Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/eN8RlvzLcZvkHo8XVXFUKqtpFIg.roa
File: eN8RlvzLcZvkHo8XVXFUKqtpFIg.roa (raw, json)
Hash identifier: haVhYSdKzRepZWlol4ntkEnkKTy+/AdjMbzBgR3B/Es=
Subject key identifier: 78:DF:11:96:FC:CB:71:9B:E4:1E:8F:17:55:71:54:2A:AB:69:14:88
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 0185CF8ACB7247DFDA6547141EC739BD1575
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/eN8RlvzLcZvkHo8XVXFUKqtpFIg.roa
Signing time: Fri 20 Jan 2023 14:17:37 +0000
ROA not before: Fri 20 Jan 2023 14:17:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202425
IP address blocks: 89.248.161.0/24 maxlen: 24
89.248.162.0/24 maxlen: 24
89.248.160.0/24 maxlen: 24
89.248.165.0/24 maxlen: 24
89.248.166.0/24 maxlen: 24
89.248.163.0/24 maxlen: 24
89.248.164.0/24 maxlen: 24
89.248.168.0/24 maxlen: 24
89.248.169.0/24 maxlen: 24
89.248.167.0/24 maxlen: 24
89.248.172.0/24 maxlen: 24
89.248.170.0/24 maxlen: 24
89.248.171.0/24 maxlen: 24
89.248.173.0/24 maxlen: 24
89.248.174.0/24 maxlen: 24
94.102.48.0/24 maxlen: 24
94.102.49.0/24 maxlen: 24
94.102.50.0/24 maxlen: 24
93.174.89.0/24 maxlen: 24
93.174.90.0/24 maxlen: 24
93.174.88.0/24 maxlen: 24
93.174.91.0/24 maxlen: 24
93.174.94.0/24 maxlen: 24
93.174.95.0/24 maxlen: 24
93.174.93.0/24 maxlen: 24
93.174.92.0/24 maxlen: 24
80.82.79.0/24 maxlen: 24
80.82.64.0/24 maxlen: 24
80.82.67.0/24 maxlen: 24
80.82.65.0/24 maxlen: 24
80.82.66.0/24 maxlen: 24
80.82.70.0/24 maxlen: 24
80.82.68.0/24 maxlen: 24
80.82.69.0/24 maxlen: 24
80.82.77.0/24 maxlen: 24
80.82.78.0/24 maxlen: 24
80.82.76.0/24 maxlen: 24
2a02:6c8:8000::/33 maxlen: 33
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cf:8a:cb:72:47:df:da:65:47:14:1e:c7:39:bd:15:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 20 14:17:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=78df1196fccb719be41e8f175571542aab691488
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:0b:f4:5a:73:7b:64:3c:8c:5f:7b:43:39:91:
b7:13:e8:f7:47:cc:98:55:7a:2a:d0:0c:4c:e2:0f:
09:52:60:83:e7:8e:c9:62:51:a5:55:02:37:19:55:
b4:48:ae:ee:02:bc:39:c0:77:3d:04:73:a0:8e:34:
ef:17:0d:b5:8c:60:fd:2a:3d:6e:ce:6a:80:7b:78:
29:a9:20:e8:4e:5e:be:2c:e4:6a:77:1c:7c:06:b2:
15:02:d5:8a:8d:44:f1:55:74:94:fe:fe:71:aa:80:
6d:0b:b8:5c:6a:86:9f:c0:07:0d:a4:7b:f4:74:61:
9c:3e:3a:c6:5e:0c:52:32:6d:92:8b:7c:47:d5:5c:
1c:eb:44:b3:a7:f0:38:bd:47:6a:e6:1f:96:c0:21:
78:5b:c3:36:ea:75:ac:08:4c:bf:4e:6f:d1:72:7a:
b4:d6:02:8d:39:42:c5:28:cd:3d:49:10:fc:3c:0f:
cd:a1:a3:61:de:71:60:6d:1a:ae:86:5e:96:a2:3d:
f6:8a:2c:55:a5:55:fd:0c:95:df:66:ed:ff:85:b4:
a6:f2:85:08:a1:ca:7f:bf:96:6f:a0:12:4e:34:2c:
81:86:bc:8d:4f:42:dd:e1:7b:db:cc:c6:f9:87:f3:
cf:c5:20:21:39:71:f5:95:f1:56:43:81:0b:90:4c:
