Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa
File: mL_zD-MZ50sckJrs5ir1SUXidrg.roa (raw, json)
Hash identifier: UmhIficVO2FaI1lmBTSGsw0i3swCaCRX47cpc7svX6c=
Subject key identifier: 98:BF:F3:0F:E3:19:E7:4B:1C:90:9A:EC:E6:2A:F5:49:45:E2:76:B8
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0188959D450572FE407F8418CDE45530324E
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa
Signing time: Wed 07 Jun 2023 11:28:11 +0000
ROA not before: Wed 07 Jun 2023 11:28:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9125
IP address blocks: 93.93.192.0/21 maxlen: 21
92.42.253.0/24 maxlen: 24
92.42.252.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
89.23.93.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.65.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.144.0/20 maxlen: 20
178.254.145.0/24 maxlen: 24
178.254.140.0/22 maxlen: 22
178.254.165.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.182.0/24 maxlen: 24
178.254.184.0/21 maxlen: 21
178.254.128.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.116.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
185.157.44.0/24 maxlen: 24
109.111.254.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.216.0/22 maxlen: 22
217.169.220.0/22 maxlen: 22
5.172.34.0/24 maxlen: 24
5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.36.0/23 maxlen: 23
5.172.36.0/22 maxlen: 22
109.111.226.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.232.0/22 maxlen: 22
109.111.229.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.227.0/24 maxlen: 24
109.111.240.0/24 maxlen: 24
109.111.236.0/22 maxlen: 22
109.111.246.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
2a02:b58::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:95:9d:45:05:72:fe:40:7f:84:18:cd:e4:55:30:32:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 7 11:28:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=98bff30fe319e74b1c909aece62af54945e276b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:26:47:7c:78:19:96:cb:85:c1:6f:84:cc:92:
fa:0c:4e:46:54:cf:0d:14:df:1e:c3:20:76:79:d5:
0d:bb:44:18:be:2f:9a:7a:68:45:18:8a:c2:b5:19:
77:e3:0b:cc:0a:a6:82:6d:ce:7b:25:50:9f:c6:f2:
25:5e:2b:c6:7d:71:91:53:5e:cd:5e:47:ea:79:9b:
d8:26:3b:d2:8c:a8:7d:11:6f:50:0f:15:e8:6f:ad:
65:a5:8b:34:02:68:43:90:c9:20:25:10:2b:a4:a4:
b2:9a:9d:fb:1a:e3:c4:8c:f5:14:a5:2a:aa:1e:b9:
5b:22:00:f5:af:ec:e8:56:1a:35:0c:00:44:5c:76:
76:06:06:17:a3:fc:af:fc:08:eb:47:8e:c4:2e:55:
36:c4:b7:c2:96:24:72:bd:cf:be:c2:49:bb:76:95:
a0:c3:71:d2:14:76:c3:c1:9f:a8:d3:4c:f8:66:d5:
99:cb:91:c3:23:f3:39:8b:e5:73:e7:b4:7d:c6:29:
0f:6e:a6:7e:35:74:0e:e2:46:d9:6b:a2:fb:7a:33:
1a:c8:0e:93:8c:c5:fc:47:05:8b:ca:de:db:8a:9c:
55:93:1d:49:b1:98:ac:e3:60:4d:25:c4:a6:94:42:
97:6b:b5:37:de:f4:57:52:cc:d2:64:67:44:08:8c:
03:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:BF:F3:0F:E3:19:E7:4B:1C:90:9A:EC:E6:2A:F5:49:45:E2:76:B8
