Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/CHIueoZPPINHTSUTk4V-TWvKGlc.roa
File: CHIueoZPPINHTSUTk4V-TWvKGlc.roa (raw, json)
Hash identifier: FztxixU7SJgLfU9bEd+UP5B6v89eaNqG3VtJrDNGC7o=
Subject key identifier: 08:72:2E:7A:86:4F:3C:83:47:4D:25:13:93:85:7E:4D:6B:CA:1A:57
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 018996BA6DB7D59E36800DFEB3F17F84127F
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/CHIueoZPPINHTSUTk4V-TWvKGlc.roa
Signing time: Thu 27 Jul 2023 09:42:27 +0000
ROA not before: Thu 27 Jul 2023 09:42:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198102
IP address blocks: 195.28.8.0/23 maxlen: 24
213.225.240.0/20 maxlen: 24
89.35.168.0/22 maxlen: 24
195.225.40.0/23 maxlen: 24
89.45.212.0/22 maxlen: 24
195.238.80.0/23 maxlen: 24
128.65.204.0/23 maxlen: 24
128.65.200.0/23 maxlen: 24
86.105.236.0/22 maxlen: 24
185.85.192.0/23 maxlen: 24
185.85.194.0/24 maxlen: 24
78.111.224.0/20 maxlen: 24
195.210.40.0/23 maxlen: 24
134.255.168.0/22 maxlen: 24
91.231.62.0/24 maxlen: 24
2a00:4060::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:96:ba:6d:b7:d5:9e:36:80:0d:fe:b3:f1:7f:84:12:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jul 27 09:42:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08722e7a864f3c83474d251393857e4d6bca1a57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:02:08:b4:f4:cc:e0:46:99:f2:f9:0a:c6:
0b:e5:78:02:b0:d4:6b:70:d4:91:66:15:85:14:da:
98:90:fe:d0:67:0e:7e:12:23:cc:65:21:a4:02:ec:
9d:e1:76:2b:24:18:8f:6d:8e:00:24:ef:ce:13:4c:
05:e8:b5:09:57:47:ab:7b:cb:53:b6:a9:47:07:0f:
44:be:4b:e6:83:a3:0b:73:8a:40:35:a6:9b:4a:e8:
7b:5e:53:64:f3:56:15:66:b5:01:71:f6:33:d5:65:
6e:cb:a7:c0:a3:14:d8:55:b3:86:b4:e3:a0:62:b2:
29:9b:c5:bb:b2:8c:0f:ec:b1:b4:5d:41:ce:26:ac:
cc:bc:dd:3d:e1:25:7f:81:9e:1d:29:65:d1:15:2c:
9b:45:33:16:df:cb:6b:cd:21:18:b3:26:a2:c2:93:
fc:b3:04:a3:dc:a0:32:15:1e:57:67:7f:90:ca:31:
25:f2:fb:a2:99:32:51:a7:62:ad:cd:c9:17:dc:3a:
34:2a:20:2e:6e:90:66:80:db:65:70:d2:51:55:58:
81:3f:aa:38:06:07:9f:7e:86:2e:04:98:58:c2:8e:
d2:58:4a:1b:fe:75:0e:83:00:b1:13:fc:04:1a:d7:
83:7b:5d:83:c3:a9:bb:ae:ec:06:7f:1a:f8:68:be:
f3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:72:2E:7A:86:4F:3C:83:47:4D:25:13:93:85:7E:4D:6B:CA:1A:57
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/CHIueoZPPINHTSUTk4V-TWvKGlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/23
128.65.204.0/23
134.255.168.0/22