b6:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:DF:11:96:FC:CB:71:9B:E4:1E:8F:17:55:71:54:2A:AB:69:14:88
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/eN8RlvzLcZvkHo8XVXFUKqtpFIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.64.0-80.82.70.255
80.82.76.0/22
89.248.160.0-89.248.174.255
93.174.88.0/21
94.102.48.0-94.102.50.255
IPv6:
2a02:6c8:8000::/33
Signature Algorithm: sha256WithRSAEncryption
7b:b8:ab:d7:ef:3d:0f:2a:07:d7:a8:e0:15:eb:24:fc:44:fe:
63:4f:61:5e:ba:c4:da:b3:c1:a3:4c:1d:61:00:f6:bc:70:af:
7c:2e:11:73:76:14:ca:47:b8:6e:cf:fe:4f:5f:73:44:68:fc:
16:14:fe:a7:2d:bb:70:bd:26:4d:4c:86:85:06:65:c9:a7:8d:
a5:44:cc:5c:e8:b4:62:66:cb:b0:b8:1e:26:d1:f5:c4:3e:25:
ea:da:1e:b4:10:c1:f0:4b:e7:20:12:a9:e0:ad:28:b3:a5:f9:
4c:60:75:74:4c:bf:d1:24:92:54:82:8a:c6:bb:9d:6c:21:fa:
0b:ef:c4:ec:b0:0d:f3:42:a1:af:41:f1:0b:db:cd:24:a3:9a:
ff:7f:30:60:c8:36:f5:4c:c4:59:7b:80:17:1d:b7:c8:ac:17:
75:ca:31:08:ce:06:dd:c1:54:07:fb:a8:45:af:db:b6:6d:a8:
ff:d2:5e:10:cc:a4:41:a0:b0:b0:01:2a:ce:e8:c1:8f:fe:09:
2c:20:e9:31:f0:d7:6b:94:6d:53:bc:52:d8:24:d5:d9:ea:d1:
7b:b5:b6:66:28:38:14:59:85:da:b9:d6:bd:8d:29:27:28:d2:
80:8e:73:33:96:73:c1:4b:72:9e:7a:9a:7a:11:d0:7d:59:c4:
2e:6d:ea:c8
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAYXPistyR9/aZUcUHsc5vRV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjMwMTIwMTQxNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGRmMTE5NmZjY2I3MTliZTQxZThmMTc1NTcxNTQyYWFiNjkxNDg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAv0WnN7ZDyMX3tDOZG3E+j3R8yY
VXoq0AxM4g8JUmCD547JYlGlVQI3GVW0SK7uArw5wHc9BHOgjjTvFw21jGD9Kj1u
zmqAe3gpqSDoTl6+LORqdxx8BrIVAtWKjUTxVXSU/v5xqoBtC7hcaoafwAcNpHv0
dGGcPjrGXgxSMm2Si3xH1Vwc60Szp/A4vUdq5h+WwCF4W8M26nWsCEy/Tm/Rcnq0
1gKNOULFKM09SRD8PA/NoaNh3nFgbRquhl6Woj32iixVpVX9DJXfZu3/hbSm8oUI
ocp/v5ZvoBJONCyBhryNT0Ld4XvbzMb5h/PPxSAhOXH1lfFWQ4ELkEy22QIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFHjfEZb8y3Gb5B6PF1VxVCqraRSIMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvZU44Umx2ekxjWnZrSG84WFZYRlVLcXRwRklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA8BAIAATA2MAwDBAZQUkAD
BABQUkYDBAJQUkwwDAMEBVn4oAMEAFn4rgMEA12uWDAMAwQEXmYwAwQAXmYyMA4E
AgACMAgDBgcqAgbIgDANBgkqhkiG9w0BAQsFAAOCAQEAe7ir1+89DyoH16jgFesk
/ET+Y09hXrrE2rPBo0wdYQD2vHCvfC4Rc3YUyke4bs/+T19zRGj8FhT+py27cL0m
TUyGhQZlyaeNpUTMXOi0YmbLsLgeJtH1xD4l6toetBDB8EvnIBKp4K0os6X5TGB1
dEy/0SSSVIKKxrudbCH6C+/E7LAN80Khr0HxC9vNJKOa/38wYMg29UzEWXuAFx23
yKwXdcoxCM4G3cFUB/uoRa/btm2o/9JeEMykQaCwsAEqzujBj/4JLCDpMfDXa5Rt
U7xS2CTV2erRe7W2Zig4FFmF2rnWvY0pJyjSgI5zM5ZzwUtynnqaehHQfVnELm3q
yA==
-----END CERTIFICATE-----
Generated at Tue Jan 2 15:23:46 2024 by rpki-client on console-ams.rpki-client.org