Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/zzfSWkg-E9LJ68nVy5mK3lODWD0.roa
File: zzfSWkg-E9LJ68nVy5mK3lODWD0.roa (raw, json)
Hash identifier: GDsRcF0h76kIKCayXHKuSdDPQD+iYMbTnQOyOu5abfM=
Subject key identifier: CF:37:D2:5A:48:3E:13:D2:C9:EB:C9:D5:CB:99:8A:DE:53:83:58:3D
Certificate issuer: /CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Certificate serial: 01857355D9D645865D299FF11C04EC37BA32
Authority key identifier: 7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/zzfSWkg-E9LJ68nVy5mK3lODWD0.roa
Signing time: Mon 02 Jan 2023 16:34:44 +0000
ROA not before: Mon 02 Jan 2023 16:34:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 766
IP address blocks: 212.128.64.0/19 maxlen: 19
212.128.0.0/18 maxlen: 18
158.99.0.0/16 maxlen: 16
212.128.128.0/17 maxlen: 17
185.205.148.0/22 maxlen: 22
193.144.0.0/14 maxlen: 14
192.187.24.0/23 maxlen: 23
130.206.0.0/16 maxlen: 16
192.148.201.0/24 maxlen: 24
192.148.204.0/22 maxlen: 22
192.148.202.0/23 maxlen: 23
2001:720::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d9:d6:45:86:5d:29:9f:f1:1c:04:ec:37:ba:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7f50077d2dd8a67a1ae8b6abd6bbb3489028a5bb
Validity
Not Before: Jan 2 16:34:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf37d25a483e13d2c9ebc9d5cb998ade5383583d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:47:08:81:0e:8e:b0:8b:c4:a8:c2:b8:02:6d:
79:29:78:2f:30:03:99:40:33:c0:d0:2e:a4:d4:b7:
2f:46:df:9c:5c:16:03:5a:8f:21:d4:76:fb:2b:c1:
7a:3b:39:8f:df:a3:98:29:c6:7c:0c:3e:bd:ee:ef:
a0:0c:1c:7c:5e:1c:1e:e4:6d:03:e7:65:69:4d:a1:
bf:1d:fb:37:c6:4d:9f:3e:d8:ea:7f:f3:e1:04:de:
21:6f:c6:83:fe:f9:ed:37:ba:e6:21:f9:09:a3:95:
60:b7:16:65:bb:df:27:8e:51:cd:9e:92:45:3b:4f:
9f:f2:d8:cb:21:37:82:16:30:24:5e:23:6f:81:2c:
10:33:a7:08:e8:ec:35:3a:c0:7a:24:50:25:28:ec:
00:80:ba:9a:2b:f4:2d:ab:08:d8:cf:83:fc:25:a6:
c4:4d:b6:68:e0:2d:a6:e0:95:75:e0:8e:7d:c5:c5:
75:f3:df:27:9e:39:5d:ee:92:55:af:c4:e8:fb:06:
8a:9a:63:2c:8f:7f:f5:9b:0c:2e:c8:77:47:e3:1d:
4c:f6:17:8f:06:9a:b2:ad:03:aa:2e:4f:3a:c7:53:
c9:cc:a5:2f:89:81:8d:7c:47:56:1c:1f:69:21:d5:
95:f8:58:08:4d:e8:d6:d9:17:5c:f8:40:eb:33:91:
2c:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:37:D2:5A:48:3E:13:D2:C9:EB:C9:D5:CB:99:8A:DE:53:83:58:3D
X509v3 Authority Key Identifier:
keyid:7F:50:07:7D:2D:D8:A6:7A:1A:E8:B6:AB:D6:BB:B3:48:90:28:A5:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1AHfS3Ypnoa6Lar1ruzSJAopbs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/zzfSWkg-E9LJ68nVy5mK3lODWD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/c1c1ce-ea59-4dcf-bccc-3e7cadd88c70/1/f1AHfS3Ypnoa6Lar1ruzSJAopbs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.206.0.0/16
