Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmzIQh2NzzYDlV4xA55w-YPf4S4.roa
File: dmzIQh2NzzYDlV4xA55w-YPf4S4.roa (raw, json)
Hash identifier: KGFEnxF1rXtN6nKrMWeE4w+l0OEneLWU6BwZUilFdO8=
Subject key identifier: 76:6C:C8:42:1D:8D:CF:36:03:95:5E:31:03:9E:70:F9:83:DF:E1:2E
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0185778E24F6E7E8A250858047CECD4E51DF
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmzIQh2NzzYDlV4xA55w-YPf4S4.roa
Signing time: Tue 03 Jan 2023 12:14:42 +0000
ROA not before: Tue 03 Jan 2023 12:14:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31577
IP address blocks: 83.136.184.0/21 maxlen: 21
83.136.191.0/24 maxlen: 24
83.136.189.0/24 maxlen: 24
83.136.190.0/24 maxlen: 24
31.3.120.0/21 maxlen: 21
31.3.124.0/24 maxlen: 24
31.3.120.0/24 maxlen: 24
31.3.125.0/24 maxlen: 24
31.3.126.0/24 maxlen: 24
31.3.127.0/24 maxlen: 24
185.23.120.0/22 maxlen: 22
5.35.203.0/24 maxlen: 24
5.35.201.0/24 maxlen: 24
5.35.202.0/24 maxlen: 24
5.35.206.0/24 maxlen: 24
5.35.204.0/24 maxlen: 24
5.35.200.0/21 maxlen: 21
95.129.112.0/21 maxlen: 21
95.129.114.0/24 maxlen: 24
95.129.118.0/24 maxlen: 24
95.129.115.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:77:8e:24:f6:e7:e8:a2:50:85:80:47:ce:cd:4e:51:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 3 12:14:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=766cc8421d8dcf3603955e31039e70f983dfe12e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:34:1d:b4:f5:d7:60:ff:e9:31:f5:e9:fc:43:
d5:5e:6c:b1:d8:19:2b:e2:31:51:3a:12:54:aa:be:
01:89:ff:7d:47:da:2c:b5:4f:4b:01:fe:84:aa:b0:
ce:75:c0:90:c3:88:ab:be:a0:c6:a4:a1:66:b8:ed:
d5:27:3f:de:c2:46:b1:15:a0:92:7f:49:a1:ad:48:
87:72:68:fb:2a:46:33:ed:8d:4f:4b:b9:79:c0:af:
fb:48:6f:37:38:55:0c:db:a4:71:07:e2:f8:a1:8a:
e4:d7:96:45:1f:32:98:ea:92:1a:1d:0b:7c:8e:37:
47:07:7b:c8:79:73:85:80:6d:29:3a:6a:52:eb:f1:
97:67:ff:60:37:fd:a5:b6:33:dd:16:4a:ef:d8:ea:
dd:a4:da:ec:4e:a1:be:1f:f0:60:c1:f1:76:e7:41:
33:f6:8f:46:67:e1:b9:8b:79:14:c8:ac:fa:61:15:
a2:88:b7:30:b7:74:7b:88:66:cc:14:c1:a1:25:fa:
a9:c3:c1:ba:a0:6d:a6:fb:52:5f:ce:4f:e4:66:a3:
67:ef:6b:07:84:fa:f5:01:80:86:f1:23:bc:94:64:
af:d9:ad:10:1c:24:99:2e:75:0a:ba:8c:84:bf:cc:
d6:ac:26:71:62:ef:e8:14:7b:06:92:e6:e7:2d:5b:
8b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:6C:C8:42:1D:8D:CF:36:03:95:5E:31:03:9E:70:F9:83:DF:E1:2E
