Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/9KSta2pZX50yitrlLZr3V_SjzZA.roa
File: 9KSta2pZX50yitrlLZr3V_SjzZA.roa (raw, json)
Hash identifier: zyj9SDc57FFJ82jQxsnKdJ34xlE3XWnBlvte78mqz1M=
Subject key identifier: F4:A4:AD:6B:6A:59:5F:9D:32:8A:DA:E5:2D:9A:F7:57:F4:A3:CD:90
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0186A2E962234E2CB6C418BA8464B54DC52A
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/9KSta2pZX50yitrlLZr3V_SjzZA.roa
Signing time: Thu 02 Mar 2023 15:20:49 +0000
ROA not before: Thu 02 Mar 2023 15:20:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 20
86.110.224.0/19 maxlen: 19
176.109.56.0/21 maxlen: 21
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 20
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 20
93.184.77.0/24 maxlen: 24
93.184.76.0/24 maxlen: 24
46.229.224.0/20 maxlen: 20
109.74.144.0/20 maxlen: 20
2a01:390::/32 maxlen: 32
2a00:10d8::/32 maxlen: 32
2a00:10d8:10::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:a2:e9:62:23:4e:2c:b6:c4:18:ba:84:64:b5:4d:c5:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Mar 2 15:20:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f4a4ad6b6a595f9d328adae52d9af757f4a3cd90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:52:e1:7f:c4:87:d4:a8:1f:42:ba:58:0f:86:
54:f1:03:61:51:b3:5a:7b:73:08:be:69:db:66:4f:
8d:b1:c6:a1:9d:a0:a9:ba:e7:2d:ed:33:bd:0b:f9:
84:83:86:0f:71:bf:5a:82:7d:ae:b5:e4:8d:06:b0:
0f:35:b3:1f:93:af:69:0e:94:9b:81:64:ea:4a:b3:
62:40:99:d6:71:b0:48:d2:9c:06:68:6d:35:94:81:
4a:45:82:78:9d:23:7a:10:2b:1e:5d:8d:04:04:51:
8a:c1:09:c4:ea:f4:db:68:27:4c:d8:1d:cd:d0:ac:
b9:d9:53:bd:64:0c:99:ca:57:99:df:35:5b:0d:64:
0a:d2:e4:1a:e8:0e:0a:a1:86:b9:c5:13:e2:91:63:
eb:7b:6d:f5:08:4f:e2:72:29:db:c8:0c:13:50:54:
b1:e6:79:9e:37:2b:85:1e:62:8c:67:6e:31:9e:d4:
e1:29:50:43:3f:21:7c:99:cf:76:91:f6:09:0c:fd:
83:6c:9f:fd:19:e8:e2:e4:00:e3:ac:a9:9f:df:74:
d4:66:ec:00:be:b0:e2:e4:fc:6a:ad:2a:14:6b:bd:
ac:b7:d7:94:ca:3c:f1:01:2c:38:43:5f:24:83:ee:
a6:6e:d7:b7:91:23:d3:76:bd:5c:0a:97:2b:35:41:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:A4:AD:6B:6A:59:5F:9D:32:8A:DA:E5:2D:9A:F7:57:F4:A3:CD:90
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/9KSta2pZX50yitrlLZr3V_SjzZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
2e:32:87:1b:d5:77:17:e8:4d:f4:36:5e:5b:fd:df:a4:a9:04:
fa:e7:b5:ac:79:57:ce:3e:8e:b8:7d:f3:1b:7e:8d:b8:1f:78:
35:2c:36:e3:93:80:40:72:41:97:d7:b6:ec:24:be:39:0d:40:
45:e8:19:8c:34:8a:c5:49:b9:b6:dc:6a:79:00:94:e8:a5:3e:
8f:87:7b:8b:7c:77:f3:e8:fe:8e:69:3d:0b:0d:3c:bc:55:2b:
b6:2b:f1:c9:78:2a:cf:bd:af:56:a9:2e:8f:4a:8f:c5:bf:8c:
d8:a6:19:d0:61:fa:7c:17:bd:8d:3b:2c:fe:8d:11:80:85:aa:
66:1e:9b:da:2e:f7:9c:da:71:29:49:11:8a:47:22:bf:ca:e1:
96:31:da:0e:51:c9:27:c6:80:b5:44:de:5c:3c:ca:c1:11:a9:
77:8b:22:7c:ad:8f:ff:28:84:7a:19:ac:df:ed:c5:94:2a:f2:
f5:4d:25:92:00:ba:80:0a:8a:87:fe:ae:d1:8b:a1:bc:c6:74:
8e:56:10:76:c9:39:48:24:ce:9a:ee:ec:43:68:d2:2c:fe:4b:
d4:9a:df:e4:ab:ce:4a:ce:e7:75:f3:ec:12:45:3d:cd:58:a3:
5c:3a:62:2d:4f:51:2a:27:e4:3b:ca:bf:59:ab:d2:92:cc:2b:
f2:84:ef:66
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYai6WIjTiy2xBi6hGS1TcUqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMzAyMTUyMDQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGE0YWQ2YjZhNTk1ZjlkMzI4YWRhZTUyZDlhZjc1N2Y0YTNjZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVLhf8SH1KgfQrpYD4ZU8QNhUbNa
e3MIvmnbZk+NscahnaCpuuct7TO9C/mEg4YPcb9agn2uteSNBrAPNbMfk69pDpSb
gWTqSrNiQJnWcbBI0pwGaG01lIFKRYJ4nSN6ECseXY0EBFGKwQnE6vTbaCdM2B3N
0Ky52VO9ZAyZyleZ3zVbDWQK0uQa6A4KoYa5xRPikWPre231CE/icinbyAwTUFSx
5nmeNyuFHmKMZ24xntThKVBDPyF8mc92kfYJDP2DbJ/9Geji5ADjrKmf33TUZuwA
vrDi5PxqrSoUa72st9eUyjzxASw4Q18kg+6mbte3kSPTdr1cCpcrNUE4AwIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFPSkrWtqWV+dMora5S2a91f0o82QMB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEvOUtTdGEycFpYNTB5aXRybExacjNWX1NqelpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
LjKHG9V3F+hN9DZeW/3fpKkE+ue1rHlXzj6OuH3zG36NuB94NSw245OAQHJBl9e2
7CS+OQ1ARegZjDSKxUm5ttxqeQCU6KU+j4d7i3x38+j+jmk9Cw08vFUrtivxyXgq
z72vVqkuj0qPxb+M2KYZ0GH6fBe9jTss/o0RgIWqZh6b2i73nNpxKUkRikciv8rh
ljHaDlHJJ8aAtUTeXDzKwRGpd4sifK2P/yiEehms3+3FlCry9U0lkgC6gAqKh/6u
0YuhvMZ0jlYQdsk5SCTOmu7sQ2jSLP5L1Jrf5KvOSs7ndfPsEkU9zVijXDpiLU9R
KifkO8q/WavSkswr8oTvZg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:25 2023 by rpki-client on console-fra.rpki-client.org