Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/CZ7D-g-D4mFwh7_we_l7uQO9Uvw.roa
File: CZ7D-g-D4mFwh7_we_l7uQO9Uvw.roa (raw, json)
Hash identifier: zCwgf57J/M+KOceKBA4l+Tu7H/aA/ITxXdN4+nmer0A=
Subject key identifier: 09:9E:C3:FA:0F:83:E2:61:70:87:BF:F0:7B:F9:7B:B9:03:BD:52:FC
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 0186D6F914AF31DB1A63AD4438DB76C0505F
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/CZ7D-g-D4mFwh7_we_l7uQO9Uvw.roa
Signing time: Sun 12 Mar 2023 17:58:13 +0000
ROA not before: Sun 12 Mar 2023 17:58:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48500
IP address blocks: 217.196.128.0/23 maxlen: 23
134.90.224.0/20 maxlen: 20
217.196.140.0/23 maxlen: 23
109.104.224.0/21 maxlen: 21
37.99.224.0/20 maxlen: 20
185.46.100.0/22 maxlen: 22
37.99.240.0/21 maxlen: 21
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:f9:14:af:31:db:1a:63:ad:44:38:db:76:c0:50:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Mar 12 17:58:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=099ec3fa0f83e2617087bff07bf97bb903bd52fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:13:4e:61:a4:6c:b2:ad:3d:9a:35:eb:d5:11:
31:46:a8:b0:fb:1a:c1:0d:23:22:46:3f:d9:93:4d:
41:fd:55:72:13:1d:26:ad:0d:96:86:38:80:ad:39:
62:ff:12:92:69:f8:a6:37:ad:02:a7:5d:aa:06:b6:
15:d4:77:1c:15:4b:ec:b0:4f:34:cd:c5:4f:bc:42:
df:57:b4:83:2f:1f:07:76:73:cf:1d:f8:ab:44:1e:
83:4d:be:a0:a1:42:7c:ff:08:5e:3a:f2:a7:4e:4d:
16:25:0e:ce:04:5c:f2:78:81:a9:78:0e:a3:12:95:
8d:c0:e4:e0:95:16:9e:50:98:c6:54:e7:42:a7:fa:
29:b5:a4:ee:2c:d1:7a:cc:e0:55:4f:6c:33:35:61:
6c:ec:a5:33:6f:74:b6:f4:4e:4a:1d:4d:7b:52:24:
3d:c1:c1:4b:e2:e9:35:92:4f:86:5e:3c:f8:8d:a7:
68:c2:2d:0f:9c:9e:9c:fe:f0:87:f7:74:34:2f:6e:
cd:04:24:e7:56:45:15:33:06:1e:54:48:b6:5d:9d:
cd:8e:c7:3f:4f:56:c9:c5:42:b5:7a:c4:76:fb:c5:
69:ae:19:81:ce:6f:4d:74:9a:d6:28:cd:4e:16:61:
79:d4:50:93:d9:ec:d3:dc:d8:af:04:91:3f:a6:b2:
00:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:9E:C3:FA:0F:83:E2:61:70:87:BF:F0:7B:F9:7B:B9:03:BD:52:FC
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/CZ7D-g-D4mFwh7_we_l7uQO9Uvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.224.0-37.99.247.255
109.104.224.0/21
134.90.224.0/20
185.46.100.0/22
217.196.128.0/23
217.196.140.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:78:67:dc:f2:4c:bf:d5:f1:1b:64:38:b4:c0:33:5c:bf:87:
7c:8f:bb:02:29:7e:cd:8d:8a:17:3b:46:f7:e1:d2:d4:dd:5e:
ea:d8:a4:ac:62:b2:b9:4c:e2:19:f1:06:08:00:8c:c2:c1:26:
99:fb:16:2b:ff:3a:e0:22:6b:5b:72:bb:e3:6e:f9:35:1c:b1:
73:e1:17:39:87:38:43:8e:12:0c:a1:56:ff:d6:6e:da:ed:5c:
25:34:fe:85:ab:8c:57:02:fb:69:c9:71:b2:55:7a:89:50:e1:
d2:db:8f:29:75:95:ce:2b:dd:2e:43:4e:2a:c9:39:ac:61:6e:
d5:51:af:8d:f9:75:6e:95:d5:05:38:90:f9:07:87:25:fa:7e:
68:c3:b4:e9:9f:82:c0:d5:16:bf:48:c3:bf:fb:b9:f4:2c:a8:
d2:db:c7:96:72:c6:a7:f2:ae:5e:c1:b0:6e:b9:b5:90:2d:01:
a8:7e:1e:80:40:f2:45:9f:8b:96:bb:d7:84:1a:2c:70:83:1f:
74:16:21:1c:95:85:f4:a6:6a:16:40:29:8d:6c:67:a2:51:4a:
20:f9:f4:9f:d9:f9:73:c2:20:3f:87:f1:95:e6:3d:f1:34:77:
07:49:6e:e4:df:cf:ee:d4:84:2b:51:cb:01:a6:cb:49:d3:fe:
cb:fa:ed:f9
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYbW+RSvMdsaY61EONt2wFBfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjMwMzEyMTc1ODEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTllYzNmYTBmODNlMjYxNzA4N2JmZjA3YmY5N2JiOTAzYmQ1MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkBNOYaRssq09mjXr1RExRqiw+xrB
DSMiRj/Zk01B/VVyEx0mrQ2WhjiArTli/xKSafimN60Cp12qBrYV1HccFUvssE80
zcVPvELfV7SDLx8HdnPPHfirRB6DTb6goUJ8/wheOvKnTk0WJQ7OBFzyeIGpeA6j
EpWNwOTglRaeUJjGVOdCp/optaTuLNF6zOBVT2wzNWFs7KUzb3S29E5KHU17UiQ9
wcFL4uk1kk+GXjz4jadowi0PnJ6c/vCH93Q0L27NBCTnVkUVMwYeVEi2XZ3Njsc/
T1bJxUK1esR2+8VprhmBzm9NdJrWKM1OFmF51FCT2ezT3NivBJE/prIALwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFAmew/oPg+JhcIe/8Hv5e7kDvVL8MB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvQ1o3RC1nLUQ0bUZ3aDdfd2VfbDd1UU85VXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDctYzBmODlhZDM2YmNh
LzEveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAUlY+AD
BAMlY/ADBANtaOADBASGWuADBAK5LmQDBAHZxIADBAHZxIwwDQYJKoZIhvcNAQEL
BQADggEBACt4Z9zyTL/V8RtkOLTAM1y/h3yPuwIpfs2Nihc7Rvfh0tTdXurYpKxi
srlM4hnxBggAjMLBJpn7Fiv/OuAia1tyu+Nu+TUcsXPhFzmHOEOOEgyhVv/Wbtrt
XCU0/oWrjFcC+2nJcbJVeolQ4dLbjyl1lc4r3S5DTirJOaxhbtVRr435dW6V1QU4
kPkHhyX6fmjDtOmfgsDVFr9Iw7/7ufQsqNLbx5Zyxqfyrl7BsG65tZAtAah+HoBA
8kWfi5a714QaLHCDH3QWIRyVhfSmahZAKY1sZ6JRSiD59J/Z+XPCID+H8ZXmPfE0
dwdJbuTfz+7UhCtRywGmy0nT/sv67fk=
-----END CERTIFICATE-----
Generated at Tue Oct 24 10:48:21 2023 by rpki-client on console-ams.rpki-client.org