Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/f1ZzG765iXGpW3tlarL_sP6ZNxY.roa
File: f1ZzG765iXGpW3tlarL_sP6ZNxY.roa (raw, json)
Hash identifier: /GjfFKu6IGD05CEnsnxnCb2YQ58aTdyLzEsnE5LkPnw=
Subject key identifier: 7F:56:73:1B:BE:B9:89:71:A9:5B:7B:65:6A:B2:FF:B0:FE:99:37:16
Certificate issuer: /CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Certificate serial: 01887B5C621CEB5A0E077D35F77A360F746D
Authority key identifier: 0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/f1ZzG765iXGpW3tlarL_sP6ZNxY.roa
Signing time: Fri 02 Jun 2023 09:07:11 +0000
ROA not before: Fri 02 Jun 2023 09:07:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42807
IP address blocks: 94.199.200.0/23 maxlen: 23
94.199.200.0/22 maxlen: 22
94.199.205.0/24 maxlen: 24
94.199.204.0/24 maxlen: 24
94.199.206.0/24 maxlen: 24
94.199.207.0/24 maxlen: 24
141.98.204.0/22 maxlen: 22
88.218.129.0/24 maxlen: 24
88.218.128.0/24 maxlen: 24
88.218.131.0/24 maxlen: 24
88.218.130.0/24 maxlen: 24
5.253.140.0/22 maxlen: 22
152.89.36.0/22 maxlen: 22
37.230.104.0/21 maxlen: 21
37.230.106.0/23 maxlen: 23
37.230.110.0/23 maxlen: 23
92.119.76.0/22 maxlen: 22
178.157.8.0/21 maxlen: 21
185.99.196.0/22 maxlen: 22
185.15.40.0/22 maxlen: 22
31.207.84.0/24 maxlen: 24
31.207.83.0/24 maxlen: 24
31.207.85.0/24 maxlen: 24
31.207.80.0/24 maxlen: 24
31.207.82.0/24 maxlen: 24
31.207.81.0/24 maxlen: 24
31.207.87.0/24 maxlen: 24
31.207.86.0/24 maxlen: 24
213.159.0.0/21 maxlen: 21
213.159.28.0/22 maxlen: 22
213.159.31.0/24 maxlen: 24
171.22.184.0/22 maxlen: 22
109.232.216.0/21 maxlen: 21
109.232.216.0/23 maxlen: 23
109.232.219.0/24 maxlen: 24
109.232.218.0/24 maxlen: 24
109.232.222.0/24 maxlen: 24
109.232.221.0/24 maxlen: 24
109.232.223.0/24 maxlen: 24
2a03:adc0:1::/48 maxlen: 48
2a03:adc1::/32 maxlen: 32
2a03:adc0:2::/48 maxlen: 48
2a03:adc0::/48 maxlen: 48
2a03:adc2::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:7b:5c:62:1c:eb:5a:0e:07:7d:35:f7:7a:36:0f:74:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff8f94454f6ca6a7d70be455b2d6405f98fbcce
Validity
Not Before: Jun 2 09:07:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f56731bbeb98971a95b7b656ab2ffb0fe993716
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f5:2e:50:38:9e:b5:9c:e5:3d:5f:19:4d:7f:
36:43:75:4a:60:5c:46:ee:70:09:66:e9:93:5d:99:
b6:90:96:46:cb:df:18:1b:21:94:2e:ae:d0:49:4f:
7f:a0:d2:38:d2:2b:2a:2f:28:38:22:b6:74:ab:fc:
70:1b:9a:d7:37:91:9b:9b:bf:cb:28:6f:bf:e4:32:
47:63:4b:6e:a4:a0:6a:55:82:6c:64:65:13:f6:ad:
48:f2:3f:41:7e:af:9f:50:0d:e2:e0:e6:1b:95:fc:
2a:41:35:d6:f2:ef:8c:04:ea:63:cd:de:52:b4:44:
85:23:6d:8c:60:f5:3e:40:58:32:a2:eb:33:0d:a2:
2f:2b:84:7d:f5:74:3a:7f:74:99:a9:61:3d:26:16:
73:29:cb:e3:75:89:80:ab:65:58:44:c8:dc:4f:1c:
20:3a:be:17:c7:f3:08:95:9d:53:1f:11:ed:d0:22:
21:b1:2d:20:1d:6e:ff:fd:b4:ea:84:83:e4:2b:cf:
7e:1e:d9:d8:1c:dd:6a:cc:1f:03:96:e6:00:c8:b6:
b8:6e:3b:a2:d7:f0:8d:d5:09:72:a6:60:5f:12:92:
90:68:16:61:fb:29:0d:5a:29:1a:28:64:ab:44:63:
9d:77:cc:22:fb:52:a9:3f:8e:77:d7:61:fa:af:ab:
cc:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:56:73:1B:BE:B9:89:71:A9:5B:7B:65:6A:B2:FF:B0:FE:99:37:16
X509v3 Authority Key Identifier:
