Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/3z0PIMHyavDNLUrQc3g_MGNENDw.roa
File: 3z0PIMHyavDNLUrQc3g_MGNENDw.roa (raw, json)
Hash identifier: rPgQzbOLi3RtXcckIvCbUunC4BwWGV9vYbp400YfVSM=
Subject key identifier: DF:3D:0F:20:C1:F2:6A:F0:CD:2D:4A:D0:73:78:3F:30:63:44:34:3C
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A5ADE56F191E5B214AE694FA167A
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/3z0PIMHyavDNLUrQc3g_MGNENDw.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5501
IP address blocks: 129.233.128.0/17 maxlen: 17
153.96.220.0/22 maxlen: 22
153.96.253.0/24 maxlen: 24
153.96.254.0/24 maxlen: 24
129.233.252.0/24 maxlen: 24
129.233.252.0/22 maxlen: 22
129.233.253.0/24 maxlen: 24
192.102.165.0/24 maxlen: 24
129.233.255.0/24 maxlen: 24
129.233.254.0/24 maxlen: 24
192.102.172.0/23 maxlen: 23
192.102.171.0/24 maxlen: 24
192.44.0.0/22 maxlen: 22
153.96.54.0/23 maxlen: 23
192.44.10.0/24 maxlen: 24
192.44.13.0/24 maxlen: 24
192.44.17.0/24 maxlen: 24
192.44.24.0/24 maxlen: 24
192.44.37.0/24 maxlen: 24
153.96.0.0/21 maxlen: 21
153.96.10.0/24 maxlen: 24
153.96.8.0/23 maxlen: 23
153.96.12.0/22 maxlen: 22
153.96.16.0/23 maxlen: 23
153.96.24.0/24 maxlen: 24
153.96.18.0/24 maxlen: 24
137.251.0.0/16 maxlen: 16
153.96.19.0/24 maxlen: 24
192.42.64.0/24 maxlen: 24
192.42.63.0/24 maxlen: 24
153.96.144.0/23 maxlen: 23
129.233.0.0/17 maxlen: 17
2a03:db80:4410::/48 maxlen: 48
2a03:db80:4424::/48 maxlen: 48
2a03:db80:4484::/48 maxlen: 48
2a03:db80:4c84::/48 maxlen: 48
2a03:db80:4404::/48 maxlen: 48
2a03:db80:4480::/48 maxlen: 48
2a03:db80:4c80::/48 maxlen: 48
2a03:db80:4420::/48 maxlen: 48
2a03:db80:4414::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a5:ad:e5:6f:19:1e:5b:21:4a:e6:94:fa:16:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=df3d0f20c1f26af0cd2d4ad073783f306344343c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:73:6a:16:e4:c9:26:8e:a1:af:08:08:52:80:
c2:21:13:e1:6f:d7:ac:b6:31:7e:3f:47:09:0b:07:
b7:cb:7b:dc:ad:52:32:d6:42:45:55:c2:dd:67:f6:
8d:34:d6:0b:e2:32:ca:1a:37:62:16:03:e9:34:00:
28:2e:35:b3:61:8c:e3:85:4c:21:69:a5:b7:f6:e4:
e2:17:ec:58:54:ea:f8:07:06:6b:02:e8:e6:54:93:
6f:c6:2b:65:c9:14:3f:18:3f:c1:4c:6f:1f:58:22:
0e:c8:e5:3c:93:0c:ab:ce:c6:f3:81:fd:68:6e:9e:
23:f1:99:6f:5e:22:1e:fe:76:e2:34:92:96:c3:b5:
cb:99:e8:a3:04:ee:5e:29:f9:79:35:fe:29:56:d8:
f0:08:21:3c:96:c9:e1:6a:30:9b:fc:54:cf:2d:0f:
05:ed:6e:2a:21:47:e4:bd:f1:f2:f5:58:c6:a3:71:
60:49:4d:2b:9e:ab:b8:e5:d5:34:c9:c9:ef:5e:be:
13:80:66:61:17:f8:94:00:00:c8:64:24:c0:93:1d:
4b:41:3c:20:dc:dc:f7:ce:62:c6:9d:f7:31:c9:a8:
24:55:2f:7a:10:89:20:d9:83:93:5b:a8:aa:e0:47:
07:44:d3:c9:ca:d9:3d:eb:62:80:c5:7c:0d:35:55:
1f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:3D:0F:20:C1:F2:6A:F0:CD:2D:4A:D0:73:78:3F:30:63:44:34:3C
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/3z0PIMHyavDNLUrQc3g_MGNENDw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.0.0/16
