Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pzsKrgI9pblrvzXwGDydVK_inoI.roa
File: pzsKrgI9pblrvzXwGDydVK_inoI.roa (raw, json)
Hash identifier: fH6zLDsZaWBqfuydA97Ib+XVkHtpbp2F8VXhWhJ6nLw=
Subject key identifier: A7:3B:0A:AE:02:3D:A5:B9:6B:BF:35:F0:18:3C:9D:54:AF:E2:9E:82
Certificate issuer: /CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Certificate serial: 01856E01C3D45D06BF47AB95BD495EAFD762
Authority key identifier: 29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pzsKrgI9pblrvzXwGDydVK_inoI.roa
Signing time: Sun 01 Jan 2023 15:44:47 +0000
ROA not before: Sun 01 Jan 2023 15:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60461
IP address blocks: 185.14.93.0/24 maxlen: 24
185.14.92.0/24 maxlen: 24
94.154.50.0/24 maxlen: 24
94.154.55.0/24 maxlen: 24
37.114.32.0/19 maxlen: 24
37.114.33.0/24 maxlen: 24
37.114.44.0/24 maxlen: 24
37.114.43.0/24 maxlen: 24
37.114.39.0/24 maxlen: 24
37.114.51.0/24 maxlen: 24
37.114.50.0/24 maxlen: 24
37.114.49.0/24 maxlen: 24
37.114.48.0/24 maxlen: 24
37.114.46.0/24 maxlen: 24
37.114.45.0/24 maxlen: 24
37.114.58.0/24 maxlen: 24
37.114.55.0/24 maxlen: 24
37.114.54.0/24 maxlen: 24
37.114.52.0/24 maxlen: 24
37.114.63.0/24 maxlen: 24
43.251.161.0/24 maxlen: 24
43.251.160.0/24 maxlen: 24
176.100.38.0/24 maxlen: 24
176.100.37.0/24 maxlen: 24
176.100.36.0/24 maxlen: 24
176.100.39.0/24 maxlen: 24
2a00:ccc3::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c3:d4:5d:06:bf:47:ab:95:bd:49:5e:af:d7:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=296593b747e76a56492511bb3612e4d5e4cbe7ec
Validity
Not Before: Jan 1 15:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a73b0aae023da5b96bbf35f0183c9d54afe29e82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:09:87:21:09:3a:b1:74:66:42:71:29:e3:58:
51:38:81:e3:9c:a9:6b:a2:5d:29:98:88:a1:68:f1:
de:ca:6e:17:4c:01:d5:26:42:87:81:13:93:ed:c5:
f2:d8:d8:67:68:6c:18:7f:1d:d0:03:e9:1b:97:66:
e4:78:f5:72:d7:7c:34:a3:1b:b4:9e:a3:66:cc:0f:
70:6a:31:f5:10:a4:1b:67:3b:a6:31:cb:35:0d:6f:
21:b5:7f:e3:aa:50:da:1f:3a:a9:0c:d0:e6:19:0c:
58:00:e8:14:fd:e5:8b:43:ed:fa:de:e2:6e:7d:17:
3b:63:52:cc:30:d0:61:4f:f1:25:73:79:9b:48:6b:
06:81:e9:22:cf:fc:46:07:f5:56:7a:67:5b:f0:ee:
23:ee:6c:cf:64:6f:06:dd:a4:eb:f7:56:73:de:6f:
29:da:aa:98:57:03:07:1b:81:d6:04:75:b2:17:8a:
45:61:db:a4:96:5c:d6:40:b9:64:de:46:ce:f9:9d:
77:8f:71:6b:72:66:d2:53:f8:d3:c9:af:85:67:59:
6f:aa:b7:f8:33:73:0c:98:d7:7c:cb:67:7b:ac:ec:
10:fb:17:12:ef:c8:0c:32:45:dc:37:86:8e:7d:e2:
04:a9:08:ef:71:52:33:9b:c5:20:37:01:35:ee:51:
98:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3B:0A:AE:02:3D:A5:B9:6B:BF:35:F0:18:3C:9D:54:AF:E2:9E:82
X509v3 Authority Key Identifier:
