Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZJZtm6y8jPCxmVDD-Ef8rQmSMs.roa
File: _ZJZtm6y8jPCxmVDD-Ef8rQmSMs.roa (raw, json)
Hash identifier: Xm3cgdurB5HKttomeEox56BOWeZ4xMoflHngp3aTI4g=
Subject key identifier: FD:92:59:B6:6E:B2:F2:33:C2:C6:65:43:0F:E1:1F:F2:B4:26:48:CB
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01856D81E09081D5E64070AA01A46509616C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZJZtm6y8jPCxmVDD-Ef8rQmSMs.roa
Signing time: Sun 01 Jan 2023 13:25:06 +0000
ROA not before: Sun 01 Jan 2023 13:25:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34368
IP address blocks: 91.92.240.0/24 maxlen: 24
91.92.246.0/24 maxlen: 24
91.92.244.0/24 maxlen: 24
91.92.245.0/24 maxlen: 24
91.92.241.0/24 maxlen: 24
91.92.248.0/24 maxlen: 24
91.92.247.0/24 maxlen: 24
91.92.251.0/24 maxlen: 24
91.92.249.0/24 maxlen: 24
85.217.192.0/24 maxlen: 24
85.217.196.0/23 maxlen: 23
85.217.194.0/24 maxlen: 24
85.217.198.0/24 maxlen: 24
85.217.195.0/24 maxlen: 24
85.217.193.0/24 maxlen: 24
85.217.199.0/24 maxlen: 24
85.217.200.0/22 maxlen: 22
85.217.204.0/22 maxlen: 22
2a00:1728:18::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:81:e0:90:81:d5:e6:40:70:aa:01:a4:65:09:61:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 1 13:25:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fd9259b66eb2f233c2c665430fe11ff2b42648cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a3:ad:44:02:cb:2d:9d:a6:50:15:60:fc:a9:
99:84:44:53:b4:35:a8:dc:d0:59:37:9e:43:4f:4c:
a7:fd:c7:84:81:68:42:11:de:bf:6c:2e:4f:65:c0:
95:e1:a8:24:5d:00:26:77:5c:41:0b:2a:f0:57:86:
24:55:41:17:a8:78:03:5f:c7:74:ad:30:b4:e5:e4:
dd:82:21:25:db:4f:90:42:96:81:1b:f8:40:dc:c2:
85:6d:4a:31:b9:7e:2a:8e:81:41:6c:c0:4b:23:3d:
ab:38:c0:c2:cd:f5:b5:10:02:36:f4:c6:07:ba:ba:
fe:29:aa:72:b3:01:0a:14:ca:d4:d9:72:14:84:b5:
fa:bb:5d:ef:68:4c:7f:f4:37:55:c3:9f:9e:16:63:
bb:b4:ce:26:dd:15:14:63:67:39:66:f2:66:81:9d:
10:b1:11:1e:a4:63:a9:73:84:48:a4:c7:aa:f6:cc:
f7:9b:98:4e:b8:f3:48:49:f6:fa:08:f6:ac:95:78:
8c:f8:3d:19:0c:5c:b0:2b:2e:90:6d:0a:bd:70:83:
1d:94:c2:00:f0:ea:9e:db:9b:67:f7:58:10:e8:47:
42:07:f9:4b:30:01:00:50:b6:c7:ca:ac:62:2e:ea:
b7:d8:61:7f:6b:68:07:75:26:d1:02:d4:14:21:93:
b7:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:92:59:B6:6E:B2:F2:33:C2:C6:65:43:0F:E1:1F:F2:B4:26:48:CB
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/_ZJZtm6y8jPCxmVDD-Ef8rQmSMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.192.0/20
