Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/xZZiP2KJH4elLxb5cQlC4Y3G-F4.roa
File: xZZiP2KJH4elLxb5cQlC4Y3G-F4.roa (raw, json)
Hash identifier: E0VgfYHXskO2xSzq0LWXBJNh0/chHgKNu+LjbRoN3/g=
Subject key identifier: C5:96:62:3F:62:89:1F:87:A5:2F:16:F9:71:09:42:E1:8D:C6:F8:5E
Certificate issuer: /CN=0c202663de852c7060fdea0298b490d5edcc0f24
Certificate serial: 01856D01C33390A393C7D27B1209069BA404
Authority key identifier: 0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/xZZiP2KJH4elLxb5cQlC4Y3G-F4.roa
Signing time: Sun 01 Jan 2023 11:05:10 +0000
ROA not before: Sun 01 Jan 2023 11:05:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197036
IP address blocks: 195.28.218.0/24 maxlen: 24
178.23.152.0/21 maxlen: 21
195.28.192.0/19 maxlen: 19
185.228.20.0/22 maxlen: 22
185.19.240.0/22 maxlen: 22
213.173.51.0/24 maxlen: 24
213.173.48.0/22 maxlen: 22
2a09:2600::/29 maxlen: 29
2a02:21e8:71::/48 maxlen: 48
2a0c:e600::/29 maxlen: 29
2a0c:e9c0::/29 maxlen: 29
2a0d:d040::/29 maxlen: 29
2a02:21e8::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:c3:33:90:a3:93:c7:d2:7b:12:09:06:9b:a4:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c202663de852c7060fdea0298b490d5edcc0f24
Validity
Not Before: Jan 1 11:05:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c596623f62891f87a52f16f9710942e18dc6f85e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:59:2c:7b:ad:b7:6e:79:77:2f:5e:20:8a:4b:
8b:77:7f:22:d5:3e:89:ce:6b:39:bb:3a:d9:45:b5:
76:1c:aa:9a:c8:0e:28:b5:ff:d5:20:83:5c:a4:02:
93:35:ac:94:6a:4c:bb:06:56:ec:69:da:a4:12:60:
ed:70:50:ee:a8:1a:98:7b:7c:05:af:a8:82:bd:e1:
86:21:55:5d:73:fa:e0:3d:8f:19:84:7c:22:12:dd:
92:7f:fa:52:e8:be:fa:e6:b3:59:01:57:31:2a:93:
2a:fa:87:25:c6:24:6b:b8:b0:da:14:fb:f9:d4:f8:
80:21:be:6f:b6:ee:7a:b7:19:29:71:c2:e6:8b:82:
20:74:26:b4:35:c3:8d:81:86:ce:ef:42:ae:08:cc:
62:9d:79:d2:dd:ef:e3:e6:e4:f1:8e:7d:7b:09:d5:
a8:8e:7f:4c:67:3f:ab:78:c7:7f:53:3f:ce:cc:5d:
5a:79:29:0a:2a:98:14:5b:c6:6d:c4:45:cd:c7:6c:
6a:f3:c9:f7:58:94:97:1d:67:47:13:79:69:80:46:
20:dd:89:12:00:4b:30:53:34:4b:08:c2:96:fc:8f:
00:60:b5:05:8a:69:c2:a2:2c:bc:94:ae:1b:90:94:
ce:ab:4f:f8:4e:02:bd:23:a6:80:87:82:bc:94:b6:
f7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:96:62:3F:62:89:1F:87:A5:2F:16:F9:71:09:42:E1:8D:C6:F8:5E
X509v3 Authority Key Identifier:
keyid:0C:20:26:63:DE:85:2C:70:60:FD:EA:02:98:B4:90:D5:ED:CC:0F:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/xZZiP2KJH4elLxb5cQlC4Y3G-F4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/0910e6-c074-40d0-b789-a17804439895/1/DCAmY96FLHBg_eoCmLSQ1e3MDyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.23.152.0/21
185.19.240.0/22
185.228.20.0/22
