Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/z9ZC4IHbyl2ztwjF2KpqF8LvU1o.roa
File: z9ZC4IHbyl2ztwjF2KpqF8LvU1o.roa (raw, json)
Hash identifier: o0DohbS3xWvx74mnaonb85xs/4EzA0Bg8fDtwn+ZbSs=
Subject key identifier: CF:D6:42:E0:81:DB:CA:5D:B3:B7:08:C5:D8:AA:6A:17:C2:EF:53:5A
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 0189DF6A13F6DFE9AA529BAA3F55F7BC497C
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/z9ZC4IHbyl2ztwjF2KpqF8LvU1o.roa
Signing time: Thu 10 Aug 2023 12:26:58 +0000
ROA not before: Thu 10 Aug 2023 12:26:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8399
IP address blocks: 37.97.64.0/19 maxlen: 19
185.24.140.0/22 maxlen: 22
185.249.20.0/22 maxlen: 22
185.218.208.0/22 maxlen: 22
88.213.224.0/19 maxlen: 19
37.97.69.0/24 maxlen: 24
37.97.70.0/24 maxlen: 24
217.181.128.0/17 maxlen: 17
37.97.80.0/23 maxlen: 23
185.6.92.0/22 maxlen: 22
178.255.160.0/21 maxlen: 21
37.97.96.0/20 maxlen: 20
195.135.0.0/17 maxlen: 17
217.74.96.0/20 maxlen: 20
195.135.0.0/18 maxlen: 18
185.65.248.0/22 maxlen: 22
157.143.128.0/17 maxlen: 17
81.93.0.0/19 maxlen: 19
217.181.250.0/23 maxlen: 23
109.235.232.0/21 maxlen: 21
109.235.233.0/24 maxlen: 24
109.235.232.0/24 maxlen: 24
109.235.239.0/24 maxlen: 24
185.32.208.0/22 maxlen: 22
80.251.96.0/20 maxlen: 20
178.157.16.0/20 maxlen: 20
195.135.48.0/24 maxlen: 24
178.157.32.0/20 maxlen: 20
65.39.64.0/19 maxlen: 19
185.8.252.0/22 maxlen: 22
185.42.176.0/22 maxlen: 22
2a0c:600::/29 maxlen: 29
2a02:c440::/29 maxlen: 29
2a02:6e8::/32 maxlen: 32
2a0b:e3c0::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:df:6a:13:f6:df:e9:aa:52:9b:aa:3f:55:f7:bc:49:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Aug 10 12:26:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfd642e081dbca5db3b708c5d8aa6a17c2ef535a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:7c:eb:d3:b9:f9:f3:79:0a:5e:72:d5:6b:8c:
dd:49:74:33:d2:86:18:55:c5:85:a8:6e:30:b1:85:
c6:fe:45:d8:cb:cb:0e:2e:2e:22:c1:5f:15:19:65:
b8:d5:5e:95:8c:5d:1a:08:c5:3a:88:51:06:f1:bd:
c9:65:24:55:b9:9c:ef:1f:15:13:b8:86:92:92:c8:
e8:da:24:51:f0:d1:f1:83:7b:6c:96:d5:27:bb:8c:
e3:40:b6:8a:fd:59:1d:ad:81:a6:9c:01:2e:c6:52:
19:a3:e4:e1:be:80:c3:a3:ea:74:ab:d5:5e:e7:3c:
45:cf:06:87:f8:4b:be:14:78:f2:f6:42:63:c6:ac:
74:91:03:d2:fc:00:c6:eb:47:cd:dc:bf:bf:f9:a1:
27:98:f0:7f:ad:3f:4c:a6:85:0e:d3:aa:ff:41:d6:
e9:48:9b:ea:e6:aa:12:83:6a:c0:7c:49:b7:b9:3e:
2b:7d:1d:52:bc:e4:9f:ec:33:3a:27:f9:3f:63:fa:
d7:bf:67:2e:47:8d:a6:74:b4:31:c3:8a:90:1b:45:
da:9d:db:2e:f9:5c:55:e2:fe:96:30:ca:ac:ba:a4:
70:f8:84:09:61:69:49:03:6a:5c:4e:53:48:a0:dd:
ea:9f:43:38:78:66:30:2f:b2:9c:98:7e:9e:41:67:
aa:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D6:42:E0:81:DB:CA:5D:B3:B7:08:C5:D8:AA:6A:17:C2:EF:53:5A
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/z9ZC4IHbyl2ztwjF2KpqF8LvU1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.64.0-37.97.111.255
