Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZylgPHYV-4pecC8DjhKrQaqp8lA.roa
File: ZylgPHYV-4pecC8DjhKrQaqp8lA.roa (raw, json)
Hash identifier: 8w0ju4eUg9gNFer0vJFTyeHg9j2twcdgRkor5G2I0QI=
Subject key identifier: 67:29:60:3C:76:15:FB:8A:5E:70:2F:03:8E:12:AB:41:AA:A9:F2:50
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 01893A8D12218817CA2C68A00B31FBB4EBE6
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZylgPHYV-4pecC8DjhKrQaqp8lA.roa
Signing time: Sun 09 Jul 2023 12:07:50 +0000
ROA not before: Sun 09 Jul 2023 12:07:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58057
IP address blocks: 194.50.94.0/24 maxlen: 24
194.50.92.0/24 maxlen: 24
193.163.85.0/24 maxlen: 24
193.163.86.0/24 maxlen: 24
185.238.188.0/22 maxlen: 24
45.148.116.0/22 maxlen: 24
45.131.184.0/22 maxlen: 24
77.81.50.0/23 maxlen: 24
185.232.117.0/24 maxlen: 24
45.136.136.0/22 maxlen: 24
94.177.122.0/24 maxlen: 24
85.202.203.0/24 maxlen: 24
45.12.68.0/22 maxlen: 24
31.42.183.0/24 maxlen: 24
2a0e:97c0:260::/44 maxlen: 44
2a04:ccc6::/32 maxlen: 48
2a0e:97c3:110::/44 maxlen: 48
2a10:ccc0:420::/44 maxlen: 48
2a0c:3b80::/32 maxlen: 48
2a04:ccc7::/32 maxlen: 48
2a04:ccc4::/32 maxlen: 48
2a0c:3b86::/32 maxlen: 48
2a0e:97c0:170::/48 maxlen: 48
2a0c:3b85::/32 maxlen: 48
2a0c:3b82::/32 maxlen: 48
2a10:2f00:193::/48 maxlen: 48
2a04:ccc5::/32 maxlen: 48
2a0e:b107:21c0::/45 maxlen: 48
2a09:4c0::/29 maxlen: 64
2a04:ccc0:ffff::/48 maxlen: 48
2a10:cc45:130::/44 maxlen: 44
2a0c:3b83::/32 maxlen: 48
2a0e:97c0:1d0::/44 maxlen: 44
2a0e:b107:1165::/48 maxlen: 48
2a10:2f00:18d::/48 maxlen: 48
2a04:ccc1::/32 maxlen: 48
2a0e:97c1:200::/40 maxlen: 48
2a10:2f00:18f::/48 maxlen: 48
2a0e:b107:9f2::/48 maxlen: 48
2a0c:3b81::/32 maxlen: 48
2a10:cc40:250::/44 maxlen: 48
2a0f:e404:102::/48 maxlen: 48
2a0c:3b84::/32 maxlen: 48
2a04:ccc3::/32 maxlen: 48
2a0e:b107:1786::/48 maxlen: 48
2a0e:97c4:120::/44 maxlen: 48
2a0e:97c4:100::/44 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:3a:8d:12:21:88:17:ca:2c:68:a0:0b:31:fb:b4:eb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Jul 9 12:07:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6729603c7615fb8a5e702f038e12ab41aaa9f250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:19:4b:82:b9:ea:49:f7:6a:59:3b:20:37:c9:
