Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zBTIZnQWvQND2J8YAIBkW22kv4Y.roa
File: zBTIZnQWvQND2J8YAIBkW22kv4Y.roa (raw, json)
Hash identifier: VaVDvFOUYxz3S4q230vBXEmB3E6eozZesIKTpipOZ0E=
Subject key identifier: CC:14:C8:66:74:16:BD:03:43:D8:9F:18:00:80:64:5B:6D:A4:BF:86
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018BD72B3E5FF74976408783EDF454086947
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zBTIZnQWvQND2J8YAIBkW22kv4Y.roa
Signing time: Thu 16 Nov 2023 08:06:57 +0000
ROA not before: Thu 16 Nov 2023 08:06:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35346
IP address blocks: 194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
45.67.116.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 24
178.175.176.0/22 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
2a07:5540::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:d7:2b:3e:5f:f7:49:76:40:87:83:ed:f4:54:08:69:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Nov 16 08:06:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc14c8667416bd0343d89f180080645b6da4bf86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:4f:9f:62:9f:c9:65:57:7b:4c:1b:b5:3e:1a:
a8:53:57:87:30:4b:5b:56:07:19:79:98:a6:b8:45:
a2:79:0d:4d:7d:0e:ef:47:c9:08:9a:e5:57:86:93:
62:9f:2e:01:63:e3:df:97:0e:5d:c2:34:ed:82:70:
60:c0:b1:67:82:9f:3e:9e:df:96:30:38:bb:ad:8f:
8b:91:b3:b7:5a:02:33:1a:3a:23:26:0c:99:8d:0a:
49:2e:50:29:16:d8:fd:a6:38:1b:23:04:9d:7f:cf:
59:cd:de:37:43:b2:b1:23:bb:d6:5e:6f:61:d1:ab:
3a:36:46:d0:b4:e1:5f:53:36:b1:f8:18:ba:b5:fd:
12:ac:43:fa:15:57:c0:42:7c:c2:9c:42:6c:d0:39:
8d:2c:0d:b6:e9:9e:cb:8c:1f:57:07:4f:62:95:19:
47:bc:c5:53:69:7e:ab:13:a7:9b:c2:7d:b2:82:4f:
12:2f:78:ef:52:a7:6c:dc:2c:ec:f9:8b:04:72:f3:
14:eb:9a:f6:fa:db:29:3a:ea:50:8c:95:2b:b7:d4:
4a:00:98:68:19:59:63:7d:45:1a:2a:20:9a:47:72:
fa:f3:83:65:bb:38:53:23:be:a1:ad:78:26:7f:97:
25:5d:bd:8d:be:b2:4f:ff:e7:23:0f:01:c0:87:b5:
44:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:14:C8:66:74:16:BD:03:43:D8:9F:18:00:80:64:5B:6D:A4:BF:86
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zBTIZnQWvQND2J8YAIBkW22kv4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a09:4440::/29
Signature Algorithm: sha256WithRSAEncryption
a6:4b:b6:7b:ed:9c:49:14:ba:8d:b4:09:9d:56:f2:e5:9e:2e:
69:2d:53:ec:bd:87:9a:67:96:40:bb:76:9d:e9:58:67:e1:9c:
5b:81:86:18:86:8e:27:bb:f1:a1:8a:f0:b3:37:1d:49:91:26:
94:77:84:d8:c6:1b:74:7e:88:9c:b0:73:7a:39:7f:70:7d:52:
ef:38:dc:e4:24:44:95:86:a7:3e:75:e4:44:57:00:06:f4:e1:
75:bc:b9:72:e3:a7:41:68:9d:b1:56:ce:6e:a0:e0:db:a6:60:
52:61:df:60:d0:c8:22:97:04:0a:86:b3:18:db:d6:e2:0d:7f:
c5:16:57:a1:6a:54:59:42:ae:e9:74:98:c4:18:90:35:35:03:
80:9d:c1:80:b7:47:88:f6:91:3f:c2:17:e1:ca:31:91:3a:bf:
b9:23:91:4f:51:d9:45:ee:47:b7:24:c7:7c:79:99:1f:ee:39:
fd:32:df:be:08:e3:b4:8e:90:3c:6d:cd:c2:f5:b5:29:af:64:
71:c0:ed:37:92:6c:97:58:61:5e:bc:0d:c1:d5:88:33:52:02:
b8:a9:10:65:fc:33:a5:9c:45:cc:35:1e:85:23:c7:57:08:b7:
db:15:a7:05:8b:ec:34:14:c9:cd:1f:bc:e5:b9:c3:b7:60:30:
e1:34:63:07
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYvXKz5f90l2QIeD7fRUCGlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjMxMTE2MDgwNjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE0Yzg2Njc0MTZiZDAzNDNkODlmMTgwMDgwNjQ1YjZkYTRiZjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnk+fYp/JZVd7TBu1PhqoU1eHMEtb
VgcZeZimuEWieQ1NfQ7vR8kImuVXhpNiny4BY+Pflw5dwjTtgnBgwLFngp8+nt+W
MDi7rY+LkbO3WgIzGjojJgyZjQpJLlApFtj9pjgbIwSdf89Zzd43Q7KxI7vWXm9h
0as6NkbQtOFfUzax+Bi6tf0SrEP6FVfAQnzCnEJs0DmNLA226Z7LjB9XB09ilRlH
vMVTaX6rE6ebwn2ygk8SL3jvUqds3Czs+YsEcvMU65r2+tspOupQjJUrt9RKAJho
GVljfUUaKiCaR3L684NluzhTI76hrXgmf5clXb2NvrJP/+cjDwHAh7VEAQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMwUyGZ0Fr0DQ9ifGACAZFttpL+GMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvekJUSVpuUVd2UU5EMko4WUFJQmtXMjJrdjRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQALUN0AwQG
W/JAAwQCsq+wAwQAwnKQMBQEAgACMA4DBQMqB1VAAwUDKglEQDANBgkqhkiG9w0B
AQsFAAOCAQEApku2e+2cSRS6jbQJnVby5Z4uaS1T7L2HmmeWQLt2nelYZ+GcW4GG
GIaOJ7vxoYrwszcdSZEmlHeE2MYbdH6InLBzejl/cH1S7zjc5CRElYanPnXkRFcA
BvThdby5cuOnQWidsVbObqDg26ZgUmHfYNDIIpcECoazGNvW4g1/xRZXoWpUWUKu
6XSYxBiQNTUDgJ3BgLdHiPaRP8IX4coxkTq/uSORT1HZRe5HtyTHfHmZH+45/TLf
vgjjtI6QPG3NwvW1Ka9kccDtN5Jsl1hhXrwNwdWIM1ICuKkQZfwzpZxFzDUehSPH
Vwi32xWnBYvsNBTJzR+85bnDt2Aw4TRjBw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:56:21 2024 by rpki-client on console-fra.rpki-client.org