91.92.240.0/23
91.92.244.0-91.92.249.255
91.92.251.0/24
IPv6:
2a00:1728:18::/48
Signature Algorithm: sha256WithRSAEncryption
9c:36:19:78:e6:7b:89:a9:a0:ef:69:4d:cf:26:94:3e:3e:33:
22:25:7b:3b:88:c6:e7:f8:37:1b:ea:eb:f1:18:86:38:c3:30:
22:69:d3:03:b9:40:65:3e:ea:39:cb:43:1f:bc:29:df:09:2a:
40:0c:d0:84:85:ce:97:cf:73:c7:67:11:2f:20:8c:bf:25:f7:
1d:05:3b:7a:f6:87:c1:68:fd:c6:b6:d6:d2:fb:66:6c:37:82:
16:60:7e:fd:f9:bd:3c:e8:da:a0:9d:b5:cf:8b:f0:52:1e:82:
24:f0:fc:23:99:52:79:58:35:a4:5d:a5:c9:a5:6b:4d:36:a9:
ec:49:58:2f:06:f8:eb:24:ad:88:22:e7:e6:64:84:06:29:af:
2c:11:17:eb:22:d5:9a:85:ef:34:df:f5:87:5e:67:9c:1b:af:
31:79:53:87:eb:5f:3d:db:0e:cf:f1:17:4e:d7:6b:68:8e:9a:
4c:2a:a1:06:e7:4d:31:9e:45:4f:22:06:90:4f:1a:d9:78:7c:
e8:d8:be:c3:f6:8a:32:0f:26:5e:9f:21:fd:ca:af:98:09:2b:
2b:00:f6:c4:4b:72:a9:3c:7c:18:78:b2:b2:0b:50:4b:1e:7e:
83:1a:18:fb:8a:04:65:76:4d:54:9c:23:99:9d:22:92:38:ef:
4c:b9:a3:8c
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYVtgeCQgdXmQHCqAaRlCWFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjMwMTAxMTMyNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkyNTliNjZlYjJmMjMzYzJjNjY1NDMwZmUxMWZmMmI0MjY0OGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKOtRALLLZ2mUBVg/KmZhERTtDWo
3NBZN55DT0yn/ceEgWhCEd6/bC5PZcCV4agkXQAmd1xBCyrwV4YkVUEXqHgDX8d0
rTC05eTdgiEl20+QQpaBG/hA3MKFbUoxuX4qjoFBbMBLIz2rOMDCzfW1EAI29MYH
urr+KapyswEKFMrU2XIUhLX6u13vaEx/9DdVw5+eFmO7tM4m3RUUY2c5ZvJmgZ0Q
sREepGOpc4RIpMeq9sz3m5hOuPNISfb6CPaslXiM+D0ZDFywKy6QbQq9cIMdlMIA
8Oqe25tn91gQ6EdCB/lLMAEAULbHyqxiLuq32GF/a2gHdSbRAtQUIZO3ewIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFP2SWbZusvIzwsZlQw/hH/K0JkjLMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvX1pKWnRtNnk4alBDeG1WREQtRWY4clFtU01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgAwQEVdnAAwQB
W1zwMAwDBAJbXPQDBAFbXPgDBABbXPswDwQCAAIwCQMHACoAFygAGDANBgkqhkiG
9w0BAQsFAAOCAQEAnDYZeOZ7iamg72lNzyaUPj4zIiV7O4jG5/g3G+rr8RiGOMMw
ImnTA7lAZT7qOctDH7wp3wkqQAzQhIXOl89zx2cRLyCMvyX3HQU7evaHwWj9xrbW
0vtmbDeCFmB+/fm9POjaoJ21z4vwUh6CJPD8I5lSeVg1pF2lyaVrTTap7ElYLwb4
6yStiCLn5mSEBimvLBEX6yLVmoXvNN/1h15nnBuvMXlTh+tfPdsOz/EXTtdraI6a
TCqhBudNMZ5FTyIGkE8a2Xh86Ni+w/aKMg8mXp8h/cqvmAkrKwD2xEtyqTx8GHiy
sgtQSx5+gxoY+4oEZXZNVJwjmZ0ikjjvTLmjjA==
-----END CERTIFICATE-----
Generated at Mon Sep 4 10:49:40 2023 by rpki-client on console-fra.rpki-client.org