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/dmzIQh2NzzYDlV4xA55w-YPf4S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.200.0/21
31.3.120.0/21
83.136.184.0/21
95.129.112.0/21
185.23.120.0/22
Signature Algorithm: sha256WithRSAEncryption
54:1c:71:65:be:28:96:f8:cb:fd:c5:48:82:2f:70:5e:c4:f2:
3f:15:b0:9d:82:c1:0a:44:64:61:fc:d8:b4:c3:fd:6d:b1:2d:
99:2e:db:c1:f4:ef:55:fa:55:f7:44:df:45:40:8a:98:53:ad:
fe:6c:1d:a7:54:6f:a6:5a:57:16:93:b9:47:1e:74:22:4a:f0:
c5:bf:75:14:70:85:8d:02:2c:29:b2:86:30:a4:92:46:28:de:
a9:c6:bc:82:23:83:9b:08:64:8d:ad:71:3b:a5:c9:a5:ef:e5:
e7:07:be:e6:a3:d4:16:9b:c9:14:d0:1c:21:11:ad:6c:b5:fc:
13:ac:59:a2:87:17:ac:b1:ee:79:bd:c2:fe:14:2b:b5:04:98:
88:5a:3f:ee:56:33:6c:2c:90:d7:41:a3:ee:0b:54:40:33:21:
ae:03:03:d3:86:cf:ba:3b:fd:b7:5c:c2:59:c4:42:40:3b:df:
e3:43:11:72:40:fe:24:3d:88:5e:93:c4:4e:73:da:f4:33:c5:
ed:cb:94:6f:90:d8:74:fc:35:8d:f9:7e:ab:02:74:03:f4:fc:
f8:0f:ac:65:78:67:3c:df:c5:9b:97:3e:a1:ba:76:a5:81:9f:
d0:ad:30:ba:7f:00:3c:99:cf:b4:c2:2f:e7:d8:cf:75:5c:95:
0a:59:41:18
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYV3jiT25+iiUIWAR87NTlHfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjMwMTAzMTIxNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjZjYzg0MjFkOGRjZjM2MDM5NTVlMzEwMzllNzBmOTgzZGZlMTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijQdtPXXYP/pMfXp/EPVXmyx2Bkr
4jFROhJUqr4Bif99R9ostU9LAf6EqrDOdcCQw4irvqDGpKFmuO3VJz/ewkaxFaCS
f0mhrUiHcmj7KkYz7Y1PS7l5wK/7SG83OFUM26RxB+L4oYrk15ZFHzKY6pIaHQt8
jjdHB3vIeXOFgG0pOmpS6/GXZ/9gN/2ltjPdFkrv2OrdpNrsTqG+H/BgwfF250Ez
9o9GZ+G5i3kUyKz6YRWiiLcwt3R7iGbMFMGhJfqpw8G6oG2m+1Jfzk/kZqNn72sH
hPr1AYCG8SO8lGSv2a0QHCSZLnUKuoyEv8zWrCZxYu/oFHsGkubnLVuLvQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHZsyEIdjc82A5VeMQOecPmD3+EuMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvZG16SVFoMk56ellEbFY0eEE1NXctWVBmNFM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDBSPIAwQD
HwN4AwQDU4i4AwQDX4FwAwQCuRd4MA0GCSqGSIb3DQEBCwUAA4IBAQBUHHFlviiW
+Mv9xUiCL3BexPI/FbCdgsEKRGRh/Ni0w/1tsS2ZLtvB9O9V+lX3RN9FQIqYU63+
bB2nVG+mWlcWk7lHHnQiSvDFv3UUcIWNAiwpsoYwpJJGKN6pxryCI4ObCGSNrXE7
pcml7+XnB77mo9QWm8kU0BwhEa1stfwTrFmihxesse55vcL+FCu1BJiIWj/uVjNs
LJDXQaPuC1RAMyGuAwPThs+6O/23XMJZxEJAO9/jQxFyQP4kPYhek8ROc9r0M8Xt
y5RvkNh0/DWN+X6rAnQD9Pz4D6xleGc838Wblz6hunalgZ/QrTC6fwA8mc+0wi/n
2M91XJUKWUEY
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:34:46 2024 by rpki-client on console-ams.rpki-client.org