185.85.192.0-185.85.194.255
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
IPv6:
2a00:4060::/29
Signature Algorithm: sha256WithRSAEncryption
56:f8:c8:2e:8f:1e:2d:04:c4:be:9b:4a:24:05:9c:4d:49:4d:
77:d2:93:a8:5f:42:72:38:48:cc:9d:32:10:36:d0:d2:fc:37:
cf:44:3e:af:63:9e:1d:e6:d6:6c:4b:d2:36:56:fa:25:24:57:
b5:2f:a9:eb:a2:30:d3:5a:c5:3a:d1:42:46:91:87:43:d8:87:
6d:95:8c:0f:ad:2d:54:5d:02:a7:57:ad:3d:8d:4e:b6:0e:3c:
46:22:5f:bd:43:9b:ef:60:0d:ad:0f:ee:3e:2f:50:86:db:2c:
90:95:cf:81:47:b2:55:65:31:51:df:c7:26:3b:f8:83:95:49:
59:ab:bb:b8:6b:16:4c:d0:ef:b9:7d:3e:f7:7c:3e:7e:1a:07:
27:c1:46:9d:c9:29:c0:74:af:f4:bc:49:83:92:8c:3d:e0:d2:
93:9d:52:6e:0e:2b:e4:01:28:62:9c:14:df:9d:01:12:fa:4f:
38:2b:85:56:00:7d:b5:03:ad:9a:d4:7c:a2:b5:a6:9b:8e:5e:
dc:cf:53:b0:2a:e7:39:60:b3:26:6b:e8:39:15:d8:5b:32:e8:
d6:33:f3:4a:e6:00:50:08:7a:50:e1:9c:97:37:f1:b1:2f:f8:
4d:f1:d6:49:cf:54:07:a2:c7:57:f3:32:8a:27:8a:30:f6:fb:
1c:89:92:48
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYmWum231Z42gA3+s/F/hBJ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjMwNzI3MDk0MjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODcyMmU3YTg2NGYzYzgzNDc0ZDI1MTM5Mzg1N2U0ZDZiY2ExYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cYCCLT0zOBGmfL5CsYL5XgCsNRr
cNSRZhWFFNqYkP7QZw5+EiPMZSGkAuyd4XYrJBiPbY4AJO/OE0wF6LUJV0ere8tT
tqlHBw9Evkvmg6MLc4pANaabSuh7XlNk81YVZrUBcfYz1WVuy6fAoxTYVbOGtOOg
YrIpm8W7sowP7LG0XUHOJqzMvN094SV/gZ4dKWXRFSybRTMW38trzSEYsyaiwpP8
swSj3KAyFR5XZ3+QyjEl8vuimTJRp2KtzckX3Do0KiAubpBmgNtlcNJRVViBP6o4
BgeffoYuBJhYwo7SWEob/nUOgwCxE/wEGteDe12Dw6m7ruwGfxr4aL7z8wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFAhyLnqGTzyDR00lE5OFfk1ryhpXMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvQ0hJdWVvWlBQSU5IVFNVVGs0Vi1UV3ZLR2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMEBE5v4AME
AlZp7AMEAlkjqAMEAlkt1AMEAFvnPgMEAYBByAMEAYBBzAMEAob/qDAMAwQGuVXA
AwQAuVXCAwQBwxwIAwQBw9IoAwQBw+EoAwQBw+5QAwQE1eHwMA0EAgACMAcDBQMq
AEBgMA0GCSqGSIb3DQEBCwUAA4IBAQBW+Mgujx4tBMS+m0okBZxNSU130pOoX0Jy
OEjMnTIQNtDS/DfPRD6vY54d5tZsS9I2VvolJFe1L6nrojDTWsU60UJGkYdD2Idt
lYwPrS1UXQKnV609jU62DjxGIl+9Q5vvYA2tD+4+L1CG2yyQlc+BR7JVZTFR38cm
O/iDlUlZq7u4axZM0O+5fT73fD5+GgcnwUadySnAdK/0vEmDkow94NKTnVJuDivk
AShinBTfnQES+k84K4VWAH21A62a1Hyitaabjl7cz1OwKuc5YLMma+g5FdhbMujW
M/NK5gBQCHpQ4ZyXN/GxL/hN8dZJz1QHosdX8zKKJ4ow9vsciZJI
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:22 2024 by rpki-client on console-fra.rpki-client.org