Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/i79NZxAh-FAKKJCaed_jYiRkj3M.roa
File: i79NZxAh-FAKKJCaed_jYiRkj3M.roa (raw, json)
Hash identifier: f4kJrATJ77iEedIwuV3BXWOh+yDYsSDkNf6MgjEelzs=
Subject key identifier: 8B:BF:4D:67:10:21:F8:50:0A:28:90:9A:79:DF:E3:62:24:64:8F:73
Certificate issuer: /CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Certificate serial: 0188918F0F7897A8006B3DF7DA61605C8225
Authority key identifier: 10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/i79NZxAh-FAKKJCaed_jYiRkj3M.roa
Signing time: Tue 06 Jun 2023 16:34:11 +0000
ROA not before: Tue 06 Jun 2023 16:34:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8685
IP address blocks: 212.2.192.0/21 maxlen: 21
212.2.192.0/19 maxlen: 24
212.2.192.0/24 maxlen: 24
212.2.194.0/24 maxlen: 24
212.2.193.0/24 maxlen: 24
212.2.199.0/24 maxlen: 24
212.2.198.0/24 maxlen: 24
212.2.197.0/24 maxlen: 24
212.2.196.0/24 maxlen: 24
212.2.195.0/24 maxlen: 24
212.2.206.0/24 maxlen: 24
212.2.204.0/22 maxlen: 22
212.2.204.0/23 maxlen: 23
212.2.205.0/24 maxlen: 24
212.2.204.0/24 maxlen: 24
212.2.213.0/24 maxlen: 24
212.2.212.0/24 maxlen: 24
212.2.211.0/24 maxlen: 24
212.2.212.0/23 maxlen: 23
212.2.210.0/24 maxlen: 24
212.2.209.0/24 maxlen: 24
212.2.208.0/24 maxlen: 24
212.2.216.0/21 maxlen: 21
212.2.217.0/24 maxlen: 24
212.2.216.0/24 maxlen: 24
212.2.215.0/24 maxlen: 24
212.2.222.0/24 maxlen: 24
82.151.131.0/24 maxlen: 24
82.151.128.0/19 maxlen: 24
82.151.128.0/20 maxlen: 20
82.151.132.0/24 maxlen: 24
82.151.138.0/24 maxlen: 24
82.151.134.0/24 maxlen: 24
82.151.133.0/24 maxlen: 24
82.151.144.0/20 maxlen: 20
82.151.144.0/24 maxlen: 24
82.151.143.0/24 maxlen: 24
82.151.142.0/24 maxlen: 24
82.151.140.0/24 maxlen: 24
185.58.244.0/22 maxlen: 24
94.102.64.0/20 maxlen: 24
94.102.64.0/21 maxlen: 21
94.102.70.0/23 maxlen: 24
94.102.72.0/21 maxlen: 24
94.102.76.0/24 maxlen: 24
212.58.31.0/24 maxlen: 24
212.58.28.0/24 maxlen: 24
81.21.174.0/24 maxlen: 24
81.21.166.0/24 maxlen: 24
81.21.164.0/22 maxlen: 22
81.21.161.0/24 maxlen: 24
81.21.160.0/20 maxlen: 24
81.21.160.0/21 maxlen: 21
81.21.170.0/23 maxlen: 23
81.21.170.0/24 maxlen: 24
81.21.169.0/24 maxlen: 24
81.21.168.0/21 maxlen: 24
81.21.167.0/24 maxlen: 24
82.151.154.0/23 maxlen: 24
212.58.0.0/19 maxlen: 24
212.58.0.0/24 maxlen: 24
212.58.0.0/21 maxlen: 21
212.58.8.0/21 maxlen: 24
212.58.16.0/24 maxlen: 24