keyid:0F:F8:F9:44:54:F6:CA:6A:7D:70:BE:45:5B:2D:64:05:F9:8F:BC:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_j5RFT2ymp9cL5FWy1kBfmPvM4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/f1ZzG765iXGpW3tlarL_sP6ZNxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1b1df-750a-4732-b783-e8619aa75680/1/D_j5RFT2ymp9cL5FWy1kBfmPvM4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.140.0/22
31.207.80.0/21
37.230.104.0/21
88.218.128.0/22
92.119.76.0/22
94.199.200.0/21
109.232.216.0/21
141.98.204.0/22
152.89.36.0/22
171.22.184.0/22
178.157.8.0/21
185.15.40.0/22
185.99.196.0/22
213.159.0.0/21
213.159.28.0/22
IPv6:
2a03:adc0::-2a03:adc0:2:ffff:ffff:ffff:ffff:ffff
2a03:adc1::-2a03:adc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3c:db:1b:96:dc:ea:bd:f9:1a:ef:a4:e1:3d:8a:19:34:2d:01:
55:7b:ac:ca:4d:36:21:a3:85:a7:38:c7:a4:5a:63:a5:b0:5f:
d8:5a:69:a5:8c:76:01:d9:ec:44:54:82:53:3c:ea:ce:4d:b3:
71:17:94:8f:de:b0:bc:30:13:67:32:50:62:cb:81:69:f3:9f:
69:5b:23:91:85:4f:52:e0:00:46:ea:03:28:09:22:12:d6:42:
94:14:21:a0:d2:b3:43:e5:5c:c5:fc:d0:a9:00:33:ca:6a:1b:
19:ac:af:88:a6:ed:85:81:e3:cd:06:7f:f0:b7:d6:92:45:d4:
75:71:88:84:52:b5:3e:25:8d:65:47:8f:14:d3:7e:33:0b:51:
9b:36:ba:2c:5e:62:a4:42:19:d6:39:4e:d4:a9:ad:1d:2e:42:
77:33:64:17:10:8d:aa:31:d7:19:2a:33:9e:b7:11:4b:18:87:
0f:bd:85:3a:f1:d3:01:e6:60:e1:c6:c4:46:d7:6a:fc:dd:34:
1a:4e:66:ed:94:0a:1f:42:fa:79:69:48:2f:8c:68:65:72:34:
38:30:ae:32:19:2e:c8:fc:79:62:d5:f0:c6:28:ed:8c:af:4c:
7c:b0:ac:e2:67:3a:e4:b5:1d:6f:f3:1d:55:7e:6f:9b:dc:5c:
a1:70:da:40
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAYh7XGIc61oOB30193o2D3RtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjhmOTQ0NTRmNmNhNmE3ZDcwYmU0NTViMmQ2NDA1Zjk4
ZmJjY2UwHhcNMjMwNjAyMDkwNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjU2NzMxYmJlYjk4OTcxYTk1YjdiNjU2YWIyZmZiMGZlOTkzNzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/UuUDietZzlPV8ZTX82Q3VKYFxG
7nAJZumTXZm2kJZGy98YGyGULq7QSU9/oNI40isqLyg4IrZ0q/xwG5rXN5Gbm7/L
KG+/5DJHY0tupKBqVYJsZGUT9q1I8j9Bfq+fUA3i4OYblfwqQTXW8u+MBOpjzd5S
tESFI22MYPU+QFgyouszDaIvK4R99XQ6f3SZqWE9JhZzKcvjdYmAq2VYRMjcTxwg
Or4Xx/MIlZ1THxHt0CIhsS0gHW7//bTqhIPkK89+HtnYHN1qzB8DluYAyLa4bjui
1/CN1QlypmBfEpKQaBZh+ykNWikaKGSrRGOdd8wi+1KpP45312H6r6vMCwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFH9Wcxu+uYlxqVt7ZWqy/7D+mTcWMB8GA1UdIwQY
MBaAFA/4+URU9spqfXC+RVstZAX5j7zOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMt
ZTg2MTlhYTc1NjgwLzEvZjFaekc3NjVpWEdwVzN0bGFyTF9zUDZaTnhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMWIxZGYtNzUwYS00NzMyLWI3ODMtZTg2MTlhYTc1Njgw
LzEvRF9qNVJGVDJ5bXA5Y0w1Rld5MWtCZm1Qdk00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDBgBAIAATBaAwQCBf2M
AwQDH89QAwQDJeZoAwQCWNqAAwQCXHdMAwQDXsfIAwQDbejYAwQCjWLMAwQCmFkk
AwQCqxa4AwQDsp0IAwQCuQ8oAwQCuWPEAwQD1Z8AAwQC1Z8cMCgEAgACMCIwEAMF
BioDrcADBwAqA63AAAIwDgMFACoDrcEDBQAqA63CMA0GCSqGSIb3DQEBCwUAA4IB
AQA82xuW3Oq9+RrvpOE9ihk0LQFVe6zKTTYho4WnOMekWmOlsF/YWmmljHYB2exE
VIJTPOrOTbNxF5SP3rC8MBNnMlBiy4Fp859pWyORhU9S4ABG6gMoCSIS1kKUFCGg
0rND5VzF/NCpADPKahsZrK+Ipu2FgePNBn/wt9aSRdR1cYiEUrU+JY1lR48U034z
C1GbNrosXmKkQhnWOU7Uqa0dLkJ3M2QXEI2qMdcZKjOetxFLGIcPvYU68dMB5mDh
xsRG12r83TQaTmbtlAofQvp5aUgvjGhlcjQ4MK4yGS7I/Hli1fDGKO2Mr0x8sKzi
ZzrktR1v8x1Vfm+b3FyhcNpA
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:18:41 2024 by rpki-client on console-ams.rpki-client.org