Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fTTSzT0LdXfbWn3wAZgLSbPXti4.roa
File: fTTSzT0LdXfbWn3wAZgLSbPXti4.roa (raw, json)
Hash identifier: RTAFEQYOyCbXJ1pjm10fP7Q+bJbCnqKrEGyOntmzx/4=
Subject key identifier: 7D:34:D2:CD:3D:0B:75:77:DB:5A:7D:F0:01:98:0B:49:B3:D7:B6:2E
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018977D8136D31A914887093826188F3C1CF
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fTTSzT0LdXfbWn3wAZgLSbPXti4.roa
Signing time: Fri 21 Jul 2023 09:46:36 +0000
ROA not before: Fri 21 Jul 2023 09:46:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
45.140.220.0/22 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
45.154.196.0/22 maxlen: 24
185.185.40.0/22 maxlen: 24
45.90.144.0/22 maxlen: 24
194.56.226.0/24 maxlen: 24
194.56.224.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
45.90.145.0/24 maxlen: 24
45.90.146.0/24 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
185.234.74.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
78.108.216.0/22 maxlen: 24
78.108.217.0/24 maxlen: 24
194.31.140.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
193.105.184.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
193.31.28.0/22 maxlen: 24
193.31.30.0/24 maxlen: 24
85.202.160.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
2a0b:7080:10::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b86::/40 maxlen: 48
2a0b:b85::/32 maxlen: 32
2a0b:b87:ff12::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b82::/44 maxlen: 44
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:b87:ffda::/48 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0d:77c7::/32 maxlen: 48
2a0b:b84::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:77:d8:13:6d:31:a9:14:88:70:93:82:61:88:f3:c1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jul 21 09:46:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7d34d2cd3d0b7577db5a7df001980b49b3d7b62e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:07:f5:51:13:2d:c6:c2:bf:e4:82:8c:e2:38:
73:64:28:ef:c1:60:ed:20:ec:70:cf:fa:d3:7a:68:
9d:c2:01:45:8e:96:58:d0:ee:d3:ea:23:6b:1b:bf:
24:d3:93:b7:fc:f8:0c:7d:95:08:bb:9e:fd:92:b6:
cb:ce:b8:40:c2:68:b6:99:29:c1:6c:32:7e:da:1a:
f9:73:0b:85:5a:dc:5e:d7:4b:36:03:0f:69:00:e3:
59:bd:20:71:3c:99:a2:0f:4d:1e:05:5e:14:6a:08:
cb:43:cb:83:ff:c1:c9:ed:e2:c6:5c:2f:ad:9f:42:
83:22:5b:c3:97:ac:de:ce:1c:3e:90:56:4b:a2:4a:
d9:98:85:d9:1f:c0:c0:ea:24:e2:a8:1b:85:e7:e4:
56:26:07:44:2f:80:cb:2a:f8:c3:c1:da:1f:fe:96:
d9:bf:32:d4:bd:14:d4:96:95:7f:e4:58:47:85:38:
6d:5a:4d:b4:71:66:a4:a4:bb:22:dd:d2:e4:3f:1d:
3f:3c:b1:4f:6f:de:65:90:8f:a6:47:aa:6e:8d:c1:
14:2b:ef:25:7c:41:cf:1b:73:ec:eb:9d:d3:a3:7c:
b3:3f:8a:13:5c:ab:68:d5:1e:c3:fd:c4:89:d6:a0:
f6:e2:01:a2:52:a4:bd:b9:6b:3e:79:9c:5c:bb:07:
00:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:34:D2:CD:3D:0B:75:77:DB:5A:7D:F0:01:98:0B:49:B3:D7:B6:2E
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/fTTSzT0LdXfbWn3wAZgLSbPXti4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