2c:63:e9:87:88:bc:06:97:d8:dd:1f:7a:2f:5b:db:
74:4d:ee:0e:cf:e0:67:16:30:b2:41:38:9a:68:70:
f7:e5:80:1d:83:b7:71:f6:30:31:ff:86:7a:86:aa:
f6:b9:ab:13:f9:4e:03:f4:5f:98:1b:28:02:ec:da:
3c:da:c6:10:b3:95:56:4f:bf:3c:da:81:c1:5a:b8:
28:30:79:6d:6a:cf:4c:6b:8e:e6:a4:20:56:33:da:
e7:b6:79:43:a2:74:9a:bb:f1:af:3c:39:cd:86:4f:
57:00:d1:af:37:a6:f1:89:fb:c9:7e:49:30:1c:7e:
58:17:01:9f:97:a9:ed:41:86:ba:54:cb:61:d3:41:
b2:c1:b7:aa:74:e4:f0:34:af:7a:a7:e7:d4:34:75:
21:6c:49:3e:27:1a:63:2f:67:2d:cd:34:79:57:15:
8d:97:1c:78:02:05:6f:d5:e6:43:83:e5:34:7f:a3:
b8:09:5b:bc:41:3c:33:cb:33:06:6d:d8:89:51:06:
1e:5c:2a:08:2a:1c:60:0a:2b:02:ed:dd:b4:40:41:
fc:51:9e:fb:b2:9d:f0:c9:3e:6f:6e:dc:34:a8:b5:
60:f4:40:fb:8e:8c:de:c6:f5:80:a7:13:d6:07:96:
7b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:29:60:3C:76:15:FB:8A:5E:70:2F:03:8E:12:AB:41:AA:A9:F2:50
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ZylgPHYV-4pecC8DjhKrQaqp8lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.183.0/24
45.12.68.0/22
45.131.184.0/22
45.136.136.0/22
45.148.116.0/22
77.81.50.0/23
85.202.203.0/24
94.177.122.0/24
185.232.117.0/24
185.238.188.0/22
193.163.85.0-193.163.86.255
194.50.92.0/24
194.50.94.0/24
IPv6:
2a04:ccc0:ffff::-2a04:ccc1:ffff:ffff:ffff:ffff:ffff:ffff
2a04:ccc3::-2a04:ccc7:ffff:ffff:ffff:ffff:ffff:ffff
2a09:4c0::/29
2a0c:3b80::-2a0c:3b86:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:97c0:170::/48
2a0e:97c0:1d0::/44
2a0e:97c0:260::/44
2a0e:97c1:200::/40
2a0e:97c3:110::/44
2a0e:97c4:100::/44
2a0e:97c4:120::/44
2a0e:b107:9f2::/48
2a0e:b107:1165::/48
2a0e:b107:1786::/48
2a0e:b107:21c0::/45
2a0f:e404:102::/48
2a10:2f00:18d::/48
2a10:2f00:18f::/48
2a10:2f00:193::/48
2a10:cc40:250::/44
2a10:cc45:130::/44
2a10:ccc0:420::/44
Signature Algorithm: sha256WithRSAEncryption
25:e0:db:77:5c:60:3b:82:85:84:80:a8:48:51:0f:c3:41:04:
16:41:40:cc:dd:64:d7:72:d9:1a:38:ad:b9:c6:57:56:a5:41:
e3:ac:4e:35:9e:ea:71:52:4b:1e:f5:02:31:2a:c2:7d:ae:cf:
d1:ae:30:5b:77:04:a3:af:42:81:e0:1d:c7:1a:28:fc:2b:b1:
a1:43:82:3e:3e:ef:52:ce:dc:e1:59:6c:70:39:2f:fd:c3:48:
d3:13:ce:dd:a1:49:6f:5e:f9:c6:ff:50:c2:73:98:55:ba:d1:
5d:7d:3c:3f:8c:be:a6:3c:1e:77:d7:d8:c2:8f:e3:ea:ea:5d:
