Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jlIsbyU69y9ewdfQXUc9XzN1srg.roa
File: jlIsbyU69y9ewdfQXUc9XzN1srg.roa (raw, json)
Hash identifier: xFxPW3L9RAsoUWSZH3vwdgS4dIi2lRNWRO+nW+OJxT4=
Subject key identifier: 8E:52:2C:6F:25:3A:F7:2F:5E:C1:D7:D0:5D:47:3D:5F:33:75:B2:B8
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018963F7CFAF3B5A3E962368E4EBE9086E61
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jlIsbyU69y9ewdfQXUc9XzN1srg.roa
Signing time: Mon 17 Jul 2023 13:08:52 +0000
ROA not before: Mon 17 Jul 2023 13:08:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
185.247.16.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:63:f7:cf:af:3b:5a:3e:96:23:68:e4:eb:e9:08:6e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jul 17 13:08:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8e522c6f253af72f5ec1d7d05d473d5f3375b2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:7d:00:d3:1a:80:bc:bd:5c:cc:7e:b0:e5:6d:
5f:e8:85:d0:38:26:c8:c4:4e:ab:09:dc:ef:2a:21:
32:22:b8:19:94:df:e1:7a:44:43:bb:c5:2c:99:b6:
4d:34:25:44:bd:eb:8a:2e:2c:55:ac:80:a1:d0:ef:
2d:ee:5d:95:2c:bf:3f:41:76:5f:09:b5:2e:76:ca:
1e:84:cf:17:90:aa:5c:97:7a:f6:36:45:a9:6e:87:
27:59:0a:6c:99:b0:8b:ab:65:c5:59:a1:3d:6b:55:
23:6f:9e:10:a1:4b:24:a9:fb:8b:f9:77:7b:6c:30:
3b:5a:79:4b:94:13:b8:6b:89:1d:54:e1:6d:28:e2:
69:e2:cd:62:d5:5d:76:19:27:c2:7c:4d:87:03:7f:
c7:51:61:32:45:12:6d:c3:95:b0:d7:a8:f6:a1:f3:
ac:27:f3:b1:31:0f:a6:98:75:2f:d4:ba:fb:b2:e0:
41:7d:6f:e6:10:1e:0e:ac:07:e3:cf:99:33:61:c5:
10:a6:2d:00:9e:a9:84:0b:18:f8:6d:24:15:07:b7:
b6:61:dc:3b:87:5e:22:9f:f3:c1:f1:6d:7d:3b:d1:
e4:98:79:e9:7a:c6:1c:71:75:6e:8e:0b:c3:b8:1f:
94:c4:fa:3d:bf:06:eb:f0:f4:fd:56:27:e4:05:d7:
ea:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:52:2C:6F:25:3A:F7:2F:5E:C1:D7:D0:5D:47:3D:5F:33:75:B2:B8
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jlIsbyU69y9ewdfQXUc9XzN1srg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
185.247.16.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
3a:db:47:8c:f4:47:91:bb:ab:f3:49:18:1c:01:b8:58:53:bd:
70:26:80:55:2c:5e:41:84:12:61:bd:86:13:bd:d7:36:49:93:
58:fd:cb:38:a6:cf:74:6e:0b:dc:94:5d:f1:5d:f6:63:ae:14:
bd:d9:f3:80:1d:81:9d:1c:fe:9b:0a:51:95:c1:59:53:78:21:
e3:0b:01:92:9e:0c:18:88:4c:7b:d3:ae:c0:5e:96:ea:65:50:
d7:19:50:ef:d4:33:7a:e9:32:db:61:97:b5:3f:34:ec:44:a9:
ca:e4:40:43:35:a4:f9:cd:65:5f:9e:a3:07:18:60:ba:1f:50:
ca:ee:e1:09:10:1a:75:f3:65:95:7a:1c:f3:58:c5:4e:ee:a4:
68:02:c5:fc:54:33:7c:c6:cf:8a:7d:fb:33:37:b5:c1:e8:00:
a0:9f:15:48:a0:ae:b1:db:09:e7:51:e2:d4:4a:53:60:5f:14:
ee:47:13:f9:8a:14:47:b0:0e:7c:f6:34:ad:65:b4:89:5d:68:
28:40:5b:e0:a5:8a:51:53:4d:67:c2:c2:fb:fb:b0:13:fb:2b:
73:fe:80:7e:48:28:86:87:83:ec:cb:af:49:8d:f4:23:86:90:
ed:61:f1:f5:4b:34:1d:6f:cb:17:04:2e:00:c5:cb:15:ba:75:
43:01:5c:2a
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYlj98+vO1o+liNo5OvpCG5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNzE3MTMwODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTUyMmM2ZjI1M2FmNzJmNWVjMWQ3ZDA1ZDQ3M2Q1ZjMzNzViMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApn0A0xqAvL1czH6w5W1f6IXQOCbI
xE6rCdzvKiEyIrgZlN/hekRDu8UsmbZNNCVEveuKLixVrICh0O8t7l2VLL8/QXZf
CbUudsoehM8XkKpcl3r2NkWpbocnWQpsmbCLq2XFWaE9a1Ujb54QoUskqfuL+Xd7
bDA7WnlLlBO4a4kdVOFtKOJp4s1i1V12GSfCfE2HA3/HUWEyRRJtw5Ww16j2ofOs
J/OxMQ+mmHUv1Lr7suBBfW/mEB4OrAfjz5kzYcUQpi0AnqmECxj4bSQVB7e2Ydw7
h14in/PB8W19O9HkmHnpesYccXVujgvDuB+UxPo9vwbr8PT9VifkBdfq0wIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFI5SLG8lOvcvXsHX0F1HPV8zdbK4MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvamxJc2J5VTY5eTlld2RmUVhVYzlYek4xc3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTB+BAIAATB4AwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAufcQAwQAvOEOAwQAvOE8AwQAwclzAwQCwiN0AwQA2Rlb
AwQA2RlfAwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQEL
BQADggEBADrbR4z0R5G7q/NJGBwBuFhTvXAmgFUsXkGEEmG9hhO91zZJk1j9yzim
z3RuC9yUXfFd9mOuFL3Z84AdgZ0c/psKUZXBWVN4IeMLAZKeDBiITHvTrsBelupl
UNcZUO/UM3rpMtthl7U/NOxEqcrkQEM1pPnNZV+eowcYYLofUMru4QkQGnXzZZV6
HPNYxU7upGgCxfxUM3zGz4p9+zM3tcHoAKCfFUigrrHbCedR4tRKU2BfFO5HE/mK
FEewDnz2NK1ltIldaChAW+ClilFTTWfCwvv7sBP7K3P+gH5IKIaHg+zLr0mN9COG
kO1h8fVLNB1vyxcELgDFyxW6dUMBXCo=
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:57:14 2024 by rpki-client on console-fra.rpki-client.org