65.39.64.0/19
80.251.96.0/20
81.93.0.0/19
88.213.224.0/19
109.235.232.0/21
157.143.128.0/17
178.157.16.0-178.157.47.255
178.255.160.0/21
185.6.92.0/22
185.8.252.0/22
185.24.140.0/22
185.32.208.0/22
185.42.176.0/22
185.65.248.0/22
185.218.208.0/22
185.249.20.0/22
195.135.0.0/17
217.74.96.0/20
217.181.128.0/17
IPv6:
2a02:6e8::/32
2a02:c440::/29
2a0b:e3c0::/29
2a0c:600::/29
Signature Algorithm: sha256WithRSAEncryption
06:9a:70:42:d6:01:e9:ef:82:d9:04:44:f7:10:f8:55:08:f4:
1a:85:69:3a:3a:43:9d:0f:0a:73:33:e6:0d:fa:84:d2:09:36:
0a:22:5c:ea:4d:bc:6e:7d:fc:d0:dc:92:70:9a:95:da:af:c3:
dd:74:3c:59:0a:85:8c:2f:b7:f1:5d:5b:71:77:92:7e:c0:ae:
e8:66:71:64:3d:df:a7:b0:f5:9c:58:32:1a:59:08:05:16:95:
5f:c6:af:d3:a6:c5:4c:31:e6:09:fe:13:ef:b7:b1:b6:e5:92:
73:83:62:3e:96:e7:aa:28:59:71:ac:5e:82:d8:ac:4b:28:5b:
08:86:f3:a0:41:1c:d9:66:bc:7a:aa:d0:cb:e4:64:34:05:04:
6d:1c:a6:af:91:5d:06:1a:da:5b:a7:29:ec:63:18:a3:cc:6e:
bc:4f:80:1c:16:78:95:22:94:7b:c2:ba:4e:91:a0:e0:42:0a:
90:2d:78:22:93:50:56:b6:7b:67:f1:d6:16:83:66:fc:4b:dd:
f9:78:de:5d:7b:a0:d8:85:cd:8c:3d:85:eb:03:00:0f:67:a8:
08:26:5e:92:bc:79:59:d7:5e:d4:bf:81:51:88:d4:8c:2a:f8:
88:22:ef:3c:63:12:99:7e:cb:9c:22:ee:8d:c4:d4:af:ed:cb:
1b:2e:d5:e0
-----BEGIN CERTIFICATE-----
MIIFqDCCBJCgAwIBAgISAYnfahP23+mqUpuqP1X3vEl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjMwODEwMTIyNjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQ2NDJlMDgxZGJjYTVkYjNiNzA4YzVkOGFhNmExN2MyZWY1MzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlnzr07n583kKXnLVa4zdSXQz0oYY
VcWFqG4wsYXG/kXYy8sOLi4iwV8VGWW41V6VjF0aCMU6iFEG8b3JZSRVuZzvHxUT
uIaSksjo2iRR8NHxg3tsltUnu4zjQLaK/VkdrYGmnAEuxlIZo+ThvoDDo+p0q9Ve
5zxFzwaH+Eu+FHjy9kJjxqx0kQPS/ADG60fN3L+/+aEnmPB/rT9MpoUO06r/Qdbp
SJvq5qoSg2rAfEm3uT4rfR1SvOSf7DM6J/k/Y/rXv2cuR42mdLQxw4qQG0Xandsu
+VxV4v6WMMqsuqRw+IQJYWlJA2pcTlNIoN3qn0M4eGYwL7KcmH6eQWeq+wIDAQAB
o4ICtDCCArAwHQYDVR0OBBYEFM/WQuCB28pds7cIxdiqahfC71NaMB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvejlaQzRJSGJ5bDJ6dHdqRjJLcHFGOEx2VTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHJBggrBgEFBQcBBwEB/wSBuTCBtjCBjwQCAAEwgYgwDAME
BiVhQAMEBCVhYAMEBUEnQAMEBFD7YAMEBVFdAAMEBVjV4AMEA23r6AMEB52PgDAM
AwQEsp0QAwQEsp0gAwQDsv+gAwQCuQZcAwQCuQj8AwQCuRiMAwQCuSDQAwQCuSqw
AwQCuUH4AwQCudrQAwQCufkUAwQHw4cAAwQE2UpgAwQH2bWAMCIEAgACMBwDBQAq
AgboAwUDKgLEQAMFAyoL48ADBQMqDAYAMA0GCSqGSIb3DQEBCwUAA4IBAQAGmnBC
1gHp74LZBET3EPhVCPQahWk6OkOdDwpzM+YN+oTSCTYKIlzqTbxuffzQ3JJwmpXa
r8PddDxZCoWML7fxXVtxd5J+wK7oZnFkPd+nsPWcWDIaWQgFFpVfxq/TpsVMMeYJ
/hPvt7G25ZJzg2I+lueqKFlxrF6C2KxLKFsIhvOgQRzZZrx6qtDL5GQ0BQRtHKav
kV0GGtpbpynsYxijzG68T4AcFniVIpR7wrpOkaDgQgqQLXgik1BWtntn8dYWg2b8
S935eN5de6DYhc2MPYXrAwAPZ6gIJl6SvHlZ117Uv4FRiNSMKviIIu88YxKZfsuc
Iu6NxNSv7csbLtXg
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:53:46 2024 by rpki-client on console-ams.rpki-client.org