Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/9RSMxeFWhtjp1cVumjqERUnDtTo.roa
File: 9RSMxeFWhtjp1cVumjqERUnDtTo.roa (raw, json)
Hash identifier: QidROYaAl8hcpx+yir8xSvsCJE31v77mwjsL1aYWrfI=
Subject key identifier: F5:14:8C:C5:E1:56:86:D8:E9:D5:C5:6E:9A:3A:84:45:49:C3:B5:3A
Certificate issuer: /CN=64dfe26d403141be9059ab2144325b402d4cab7d
Certificate serial: 018572559D9D36F95DE978158942595E3BF6
Authority key identifier: 64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/9RSMxeFWhtjp1cVumjqERUnDtTo.roa
Signing time: Mon 02 Jan 2023 11:54:51 +0000
ROA not before: Mon 02 Jan 2023 11:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57588
IP address blocks: 185.129.4.0/22 maxlen: 22
185.129.4.0/23 maxlen: 23
185.129.4.0/24 maxlen: 24
185.129.5.0/24 maxlen: 24
185.129.6.0/24 maxlen: 24
185.129.6.0/23 maxlen: 23
185.129.7.0/24 maxlen: 24
176.241.84.0/24 maxlen: 24
176.241.80.0/24 maxlen: 24
176.241.80.0/22 maxlen: 22
176.241.81.0/24 maxlen: 24
176.241.82.0/24 maxlen: 24
176.241.83.0/24 maxlen: 24
176.241.84.0/23 maxlen: 23
176.241.85.0/24 maxlen: 24
176.241.80.0/20 maxlen: 20
176.241.86.0/24 maxlen: 24
176.241.87.0/24 maxlen: 24
176.241.88.0/24 maxlen: 24
176.241.88.0/22 maxlen: 22
176.241.89.0/24 maxlen: 24
176.241.90.0/24 maxlen: 24
176.241.91.0/24 maxlen: 24
176.241.94.0/24 maxlen: 24
176.241.95.0/24 maxlen: 24
176.241.92.0/22 maxlen: 22
176.241.92.0/24 maxlen: 24
176.241.93.0/24 maxlen: 24
2a0d:d680::/48 maxlen: 48
2a0d:d680::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:9d:9d:36:f9:5d:e9:78:15:89:42:59:5e:3b:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64dfe26d403141be9059ab2144325b402d4cab7d
Validity
Not Before: Jan 2 11:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f5148cc5e15686d8e9d5c56e9a3a844549c3b53a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5f:40:d2:ed:94:e6:a9:24:d2:56:6c:9c:40:
3f:bd:c2:88:bc:4d:be:67:0f:4d:f2:50:2b:92:54:
fa:9a:af:c9:5a:c3:ce:c4:ff:15:46:e5:82:e7:4d:
97:ba:99:cc:19:04:fc:7b:ea:26:07:49:37:e1:89:
28:ed:c0:cd:ee:e4:3f:0f:99:09:4d:ca:48:1d:3a:
9f:67:c7:ca:83:d7:2f:34:19:17:aa:f5:ba:d8:cd:
e3:80:2e:c8:cb:6a:ea:fb:42:0a:11:ee:19:35:91:
e3:55:c4:f9:62:b5:a7:d6:0e:b1:f2:db:6b:ab:8f:
8b:e3:5a:76:80:8a:22:da:3e:7b:8c:ae:34:ac:59:
04:c3:ce:66:f5:b2:65:9f:42:a9:05:a5:59:3b:61:
de:7e:9b:dd:bf:70:4b:30:b9:30:c4:f5:23:40:90:
0c:3d:97:47:eb:23:58:d1:00:89:29:7e:24:b6:36:
cb:8b:6d:f2:7c:78:24:20:28:52:fd:fd:f8:e1:84:
35:8e:db:f1:4e:b1:1b:38:60:43:d8:39:bd:6a:4c:
90:45:22:5c:c2:87:7a:a8:1f:2a:5c:7b:ba:d7:e2:
77:45:f0:04:bd:f9:b7:cd:6d:3f:00:f3:7f:63:d4:
5d:5d:c3:17:d8:03:ac:b0:2c:ee:49:2d:90:d0:71:
aa:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:14:8C:C5:E1:56:86:D8:E9:D5:C5:6E:9A:3A:84:45:49:C3:B5:3A
X509v3 Authority Key Identifier:
