Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzbsIhpMzoHiA0ZzcrSFambYs34.roa
File: VzbsIhpMzoHiA0ZzcrSFambYs34.roa (raw, json)
Hash identifier: Yj4IbMXFErJii3u4gquzd3PZT1XpByXuxIg9WZZlY5c=
Subject key identifier: 57:36:EC:22:1A:4C:CE:81:E2:03:46:73:72:B4:85:6A:66:D8:B3:7E
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018AF14651A6BA6CCFA1896DB1E7D5CB3927
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzbsIhpMzoHiA0ZzcrSFambYs34.roa
Signing time: Mon 02 Oct 2023 16:43:51 +0000
ROA not before: Mon 02 Oct 2023 16:43:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 62206
IP address blocks: 91.223.110.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
195.211.188.0/22 maxlen: 24
195.211.190.0/24 maxlen: 24
45.88.138.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
194.242.96.0/22 maxlen: 22
194.242.97.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
45.144.212.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
45.132.181.0/24 maxlen: 24
45.94.168.0/22 maxlen: 22
45.94.170.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
77.83.39.0/24 maxlen: 24
85.209.120.0/22 maxlen: 24
85.209.120.0/23 maxlen: 24
85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
45.81.112.0/22 maxlen: 24
45.81.112.0/24 maxlen: 24
77.83.37.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
2a10:dfc0::/29 maxlen: 29
2a07:9200::/29 maxlen: 29
2a11:580::/29 maxlen: 29
2a0c:a580::/29 maxlen: 29
2a01:7120::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:f1:46:51:a6:ba:6c:cf:a1:89:6d:b1:e7:d5:cb:39:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 2 16:43:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5736ec221a4cce81e203467372b4856a66d8b37e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:3f:23:34:53:d1:f1:49:63:03:eb:9b:07:a1:
1f:62:b4:03:f6:19:92:6b:23:db:3b:fb:c8:74:6c:
a0:9a:b4:d7:a9:a6:c0:4a:42:55:df:b6:79:db:6f:
ab:15:1d:a7:d0:e7:e9:9a:44:b4:ac:af:10:e5:90:
d3:25:cc:3c:80:d6:06:23:69:5d:b6:e3:c5:af:e3:
bf:4b:1b:94:fa:2a:98:1c:31:67:3e:74:80:e8:98:
bb:bc:b6:0d:25:c9:75:48:5f:76:c9:c4:e7:f3:8f:
51:54:01:0c:90:61:fa:42:12:96:7b:c7:06:9a:85:
3f:bd:42:a9:63:6c:09:7a:43:8f:3b:69:5a:e9:96:
d5:3c:38:9b:e9:75:79:06:e4:13:28:51:70:2b:19:
a1:08:a5:93:da:3a:a0:d8:51:7e:e7:a3:c9:3e:d5:
02:72:da:e7:76:e3:5d:f1:78:5d:9c:6b:bd:6a:d7:
c8:27:47:ef:e7:56:9a:32:07:50:c3:a9:98:e4:05:
2d:8f:31:58:15:c0:30:9c:dc:a3:ef:e4:7e:1b:5e:
a0:8c:58:97:7d:3e:6f:d8:01:4d:de:c4:b0:39:0c:
ac:5e:51:91:5a:cc:d3:c1:31:82:46:65:13:08:98:
e0:1b:08:d4:16:5f:53:91:bd:4f:c1:f8:a1:fa:ad:
cd:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:36:EC:22:1A:4C:CE:81:E2:03:46:73:72:B4:85:6A:66:D8:B3:7E
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/VzbsIhpMzoHiA0ZzcrSFambYs34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.87.0/24
45.9.29.0/24
