Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/CZ69mgQI5T8UPrq_vpazg5fAPlU.roa
File: CZ69mgQI5T8UPrq_vpazg5fAPlU.roa (raw, json)
Hash identifier: bnagBEs4Um3v3OU0oz3uyDO79tSHfLJDZSPILivSCBk=
Subject key identifier: 09:9E:BD:9A:04:08:E5:3F:14:3E:BA:BF:BE:96:B3:83:97:C0:3E:55
Certificate issuer: /CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Certificate serial: 01895459B2AC5F6A8F634127CB714B9833E0
Authority key identifier: E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/CZ69mgQI5T8UPrq_vpazg5fAPlU.roa
Signing time: Fri 14 Jul 2023 12:21:51 +0000
ROA not before: Fri 14 Jul 2023 12:21:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42514
IP address blocks: 46.22.240.0/20 maxlen: 20
95.141.176.0/20 maxlen: 20
178.17.128.0/20 maxlen: 20
89.232.180.0/22 maxlen: 22
213.166.76.0/22 maxlen: 22
128.204.160.0/19 maxlen: 19
185.12.84.0/22 maxlen: 22
94.102.16.0/20 maxlen: 20
2a02:2648::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:54:59:b2:ac:5f:6a:8f:63:41:27:cb:71:4b:98:33:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Validity
Not Before: Jul 14 12:21:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099ebd9a0408e53f143ebabfbe96b38397c03e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:e3:4e:b7:4c:e6:06:4c:8f:44:5c:09:24:f3:
73:83:95:3a:c7:ba:56:6e:3d:fa:dd:5b:57:2c:c2:
6a:0f:76:cd:f2:41:fc:2f:24:d2:d1:13:08:d7:fd:
c4:7d:d8:fa:55:f1:ee:1b:df:23:5b:24:24:b7:54:
fe:5b:f5:d0:49:af:24:32:ab:a9:4a:93:0f:f7:1d:
9d:09:86:7d:63:b3:32:6f:8a:b1:a3:aa:b8:51:6b:
ad:97:18:3b:4d:ca:08:cd:46:20:bc:40:cb:80:69:
3e:ba:97:58:71:bc:97:c8:31:cb:f5:ad:db:1d:30:
cb:09:eb:a2:33:ff:fb:e8:c9:0a:ca:fe:5b:8f:f0:
d3:5f:c8:02:48:0e:d3:0f:a8:fe:e8:b9:a1:4e:f4:
3c:7f:a3:56:6d:5d:a0:64:61:b0:5c:c4:9c:3c:28:
33:c3:4b:d1:30:fc:ca:cb:fb:9c:d8:b8:e0:bd:00:
3f:c9:1d:ac:09:d6:62:6a:63:ca:8d:81:ba:45:ce:
ed:df:1e:f9:76:5c:f2:fd:c7:f1:f5:5c:5e:df:9b:
77:53:0f:34:87:9e:29:91:e0:6d:55:fa:a7:1f:c2:
02:bb:ba:cf:9c:72:6a:16:a9:00:95:dc:7d:42:77:
62:61:c6:1f:d3:b9:ae:c1:aa:b1:2f:15:f7:59:b6:
3b:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9E:BD:9A:04:08:E5:3F:14:3E:BA:BF:BE:96:B3:83:97:C0:3E:55
X509v3 Authority Key Identifier:
keyid:E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/CZ69mgQI5T8UPrq_vpazg5fAPlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.240.0/20
89.232.180.0/22
94.102.16.0/20
95.141.176.0/20
128.204.160.0/19
178.17.128.0/20
185.12.84.0/22
213.166.76.0/22
IPv6:
2a02:2648::/29