keyid:29:65:93:B7:47:E7:6A:56:49:25:11:BB:36:12:E4:D5:E4:CB:E7:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KWWTt0fnalZJJRG7NhLk1eTL5-w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/pzsKrgI9pblrvzXwGDydVK_inoI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/c58bdc-14e7-499c-9d9c-1b7cbb08d73f/1/KWWTt0fnalZJJRG7NhLk1eTL5-w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.114.32.0/19
43.251.160.0/23
94.154.50.0/24
94.154.55.0/24
176.100.36.0/22
185.14.92.0/23
IPv6:
2a00:ccc3::/32
Signature Algorithm: sha256WithRSAEncryption
39:cc:15:e5:74:53:86:4b:53:a4:24:00:eb:85:fe:5a:42:0a:
df:5a:e1:42:d6:6e:e0:f9:f1:cc:dd:33:d3:f4:fc:36:06:c2:
4d:a5:46:dc:bf:c9:23:d7:33:5f:27:46:49:91:ad:50:16:ba:
c3:e7:83:cd:ca:f0:22:51:ee:40:b8:ea:13:89:72:80:75:05:
1b:d4:16:aa:8e:84:e0:15:97:0f:c6:22:a3:55:fc:8e:01:7d:
a9:e2:32:e2:fa:c8:d6:fe:97:41:28:ce:b4:33:0d:e9:ba:1b:
1f:0e:30:fc:bc:e8:ba:98:09:14:1e:62:77:cc:9b:a2:a2:dd:
84:d4:47:bc:5c:cc:51:1f:72:36:6e:3f:a0:b2:07:fe:5b:1e:
0a:7a:52:2f:9b:c5:86:53:c0:8c:b2:d9:58:3d:c0:7d:ea:c2:
5f:97:ac:3c:34:1f:99:d3:41:be:a0:8a:f5:74:07:e4:76:10:
60:47:27:2c:64:10:57:aa:5c:8e:de:b4:8a:ea:20:10:f3:eb:
87:ad:9e:e1:6c:21:d4:22:d6:c0:08:cf:39:7f:aa:c0:e8:6f:
aa:b4:3f:9d:2d:da:93:de:8e:f5:26:c8:9e:2f:ee:0c:4f:fe:
2c:fe:a7:89:8a:c7:9d:76:79:ff:01:e5:a4:67:4d:86:ed:7d:
52:bd:94:51
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVuAcPUXQa/R6uVvUler9diMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5NjU5M2I3NDdlNzZhNTY0OTI1MTFiYjM2MTJlNGQ1ZTRj
YmU3ZWMwHhcNMjMwMTAxMTU0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzNiMGFhZTAyM2RhNWI5NmJiZjM1ZjAxODNjOWQ1NGFmZTI5ZTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAmHIQk6sXRmQnEp41hROIHjnKlr
ol0pmIihaPHeym4XTAHVJkKHgROT7cXy2NhnaGwYfx3QA+kbl2bkePVy13w0oxu0
nqNmzA9wajH1EKQbZzumMcs1DW8htX/jqlDaHzqpDNDmGQxYAOgU/eWLQ+363uJu
fRc7Y1LMMNBhT/Elc3mbSGsGgekiz/xGB/VWemdb8O4j7mzPZG8G3aTr91Zz3m8p
2qqYVwMHG4HWBHWyF4pFYdukllzWQLlk3kbO+Z13j3FrcmbSU/jTya+FZ1lvqrf4
M3MMmNd8y2d7rOwQ+xcS78gMMkXcN4aOfeIEqQjvcVIzm8UgNwE17lGY5QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKc7Cq4CPaW5a7818Bg8nVSv4p6CMB8GA1UdIwQY
MBaAFCllk7dH52pWSSURuzYS5NXky+fsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMt
MWI3Y2JiMDhkNzNmLzEvcHpzS3JnSTlwYmxydnpYd0dEeWRWS19pbm9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9jNThiZGMtMTRlNy00OTljLTlkOWMtMWI3Y2JiMDhkNzNm
LzEvS1dXVHQwZm5hbFpKSlJHN05oTGsxZVRMNS13LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFJXIgAwQB
K/ugAwQAXpoyAwQAXpo3AwQCsGQkAwQBuQ5cMA0EAgACMAcDBQAqAMzDMA0GCSqG
SIb3DQEBCwUAA4IBAQA5zBXldFOGS1OkJADrhf5aQgrfWuFC1m7g+fHM3TPT9Pw2
BsJNpUbcv8kj1zNfJ0ZJka1QFrrD54PNyvAiUe5AuOoTiXKAdQUb1BaqjoTgFZcP
xiKjVfyOAX2p4jLi+sjW/pdBKM60Mw3puhsfDjD8vOi6mAkUHmJ3zJuiot2E1Ee8
XMxRH3I2bj+gsgf+Wx4KelIvm8WGU8CMstlYPcB96sJfl6w8NB+Z00G+oIr1dAfk
dhBgRycsZBBXqlyO3rSK6iAQ8+uHrZ7hbCHUItbACM85f6rA6G+qtD+dLdqT3o71
JsieL+4MT/4s/qeJiseddnn/AeWkZ02G7X1SvZRR
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:51:42 2024 by rpki-client on console-fra.rpki-client.org