Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa
File: 6OBM9NdUm152LnqEc___OpcWKvI.roa (raw, json)
Hash identifier: L+fKyYvvZBuc/RLaDJrrZlzcIBkKNnRK5HMMs7uQ8NU=
Subject key identifier: E8:E0:4C:F4:D7:54:9B:5E:76:2E:7A:84:73:FF:FF:3A:97:16:2A:F2
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0185711546983D50D1B916FD573BC2D2A8A1
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa
Signing time: Mon 02 Jan 2023 06:04:57 +0000
ROA not before: Mon 02 Jan 2023 06:04:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2590
IP address blocks: 89.174.32.0/23 maxlen: 24
89.174.73.128/25 maxlen: 25
89.174.74.128/25 maxlen: 25
78.133.144.0/22 maxlen: 24
89.174.229.0/24 maxlen: 24
85.219.244.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:46:98:3d:50:d1:b9:16:fd:57:3b:c2:d2:a8:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 2 06:04:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=e8e04cf4d7549b5e762e7a8473ffff3a97162af2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a8:67:20:70:0e:a1:6a:cc:cf:3b:66:a4:f0:
36:3f:57:4d:87:70:64:22:14:17:c4:48:9f:f3:7c:
32:26:75:75:38:97:7f:75:4e:09:44:2d:62:e7:18:
aa:07:84:b8:c2:4a:8f:ab:d6:13:89:78:2b:56:34:
85:65:33:0e:56:e4:14:63:f1:72:a0:83:46:93:1d:
4b:9e:9e:78:83:fa:82:67:4d:eb:2f:c4:84:fb:60:
8f:ad:df:1e:0c:7f:8c:c8:0d:2b:91:54:ee:a5:7e:
55:18:e3:8d:58:9a:cd:a9:f0:01:3b:5b:19:0a:f3:
ed:c6:bb:49:2f:84:30:35:01:be:bf:30:39:60:e1:
75:16:18:de:b0:e7:ba:5c:07:f9:5e:f6:c6:11:7c:
7f:4c:db:54:6d:af:2b:cf:ba:e3:13:f7:10:ea:68:
b8:2b:f8:c8:c7:ec:26:ba:64:90:16:e9:b5:1a:c4:
6d:ef:64:42:31:b5:72:6a:07:f5:ca:18:fa:9b:68:
ef:66:93:fb:ae:3f:4c:46:a7:53:38:31:da:10:e9:
dc:dc:a4:f9:10:f3:37:bd:3d:77:8d:33:fe:82:c6:
fb:43:5f:61:01:64:42:be:fe:8c:7d:6a:1a:e1:28:
f4:e9:bc:e1:ea:d7:bc:29:20:e9:3b:d9:33:e4:22:
90:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E0:4C:F4:D7:54:9B:5E:76:2E:7A:84:73:FF:FF:3A:97:16:2A:F2
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/6OBM9NdUm152LnqEc___OpcWKvI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.133.144.0/22
85.219.244.0/22
89.174.32.0/23
89.174.73.128/25
89.174.74.128/25
89.174.229.0/24
Signature Algorithm: sha256WithRSAEncryption
69:6f:7f:4c:e1:1f:80:2c:09:a4:5d:67:4d:e1:1d:2d:a5:75:
3d:a1:1f:5f:4e:17:81:a0:64:2e:5c:49:0e:ce:9c:c6:80:df:
d8:4e:ba:8f:8f:ef:ee:fd:3d:3b:ce:58:27:e6:02:15:14:75:
19:ef:18:94:b0:ec:4a:15:78:93:6c:eb:f6:ce:98:5d:f1:ce:
c6:4b:f2:c9:7b:e7:37:65:31:ea:db:30:bf:e3:93:4f:45:c6:
c5:d8:50:e1:7b:18:c3:5e:6b:30:69:0b:80:82:b3:98:1e:3a:
98:6e:96:ce:83:25:89:9e:ab:c1:66:35:7b:94:a6:a2:25:08:
f8:09:e9:e8:60:5d:27:4c:2f:2e:57:d4:a3:1d:48:95:7f:86:
36:d2:88:ab:5b:8c:4e:32:cf:86:a4:58:69:63:48:a6:7f:2b:
58:03:10:05:e6:f1:bb:74:fd:5b:e9:3f:39:b1:e1:dd:8c:d4:
87:b7:f2:3d:e6:b4:31:f1:25:77:d1:4e:a9:91:13:c9:4c:5c:
d4:7c:29:e6:1a:8c:08:b2:8a:4c:92:0c:92:ed:7c:80:68:47:
88:73:88:bb:0e:d0:83:08:c8:ff:2c:d6:39:49:a0:6c:da:90:
34:1b:ee:d1:a3:14:5f:e4:e6:73:33:c1:b2:f8:f3:4b:3c:b0:
ad:22:80:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYVxFUaYPVDRuRb9VzvC0qihMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjMwMTAyMDYwNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGUwNGNmNGQ3NTQ5YjVlNzYyZTdhODQ3M2ZmZmYzYTk3MTYyYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqhnIHAOoWrMzztmpPA2P1dNh3Bk
IhQXxEif83wyJnV1OJd/dU4JRC1i5xiqB4S4wkqPq9YTiXgrVjSFZTMOVuQUY/Fy
oINGkx1Lnp54g/qCZ03rL8SE+2CPrd8eDH+MyA0rkVTupX5VGOONWJrNqfABO1sZ
CvPtxrtJL4QwNQG+vzA5YOF1FhjesOe6XAf5XvbGEXx/TNtUba8rz7rjE/cQ6mi4
K/jIx+wmumSQFum1GsRt72RCMbVyagf1yhj6m2jvZpP7rj9MRqdTODHaEOnc3KT5
EPM3vT13jTP+gsb7Q19hAWRCvv6MfWoa4Sj06bzh6te8KSDpO9kz5CKQYQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOjgTPTXVJtedi56hHP//zqXFiryMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvNk9CTTlOZFVtMTUyTG5xRWNfX19PcGNXS3ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCToWQAwQC
Vdv0AwQBWa4gAwUHWa5JgAMFB1muSoADBABZruUwDQYJKoZIhvcNAQELBQADggEB
AGlvf0zhH4AsCaRdZ03hHS2ldT2hH19OF4GgZC5cSQ7OnMaA39hOuo+P7+79PTvO
WCfmAhUUdRnvGJSw7EoVeJNs6/bOmF3xzsZL8sl75zdlMerbML/jk09FxsXYUOF7
GMNeazBpC4CCs5geOphuls6DJYmeq8FmNXuUpqIlCPgJ6ehgXSdMLy5X1KMdSJV/
hjbSiKtbjE4yz4akWGljSKZ/K1gDEAXm8bt0/VvpPzmx4d2M1Ie38j3mtDHxJXfR
TqmRE8lMXNR8KeYajAiyikySDJLtfIBoR4hziLsO0IMIyP8s1jlJoGzakDQb7tGj
FF/k5nMzwbL480s8sK0igG4=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:50:29 2024 by rpki-client on console-fra.rpki-client.org