Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/f0uc1G6bN6wTcn06LfIxFRKi7WA.roa
File: f0uc1G6bN6wTcn06LfIxFRKi7WA.roa (raw, json)
Hash identifier: OaLu4d3P5pe9CzHDeNsQ7rFM5P24gd6rRS/VtLvukEQ=
Subject key identifier: 7F:4B:9C:D4:6E:9B:37:AC:13:72:7D:3A:2D:F2:31:15:12:A2:ED:60
Certificate issuer: /CN=64347465bc925c8e756ddfaa609eda02cc52d031
Certificate serial: 01856CF86D9608A558A9BFD22F63C1DABFB8
Authority key identifier: 64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/f0uc1G6bN6wTcn06LfIxFRKi7WA.roa
Signing time: Sun 01 Jan 2023 10:54:58 +0000
ROA not before: Sun 01 Jan 2023 10:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42314
IP address blocks: 185.97.64.0/24 maxlen: 24
85.114.97.0/24 maxlen: 24
85.114.98.0/24 maxlen: 24
85.114.96.0/24 maxlen: 24
85.114.96.0/19 maxlen: 19
85.114.100.0/24 maxlen: 24
85.114.101.0/24 maxlen: 24
85.114.99.0/24 maxlen: 24
85.114.104.0/24 maxlen: 24
85.114.105.0/24 maxlen: 24
85.114.102.0/24 maxlen: 24
85.114.103.0/24 maxlen: 24
85.114.111.0/24 maxlen: 24
85.114.112.0/24 maxlen: 24
85.114.109.0/24 maxlen: 24
85.114.110.0/24 maxlen: 24
85.114.107.0/24 maxlen: 24
85.114.108.0/24 maxlen: 24
85.114.106.0/24 maxlen: 24
85.114.114.0/24 maxlen: 24
85.114.115.0/24 maxlen: 24
85.114.113.0/24 maxlen: 24
85.114.118.0/24 maxlen: 24
85.114.116.0/24 maxlen: 24
85.114.117.0/24 maxlen: 24
85.114.125.0/24 maxlen: 24
85.114.123.0/24 maxlen: 24
85.114.124.0/24 maxlen: 24
85.114.121.0/24 maxlen: 24
85.114.122.0/24 maxlen: 24
85.114.120.0/24 maxlen: 24
85.114.119.0/24 maxlen: 24
85.114.127.0/24 maxlen: 24
85.114.126.0/24 maxlen: 24
185.97.66.0/24 maxlen: 24
185.97.67.0/24 maxlen: 24
185.97.65.0/24 maxlen: 24
2a01:8b20::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:6d:96:08:a5:58:a9:bf:d2:2f:63:c1:da:bf:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64347465bc925c8e756ddfaa609eda02cc52d031
Validity
Not Before: Jan 1 10:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7f4b9cd46e9b37ac13727d3a2df2311512a2ed60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:49:ce:20:8b:66:96:4c:b1:07:e3:ff:eb:98:
31:12:7a:5b:e1:b4:90:48:2f:07:df:54:bc:dd:21:
5b:cd:17:0f:1e:91:44:15:5a:e7:ef:9c:a7:a1:5f:
10:d0:d8:f9:e8:08:0b:b9:b1:75:33:c3:6a:76:95:
f6:39:f3:0b:70:c5:ff:7a:1c:16:25:b8:8a:75:ee:
d4:dc:69:a5:79:b6:1e:b7:c9:72:c8:4b:81:6e:cd:
da:5b:f6:83:92:0c:1c:21:77:b7:d1:7b:4f:c8:7a:
c0:75:2d:f3:a5:2f:a6:41:99:7e:1f:b0:27:3c:63:
7d:76:08:1a:86:16:6e:8e:86:1f:9d:c1:a5:63:9e:
db:be:f6:70:6c:94:b4:7b:85:95:99:74:bd:97:0b:
94:b5:92:93:88:e8:cf:c7:11:2a:20:c7:b1:e0:f7:
4a:3c:b1:84:e5:d1:c7:f2:6a:92:d8:d6:1a:8c:0e:
fd:d6:1c:fd:48:7b:f4:3a:b0:f9:4a:63:62:d6:4a:
32:85:98:45:10:b9:29:5a:20:9b:0e:7a:35:0b:f7:
e6:88:75:87:0f:7b:d3:a4:33:de:5b:fd:11:3b:78:
d4:80:b8:52:11:ee:1d:dc:87:f4:bf:e4:4a:e6:06:
2e:1e:d6:ed:66:84:ca:5d:30:32:24:98:2f:66:d1:
87:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:4B:9C:D4:6E:9B:37:AC:13:72:7D:3A:2D:F2:31:15:12:A2:ED:60