keyid:64:DF:E2:6D:40:31:41:BE:90:59:AB:21:44:32:5B:40:2D:4C:AB:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZN_ibUAxQb6QWashRDJbQC1Mq30.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/9RSMxeFWhtjp1cVumjqERUnDtTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/5d6255-65c9-4bfa-b9d7-f657519d0233/1/ZN_ibUAxQb6QWashRDJbQC1Mq30.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.241.80.0/20
185.129.4.0/22
IPv6:
2a0d:d680::/29
Signature Algorithm: sha256WithRSAEncryption
76:a6:02:2e:d6:0a:4b:a1:26:88:e3:5e:71:78:f6:ca:89:6d:
f7:a6:52:74:fb:3e:92:81:48:d0:c0:a2:82:f8:7f:9d:f1:78:
7a:30:cf:2e:85:89:3b:5a:84:ed:8e:a0:df:87:b1:20:b1:91:
14:07:cc:a4:78:6f:59:51:21:fa:d0:ea:6d:02:93:b4:89:a4:
6c:d3:51:14:4a:96:9b:fa:80:d5:41:a2:89:01:fe:85:2f:c3:
42:2f:17:65:84:74:7b:79:9d:59:a2:58:6e:9c:91:e4:a5:c9:
17:39:e9:e0:d1:bb:6c:9d:69:dd:e6:a3:c6:d1:af:4f:9c:84:
04:4c:b1:10:c1:58:d5:08:11:04:2f:6f:64:a2:34:05:07:0f:
40:71:6e:23:9a:72:86:b7:8f:d6:53:28:09:c3:0a:9c:fa:ed:
f5:48:18:b2:4a:67:07:6f:d8:17:f3:f6:de:b0:45:87:a1:49:
0f:67:e3:73:8d:a7:8c:b2:03:b3:55:91:28:af:e2:74:94:86:
72:a6:68:bb:a6:99:e5:d2:d3:87:fe:58:90:b2:0c:01:41:85:
8c:07:1a:6d:6b:ca:a5:63:a7:e0:f4:d6:b7:f0:9b:ec:9e:92:
c9:09:ae:6a:8e:8f:78:cf:c3:20:0f:3e:ed:f5:02:fa:7d:79:
a4:25:7e:c8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVyVZ2dNvld6XgViUJZXjv2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZGZlMjZkNDAzMTQxYmU5MDU5YWIyMTQ0MzI1YjQwMmQ0
Y2FiN2QwHhcNMjMwMTAyMTE1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTE0OGNjNWUxNTY4NmQ4ZTlkNWM1NmU5YTNhODQ0NTQ5YzNiNTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr19A0u2U5qkk0lZsnEA/vcKIvE2+
Zw9N8lArklT6mq/JWsPOxP8VRuWC502XupnMGQT8e+omB0k34Yko7cDN7uQ/D5kJ
TcpIHTqfZ8fKg9cvNBkXqvW62M3jgC7Iy2rq+0IKEe4ZNZHjVcT5YrWn1g6x8ttr
q4+L41p2gIoi2j57jK40rFkEw85m9bJln0KpBaVZO2Hefpvdv3BLMLkwxPUjQJAM
PZdH6yNY0QCJKX4ktjbLi23yfHgkIChS/f344YQ1jtvxTrEbOGBD2Dm9akyQRSJc
wod6qB8qXHu61+J3RfAEvfm3zW0/APN/Y9RdXcMX2AOssCzuSS2Q0HGqxwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPUUjMXhVobY6dXFbpo6hEVJw7U6MB8GA1UdIwQY
MBaAFGTf4m1AMUG+kFmrIUQyW0AtTKt9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDct
ZjY1NzUxOWQwMjMzLzEvOVJTTXhlRldodGpwMWNWdW1qcUVSVW5EdFRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi81ZDYyNTUtNjVjOS00YmZhLWI5ZDctZjY1NzUxOWQwMjMz
LzEvWk5faWJVQXhRYjZRV2FzaFJESmJRQzFNcTMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEsPFQAwQC
uYEEMA0EAgACMAcDBQMqDdaAMA0GCSqGSIb3DQEBCwUAA4IBAQB2pgIu1gpLoSaI
415xePbKiW33plJ0+z6SgUjQwKKC+H+d8Xh6MM8uhYk7WoTtjqDfh7EgsZEUB8yk
eG9ZUSH60OptApO0iaRs01EUSpab+oDVQaKJAf6FL8NCLxdlhHR7eZ1ZolhunJHk
pckXOeng0btsnWnd5qPG0a9PnIQETLEQwVjVCBEEL29kojQFBw9AcW4jmnKGt4/W
UygJwwqc+u31SBiySmcHb9gX8/besEWHoUkPZ+NzjaeMsgOzVZEor+J0lIZypmi7
ppnl0tOH/liQsgwBQYWMBxpta8qlY6fg9Na38JvsnpLJCa5qjo94z8MgDz7t9QL6
fXmkJX7I
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:02 2023 by rpki-client on console-fra.rpki-client.org