Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Id0-KFiJGOZ94tUXM8N04STkpnA.roa
File: Id0-KFiJGOZ94tUXM8N04STkpnA.roa (raw, json)
Hash identifier: k3XKLjzpz9+wySsm2YVww5MSyq/cGXrSdc0BMvMG4zI=
Subject key identifier: 21:DD:3E:28:58:89:18:E6:7D:E2:D5:17:33:C3:74:E1:24:E4:A6:70
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 01856F54A4AB67F962720D93A3F744C3D0A4
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Id0-KFiJGOZ94tUXM8N04STkpnA.roa
Signing time: Sun 01 Jan 2023 21:54:56 +0000
ROA not before: Sun 01 Jan 2023 21:54:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 680
IP address blocks: 192.76.245.0/24 maxlen: 24
192.76.246.0/23 maxlen: 23
192.76.241.0/24 maxlen: 24
192.76.248.0/24 maxlen: 24
192.109.177.0/24 maxlen: 24
192.35.150.0/24 maxlen: 24
192.35.150.0/23 maxlen: 23
192.35.149.0/24 maxlen: 24
192.35.151.0/24 maxlen: 24
192.35.153.0/24 maxlen: 24
129.26.0.0/16 maxlen: 16
192.76.148.0/24 maxlen: 24
129.233.128.0/18 maxlen: 18
192.88.108.0/24 maxlen: 24
212.44.192.0/19 maxlen: 19
192.102.150.0/23 maxlen: 23
192.102.152.0/23 maxlen: 23
192.102.156.0/24 maxlen: 24
192.102.158.0/23 maxlen: 23
192.102.164.0/24 maxlen: 24
192.102.161.0/24 maxlen: 24
192.102.160.0/24 maxlen: 24
192.102.162.0/23 maxlen: 23
192.102.168.0/24 maxlen: 24
192.102.167.0/24 maxlen: 24
192.102.170.0/24 maxlen: 24
192.102.169.0/24 maxlen: 24
192.102.172.0/24 maxlen: 24
192.102.175.0/24 maxlen: 24
192.102.174.0/24 maxlen: 24
192.102.176.0/23 maxlen: 23
129.233.210.0/24 maxlen: 24
129.233.224.0/20 maxlen: 20
192.44.4.0/24 maxlen: 24
192.54.34.0/23 maxlen: 23
192.44.8.0/24 maxlen: 24
192.44.5.0/24 maxlen: 24
192.44.6.0/24 maxlen: 24
192.44.15.0/24 maxlen: 24
192.44.12.0/24 maxlen: 24
192.44.23.0/24 maxlen: 24
192.44.18.0/24 maxlen: 24
192.44.20.0/23 maxlen: 23
192.44.30.0/23 maxlen: 23
192.44.29.0/24 maxlen: 24
192.44.26.0/24 maxlen: 24
192.44.25.0/24 maxlen: 24
192.44.28.0/24 maxlen: 24
192.44.36.0/24 maxlen: 24
84.246.64.0/21 maxlen: 21
192.44.38.0/23 maxlen: 23
192.44.40.0/24 maxlen: 24
2a03:db80::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:a4:ab:67:f9:62:72:0d:93:a3:f7:44:c3:d0:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 21:54:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=21dd3e28588918e67de2d51733c374e124e4a670
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c3:93:63:a7:8a:9a:79:92:0b:6b:a2:2b:0e:
f4:c5:e2:21:9c:ad:94:b2:c3:ad:78:87:f0:2b:6a:
0c:a7:4f:54:6d:d3:b5:42:16:a0:1b:47:8f:3c:16:
a1:bb:ae:1c:26:7f:41:70:82:b9:e8:a5:2c:64:1e:
0d:0b:98:10:69:38:8e:34:c8:6b:89:a3:04:e7:ca:
ca:10:7f:21:67:4e:58:0c:5b:9e:2e:9b:22:8a:59:
55:3b:6e:a0:52:ab:36:8a:30:88:7e:2a:87:d0:b0:
f1:c9:13:8b:4e:75:ca:d3:b4:3c:bf:3d:52:e1:7f:
96:7c:9b:ae:c5:fa:18:17:90:35:83:8a:85:51:4c:
ae:86:fc:28:77:77:80:50:ec:23:16:5e:09:be:07:
fb:05:05:c9:36:a5:48:b4:fb:16:56:22:a1:4c:69:
44:f2:05:f9:d4:a8:79:bf:f7:3f:e4:66:a2:64:62:
13:78:68:5f:01:4b:d0:9c:d7:96:a8:e1:b5:a5:06:
84:29:df:4a:22:52:8d:d0:89:06:37:4b:de:62:93:
22:45:d4:9e:4e:d5:b3:0b:44:a7:6c:4b:72:a7:9f:
33:87:30:36:50:2f:e0:03:40:ee:46:7c:92:1b:bb:
fa:5c:b2:db:1c:fc:db:45:5b:e9:71:67:43:f7:d0:
1e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:DD:3E:28:58:89:18:E6:7D:E2:D5:17:33:C3:74:E1:24:E4:A6:70