X509v3 Authority Key Identifier:
keyid:64:34:74:65:BC:92:5C:8E:75:6D:DF:AA:60:9E:DA:02:CC:52:D0:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/f0uc1G6bN6wTcn06LfIxFRKi7WA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b1ff7b-b766-47c7-be0d-c0a7b7377eab/1/ZDR0ZbySXI51bd-qYJ7aAsxS0DE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.114.96.0/19
185.97.64.0/22
IPv6:
2a01:8b20::/32
Signature Algorithm: sha256WithRSAEncryption
07:af:c9:bb:ee:e0:2a:13:5c:ac:f9:97:cf:30:25:51:5d:df:
d1:c2:20:d4:ae:2d:f6:1e:1a:c3:5d:05:6e:00:62:bb:db:44:
c0:a2:ad:5e:95:17:1e:63:bb:0e:72:85:e7:8e:37:0b:fa:cd:
3b:1f:6c:23:d7:ba:e5:b6:f7:87:90:80:de:80:04:2a:6c:01:
cf:4c:84:da:c3:cd:78:48:f2:48:c7:53:6f:8d:5f:52:7b:6b:
e4:ce:08:3d:26:57:67:44:72:22:48:b4:17:d6:a0:93:d7:ab:
12:55:79:f7:51:4f:6a:df:22:74:2d:7e:92:a5:60:2e:64:ea:
39:f9:cc:4d:c8:5c:ab:c2:43:38:87:24:cc:a1:94:4d:e7:11:
d6:95:45:fe:e7:1f:bc:e9:b4:88:3c:d8:78:93:38:38:80:a1:
08:f5:f2:dc:15:f4:d0:53:2f:d0:9e:f7:16:1b:86:c3:a4:70:
d1:b3:b6:47:5e:be:91:0c:c7:cd:ae:a2:33:4c:da:ff:28:ad:
f0:dd:8e:b5:d9:dc:1e:90:fc:b4:0d:b6:e2:81:fe:2d:1f:62:
3b:10:1a:16:dd:c3:a4:55:bb:48:77:27:fa:c4:5c:78:df:f3:
48:5c:ec:f6:81:36:88:09:bb:d8:bd:99:27:f2:d7:40:3e:ba:
14:e9:b8:31
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVs+G2WCKVYqb/SL2PB2r+4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MzQ3NDY1YmM5MjVjOGU3NTZkZGZhYTYwOWVkYTAyY2M1
MmQwMzEwHhcNMjMwMTAxMTA1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjRiOWNkNDZlOWIzN2FjMTM3MjdkM2EyZGYyMzExNTEyYTJlZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkknOIItmlkyxB+P/65gxEnpb4bSQ
SC8H31S83SFbzRcPHpFEFVrn75ynoV8Q0Nj56AgLubF1M8NqdpX2OfMLcMX/ehwW
JbiKde7U3GmlebYet8lyyEuBbs3aW/aDkgwcIXe30XtPyHrAdS3zpS+mQZl+H7An
PGN9dggahhZujoYfncGlY57bvvZwbJS0e4WVmXS9lwuUtZKTiOjPxxEqIMex4PdK
PLGE5dHH8mqS2NYajA791hz9SHv0OrD5SmNi1koyhZhFELkpWiCbDno1C/fmiHWH
D3vTpDPeW/0RO3jUgLhSEe4d3If0v+RK5gYuHtbtZoTKXTAyJJgvZtGHqQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFH9LnNRumzesE3J9Oi3yMRUSou1gMB8GA1UdIwQY
MBaAFGQ0dGW8klyOdW3fqmCe2gLMUtAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQt
YzBhN2I3Mzc3ZWFiLzEvZjB1YzFHNmJONndUY24wNkxmSXhGUktpN1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMWZmN2ItYjc2Ni00N2M3LWJlMGQtYzBhN2I3Mzc3ZWFi
LzEvWkRSMFpieVNYSTUxYmQtcVlKN2FBc3hTMERFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFVXJgAwQC
uWFAMA0EAgACMAcDBQAqAYsgMA0GCSqGSIb3DQEBCwUAA4IBAQAHr8m77uAqE1ys
+ZfPMCVRXd/RwiDUri32HhrDXQVuAGK720TAoq1elRceY7sOcoXnjjcL+s07H2wj
17rltveHkIDegAQqbAHPTITaw814SPJIx1NvjV9Se2vkzgg9JldnRHIiSLQX1qCT
16sSVXn3UU9q3yJ0LX6SpWAuZOo5+cxNyFyrwkM4hyTMoZRN5xHWlUX+5x+86bSI
PNh4kzg4gKEI9fLcFfTQUy/QnvcWG4bDpHDRs7ZHXr6RDMfNrqIzTNr/KK3w3Y61
2dwekPy0Dbbigf4tH2I7EBoW3cOkVbtIdyf6xFx43/NIXOz2gTaICbvYvZkn8tdA
ProU6bgx
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:22 2023 by rpki-client on console-ams.rpki-client.org