Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/Rzlc0bMX7A8c7w3IQU1b35VoGck.roa
File: Rzlc0bMX7A8c7w3IQU1b35VoGck.roa (raw, json)
Hash identifier: xyAs9SZVcz8ZvHr89jHA5JlXAxNBpKFu0iIcEzYvpgA=
Subject key identifier: 47:39:5C:D1:B3:17:EC:0F:1C:EF:0D:C8:41:4D:5B:DF:95:68:19:C9
Certificate issuer: /CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Certificate serial: 018AFAFEC3B2DF9DA22CD9763E0095377D7A
Authority key identifier: 22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/Rzlc0bMX7A8c7w3IQU1b35VoGck.roa
Signing time: Wed 04 Oct 2023 14:01:54 +0000
ROA not before: Wed 04 Oct 2023 14:01:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200845
IP address blocks: 91.209.234.0/24 maxlen: 24
213.148.221.0/24 maxlen: 24
212.121.248.0/24 maxlen: 24
185.154.8.0/22 maxlen: 24
77.75.180.0/24 maxlen: 24
185.193.68.0/22 maxlen: 24
213.148.192.0/19 maxlen: 24
212.121.224.0/19 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:fa:fe:c3:b2:df:9d:a2:2c:d9:76:3e:00:95:37:7d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c7cda75f4e15e486dee5a6501cbe2018bc0e0f
Validity
Not Before: Oct 4 14:01:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=47395cd1b317ec0f1cef0dc8414d5bdf956819c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:ec:0b:86:f6:e2:0c:e3:35:9a:5c:3e:34:66:
98:38:5f:5b:a6:25:1a:68:a7:b2:07:5f:a6:9c:ba:
f9:40:2d:04:16:b9:3a:86:72:7e:0c:1e:cf:0e:1d:
9a:e2:35:6a:c5:8e:e8:fb:6b:de:ca:f0:61:e6:3c:
08:d5:65:7a:37:12:83:4e:8c:0d:60:13:24:7e:4e:
9c:8d:89:6c:e5:d3:f7:b7:26:bb:c1:2f:bc:56:3c:
34:85:13:a5:ac:98:45:3b:3f:b4:9c:4d:75:e2:1b:
84:6a:ca:44:42:cd:95:1b:91:73:f1:3e:e0:4b:51:
5a:a2:57:0d:fe:3c:2f:10:ab:b5:0a:61:89:75:e3:
ae:c2:b9:bc:e6:8b:10:92:e7:f7:2f:11:60:93:c2:
3e:77:51:5a:88:1f:cd:2e:31:cd:28:c6:b0:5e:47:
fa:02:2a:7a:22:89:13:d9:7e:54:7c:eb:6b:9b:05:
8d:b6:4d:1b:c6:e0:c2:e9:e3:27:a3:4e:8f:16:7b:
71:e5:d4:86:a8:d6:f3:ca:8d:0b:6e:b8:b7:27:f5:
d1:45:41:f8:9b:a3:36:d3:ca:5a:c1:b4:9e:af:e2:
82:c0:36:97:a3:74:51:82:49:b4:e9:fd:f2:9a:63:
e3:ea:21:ae:32:4d:08:cd:99:f5:ef:78:25:76:8f:
c1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:39:5C:D1:B3:17:EC:0F:1C:EF:0D:C8:41:4D:5B:DF:95:68:19:C9
X509v3 Authority Key Identifier:
keyid:22:C7:CD:A7:5F:4E:15:E4:86:DE:E5:A6:50:1C:BE:20:18:BC:0E:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsfNp19OFeSG3uWmUBy-IBi8Dg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/Rzlc0bMX7A8c7w3IQU1b35VoGck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b92331-2bb4-4a59-9978-751b17d1c437/1/IsfNp19OFeSG3uWmUBy-IBi8Dg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.75.180.0/24