195.28.192.0/19
213.173.48.0/22
IPv6:
2a02:21e8::/32
2a09:2600::/29
2a0c:e600::/29
2a0c:e9c0::/29
2a0d:d040::/29
Signature Algorithm: sha256WithRSAEncryption
65:b4:6d:ab:1a:48:f6:da:50:9e:7f:04:db:a9:0c:cc:67:9e:
cd:28:0a:a5:35:fe:a0:7d:ea:7e:18:59:b0:91:c3:78:a5:b4:
b6:7d:ad:bf:07:11:1f:10:8d:90:5d:24:df:98:99:48:b6:35:
b3:74:b1:54:08:8e:29:7c:a3:67:fb:fa:58:08:e7:c9:fe:bc:
4f:33:0e:32:8d:1a:39:ef:22:6f:96:df:92:69:f0:be:58:8c:
b1:a8:27:f4:05:76:83:c1:87:88:05:bf:2a:78:17:78:89:3d:
cd:a1:0b:b0:66:90:56:77:46:a4:cf:65:72:cc:cd:b9:8b:c9:
5b:b9:07:a4:e1:43:02:c2:40:dc:bc:a9:a7:8e:a5:87:b3:d0:
c3:cc:b5:59:53:f7:b2:4c:68:dd:90:a0:69:5e:d2:2c:74:53:
53:2d:1c:c6:82:b0:ca:97:9f:35:a9:0e:35:68:3f:ff:60:ad:
dc:f1:d6:80:45:89:d5:d1:aa:e5:3b:7d:b8:a7:56:22:95:8e:
c7:e0:3f:bf:d9:c5:ac:c4:68:24:6b:43:4b:f9:4c:d8:91:eb:
33:19:6b:65:43:2f:60:75:43:ae:91:07:f4:02:5c:55:56:d7:
f1:00:82:12:b0:d5:65:ee:d1:9d:d3:2c:88:67:f9:cf:97:33:
ee:fb:7a:a7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAYVtAcMzkKOTx9J7EgkGm6QEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMjAyNjYzZGU4NTJjNzA2MGZkZWEwMjk4YjQ5MGQ1ZWRj
YzBmMjQwHhcNMjMwMTAxMTEwNTEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTk2NjIzZjYyODkxZjg3YTUyZjE2Zjk3MTA5NDJlMThkYzZmODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFkse623bnl3L14gikuLd38i1T6J
zms5uzrZRbV2HKqayA4otf/VIINcpAKTNayUaky7BlbsadqkEmDtcFDuqBqYe3wF
r6iCveGGIVVdc/rgPY8ZhHwiEt2Sf/pS6L765rNZAVcxKpMq+oclxiRruLDaFPv5
1PiAIb5vtu56txkpccLmi4IgdCa0NcONgYbO70KuCMxinXnS3e/j5uTxjn17CdWo
jn9MZz+reMd/Uz/OzF1aeSkKKpgUW8ZtxEXNx2xq88n3WJSXHWdHE3lpgEYg3YkS
AEswUzRLCMKW/I8AYLUFimnCoiy8lK4bkJTOq0/4TgK9I6aAh4K8lLb31wIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFMWWYj9iiR+HpS8W+XEJQuGNxvheMB8GA1UdIwQY
MBaAFAwgJmPehSxwYP3qApi0kNXtzA8kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODkt
YTE3ODA0NDM5ODk1LzEveFpaaVAyS0pINGVsTHhiNWNRbEM0WTNHLUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wOTEwZTYtYzA3NC00MGQwLWI3ODktYTE3ODA0NDM5ODk1
LzEvRENBbVk5NkZMSEJnX2VvQ21MU1ExZTNNRHlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTAkBAIAATAeAwQDsheYAwQC
uRPwAwQCueQUAwQFwxzAAwQC1a0wMCkEAgACMCMDBQAqAiHoAwUDKgkmAAMFAyoM
5gADBQMqDOnAAwUDKg3QQDANBgkqhkiG9w0BAQsFAAOCAQEAZbRtqxpI9tpQnn8E
26kMzGeezSgKpTX+oH3qfhhZsJHDeKW0tn2tvwcRHxCNkF0k35iZSLY1s3SxVAiO
KXyjZ/v6WAjnyf68TzMOMo0aOe8ib5bfkmnwvliMsagn9AV2g8GHiAW/KngXeIk9
zaELsGaQVndGpM9lcszNuYvJW7kHpOFDAsJA3Lypp46lh7PQw8y1WVP3skxo3ZCg
aV7SLHRTUy0cxoKwypefNakONWg//2Ct3PHWgEWJ1dGq5Tt9uKdWIpWOx+A/v9nF
rMRoJGtDS/lM2JHrMxlrZUMvYHVDrpEH9AJcVVbX8QCCErDVZe7RndMsiGf5z5cz
7vt6pw==
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:10 2024 by rpki-client on console-ams.rpki-client.org