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/Id0-KFiJGOZ94tUXM8N04STkpnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.64.0/21
129.26.0.0/16
129.233.128.0/18
129.233.210.0/24
129.233.224.0/20
192.35.149.0-192.35.151.255
192.35.153.0/24
192.44.4.0-192.44.6.255
192.44.8.0/24
192.44.12.0/24
192.44.15.0/24
192.44.18.0/24
192.44.20.0/23
192.44.23.0/24
192.44.25.0-192.44.26.255
192.44.28.0/22
192.44.36.0/24
192.44.38.0-192.44.40.255
192.54.34.0/23
192.76.148.0/24
192.76.241.0/24
192.76.245.0-192.76.248.255
192.88.108.0/24
192.102.150.0-192.102.153.255
192.102.156.0/24
192.102.158.0-192.102.164.255
192.102.167.0-192.102.170.255
192.102.172.0/24
192.102.174.0-192.102.177.255
192.109.177.0/24
212.44.192.0/19
IPv6:
2a03:db80::/32
Signature Algorithm: sha256WithRSAEncryption
54:d2:4f:bc:f9:b6:f3:be:64:ed:4e:2b:99:58:5a:05:3f:9e:
fe:86:e7:f0:cc:47:c9:22:ec:e8:ef:a2:9b:b5:ab:64:df:72:
47:5b:d2:92:95:7b:63:73:bb:c7:06:ca:f6:e3:fe:ca:c8:d8:
69:9e:42:b7:e0:53:06:5b:bd:1c:16:96:30:11:dc:0d:06:0d:
82:49:45:4c:e6:b2:35:a4:c0:8e:34:72:b3:a4:fb:d2:b2:0b:
6c:6a:f8:6f:56:fe:f2:50:84:d5:60:88:ab:9e:49:27:46:7b:
ef:c6:fe:5d:c1:71:4f:b9:e5:ec:eb:5b:43:e4:bc:b4:cd:0f:
81:86:99:ba:be:a4:db:d9:0e:c1:25:50:1a:d5:1f:12:72:a2:
40:fc:f9:96:c4:5e:97:08:8b:25:59:48:40:a9:46:27:f7:48:
e6:c3:0a:b2:3d:2b:85:e5:bc:8c:8c:3e:03:50:59:94:2c:c6:
5b:9e:d6:1c:c2:6c:ab:14:22:97:1c:03:91:d7:88:a3:91:ac:
33:10:3e:3d:c1:69:c3:44:e5:ae:d9:8a:02:68:29:a0:17:a9:
4a:95:5a:3c:47:2c:d7:1e:8a:61:49:ab:9c:3f:c9:87:0e:46:
77:bd:4d:2b:36:6b:f3:8a:1c:f7:ef:22:5a:6a:a0:67:d8:6e:
af:93:06:4f
-----BEGIN CERTIFICATE-----
MIIGETCCBPmgAwIBAgISAYVvVKSrZ/licg2To/dEw9CkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjMwMTAxMjE1NDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWRkM2UyODU4ODkxOGU2N2RlMmQ1MTczM2MzNzRlMTI0ZTRhNjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8OTY6eKmnmSC2uiKw70xeIhnK2U
ssOteIfwK2oMp09UbdO1QhagG0ePPBahu64cJn9BcIK56KUsZB4NC5gQaTiONMhr
iaME58rKEH8hZ05YDFueLpsiillVO26gUqs2ijCIfiqH0LDxyROLTnXK07Q8vz1S
4X+WfJuuxfoYF5A1g4qFUUyuhvwod3eAUOwjFl4Jvgf7BQXJNqVItPsWViKhTGlE
8gX51Kh5v/c/5GaiZGITeGhfAUvQnNeWqOG1pQaEKd9KIlKN0IkGN0veYpMiRdSe
TtWzC0SnbEtyp58zhzA2UC/gA0DuRnySG7v6XLLbHPzbRVvpcWdD99AeGwIDAQAB
o4IDHTCCAxkwHQYDVR0OBBYEFCHdPihYiRjmfeLVFzPDdOEk5KZwMB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvSWQwLUtGaUpHT1o5NHRVWE04TjA0U1RrcG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBMQYIKwYBBQUHAQcBAf8EggEgMIIBHDCCAQkEAgABMIIB
AQMEA1T2QAMDAIEaAwQGgemAAwQAgenSAwQEgengMAwDBADAI5UDBAPAI5ADBADA
I5kwDAMEAsAsBAMEAMAsBgMEAMAsCAMEAMAsDAMEAMAsDwMEAMAsEgMEAcAsFAME
AMAsFzAMAwQAwCwZAwQAwCwaAwQCwCwcAwQAwCwkMAwDBAHALCYDBADALCgDBAHA
NiIDBADATJQDBADATPEwDAMEAMBM9QMEAMBM+AMEAMBYbDAMAwQBwGaWAwQBwGaY
AwQAwGacMAwDBAHAZp4DBADAZqQwDAMEAMBmpwMEAMBmqgMEAMBmrDAMAwQBwGau
AwQBwGawAwQAwG2xAwQF1CzAMA0EAgACMAcDBQAqA9uAMA0GCSqGSIb3DQEBCwUA
A4IBAQBU0k+8+bbzvmTtTiuZWFoFP57+hufwzEfJIuzo76Kbtatk33JHW9KSlXtj
c7vHBsr24/7KyNhpnkK34FMGW70cFpYwEdwNBg2CSUVM5rI1pMCONHKzpPvSsgts
avhvVv7yUITVYIirnkknRnvvxv5dwXFPueXs61tD5Ly0zQ+Bhpm6vqTb2Q7BJVAa
1R8ScqJA/PmWxF6XCIslWUhAqUYn90jmwwqyPSuF5byMjD4DUFmULMZbntYcwmyr
FCKXHAOR14ijkawzED49wWnDROWu2YoCaCmgF6lKlVo8RyzXHophSaucP8mHDkZ3
vU0rNmvzihz37yJaaqBn2G6vkwZP
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:31 2023 by rpki-client on console-fra.rpki-client.org