137.251.0.0/16
153.96.0.0-153.96.10.255
153.96.12.0-153.96.19.255
153.96.24.0/24
153.96.54.0/23
153.96.144.0/23
153.96.220.0/22
153.96.253.0-153.96.254.255
192.42.63.0-192.42.64.255
192.44.0.0/22
192.44.10.0/24
192.44.13.0/24
192.44.17.0/24
192.44.24.0/24
192.44.37.0/24
192.102.165.0/24
192.102.171.0-192.102.173.255
IPv6:
2a03:db80:4404::/48
2a03:db80:4410::/48
2a03:db80:4414::/48
2a03:db80:4420::/48
2a03:db80:4424::/48
2a03:db80:4480::/48
2a03:db80:4484::/48
2a03:db80:4c80::/48
2a03:db80:4c84::/48
Signature Algorithm: sha256WithRSAEncryption
3f:8d:b2:74:7d:2e:b7:8a:48:c0:2d:af:74:a7:6b:43:82:da:
18:6a:40:41:93:85:e1:ce:bf:67:1f:6b:51:08:7f:9e:eb:3c:
71:37:6b:43:26:e5:49:e7:78:6a:33:43:b2:a9:af:13:d9:24:
a8:55:89:15:06:26:48:a3:6d:48:9f:0b:76:65:3e:82:b0:22:
b0:86:74:7b:72:4d:17:ce:fd:f3:5d:48:a0:07:4c:6f:94:29:
d1:57:70:32:81:02:ef:73:bf:4f:80:e3:d0:9b:cb:68:b0:c2:
4f:2b:75:25:6d:03:92:dc:34:04:f6:4f:4d:11:88:17:4f:60:
a1:23:07:22:17:48:0c:09:e4:45:7a:48:71:02:8e:03:d3:6f:
a9:dc:1a:e6:67:41:c6:f4:d6:34:43:7d:25:18:1b:33:33:39:
a5:21:f2:2d:bc:bc:51:b1:0f:d0:76:9e:a9:8a:98:20:83:2d:
0b:17:4b:84:6d:d4:85:39:55:07:20:66:5d:8c:82:b2:bb:d2:
a5:b0:c0:d9:71:f5:ee:97:78:c2:9f:7c:58:10:20:c1:27:fc:
98:7e:52:13:61:a6:8e:5f:e6:a6:40:63:43:de:17:28:62:71:
f5:48:9e:1d:2c:2c:29:e5:d6:7e:a1:e5:58:4e:4d:c3:9a:bd:
27:a7:2e:64
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAYVvVKWt5W8ZHlshSuaU+hZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjNkMGYyMGMxZjI2YWYwY2QyZDRhZDA3Mzc4M2YzMDYzNDQzNDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHNqFuTJJo6hrwgIUoDCIRPhb9es
tjF+P0cJCwe3y3vcrVIy1kJFVcLdZ/aNNNYL4jLKGjdiFgPpNAAoLjWzYYzjhUwh
aaW39uTiF+xYVOr4BwZrAujmVJNvxitlyRQ/GD/BTG8fWCIOyOU8kwyrzsbzgf1o
bp4j8ZlvXiIe/nbiNJKWw7XLmeijBO5eKfl5Nf4pVtjwCCE8lsnhajCb/FTPLQ8F
7W4qIUfkvfHy9VjGo3FgSU0rnqu45dU0ycnvXr4TgGZhF/iUAADIZCTAkx1LQTwg
3Nz3zmLGnfcxyagkVS96EIkg2YOTW6iq4EcHRNPJytk962KAxXwNNVUfjQIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFN89DyDB8mrwzS1K0HN4PzBjRDQ8MB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvM3owUElNSHlhdkROTFVyUWMzZ19NR05FTkR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgZgEAgABMIGRAwMA
gekDAwCJ+zALAwMFmWADBACZYAowDAMEAplgDAMEAplgEAMEAJlgGAMEAZlgNgME
AZlgkAMEAplg3DAMAwQAmWD9AwQAmWD+MAwDBADAKj8DBADAKkADBALALAADBADA
LAoDBADALA0DBADALBEDBADALBgDBADALCUDBADAZqUwDAMEAMBmqwMEAcBmrDBX
BAIAAjBRAwcAKgPbgEQEAwcAKgPbgEQQAwcAKgPbgEQUAwcAKgPbgEQgAwcAKgPb
gEQkAwcAKgPbgESAAwcAKgPbgESEAwcAKgPbgEyAAwcAKgPbgEyEMA0GCSqGSIb3
DQEBCwUAA4IBAQA/jbJ0fS63ikjALa90p2tDgtoYakBBk4Xhzr9nH2tRCH+e6zxx
N2tDJuVJ53hqM0Oyqa8T2SSoVYkVBiZIo21Inwt2ZT6CsCKwhnR7ck0Xzv3zXUig
B0xvlCnRV3AygQLvc79PgOPQm8tosMJPK3UlbQOS3DQE9k9NEYgXT2ChIwciF0gM
CeRFekhxAo4D02+p3BrmZ0HG9NY0Q30lGBszMzmlIfItvLxRsQ/Qdp6pipgggy0L
F0uEbdSFOVUHIGZdjIKyu9KlsMDZcfXul3jCn3xYECDBJ/yYflITYaaOX+amQGND
3hcoYnH1SJ4dLCwp5dZ+oeVYTk3Dmr0npy5k
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-fra.rpki-client.org