8c:e1:1c:b9:41:1c:53:40:11:50:1e:b3:39:3e:df:ce:0b:ea:
c0:2a:7d:30:f5:5b:b1:e8:c5:62:35:c9:5c:c5:f8:e2:76:dd:
bd:fa:a2:6d:ba:22:2e:44:a2:19:a3:c0:47:29:ab:c3:c3:2c:
35:0e:62:23:25:f0:ec:8a:02:ad:70:8e:6a:7c:ff:d9:e8:50:
a0:5c:bc:4d:eb:57:95:0e:55:4f:a2:bf:a1:1e:21:06:84:f5:
e0:08:17:3c:2b:54:35:b8:f4:e3:b3:86:c7:69:a7:73:76:52:
df:e8:9d:76:8e:5c:33:25:84:ba:26:ca:14:2e:cc:a6:a4:e5:
67:2d:24:d4
-----BEGIN CERTIFICATE-----
MIIGNzCCBR+gAwIBAgISAYk6jRIhiBfKLGigCzH7tOvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjMwNzA5MTIwNzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzI5NjAzYzc2MTVmYjhhNWU3MDJmMDM4ZTEyYWI0MWFhYTlmMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxlLgrnqSfdqWTsgN8ksY+mHiLwG
l9jdH3ovW9t0Te4Oz+BnFjCyQTiaaHD35YAdg7dx9jAx/4Z6hqr2uasT+U4D9F+Y
GygC7No82sYQs5VWT7882oHBWrgoMHltas9Ma47mpCBWM9rntnlDonSau/GvPDnN
hk9XANGvN6bxifvJfkkwHH5YFwGfl6ntQYa6VMth00GywbeqdOTwNK96p+fUNHUh
bEk+JxpjL2ctzTR5VxWNlxx4AgVv1eZDg+U0f6O4CVu8QTwzyzMGbdiJUQYeXCoI
KhxgCisC7d20QEH8UZ77sp3wyT5vbtw0qLVg9ED7jozexvWApxPWB5Z7QQIDAQAB
o4IDQzCCAz8wHQYDVR0OBBYEFGcpYDx2FfuKXnAvA44Sq0GqqfJQMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvWnlsZ1BIWVYtNHBlY0M4RGpoS3JRYXFwOGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBVwYIKwYBBQUHAQcBAf8EggFGMIIBQjBcBAIAATBWAwQA
Hyq3AwQCLQxEAwQCLYO4AwQCLYiIAwQCLZR0AwQBTVEyAwQAVcrLAwQAXrF6AwQA
ueh1AwQCue68MAwDBADBo1UDBADBo1YDBADCMlwDBADCMl4wgeEEAgACMIHaMBAD
BwAqBMzA//8DBQEqBMzAMA4DBQAqBMzDAwUDKgTMwAMFAyoJBMAwDgMFByoMO4AD
BQAqDDuGAwcAKg6XwAFwAwcEKg6XwAHQAwcEKg6XwAJgAwYAKg6XwQIDBwQqDpfD
ARADBwQqDpfEAQADBwQqDpfEASADBwAqDrEHCfIDBwAqDrEHEWUDBwAqDrEHF4YD
BwMqDrEHIcADBwAqD+QEAQIDBwAqEC8AAY0DBwAqEC8AAY8DBwAqEC8AAZMDBwQq
EMxAAlADBwQqEMxFATADBwQqEMzABCAwDQYJKoZIhvcNAQELBQADggEBACXg23dc
YDuChYSAqEhRD8NBBBZBQMzdZNdy2Ro4rbnGV1alQeOsTjWe6nFSSx71AjEqwn2u
z9GuMFt3BKOvQoHgHccaKPwrsaFDgj4+71LO3OFZbHA5L/3DSNMTzt2hSW9e+cb/
UMJzmFW60V19PD+MvqY8HnfX2MKP4+rqXYzhHLlBHFNAEVAeszk+384L6sAqfTD1
W7HoxWI1yVzF+OJ23b36om26Ii5EohmjwEcpq8PDLDUOYiMl8OyKAq1wjmp8/9no
UKBcvE3rV5UOVU+iv6EeIQaE9eAIFzwrVDW49OOzhsdpp3N2Ut/onXaOXDMlhLom
yhQuzKak5WctJNQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:01 2023 by rpki-client on console-ams.rpki-client.org