212.58.16.0/21 maxlen: 24
212.58.13.0/24 maxlen: 24
212.58.24.0/21 maxlen: 24
212.58.18.0/24 maxlen: 24
213.155.96.0/21 maxlen: 21
213.155.96.0/19 maxlen: 24
213.155.104.0/21 maxlen: 24
213.155.103.0/24 maxlen: 24
213.155.99.0/24 maxlen: 24
213.155.112.0/21 maxlen: 24
213.155.124.0/22 maxlen: 24
213.155.122.0/23 maxlen: 24
213.155.121.0/24 maxlen: 24
213.155.120.0/23 maxlen: 24
2a02:480::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:91:8f:0f:78:97:a8:00:6b:3d:f7:da:61:60:5c:82:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1074db96402ff5cf187564560ea8f13eeeb5ffeb
Validity
Not Before: Jun 6 16:34:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8bbf4d671021f8500a28909a79dfe36224648f73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:71:69:fa:64:8d:89:1b:6e:82:53:ce:e8:f2:
be:49:56:cd:d0:4c:61:63:e7:83:45:c6:c4:6e:d1:
ee:74:d9:e2:58:15:80:cb:9c:2c:01:20:ee:41:78:
95:be:f9:7f:06:6a:75:38:87:31:0e:3b:7c:c1:33:
7b:03:7f:52:55:fc:ad:02:32:c7:76:28:4e:d4:b8:
45:9a:46:9a:9c:3e:73:7c:5a:a1:55:b3:34:b6:de:
d3:cb:3b:9c:8b:3b:7c:b9:86:aa:06:9f:92:08:70:
92:8e:98:16:e9:51:5a:23:7e:0e:e7:3f:bf:8a:3b:
2f:fa:1f:91:75:53:40:b1:41:7a:68:75:12:16:e7:
19:3b:b7:9c:02:de:5c:02:a8:74:84:f2:31:2d:ce:
77:9e:74:5f:14:b8:0e:29:8c:0e:49:7e:28:58:60:
c0:93:83:f0:41:29:43:4b:ec:87:0a:f6:dc:28:9d:
0f:fe:ea:28:9c:ed:d1:42:c5:8f:02:6a:43:bb:bc:
db:fa:da:fe:6b:b4:d2:9f:ae:b4:26:c4:29:3f:f3:
eb:41:7c:21:88:67:b4:72:87:f4:c5:58:ad:df:94:
5e:61:7e:a1:60:fd:9d:12:62:e9:b6:d0:53:aa:ec:
be:7e:2f:a0:99:65:28:ae:04:6a:f7:11:d0:84:98:
95:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:BF:4D:67:10:21:F8:50:0A:28:90:9A:79:DF:E3:62:24:64:8F:73
X509v3 Authority Key Identifier:
keyid:10:74:DB:96:40:2F:F5:CF:18:75:64:56:0E:A8:F1:3E:EE:B5:FF:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EHTblkAv9c8YdWRWDqjxPu61_-s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/i79NZxAh-FAKKJCaed_jYiRkj3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/1e1d69-0bfd-40af-88b1-ab40b58a2892/1/EHTblkAv9c8YdWRWDqjxPu61_-s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.160.0/20
82.151.128.0/19
94.102.64.0/20
185.58.244.0/22
212.2.192.0/19
212.58.0.0/19
213.155.96.0/19
IPv6:
2a02:480::/32
Signature Algorithm: sha256WithRSAEncryption
0a:bc:f1:b5:cc:dd:9a:b6:83:f7:e1:ba:3a:9a:cc:0f:e6:cb:
20:59:65:18:ed:67:bc:21:b6:9a:b4:12:ba:71:ed:05:f4:b6:
08:cf:10:54:37:17:d1:12:10:cb:f1:f0:a8:42:ba:f7:5b:f6:
87:46:5f:dc:f5:7d:be:c8:2a:27:4a:9d:6e:3d:fc:ae:89:fb:
70:66:a5:e2:94:4e:7e:3e:a2:a2:3c:a6:6c:ee:33:c2:42:96:
e1:7f:d9:84:5e:59:4e:a2:a3:2c:eb:5c:4c:d5:bc:cd:46:2f:
57:38:a9:74:3d:34:50:1f:9f:ac:c1:00:ab:de:bd:de:b3:39:
7f:94:2b:c0:e6:59:9c:64:bd:9d:3d:80:1f:78:1d:a1:fd:2b:
0b:07:21:34:67:61:b8:73:1b:4b:d1:1e:42:21:a7:41:d7:78:
7e:29:92:a6:cf:d4:9e:a2:94:1b:44:a2:e6:f6:5e:23:64:1e:
95:13:90:34:32:1b:8e:5a:fd:79:24:7a:c2:58:e5:dd:bd:ea:
4b:94:71:1f:f8:b9:70:3e:a0:c8:77:4f:73:93:80:da:6c:fd:
12:01:f7:f6:ae:db:c5:2b:21:3f:d9:7c:5c:50:24:02:2f:be:
4f:bb:e5:49:5b:54:1c:5a:fc:10:1a:bc:8d:c1:ed:70:4d:a7:
7d:9c:e8:c0
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYiRjw94l6gAaz332mFgXIIlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwNzRkYjk2NDAyZmY1Y2YxODc1NjQ1NjBlYThmMTNlZWVi
NWZmZWIwHhcNMjMwNjA2MTYzNDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmJmNGQ2NzEwMjFmODUwMGEyODkwOWE3OWRmZTM2MjI0NjQ4ZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3Fp+mSNiRtuglPO6PK+SVbN0Exh
Y+eDRcbEbtHudNniWBWAy5wsASDuQXiVvvl/Bmp1OIcxDjt8wTN7A39SVfytAjLH
dihO1LhFmkaanD5zfFqhVbM0tt7Tyzucizt8uYaqBp+SCHCSjpgW6VFaI34O5z+/
ijsv+h+RdVNAsUF6aHUSFucZO7ecAt5cAqh0hPIxLc53nnRfFLgOKYwOSX4oWGDA
k4PwQSlDS+yHCvbcKJ0P/uoonO3RQsWPAmpDu7zb+tr+a7TSn660JsQpP/PrQXwh
iGe0cof0xVit35ReYX6hYP2dEmLpttBTquy+fi+gmWUorgRq9xHQhJiVfwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFIu/TWcQIfhQCiiQmnnf42IkZI9zMB8GA1UdIwQY
MBaAFBB025ZAL/XPGHVkVg6o8T7utf/rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEt
YWI0MGI1OGEyODkyLzEvaTc5Tlp4QWgtRkFLS0pDYWVkX2pZaVJrajNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My8xZTFkNjktMGJmZC00MGFmLTg4YjEtYWI0MGI1OGEyODky
LzEvRUhUYmxrQXY5YzhZZFdSV0RxanhQdTYxXy1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEURWgAwQF
UpeAAwQEXmZAAwQCuTr0AwQF1ALAAwQF1DoAAwQF1ZtgMA0EAgACMAcDBQAqAgSA
MA0GCSqGSIb3DQEBCwUAA4IBAQAKvPG1zN2atoP34bo6mswP5ssgWWUY7We8Ibaa
tBK6ce0F9LYIzxBUNxfREhDL8fCoQrr3W/aHRl/c9X2+yConSp1uPfyuiftwZqXi
lE5+PqKiPKZs7jPCQpbhf9mEXllOoqMs61xM1bzNRi9XOKl0PTRQH5+swQCr3r3e
szl/lCvA5lmcZL2dPYAfeB2h/SsLByE0Z2G4cxtL0R5CIadB13h+KZKmz9SeopQb
RKLm9l4jZB6VE5A0MhuOWv15JHrCWOXdvepLlHEf+LlwPqDId09zk4DabP0SAff2
rtvFKyE/2XxcUCQCL75Pu+VJW1QcWvwQGryNwe1wTad9nOjA
-----END CERTIFICATE-----
Generated at Tue Jan 2 14:36:23 2024 by rpki-client on console-fra.rpki-client.org