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/mL_zD-MZ50sckJrs5ir1SUXidrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0/24
89.23.68.0-89.23.70.255
89.23.75.0/24
89.23.93.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.244.255
109.111.246.0-109.111.248.255
109.111.250.0/24
109.111.252.0-109.111.254.255
178.254.128.0/19
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.182.0-178.254.191.255
185.157.44.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
21:cb:2c:b1:77:93:f2:9d:e5:de:ab:83:7e:ec:f4:cd:14:09:
f3:c2:04:42:81:dd:f8:d4:ab:5d:97:2c:56:74:b9:b4:0e:4e:
f2:30:a9:5a:74:3d:5f:ef:44:2f:6f:8b:cb:e3:7f:0f:c6:f1:
d5:70:55:17:f0:6e:a0:9f:dc:0f:50:d0:3f:dd:ff:cd:df:05:
12:ca:e2:06:88:92:28:70:0a:c1:93:0b:fa:94:c4:c0:0a:13:
40:b4:54:90:05:a1:64:8f:69:12:1c:6d:6e:d2:92:95:07:84:
2a:2c:4f:01:10:51:16:8a:9d:51:e2:75:c3:d2:19:7c:21:73:
c7:f3:95:f3:c7:4b:d3:4e:46:57:1e:4f:df:df:00:5b:d1:e4:
5d:ed:6a:55:7b:49:9e:39:e5:e7:a8:5d:00:3f:d0:5e:17:5c:
c1:6e:48:17:10:5b:21:c3:0e:b1:af:c4:38:8d:8d:a8:df:4c:
85:10:5b:ef:a3:ce:3d:0e:b4:36:63:ae:65:12:8c:8b:af:4b:
d4:18:3c:ef:22:7f:b8:ce:6d:de:ff:4e:71:60:d7:50:58:56:
01:2e:0f:f0:57:86:9c:b6:e0:fd:d4:8b:09:e1:3f:15:31:22:
fc:16:eb:1b:6b:cf:38:07:e3:1b:5a:45:8b:fd:f8:65:a8:40:
b8:bd:a0:74
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAYiVnUUFcv5Af4QYzeRVMDJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjMwNjA3MTEyODExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGJmZjMwZmUzMTllNzRiMWM5MDlhZWNlNjJhZjU0OTQ1ZTI3NmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSZHfHgZlsuFwW+EzJL6DE5GVM8N
FN8ewyB2edUNu0QYvi+aemhFGIrCtRl34wvMCqaCbc57JVCfxvIlXivGfXGRU17N
XkfqeZvYJjvSjKh9EW9QDxXob61lpYs0AmhDkMkgJRArpKSymp37GuPEjPUUpSqq
HrlbIgD1r+zoVho1DABEXHZ2BgYXo/yv/AjrR47ELlU2xLfCliRyvc++wkm7dpWg
w3HSFHbDwZ+o00z4ZtWZy5HDI/M5i+Vz57R9xikPbqZ+NXQO4kbZa6L7ejMayA6T
jMX8RwWLyt7bipxVkx1JsZis42BNJcSmlEKXa7U33vRXUszSZGdECIwDfwIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFJi/8w/jGedLHJCa7OYq9UlF4na4MB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvbUxfekQtTVo1MHNja0pyczVpcjFTVVhpZHJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TCB1wQCAAEwgdAwDAME
AAWsIQMEAwWsIAMEAFkXQTAMAwQCWRdEAwQAWRdGAwQAWRdLAwQAWRddAwQDXCr4
AwQDXV3AMAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/z
AwQAbW/0MAwDBAFtb/YDBABtb/gDBABtb/owDAMEAm1v/AMEAG1v/gMEBbL+gAME
ALL+owMEALL+pQMEALL+qQMEALL+rAMEALL+rwMEALL+sTAMAwQBsv62AwQGsv6A
AwQAuZ0sAwQE2anQMA0EAgACMAcDBQAqAgtYMA0GCSqGSIb3DQEBCwUAA4IBAQAh
yyyxd5PyneXeq4N+7PTNFAnzwgRCgd341KtdlyxWdLm0Dk7yMKladD1f70Qvb4vL
438PxvHVcFUX8G6gn9wPUNA/3f/N3wUSyuIGiJIocArBkwv6lMTAChNAtFSQBaFk
j2kSHG1u0pKVB4QqLE8BEFEWip1R4nXD0hl8IXPH85Xzx0vTTkZXHk/f3wBb0eRd
7WpVe0meOeXnqF0AP9BeF1zBbkgXEFshww6xr8Q4jY2o30yFEFvvo849DrQ2Y65l
EoyLr0vUGDzvIn+4zm3e/05xYNdQWFYBLg/wV4actuD91IsJ4T8VMSL8Fusba884
B+MbWkWL/fhlqEC4vaB0
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:26 2023 by rpki-client on console-fra.rpki-client.org