Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2Nz_D5oeX3rdCUfcciAdfqKhezY.roa
File: 2Nz_D5oeX3rdCUfcciAdfqKhezY.roa (raw, json)
Hash identifier: 9JqhJI8iEAOzUKeEL4Wi6L6dvJ9a1DUxH+D8BHmYhMY=
Subject key identifier: D8:DC:FF:0F:9A:1E:5F:7A:DD:09:47:DC:72:20:1D:7E:A2:A1:7B:36
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0185DB22F3DA06B043A2D51C9C94F25DDCB4
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2Nz_D5oeX3rdCUfcciAdfqKhezY.roa
Signing time: Sun 22 Jan 2023 20:19:39 +0000
ROA not before: Sun 22 Jan 2023 20:19:39 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.31.140.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
45.81.20.0/22 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b85::/32 maxlen: 32
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:db:22:f3:da:06:b0:43:a2:d5:1c:9c:94:f2:5d:dc:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 22 20:19:39 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d8dcff0f9a1e5f7add0947dc72201d7ea2a17b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:aa:d9:ed:c2:de:36:0c:78:1b:3a:4a:b4:cc:
76:28:47:b3:e7:31:7b:8f:fb:59:73:17:b1:69:4f:
29:09:2e:ad:91:27:62:a0:7f:09:31:ea:23:b5:72:
14:ce:eb:42:a7:ef:3f:f3:3e:90:16:0a:d5:d3:99:
4c:0d:1f:40:84:b3:e4:9b:1c:a4:1f:27:52:de:66:
17:7f:e8:3c:36:3e:bf:89:0c:95:12:bd:e0:d6:2f:
bb:0b:41:89:a8:bf:73:6e:5e:c1:9a:22:33:db:6a:
93:9b:7a:0f:7c:48:25:71:e5:b6:b5:2d:04:f1:7b:
81:78:a8:a0:e5:cd:ac:eb:95:f3:92:b9:bf:dc:1a:
25:bb:9c:be:5a:96:ce:01:df:f9:ee:2b:7d:6d:30:
00:d2:3a:ad:f2:35:51:39:b9:87:3a:6a:fe:a0:72:
a2:25:19:63:a9:4c:9c:1c:82:02:58:56:be:f7:6c:
08:4f:53:82:01:32:91:06:4c:21:c6:81:0e:c8:7a:
b1:d9:9c:4d:e1:37:f0:09:38:b6:6d:d6:db:33:a3:
c3:a6:96:f4:0e:8b:eb:2f:a0:2b:aa:db:e0:33:7b:
ea:57:0e:6e:02:c6:30:fd:dd:aa:8a:f4:72:9c:e9:
e3:94:5e:53:b3:aa:a9:bb:89:f9:56:9e:cc:be:23:
03:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:DC:FF:0F:9A:1E:5F:7A:DD:09:47:DC:72:20:1D:7E:A2:A1:7B:36
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/2Nz_D5oeX3rdCUfcciAdfqKhezY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::/31
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
53:60:6b:91:09:0e:5e:d0:88:be:fd:8e:45:d8:48:44:51:8c:
53:b8:4a:a3:16:d8:b4:7a:05:36:ad:cd:f5:7a:0d:0a:ba:2b:
6d:72:aa:64:52:3b:46:cc:00:04:25:de:8d:f9:99:60:7a:7f:
e0:a3:0a:ce:1b:09:2a:4f:29:1b:10:ba:45:eb:6c:c1:ff:33:
43:a4:e3:94:e4:42:28:5e:dc:73:32:74:13:e3:a7:66:e4:1e:
58:66:c8:ac:0b:3c:b9:34:a1:4b:d6:70:d0:b0:25:bd:b7:da:
15:25:34:d6:2c:54:16:ed:59:47:de:58:7f:8f:66:2c:a9:ae:
64:28:92:54:b8:4b:85:66:73:09:91:c5:77:a8:cd:ee:ef:27:
24:57:97:b9:14:55:18:c5:3a:c3:93:87:a5:6b:7f:99:d7:cc:
bf:c5:df:e4:ef:af:e3:3f:4e:f2:9b:20:ff:a9:c7:09:c8:69:
11:2c:5f:7a:e0:f7:40:ff:81:1b:97:9f:56:7e:2f:fd:f9:90:
97:4c:c4:4f:aa:a2:56:87:d9:50:4b:e5:ed:81:4c:ab:f7:4a:
19:6b:b1:8c:8f:60:e9:df:ac:06:44:81:0a:92:d9:ae:fb:3c:
17:df:ac:48:81:c5:fc:7f:b6:ea:bb:f1:ad:bf:f8:3b:b8:0b:
d5:2f:b4:4f
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAYXbIvPaBrBDotUcnJTyXdy0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwMTIyMjAxOTM5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGRjZmYwZjlhMWU1ZjdhZGQwOTQ3ZGM3MjIwMWQ3ZWEyYTE3YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA66rZ7cLeNgx4GzpKtMx2KEez5zF7
j/tZcxexaU8pCS6tkSdioH8JMeojtXIUzutCp+8/8z6QFgrV05lMDR9AhLPkmxyk
HydS3mYXf+g8Nj6/iQyVEr3g1i+7C0GJqL9zbl7BmiIz22qTm3oPfEglceW2tS0E
8XuBeKig5c2s65Xzkrm/3Bolu5y+WpbOAd/57it9bTAA0jqt8jVRObmHOmr+oHKi
JRljqUycHIICWFa+92wIT1OCATKRBkwhxoEOyHqx2ZxN4TfwCTi2bdbbM6PDppb0
DovrL6ArqtvgM3vqVw5uAsYw/d2qivRynOnjlF5Ts6qpu4n5Vp7MviMDPQIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFNjc/w+aHl963QlH3HIgHX6ioXs2MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvMk56X0Q1b2VYM3JkQ1VmY2NpQWRmcUtoZXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwgZcEAgABMIGQAwQC
AjikAwQCLVEUAwQCLVqQAwQCLYzcAwQCLZrEAwQCTVPwAwQCTmzYAwQCU490AwQC
VcqgAwQCWb6cAwQCstqQAwQCubkoAwQCubpAAwQCueNEAwQCuepIAwQCufLgAwQC
wR8cAwQCwSJMAwQAwWm4AwQCwd3AAwQCwh+MAwQCwjIQAwQCwjjgAwQC1GsMMFUE
AgACME8DBwQqCwuCAAADBQEqCwuEAwcAKgsLh/+0AwcAKgsLh//aAwcAKgsLh//s
AwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CAAAADBQAqDXfHMA0GCSqGSIb3DQEB
CwUAA4IBAQBTYGuRCQ5e0Ii+/Y5F2EhEUYxTuEqjFti0egU2rc31eg0Kuittcqpk
UjtGzAAEJd6N+Zlgen/gowrOGwkqTykbELpF62zB/zNDpOOU5EIoXtxzMnQT46dm
5B5YZsisCzy5NKFL1nDQsCW9t9oVJTTWLFQW7VlH3lh/j2Ysqa5kKJJUuEuFZnMJ
kcV3qM3u7yckV5e5FFUYxTrDk4ela3+Z18y/xd/k76/jP07ymyD/qccJyGkRLF96
4PdA/4Ebl59Wfi/9+ZCXTMRPqqJWh9lQS+XtgUyr90oZa7GMj2Dp36wGRIEKktmu
+zwX36xIgcX8f7bqu/Gtv/g7uAvVL7RP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-ams.rpki-client.org