Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/VV8ZBaAl5BwTpKbNEL8AA-_BKZQ.roa
File: VV8ZBaAl5BwTpKbNEL8AA-_BKZQ.roa (raw, json)
Hash identifier: XGj6fJBP/DZI9t/SauY6ULauhPvUlLQN7cfINl+wKnA=
Subject key identifier: 55:5F:19:05:A0:25:E4:1C:13:A4:A6:CD:10:BF:00:03:EF:C1:29:94
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018573438B311E6283150E9819C16E951AD8
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/VV8ZBaAl5BwTpKbNEL8AA-_BKZQ.roa
Signing time: Mon 02 Jan 2023 16:14:44 +0000
ROA not before: Mon 02 Jan 2023 16:14:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199883
IP address blocks: 89.36.220.0/22 maxlen: 24
89.38.144.0/22 maxlen: 24
94.177.252.0/22 maxlen: 24
94.177.248.0/22 maxlen: 24
185.58.224.0/22 maxlen: 24
217.61.16.0/21 maxlen: 24
89.40.120.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:43:8b:31:1e:62:83:15:0e:98:19:c1:6e:95:1a:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 2 16:14:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=555f1905a025e41c13a4a6cd10bf0003efc12994
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:fd:d6:94:29:06:dd:89:08:9e:58:eb:b2:93:
83:b5:bc:c3:98:b6:07:cc:c3:40:4c:f3:22:3b:6f:
e1:1e:8c:f4:ec:ec:db:e5:f4:bb:c6:28:9c:f7:2a:
5d:45:3b:b8:ba:1e:f4:30:71:44:25:04:63:42:ae:
db:fc:b4:36:16:2a:82:aa:48:76:e5:a7:ec:78:65:
09:bf:1b:b5:15:dd:3d:c7:6f:e8:f1:54:9a:a8:1a:
2e:a5:f3:39:0e:81:5f:6d:64:13:e2:6c:15:2e:58:
90:3f:91:ef:e5:73:13:be:51:61:c6:62:ee:df:23:
05:33:59:9c:44:f2:bb:d0:c5:4b:99:8f:28:71:f7:
b5:96:1e:02:dd:58:dc:52:62:f7:1c:13:a7:f9:c6:
7f:c2:d3:db:04:ab:92:5a:a1:ae:a8:36:94:8d:86:
aa:6e:e1:24:93:7c:31:71:38:bb:c3:ad:37:e4:7a:
25:1a:4f:6a:08:61:10:e7:9b:04:83:c0:11:3c:f4:
2f:05:08:7b:ac:2c:ed:4a:51:c6:d2:1b:67:8f:7d:
f0:3e:94:2f:f2:97:1a:c8:a8:6b:b3:e4:d6:a2:6f:
64:ef:a6:c8:e8:7f:b1:50:ba:91:26:24:67:00:be:
cb:27:bd:4e:5a:d4:32:90:8b:69:8b:6c:04:01:fc:
65:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:5F:19:05:A0:25:E4:1C:13:A4:A6:CD:10:BF:00:03:EF:C1:29:94
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/VV8ZBaAl5BwTpKbNEL8AA-_BKZQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.220.0/22
89.38.144.0/22
89.40.120.0/22
94.177.248.0/21
185.58.224.0/22
217.61.16.0/21
Signature Algorithm: sha256WithRSAEncryption
7c:6e:8b:e0:ba:f2:a3:d3:71:68:ca:aa:16:23:8f:27:2f:2b:
22:c7:05:0f:f6:3d:f2:d1:24:cb:b4:64:d7:dc:c3:b7:68:fa:
12:55:b0:79:7e:e3:85:d3:5d:83:4f:28:df:b1:47:6e:e6:18:
2b:ac:fc:78:f4:6f:67:64:43:5a:66:f0:ef:64:c7:95:6a:e8:
da:47:8a:7b:6b:be:ea:ee:3e:5c:f7:8b:3d:68:7f:da:83:22:
de:d4:b2:f1:56:61:9a:48:f2:cd:8c:0c:4e:92:72:65:a1:29:
87:bd:df:1d:3a:b9:3c:ac:40:49:0c:54:bc:ab:ea:0c:07:33:
b6:c6:61:2d:16:ee:07:ae:1f:7f:23:7c:e1:c9:61:f4:9d:7e:
b7:79:2f:8a:87:35:16:bb:6b:1f:35:4d:3e:95:d3:ed:81:02:
1d:27:e5:1d:8e:86:95:53:d5:4a:64:ca:05:38:06:08:4c:31:
d4:3c:59:07:00:48:42:2a:d4:bc:13:a7:7f:bb:35:4e:61:f7:
dd:92:53:52:9d:6a:4a:ae:d3:26:25:04:82:59:70:08:40:99:
a1:fa:80:39:ec:d6:66:ff:61:f7:ce:98:c1:a9:3e:b5:65:d4:
1b:98:43:2a:d9:e6:4c:75:f7:2c:57:71:c2:3f:e9:6c:7a:66:
6c:59:00:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzQ4sxHmKDFQ6YGcFulRrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjMwMTAyMTYxNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTVmMTkwNWEwMjVlNDFjMTNhNGE2Y2QxMGJmMDAwM2VmYzEyOTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmf3WlCkG3YkInljrspODtbzDmLYH
zMNATPMiO2/hHoz07Ozb5fS7xiic9ypdRTu4uh70MHFEJQRjQq7b/LQ2FiqCqkh2
5afseGUJvxu1Fd09x2/o8VSaqBoupfM5DoFfbWQT4mwVLliQP5Hv5XMTvlFhxmLu
3yMFM1mcRPK70MVLmY8ocfe1lh4C3VjcUmL3HBOn+cZ/wtPbBKuSWqGuqDaUjYaq
buEkk3wxcTi7w6035HolGk9qCGEQ55sEg8ARPPQvBQh7rCztSlHG0htnj33wPpQv
8pcayKhrs+TWom9k76bI6H+xULqRJiRnAL7LJ71OWtQykItpi2wEAfxlGQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFVfGQWgJeQcE6SmzRC/AAPvwSmUMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvVlY4WkJhQWw1QndUcEtiTkVMOEFBLV9CS1pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCWSTcAwQC
WSaQAwQCWSh4AwQDXrH4AwQCuTrgAwQD2T0QMA0GCSqGSIb3DQEBCwUAA4IBAQB8
bovguvKj03FoyqoWI48nLysixwUP9j3y0STLtGTX3MO3aPoSVbB5fuOF012DTyjf
sUdu5hgrrPx49G9nZENaZvDvZMeVaujaR4p7a77q7j5c94s9aH/agyLe1LLxVmGa
SPLNjAxOknJloSmHvd8dOrk8rEBJDFS8q+oMBzO2xmEtFu4Hrh9/I3zhyWH0nX63
eS+KhzUWu2sfNU0+ldPtgQIdJ+UdjoaVU9VKZMoFOAYITDHUPFkHAEhCKtS8E6d/
uzVOYffdklNSnWpKrtMmJQSCWXAIQJmh+oA57NZm/2H3zpjBqT61ZdQbmEMq2eZM
dfcsV3HCP+lsemZsWQDZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:15 2024 by rpki-client on console-ams.rpki-client.org