Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ze7toAS1GfH6w1l2ZHuA53976aI.roa
File: Ze7toAS1GfH6w1l2ZHuA53976aI.roa (raw, json)
Hash identifier: wATpkZ1HOJgLR6Ldqj5vyAd4UeUIYSXlZW/H1IhGFRQ=
Subject key identifier: 65:EE:ED:A0:04:B5:19:F1:FA:C3:59:76:64:7B:80:E7:7F:7B:E9:A2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 018823701E2246E4F997EE0E9DF518A682C9
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ze7toAS1GfH6w1l2ZHuA53976aI.roa
Signing time: Tue 16 May 2023 07:22:10 +0000
ROA not before: Tue 16 May 2023 07:22:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
139.28.96.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a10:cc45:130::/44 maxlen: 44
2a04:ccc2::/32 maxlen: 48
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:70:1e:22:46:e4:f9:97:ee:0e:9d:f5:18:a6:82:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: May 16 07:22:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65eeeda004b519f1fac35976647b80e77f7be9a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:d3:95:b9:a0:bd:2e:56:cd:7c:f8:0c:4c:ac:
e0:44:22:ae:dc:bb:43:09:d6:b1:a9:dc:0b:f1:7d:
f3:1d:c4:00:ae:21:45:14:f6:33:78:74:83:27:1c:
9c:15:e9:f4:cd:d6:f7:65:1b:52:a8:e0:3b:0b:d3:
b0:51:f6:e6:b3:5e:3a:9d:a2:56:ce:9d:e0:6f:ee:
64:68:ef:d3:8e:4e:39:92:a4:37:de:58:4d:12:a8:
d0:db:7a:e9:d7:0f:92:f1:c0:d2:d4:ab:80:37:a8:
25:30:33:32:4f:31:61:e0:62:47:1e:cc:08:1d:3e:
91:07:cc:6f:19:a0:11:b5:c0:16:2e:d4:07:6a:71:
0f:38:19:d7:b7:13:81:9c:ed:5c:11:f8:3a:14:dc:
58:ec:7b:03:bd:b3:f4:15:2b:8b:21:78:35:10:8d:
a3:c7:35:89:90:e0:d2:6b:f7:b6:0b:5d:9b:26:07:
05:96:f7:89:6c:32:53:36:dc:47:60:93:70:82:0c:
8f:36:48:40:f8:f2:34:f5:d7:ae:71:de:ca:31:3d:
ee:6e:44:55:b1:2d:10:52:a4:9c:0c:55:18:3b:07:
6a:90:17:fe:6c:c7:34:4d:8c:3d:b9:26:a0:24:bf:
59:16:7a:e3:4c:5b:4c:5f:9f:49:c2:92:88:d1:a8:
7c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EE:ED:A0:04:B5:19:F1:FA:C3:59:76:64:7B:80:E7:7F:7B:E9:A2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Ze7toAS1GfH6w1l2ZHuA53976aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
139.28.96.0/22
185.232.117.0/24
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc1::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
1f:b2:d1:38:79:90:69:f7:24:f4:56:e5:88:e9:bb:9b:ad:ef:
8d:92:90:84:d2:e3:9a:d9:fa:33:62:6d:fc:bf:6c:44:38:89:
7b:b1:d6:15:65:43:ec:68:d1:8b:c4:ae:41:4f:7b:54:07:68:
ef:89:89:f4:2c:63:09:46:85:85:d9:a2:88:66:13:f4:7d:a4:
b8:d4:3a:48:a8:e2:9e:7b:89:a5:ee:1e:48:54:c9:bb:cf:f1:
c9:c4:7a:f3:32:77:ab:f4:4a:b2:dd:5b:0d:62:bd:36:33:20:
c4:67:ab:ff:09:2a:c8:3a:03:8a:30:fa:9a:9a:35:ec:30:d0:
cf:7c:2f:72:df:9f:c7:ed:16:a1:88:9c:79:86:51:48:87:fe:
21:00:7d:31:11:82:22:62:8f:8f:e8:88:d6:cf:5b:fd:41:43:
3b:07:e5:90:6d:cd:23:27:1d:db:78:88:e2:f0:e0:6b:ac:34:
4b:32:b8:26:f5:23:dc:54:b3:5d:b5:b4:12:6e:8e:da:f0:fc:
aa:eb:07:ec:b3:de:25:31:79:85:93:9e:af:30:89:f4:e9:89:
89:e2:35:3b:df:6c:d1:e9:bc:b8:ed:8c:a7:bd:8c:21:bc:60:
4c:d5:77:a4:0b:14:ab:b6:12:79:81:c1:87:9a:50:45:20:db:
7d:cd:d5:06
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAYgjcB4iRuT5l+4OnfUYpoLJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNTE2MDcyMjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVlZWRhMDA0YjUxOWYxZmFjMzU5NzY2NDdiODBlNzdmN2JlOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdOVuaC9LlbNfPgMTKzgRCKu3LtD
CdaxqdwL8X3zHcQAriFFFPYzeHSDJxycFen0zdb3ZRtSqOA7C9OwUfbms146naJW
zp3gb+5kaO/Tjk45kqQ33lhNEqjQ23rp1w+S8cDS1KuAN6glMDMyTzFh4GJHHswI
HT6RB8xvGaARtcAWLtQHanEPOBnXtxOBnO1cEfg6FNxY7HsDvbP0FSuLIXg1EI2j
xzWJkODSa/e2C12bJgcFlveJbDJTNtxHYJNwggyPNkhA+PI09deucd7KMT3ubkRV
sS0QUqScDFUYOwdqkBf+bMc0TYw9uSagJL9ZFnrjTFtMX59JwpKI0ah8nQIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFGXu7aAEtRnx+sNZdmR7gOd/e+miMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWmU3dG9BUzFHZkg2dzFsMlpIdUE1Mzk3NmFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITBWBAIAATBQAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQBTVEyAwQAVcrLAwQAXrF6AwQCixxgAwQA
ueh1MAwDBADBo1UDBADBo1YDBADCMlwDBADCMl4wgcYEAgACMIG/MA4DBQAqBMzB
AwUDKgTMwAMFAyoJBMAwDgMFByoMO4ADBQAqDDuGAwcAKg6XwAFwAwcEKg6XwAHQ
AwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfDARADBwQqDpfEAQADBwQqDpfEASADBwAq
DrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YDBwMqDrEHIcADBwAqD+QEAQIDBwAqEC8A
AY0DBwAqEC8AAY8DBwQqEMxAAlADBwQqEMxFATADBwQqEMzABCAwDQYJKoZIhvcN
AQELBQADggEBAB+y0Th5kGn3JPRW5Yjpu5ut742SkITS45rZ+jNibfy/bEQ4iXux
1hVlQ+xo0YvErkFPe1QHaO+JifQsYwlGhYXZoohmE/R9pLjUOkio4p57iaXuHkhU
ybvP8cnEevMyd6v0SrLdWw1ivTYzIMRnq/8JKsg6A4ow+pqaNeww0M98L3Lfn8ft
FqGInHmGUUiH/iEAfTERgiJij4/oiNbPW/1BQzsH5ZBtzSMnHdt4iOLw4GusNEsy
uCb1I9xUs121tBJujtrw/KrrB+yz3iUxeYWTnq8wifTpiYniNTvfbNHpvLjtjKe9
jCG8YEzVd6QLFKu2EnmBwYeaUEUg233N1QY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:17 2023 by rpki-client on console-fra.rpki-client.org