Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IwxzR-7uoyxPpauDsmbymqWSXFA.roa
File: IwxzR-7uoyxPpauDsmbymqWSXFA.roa (raw, json)
Hash identifier: /Vlre38RC5K5h+8lWdVm3rJFb0wTkgaIG3Ekg98E1vs=
Subject key identifier: 23:0C:73:47:EE:EE:A3:2C:4F:A5:AB:83:B2:66:F2:9A:A5:92:5C:50
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0185BEBD197929C7B2A70D2CB69D790D4EB0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IwxzR-7uoyxPpauDsmbymqWSXFA.roa
Signing time: Tue 17 Jan 2023 07:59:01 +0000
ROA not before: Tue 17 Jan 2023 07:59:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210906
IP address blocks: 159.148.26.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.137.0/24 maxlen: 24
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.104.0/22 maxlen: 22
85.254.112.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.40.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.4.0/24 maxlen: 24
85.254.2.0/24 maxlen: 24
85.254.8.0/21 maxlen: 21
85.254.7.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:be:bd:19:79:29:c7:b2:a7:0d:2c:b6:9d:79:0d:4e:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 17 07:59:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=230c7347eeeea32c4fa5ab83b266f29aa5925c50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9d:b8:3f:10:f4:20:fe:b0:6e:bb:d3:5b:93:
a5:ab:90:f4:0b:ee:29:fd:de:b8:41:c5:7e:89:d8:
2f:34:8d:8d:90:97:1b:40:04:4e:c9:63:fa:1f:9e:
a0:30:96:4b:ec:a3:f1:06:96:6b:fd:02:c1:d1:12:
26:9c:1b:f1:6b:fb:9e:e8:e4:86:bd:fb:58:5b:ae:
36:67:ec:6a:b7:31:da:af:c7:25:9f:dd:53:ba:f0:
7a:60:ee:bd:cd:10:3e:fb:3b:c8:cc:7b:a9:dd:43:
a4:88:20:d1:0b:20:df:74:07:9f:41:c2:af:ab:72:
57:b0:97:09:6b:73:4b:83:6f:d4:f8:74:99:c8:8c:
f9:c1:61:7b:90:fa:6e:8b:3c:c6:7e:d5:74:b5:3e:
d9:ea:f0:5b:df:6d:15:33:ea:72:d5:eb:ff:8c:f3:
7d:d4:67:9e:e5:5d:06:7f:63:a2:58:67:cb:26:53:
31:02:44:35:c4:39:c0:fd:50:3d:a0:e0:7e:7d:32:
77:f7:db:d2:37:48:94:02:f1:a3:2e:d5:4b:b1:58:
05:d8:a9:f6:91:39:b2:40:b6:e6:c2:10:3c:04:68:
12:76:46:a6:98:d7:2d:8c:81:42:cf:9b:bb:73:03:
e3:c9:ea:a7:08:bb:c1:eb:9a:fa:cb:9b:da:a1:64:
30:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0C:73:47:EE:EE:A3:2C:4F:A5:AB:83:B2:66:F2:9A:A5:92:5C:50
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/IwxzR-7uoyxPpauDsmbymqWSXFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0-85.254.15.255
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.103.0-85.254.119.255
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.222.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
5b:ed:ad:12:83:16:08:86:ba:08:e1:82:93:37:e9:05:5a:2f:
f3:cd:c2:e5:67:d5:13:e4:b9:40:5b:be:9f:5a:bf:2e:1f:47:
bf:72:f7:2b:e1:8d:49:48:f6:d4:1e:3f:c6:a3:f1:6f:63:90:
a6:bb:aa:60:08:1f:49:e6:f8:23:a2:94:58:43:60:2e:b4:f1:
31:cb:be:da:d8:fd:a4:47:b3:d9:2a:19:4e:1b:0c:ed:04:f4:
5a:03:12:f5:bd:69:60:d6:e6:ec:ad:b6:1d:6d:cb:20:93:02:
94:8a:2c:9a:17:60:27:2b:10:4e:c6:cc:07:f2:99:8e:fc:31:
70:ab:81:8b:93:30:7b:8e:07:ae:87:6d:d3:f0:ea:8d:ee:94:
8f:22:88:4f:c7:4b:e8:42:71:15:df:63:cb:98:c3:ea:e8:8b:
7e:2b:7c:35:ec:dc:c0:02:c2:ad:92:8a:dd:02:83:49:71:f4:
63:a1:e6:98:66:1b:09:3b:37:8a:78:23:73:d9:ee:c4:4b:5a:
6a:04:ec:f9:31:b4:65:e9:b6:f5:16:1f:ac:fa:60:fa:c7:55:
aa:14:1f:be:f0:a0:b0:b6:a3:90:7d:8e:f3:ed:07:11:6d:b5:
cf:6d:b0:6b:bd:57:c0:52:74:db:e1:9d:58:3e:cb:b1:c9:c0:
e6:82:7a:bb
-----BEGIN CERTIFICATE-----
MIIGbTCCBVWgAwIBAgISAYW+vRl5Kceypw0stp15DU6wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjMwMTE3MDc1OTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBjNzM0N2VlZWVhMzJjNGZhNWFiODNiMjY2ZjI5YWE1OTI1YzUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZ24PxD0IP6wbrvTW5Olq5D0C+4p
/d64QcV+idgvNI2NkJcbQAROyWP6H56gMJZL7KPxBpZr/QLB0RImnBvxa/ue6OSG
vftYW642Z+xqtzHar8cln91TuvB6YO69zRA++zvIzHup3UOkiCDRCyDfdAefQcKv
q3JXsJcJa3NLg2/U+HSZyIz5wWF7kPpuizzGftV0tT7Z6vBb320VM+py1ev/jPN9
1Gee5V0Gf2OiWGfLJlMxAkQ1xDnA/VA9oOB+fTJ399vSN0iUAvGjLtVLsVgF2Kn2
kTmyQLbmwhA8BGgSdkammNctjIFCz5u7cwPjyeqnCLvB65r6y5vaoWQw6wIDAQAB
o4IDeTCCA3UwHQYDVR0OBBYEFCMMc0fu7qMsT6Wrg7Jm8pqlklxQMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvSXd4elItN3VveXhQcGF1RHNtYnltcVdTWEZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBjQYIKwYBBQUHAQcBAf8EggF8MIIBeDCCAXQEAgABMIIB
bAMEAFX+AgMEAFX+BDAMAwQAVf4HAwQEVf4AMAwDBABV/h0DBABV/h4DBABV/igD
BAFV/ioDBABV/jMDBABV/jswDAMEAVX+PgMEAVX+QAMEAlX+TAMEAVX+VDAMAwQA
Vf5nAwQDVf5wMAwDBAFV/noDBABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+
jAMEAVX+rjAMAwQBVf6yAwQBVf60AwQAn5QaAwQAn5Q2AwQAn5Q+AwQAn5RCAwQA
n5RtAwQAn5R+AwQAn5SAAwQAn5SCAwQAn5SKAwQAn5SWMAwDBACflJ0DBACflJ4D
BACflKMDBAGflKYDBACflKkDBACflLEwDAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U
2AMEAJ+U2gMEAJ+U3gMEAJ+U6gMEAJ+U7AMEAJ+U7wMEAJ+U8TAMAwQBn5T2AwQA
n5T4AwQCuRtcAwQA2UV5MAwDBADZRX0DBAfZRQAwDQYJKoZIhvcNAQELBQADggEB
AFvtrRKDFgiGugjhgpM36QVaL/PNwuVn1RPkuUBbvp9avy4fR79y9yvhjUlI9tQe
P8aj8W9jkKa7qmAIH0nm+COilFhDYC608THLvtrY/aRHs9kqGU4bDO0E9FoDEvW9
aWDW5uytth1tyyCTApSKLJoXYCcrEE7GzAfymY78MXCrgYuTMHuOB66HbdPw6o3u
lI8iiE/HS+hCcRXfY8uYw+roi34rfDXs3MACwq2Sit0Cg0lx9GOh5phmGwk7N4p4
I3PZ7sRLWmoE7PkxtGXptvUWH6z6YPrHVaoUH77woLC2o5B9jvPtBxFttc9tsGu9
V8BSdNvhnVg+y7HJwOaCers=
-----END CERTIFICATE-----
Generated at Thu Aug 24 09:39:24 2023 by rpki-client on console-ams.rpki-client.org