158.99.0.0/16
185.205.148.0/22
192.148.201.0-192.148.207.255
192.187.24.0/23
193.144.0.0/14
212.128.0.0-212.128.95.255
212.128.128.0/17
IPv6:
2001:720::/32
Signature Algorithm: sha256WithRSAEncryption
06:a3:7b:60:ac:a5:58:76:78:a4:87:3f:f5:ad:08:90:ed:ee:
b8:33:ab:cf:92:78:d9:65:2d:88:a1:d3:83:72:c4:de:16:df:
24:e3:86:21:2a:d0:70:87:e4:23:fa:81:b0:25:82:d5:f0:a6:
02:ca:48:93:4f:5c:29:32:3b:50:2c:99:b6:69:59:e1:5b:99:
5e:8d:4a:ab:19:af:2d:d8:fd:0b:90:20:4c:63:18:55:35:a7:
67:5f:e8:4c:6a:36:53:08:51:af:42:17:49:0a:fc:a5:db:74:
ba:ba:d8:81:15:fa:55:ee:c2:75:81:7e:3e:7c:2e:13:2c:97:
95:47:fa:e7:a3:46:c5:04:17:72:03:f7:6e:4d:6d:65:da:b7:
2a:42:f5:a9:9c:f7:c0:57:44:e3:33:03:8a:54:d2:e3:33:e1:
65:02:c2:1a:59:2b:1a:70:26:4b:d6:8c:1e:d9:18:b5:f1:29:
a0:41:2a:8d:d6:ac:15:73:8d:f2:33:62:4d:5a:34:98:7d:3b:
06:da:88:bb:89:a6:d0:e0:cc:34:a1:1f:d8:ee:53:c9:31:c2:
fa:af:ec:a6:01:71:34:d7:49:67:ab:23:76:73:7d:42:83:5c:
21:17:26:6e:7e:1a:70:c8:12:d6:51:94:ff:a1:77:a4:72:73:
63:e8:88:73
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYVzVdnWRYZdKZ/xHATsN7oyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdmNTAwNzdkMmRkOGE2N2ExYWU4YjZhYmQ2YmJiMzQ4OTAy
OGE1YmIwHhcNMjMwMTAyMTYzNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM3ZDI1YTQ4M2UxM2QyYzllYmM5ZDVjYjk5OGFkZTUzODM1ODNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8EcIgQ6OsIvEqMK4Am15KXgvMAOZ
QDPA0C6k1LcvRt+cXBYDWo8h1Hb7K8F6OzmP36OYKcZ8DD697u+gDBx8Xhwe5G0D
52VpTaG/Hfs3xk2fPtjqf/PhBN4hb8aD/vntN7rmIfkJo5VgtxZlu98njlHNnpJF
O0+f8tjLITeCFjAkXiNvgSwQM6cI6Ow1OsB6JFAlKOwAgLqaK/QtqwjYz4P8JabE
TbZo4C2m4JV14I59xcV1898nnjld7pJVr8To+waKmmMsj3/1mwwuyHdH4x1M9heP
BpqyrQOqLk86x1PJzKUviYGNfEdWHB9pIdWV+FgITejW2Rdc+EDrM5EskQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFM830lpIPhPSyevJ1cuZit5Tg1g9MB8GA1UdIwQY
MBaAFH9QB30t2KZ6Gui2q9a7s0iQKKW7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2Mt
M2U3Y2FkZDg4YzcwLzEvenpmU1drZy1FOUxKNjhuVnk1bUszbE9EV0QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9jMWMxY2UtZWE1OS00ZGNmLWJjY2MtM2U3Y2FkZDg4Yzcw
LzEvZjFBSGZTM1lwbm9hNkxhcjFydXpTSkFvcGJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwMAgs4DAwCe
YwMEArnNlDAMAwQAwJTJAwQEwJTAAwQBwLsYAwMCwZAwCwMDB9SAAwQF1IBAAwQH
1ICAMA0EAgACMAcDBQAgAQcgMA0GCSqGSIb3DQEBCwUAA4IBAQAGo3tgrKVYdnik
hz/1rQiQ7e64M6vPknjZZS2IodODcsTeFt8k44YhKtBwh+Qj+oGwJYLV8KYCykiT
T1wpMjtQLJm2aVnhW5lejUqrGa8t2P0LkCBMYxhVNadnX+hMajZTCFGvQhdJCvyl
23S6utiBFfpV7sJ1gX4+fC4TLJeVR/rno0bFBBdyA/duTW1l2rcqQvWpnPfAV0Tj
MwOKVNLjM+FlAsIaWSsacCZL1owe2Ri18SmgQSqN1qwVc43yM2JNWjSYfTsG2oi7
iabQ4Mw0oR/Y7lPJMcL6r+ymAXE010lnqyN2c31Cg1whFyZufhpwyBLWUZT/oXek
cnNj6Ihz
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:42 2024 by rpki-client on console-fra.rpki-client.org