Signature Algorithm: sha256WithRSAEncryption
20:bc:30:af:6c:df:cc:17:41:d8:4e:3d:ff:30:48:8e:25:95:
38:e6:c0:46:4f:ac:27:ca:31:e8:9a:13:6e:f7:7c:4c:e2:fa:
f7:da:91:46:ca:db:5f:89:07:ae:10:2d:44:73:83:36:8d:cf:
00:78:59:05:72:61:3e:8f:30:1b:35:63:c0:ce:de:a2:80:ee:
bc:1d:00:fa:a8:5c:8c:de:06:67:23:3e:7d:ac:35:b3:f5:ce:
bc:9d:41:93:d0:6b:9c:b5:a3:68:21:fa:30:66:48:b9:aa:5b:
c3:0e:32:56:d8:32:f1:a5:b7:14:f6:3d:be:3b:41:93:d4:e9:
42:4c:9d:c4:b4:81:97:fb:ec:0a:58:24:1c:8a:89:2c:09:e5:
8a:6a:95:43:de:07:b0:68:51:09:a8:8a:33:09:db:1d:a9:1a:
4c:9a:01:34:c8:e1:8f:93:38:50:4a:c7:94:10:6c:48:c1:a0:
4c:b7:13:38:00:22:da:61:78:c7:d2:a5:ae:27:a2:7b:86:99:
47:1e:1f:b9:0e:e0:8e:52:7e:eb:ff:64:16:6f:fa:eb:ff:84:
d2:78:45:39:45:8c:a3:f5:7a:9a:59:75:4a:eb:84:7b:86:4f:
1e:34:ad:74:be:60:7e:75:c8:3e:48:7d:99:43:60:bf:03:b2:
28:44:6d:ed
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYlUWbKsX2qPY0Eny3FLmDPgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTZjNDMzNjQwMDNlYzNmN2Y3YzZlYTgxNTdiOGE1MGY0
NDBlY2MwHhcNMjMwNzE0MTIyMTUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTllYmQ5YTA0MDhlNTNmMTQzZWJhYmZiZTk2YjM4Mzk3YzAzZTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo+NOt0zmBkyPRFwJJPNzg5U6x7pW
bj363VtXLMJqD3bN8kH8LyTS0RMI1/3Efdj6VfHuG98jWyQkt1T+W/XQSa8kMqup
SpMP9x2dCYZ9Y7Myb4qxo6q4UWutlxg7TcoIzUYgvEDLgGk+updYcbyXyDHL9a3b
HTDLCeuiM//76MkKyv5bj/DTX8gCSA7TD6j+6LmhTvQ8f6NWbV2gZGGwXMScPCgz
w0vRMPzKy/uc2LjgvQA/yR2sCdZiamPKjYG6Rc7t3x75dlzy/cfx9Vxe35t3Uw80
h54pkeBtVfqnH8ICu7rPnHJqFqkAldx9QndiYcYf07muwaqxLxX3WbY7XwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFAmevZoECOU/FD66v76Ws4OXwD5VMB8GA1UdIwQY
MBaAFOCWxDNkAD7D9/fG6oFXuKUPRA7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2Ut
M2E4NWVlNGM4OWJjLzEvQ1o2OW1nUUk1VDhVUHJxX3ZwYXpnNWZBUGxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2UtM2E4NWVlNGM4OWJj
LzEvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQELhbwAwQC
Wei0AwQEXmYQAwQEX42wAwQFgMygAwQEshGAAwQCuQxUAwQC1aZMMA0EAgACMAcD
BQMqAiZIMA0GCSqGSIb3DQEBCwUAA4IBAQAgvDCvbN/MF0HYTj3/MEiOJZU45sBG
T6wnyjHomhNu93xM4vr32pFGyttfiQeuEC1Ec4M2jc8AeFkFcmE+jzAbNWPAzt6i
gO68HQD6qFyM3gZnIz59rDWz9c68nUGT0GuctaNoIfowZki5qlvDDjJW2DLxpbcU
9j2+O0GT1OlCTJ3EtIGX++wKWCQcioksCeWKapVD3gewaFEJqIozCdsdqRpMmgE0
yOGPkzhQSseUEGxIwaBMtxM4ACLaYXjH0qWuJ6J7hplHHh+5DuCOUn7r/2QWb/rr
/4TSeEU5RYyj9XqaWXVK64R7hk8eNK10vmB+dcg+SH2ZQ2C/A7IoRG3t
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:27 2024 by rpki-client on console-ams.rpki-client.org