Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/lK35uvdrXHf_Flyx2ScJiAEZBSs.roa
File: lK35uvdrXHf_Flyx2ScJiAEZBSs.roa (raw, json)
Hash identifier: r2XLaCSoK2iUQVnI8kq/0msBvLVG7g6XpfI2R5N+XNc=
Subject key identifier: 94:AD:F9:BA:F7:6B:5C:77:FF:16:5C:B1:D9:27:09:88:01:19:05:2B
Certificate issuer: /CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Certificate serial: 0185711E5618F5C961A83A050BE2091C3711
Authority key identifier: 22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/lK35uvdrXHf_Flyx2ScJiAEZBSs.roa
Signing time: Mon 02 Jan 2023 06:14:51 +0000
ROA not before: Mon 02 Jan 2023 06:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48399
IP address blocks: 178.170.223.0/24 maxlen: 24
85.193.70.0/23 maxlen: 23
192.70.198.0/23 maxlen: 23
192.70.196.0/23 maxlen: 23
185.190.118.0/23 maxlen: 23
185.190.116.0/23 maxlen: 23
2a07:ecc0::/30 maxlen: 30
2a07:ecc4::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:1e:56:18:f5:c9:61:a8:3a:05:0b:e2:09:1c:37:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c5feb2d25fac4dd8baa4f71d8dc2268186a039
Validity
Not Before: Jan 2 06:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=94adf9baf76b5c77ff165cb1d92709880119052b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:e3:ea:10:9f:60:31:51:12:b3:10:c9:56:e7:
f0:a3:50:84:18:b2:c0:b3:25:b3:50:77:3c:45:18:
21:60:d5:30:f7:9e:c7:aa:73:c4:a5:db:05:21:9c:
0b:0d:0d:00:63:7f:10:66:fe:b0:52:bc:74:a7:ed:
0a:eb:ac:36:7a:08:e4:c7:b8:46:c9:fb:f6:49:4d:
69:b4:70:df:20:a8:26:67:79:8a:d4:84:27:be:02:
51:4c:07:95:b6:c1:10:0d:a2:23:b9:02:2b:2a:20:
a2:ba:c1:93:b9:fe:58:b8:18:ac:71:b9:2f:21:7e:
c1:f8:3e:5a:47:20:b7:4c:97:fc:f7:90:a8:1e:43:
22:78:c2:b6:d9:f4:9e:db:44:80:07:b3:03:57:8b:
89:48:96:eb:de:a9:1c:13:9e:0f:d3:bd:48:0a:45:
c8:84:13:75:d3:b3:78:47:7e:17:45:6a:85:8f:46:
ec:99:10:c7:7a:b3:26:80:ad:d7:ac:92:5d:48:1c:
6f:d8:c5:9d:2a:22:db:11:eb:42:a0:29:e2:76:55:
e7:8b:d5:cc:61:68:62:19:5d:a7:0c:8a:30:2a:c2:
a8:39:30:8f:ff:f7:8c:1d:82:5a:45:16:fe:bb:ca:
52:59:a1:aa:a1:28:c6:e8:e8:3f:d9:f3:8c:91:a8:
ca:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:AD:F9:BA:F7:6B:5C:77:FF:16:5C:B1:D9:27:09:88:01:19:05:2B
X509v3 Authority Key Identifier:
keyid:22:C5:FE:B2:D2:5F:AC:4D:D8:BA:A4:F7:1D:8D:C2:26:81:86:A0:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsX-stJfrE3YuqT3HY3CJoGGoDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/lK35uvdrXHf_Flyx2ScJiAEZBSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/d216ed-9a76-4a93-b6a9-468f498faf1c/1/IsX-stJfrE3YuqT3HY3CJoGGoDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.193.70.0/23