45.81.112.0/22
45.88.136.0/24
45.88.138.0/24
45.94.168.0/22
45.132.181.0-45.132.183.255
45.144.212.0/24
77.83.37.0/24
77.83.39.0/24
85.209.120.0/22
91.223.110.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/22
195.177.92.0-195.177.94.255
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a0c:a580::/29
2a10:dfc0::/29
2a11:580::/29
Signature Algorithm: sha256WithRSAEncryption
44:d0:5a:80:52:7b:fa:fe:9a:8f:f4:d5:76:1e:48:e4:50:41:
88:a4:5a:cb:99:46:3e:11:21:36:66:29:4d:cb:76:bc:5c:c2:
5b:13:12:38:97:3c:b6:1c:b1:a7:dd:38:cd:a9:b6:c7:07:af:
02:d1:ef:a1:15:35:c1:14:78:5d:1e:b7:9d:fb:36:96:0b:41:
bb:31:30:fb:82:7e:d4:3e:a4:e1:3f:45:af:5c:62:4c:f0:f6:
39:33:c2:8d:8a:c6:03:94:76:0a:72:dc:22:a8:79:f1:9c:45:
8d:38:11:78:62:6a:4a:d5:19:e9:43:07:ad:02:31:61:66:c7:
6f:f0:f4:35:fe:d2:61:b4:4a:e1:d8:aa:d7:2a:a0:e6:86:39:
42:0c:5f:dd:b9:f7:3f:43:2d:aa:02:bc:8a:30:3e:c3:a5:95:
9c:ce:12:e6:35:9d:16:64:47:42:23:4c:36:aa:ca:a6:71:5f:
5e:8f:fc:31:59:e8:51:da:02:e7:83:48:13:49:5c:dd:07:41:
57:26:25:18:d0:ec:48:74:3d:52:81:de:ab:f9:26:f6:9e:d3:
8b:a2:74:69:b7:3e:02:00:43:54:d4:ad:d5:9b:95:1d:e3:85:
4f:31:84:00:a2:27:0e:dd:fe:3d:6d:4f:af:b3:a9:da:15:60:
5d:85:f3:6c
-----BEGIN CERTIFICATE-----
MIIFtTCCBJ2gAwIBAgISAYrxRlGmumzPoYltsefVyzknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjMxMDAyMTY0MzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzM2ZWMyMjFhNGNjZTgxZTIwMzQ2NzM3MmI0ODU2YTY2ZDhiMzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApz8jNFPR8UljA+ubB6EfYrQD9hmS
ayPbO/vIdGygmrTXqabASkJV37Z522+rFR2n0OfpmkS0rK8Q5ZDTJcw8gNYGI2ld
tuPFr+O/SxuU+iqYHDFnPnSA6Ji7vLYNJcl1SF92ycTn849RVAEMkGH6QhKWe8cG
moU/vUKpY2wJekOPO2la6ZbVPDib6XV5BuQTKFFwKxmhCKWT2jqg2FF+56PJPtUC
ctrnduNd8XhdnGu9atfIJ0fv51aaMgdQw6mY5AUtjzFYFcAwnNyj7+R+G16gjFiX
fT5v2AFN3sSwOQysXlGRWszTwTGCRmUTCJjgGwjUFl9Tkb1Pwfih+q3N6wIDAQAB
o4ICwTCCAr0wHQYDVR0OBBYEFFc27CIaTM6B4gNGc3K0hWpm2LN+MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvVnpic0locE16b0hpQTBaemNyU0ZhbWJZczM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHWBggrBgEFBQcBBwEB/wSBxjCBwzCBlQQCAAEwgY4DBAAF
tVcDBAAtCR0DBAItUXADBAAtWIgDBAAtWIoDBAItXqgwDAMEAC2EtQMEAy2EsAME
AC2Q1AMEAE1TJQMEAE1TJwMEAlXReAMEAFvfbgMEAbkr+AMEALkr+wMEAbnIPgME
AMEe8AMEAcEe8gMEAME5KwMEAsLyYDAMAwQCw7FcAwQAw7FeAwQCw9O8MCkEAgAC
MCMDBQAqAXEgAwUDKgeSAAMFAyoMpYADBQMqEN/AAwUDKhEFgDANBgkqhkiG9w0B
AQsFAAOCAQEARNBagFJ7+v6aj/TVdh5I5FBBiKRay5lGPhEhNmYpTct2vFzCWxMS
OJc8thyxp904zam2xwevAtHvoRU1wRR4XR63nfs2lgtBuzEw+4J+1D6k4T9Fr1xi
TPD2OTPCjYrGA5R2CnLcIqh58ZxFjTgReGJqStUZ6UMHrQIxYWbHb/D0Nf7SYbRK
4diq1yqg5oY5Qgxf3bn3P0MtqgK8ijA+w6WVnM4S5jWdFmRHQiNMNqrKpnFfXo/8
MVnoUdoC54NIE0lc3QdBVyYlGNDsSHQ9UoHeq/km9p7Ti6J0abc+AgBDVNSt1ZuV
HeOFTzGEAKInDt3+PW1Pr7Op2hVgXYXzbA==
-----END CERTIFICATE-----
Generated at Tue Oct 3 09:53:00 2023 by rpki-client on console-fra.rpki-client.org