3A5vfLrYvXBpAaKwiGy+LAtkgkYeIvL0TRI
nF8+
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:01 2023 by rpki-client on console-fra.rpki-client.org