178.170.223.0/24
185.190.116.0/22
192.70.196.0/22
IPv6:
2a07:ecc0::/29
Signature Algorithm: sha256WithRSAEncryption
1d:b0:64:da:d0:e8:a6:76:6b:4a:1a:07:62:e3:05:dc:b2:c0:
2f:f5:cc:f1:6a:95:35:e5:8d:c9:ec:2e:6f:0d:67:49:8c:ba:
ef:72:30:19:b6:67:14:8f:c9:1a:ff:b7:d6:bc:76:29:87:10:
0c:5a:4d:3f:12:60:bb:45:84:28:4a:22:eb:16:3a:97:b0:60:
40:5d:d2:3f:24:be:6e:8e:85:60:d1:79:c7:98:a4:a7:ef:ca:
7b:73:ad:08:e8:99:6d:71:19:d0:2d:7f:65:ac:7b:3b:41:5c:
ed:92:be:8d:b8:bd:ff:48:07:ef:b6:ec:2b:4a:e5:26:19:26:
63:0d:70:5c:83:91:7b:17:7f:f2:9b:8f:06:39:2d:98:08:9c:
0e:95:1b:a8:43:6f:67:c1:7b:97:fe:cd:9c:98:46:79:ec:c2:
1d:bc:dc:12:c9:d4:1a:f2:ef:e5:ed:53:61:f3:39:4b:01:ca:
b1:de:2c:56:17:b2:ce:fe:48:da:b4:eb:58:4c:84:7d:5a:7b:
f0:4e:90:58:65:cf:f4:e7:71:5a:d1:60:fe:db:49:ba:93:31:
83:40:0d:cb:d0:15:fc:53:10:81:85:57:77:70:fb:fb:9f:08:
7e:8b:4d:ce:37:19:de:d9:ec:f7:8e:ed:e5:c8:98:4a:43:75:
15:65:8c:c9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVxHlYY9clhqDoFC+IJHDcRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzVmZWIyZDI1ZmFjNGRkOGJhYTRmNzFkOGRjMjI2ODE4
NmEwMzkwHhcNMjMwMTAyMDYxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NGFkZjliYWY3NmI1Yzc3ZmYxNjVjYjFkOTI3MDk4ODAxMTkwNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgePqEJ9gMVESsxDJVufwo1CEGLLA
syWzUHc8RRghYNUw957HqnPEpdsFIZwLDQ0AY38QZv6wUrx0p+0K66w2egjkx7hG
yfv2SU1ptHDfIKgmZ3mK1IQnvgJRTAeVtsEQDaIjuQIrKiCiusGTuf5YuBiscbkv
IX7B+D5aRyC3TJf895CoHkMieMK22fSe20SAB7MDV4uJSJbr3qkcE54P071ICkXI
hBN107N4R34XRWqFj0bsmRDHerMmgK3XrJJdSBxv2MWdKiLbEetCoCnidlXni9XM
YWhiGV2nDIowKsKoOTCP//eMHYJaRRb+u8pSWaGqoSjG6Og/2fOMkajKnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJSt+br3a1x3/xZcsdknCYgBGQUrMB8GA1UdIwQY
MBaAFCLF/rLSX6xN2Lqk9x2NwiaBhqA5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTkt
NDY4ZjQ5OGZhZjFjLzEvbEszNXV2ZHJYSGZfRmx5eDJTY0ppQUVaQlNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9kMjE2ZWQtOWE3Ni00YTkzLWI2YTktNDY4ZjQ5OGZhZjFj
LzEvSXNYLXN0SmZyRTNZdXFUM0hZM0NKb0dHb0RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBVcFGAwQA
sqrfAwQCub50AwQCwEbEMA0EAgACMAcDBQMqB+zAMA0GCSqGSIb3DQEBCwUAA4IB
AQAdsGTa0OimdmtKGgdi4wXcssAv9czxapU15Y3J7C5vDWdJjLrvcjAZtmcUj8ka
/7fWvHYphxAMWk0/EmC7RYQoSiLrFjqXsGBAXdI/JL5ujoVg0XnHmKSn78p7c60I
6JltcRnQLX9lrHs7QVztkr6NuL3/SAfvtuwrSuUmGSZjDXBcg5F7F3/ym48GOS2Y
CJwOlRuoQ29nwXuX/s2cmEZ57MIdvNwSydQa8u/l7VNh8zlLAcqx3ixWF7LO/kja
tOtYTIR9WnvwTpBYZc/053Fa0WD+20m6kzGDQA3L0BX8UxCBhVd3cPv7nwh+i03O
Nxne2ez3ju3lyJhKQ3UVZYzJ
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:47 2024 by rpki-client on console-fra.rpki-client.org