45.81.20.0/22
45.90.144.0/22
45.140.220.0/22
45.154.196.0/22
77.83.240.0/22
78.108.216.0/22
83.143.116.0/22
85.202.160.0/22
89.190.156.0/22
178.218.144.0/22
185.185.40.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.28.0/22
193.34.76.0/22
193.105.184.0/24
193.221.192.0/22
194.31.140.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:ff:ffff:ffff:ffff:ffff:ffff
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0d:77c7::/32
Signature Algorithm: sha256WithRSAEncryption
c6:bb:d8:d8:98:11:a3:99:82:9d:46:d1:00:cb:a9:76:45:05:
af:50:a0:89:bc:92:d6:9f:69:1a:b7:f3:5a:d6:06:57:6a:3e:
ba:59:73:b5:63:a8:e5:77:84:3e:83:a8:8d:39:56:f8:aa:1e:
08:70:f6:45:5e:c6:62:56:22:93:7b:b1:34:d8:5a:b7:8f:0c:
e4:9d:40:5a:37:1f:27:7f:a3:08:7a:28:0a:33:b4:df:7e:d4:
4a:a9:a8:78:6e:01:d2:b9:e3:4a:f6:c7:88:fe:2e:ec:4c:c0:
b7:b7:bd:fb:c5:07:01:15:0a:93:b3:6f:6e:48:8c:f3:38:1c:
49:aa:12:d8:da:c0:50:53:3c:48:3b:5b:c7:dc:d0:2b:07:41:
12:96:b2:b3:0c:e6:3b:16:10:b0:d9:d4:d9:77:a4:1e:8e:5f:
8b:6e:02:79:ee:8a:18:4c:39:68:d2:db:74:8f:f1:55:aa:55:
c7:8c:f1:cd:d4:72:f2:3f:33:78:29:48:82:90:b2:ab:97:bf:
ee:01:ff:62:11:94:57:d5:c4:1b:8e:e8:04:d1:41:37:b2:b0:
76:fc:74:73:19:56:45:b9:ff:51:91:1e:d2:a8:65:9f:26:e7:
c6:b1:41:e4:bd:28:90:08:cf:18:bf:87:58:73:9f:6f:3e:b8:
1d:cb:7d:be
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYl32BNtMakUiHCTgmGI88HPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjMwNzIxMDk0NjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDM0ZDJjZDNkMGI3NTc3ZGI1YTdkZjAwMTk4MGI0OWIzZDdiNjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwf1URMtxsK/5IKM4jhzZCjvwWDt
IOxwz/rTemidwgFFjpZY0O7T6iNrG78k05O3/PgMfZUIu579krbLzrhAwmi2mSnB
bDJ+2hr5cwuFWtxe10s2Aw9pAONZvSBxPJmiD00eBV4UagjLQ8uD/8HJ7eLGXC+t
n0KDIlvDl6zezhw+kFZLokrZmIXZH8DA6iTiqBuF5+RWJgdEL4DLKvjDwdof/pbZ
vzLUvRTUlpV/5FhHhThtWk20cWakpLsi3dLkPx0/PLFPb95lkI+mR6pujcEUK+8l
fEHPG3Ps653To3yzP4oTXKto1R7D/cSJ1qD24gGiUqS9uWs+eZxcuwcAJwIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFH000s09C3V321p98AGYC0mz17YuMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvZlRUU3pUMExkWGZiV24zd0FaZ0xTYlBYdGk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBlwQCAAEwgZAD
BAICOKQDBAItURQDBAItWpADBAItjNwDBAItmsQDBAJNU/ADBAJObNgDBAJTj3QD
BAJVyqADBAJZvpwDBAKy2pADBAK5uSgDBAK5ukADBAK540QDBAK56kgDBAK58uAD
BALBHxwDBALBIkwDBADBabgDBALB3cADBALCH4wDBALCMhADBALCOOADBALUawww
aAQCAAIwYgMHBCoLC4IAADAPAwUCKgsLhAMGACoLC4YAAwcAKgsLh/8SAwcAKgsL
h/+0AwcAKgsLh//aAwcAKgsLh//sAwcEKgsLh//wMBIDBwQqC3CAABADBwYqC3CA
AAADBQAqDXfHMA0GCSqGSIb3DQEBCwUAA4IBAQDGu9jYmBGjmYKdRtEAy6l2RQWv
UKCJvJLWn2kat/Na1gZXaj66WXO1Y6jld4Q+g6iNOVb4qh4IcPZFXsZiViKTe7E0
2Fq3jwzknUBaNx8nf6MIeigKM7TfftRKqah4bgHSueNK9seI/i7sTMC3t737xQcB
FQqTs29uSIzzOBxJqhLY2sBQUzxIO1vH3NArB0ESlrKzDOY7FhCw2dTZd6Qejl+L
bgJ57ooYTDlo0tt0j/FVqlXHjPHN1HLyPzN4KUiCkLKrl7/uAf9iEZRX1cQbjugE
0UE3srB2/HRzGVZFuf9RkR7SqGWfJufGsUHkvSiQCM8Yv4dYc59vPrgdy32+
-----END CERTIFICATE-----
Generated at Mon Aug 21 09:43:39 2023 by rpki-client on console-fra.rpki-client.org