91.209.234.0/24
185.154.8.0/22
185.193.68.0/22
212.121.224.0/19
213.148.192.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:01:2f:f6:57:5d:38:f4:fb:ec:b6:68:c7:59:68:1d:41:fa:
39:7f:65:d5:21:82:a8:13:5d:8f:f8:5b:6b:8e:64:60:a4:ec:
33:46:9a:ab:d9:6d:66:ec:35:09:dd:27:9c:56:18:6c:81:52:
ec:0c:d4:fe:96:5d:d2:23:77:2b:5e:26:8a:31:d5:cc:3c:94:
4d:7b:14:c0:35:b9:e2:9b:8a:fd:20:45:b4:8c:a6:e2:8a:61:
cb:54:70:ed:f3:e4:a4:a7:7a:9a:c1:45:29:8e:16:02:ea:9f:
4c:b2:96:7d:79:f3:aa:33:a8:b8:08:8c:9e:67:ce:77:97:d0:
57:66:c0:55:29:a5:55:e7:e7:4f:2e:6d:c4:60:8a:b9:0a:65:
40:72:77:5c:a0:23:cc:67:28:55:d8:4a:05:e9:ba:1c:fe:8e:
b3:95:2b:e0:bf:86:5f:42:12:3b:db:2a:61:0f:a5:5b:42:58:
f9:3f:a6:e0:45:46:c4:24:1c:9f:1a:fc:2a:ea:19:22:85:e3:
71:2b:a0:78:c2:bd:6f:3f:7c:b5:f8:01:fc:7d:81:19:8a:ba:
33:c1:fa:a5:81:b6:31:95:1c:aa:5b:42:78:76:06:37:c9:95:
ce:5b:75:25:28:6a:52:4b:d1:f6:77:18:fc:ae:da:f9:96:51:
3b:bd:18:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYr6/sOy352iLNl2PgCVN316MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzdjZGE3NWY0ZTE1ZTQ4NmRlZTVhNjUwMWNiZTIwMThi
YzBlMGYwHhcNMjMxMDA0MTQwMTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzM5NWNkMWIzMTdlYzBmMWNlZjBkYzg0MTRkNWJkZjk1NjgxOWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouwLhvbiDOM1mlw+NGaYOF9bpiUa
aKeyB1+mnLr5QC0EFrk6hnJ+DB7PDh2a4jVqxY7o+2veyvBh5jwI1WV6NxKDTowN
YBMkfk6cjYls5dP3tya7wS+8Vjw0hROlrJhFOz+0nE114huEaspEQs2VG5Fz8T7g
S1FaolcN/jwvEKu1CmGJdeOuwrm85osQkuf3LxFgk8I+d1FaiB/NLjHNKMawXkf6
Aip6IokT2X5UfOtrmwWNtk0bxuDC6eMno06PFntx5dSGqNbzyo0Lbri3J/XRRUH4
m6M208pawbSer+KCwDaXo3RRgkm06f3ymmPj6iGuMk0IzZn173gldo/BrQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEc5XNGzF+wPHO8NyEFNW9+VaBnJMB8GA1UdIwQY
MBaAFCLHzadfThXkht7lplAcviAYvA4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5Nzgt
NzUxYjE3ZDFjNDM3LzEvUnpsYzBiTVg3QThjN3czSVFVMWIzNVZvR2NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iOTIzMzEtMmJiNC00YTU5LTk5NzgtNzUxYjE3ZDFjNDM3
LzEvSXNmTnAxOU9GZVNHM3VXbVVCeS1JQmk4RGc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATUu0AwQA
W9HqAwQCuZoIAwQCucFEAwQF1HngAwQF1ZTAMA0GCSqGSIb3DQEBCwUAA4IBAQAN
AS/2V1049PvstmjHWWgdQfo5f2XVIYKoE12P+FtrjmRgpOwzRpqr2W1m7DUJ3Sec
VhhsgVLsDNT+ll3SI3crXiaKMdXMPJRNexTANbnim4r9IEW0jKbiimHLVHDt8+Sk
p3qawUUpjhYC6p9MspZ9efOqM6i4CIyeZ853l9BXZsBVKaVV5+dPLm3EYIq5CmVA
cndcoCPMZyhV2EoF6boc/o6zlSvgv4ZfQhI72yphD6VbQlj5P6bgRUbEJByfGvwq
6hkiheNxK6B4wr1vP3y1+AH8fYEZirozwfqlgbYxlRyqW0J4dgY3yZXOW3UlKGpS
S9H2dxj8rtr5llE7vRjZ
-----END CERTIFICATE-----
Generated at Mon Nov 20 13:56:17 2023 by rpki-client on console-fra.rpki-client.org