Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/TZzkyAUFQG2RbisJIVRYc841V5I.roa
File: TZzkyAUFQG2RbisJIVRYc841V5I.roa (raw, json)
Hash identifier: si1+B2jFDiUETI1TLxlqPg+ZhO2H/5Ry+Azdbg8p4kI=
Subject key identifier: 4D:9C:E4:C8:05:05:40:6D:91:6E:2B:09:21:54:58:73:CE:35:57:92
Certificate issuer: /CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Certificate serial: 018BE68079EE8D221B748023D68BD24F62D6
Authority key identifier: 76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/TZzkyAUFQG2RbisJIVRYc841V5I.roa
Signing time: Sun 19 Nov 2023 07:34:21 +0000
ROA not before: Sun 19 Nov 2023 07:34:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44702
IP address blocks: 79.134.137.0/24 maxlen: 24
79.134.136.0/22 maxlen: 22
79.134.136.0/24 maxlen: 24
79.134.135.0/24 maxlen: 24
79.134.139.0/24 maxlen: 24
79.134.138.0/24 maxlen: 24
79.134.134.0/24 maxlen: 24
79.134.133.0/24 maxlen: 24
79.134.140.0/22 maxlen: 22
79.134.141.0/24 maxlen: 24
79.134.140.0/24 maxlen: 24
79.134.144.0/24 maxlen: 24
79.134.143.0/24 maxlen: 24
79.134.144.0/22 maxlen: 22
79.134.142.0/24 maxlen: 24
79.134.145.0/24 maxlen: 24
79.134.150.0/24 maxlen: 24
79.134.151.0/24 maxlen: 24
79.134.149.0/24 maxlen: 24
79.134.148.0/22 maxlen: 22
79.134.148.0/24 maxlen: 24
79.134.152.0/22 maxlen: 22
79.134.152.0/24 maxlen: 24
79.134.147.0/24 maxlen: 24
79.134.146.0/24 maxlen: 24
79.134.158.0/24 maxlen: 24
79.134.157.0/24 maxlen: 24
79.134.156.0/24 maxlen: 24
79.134.155.0/24 maxlen: 24
79.134.156.0/22 maxlen: 22
79.134.159.0/24 maxlen: 24
79.134.154.0/24 maxlen: 24
79.134.153.0/24 maxlen: 24
79.134.130.0/24 maxlen: 24
79.134.129.0/24 maxlen: 24
79.134.128.0/24 maxlen: 24
79.134.128.0/22 maxlen: 22
79.134.132.0/24 maxlen: 24
79.134.131.0/24 maxlen: 24
79.134.132.0/22 maxlen: 22
185.139.220.0/24 maxlen: 24
185.139.220.0/22 maxlen: 22
185.139.223.0/24 maxlen: 24
185.139.222.0/24 maxlen: 24
185.139.221.0/24 maxlen: 24
5.199.186.0/24 maxlen: 24
5.199.185.0/24 maxlen: 24
5.199.184.0/22 maxlen: 22
5.199.184.0/24 maxlen: 24
5.199.187.0/24 maxlen: 24
45.142.196.0/24 maxlen: 24
2a07:146::/32 maxlen: 32
2a07:145::/32 maxlen: 32
2a07:140::/32 maxlen: 32
2a07:142::/32 maxlen: 32
2a07:143::/32 maxlen: 32
2a07:144::/32 maxlen: 32
2a07:140::/29 maxlen: 29
2a07:147::/32 maxlen: 32
2a07:141::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:e6:80:79:ee:8d:22:1b:74:80:23:d6:8b:d2:4f:62:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=767bc02a5859623f563ea84a6bb0a2920d5b3e91
Validity
Not Before: Nov 19 07:34:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4d9ce4c80505406d916e2b0921545873ce355792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e5:3a:1d:60:99:0b:ab:d5:21:1c:fa:a6:87:
00:73:9b:af:dd:10:1f:79:64:80:67:a8:47:f7:23:
69:19:46:27:7b:20:15:cf:dc:f4:8f:3a:ae:cf:74:
5d:f2:50:67:74:78:80:29:5e:76:c4:53:6b:12:58:
3a:a9:38:cd:fe:e4:7b:62:a7:2c:1d:b7:3c:55:26:
4b:ae:6e:ad:69:fb:fb:3e:05:b0:ba:d4:6c:94:e0:
04:71:89:72:4e:8f:cb:a7:a9:6e:3a:2e:75:e3:35:
fb:31:91:66:a8:b8:52:e7:82:dc:00:2d:fc:e1:c1:
17:50:79:6c:5e:d8:62:40:e6:3d:37:c4:2c:b9:75:
11:06:67:f9:e7:a4:2b:41:26:3c:2a:ec:41:dc:4f:
a6:85:f3:ee:65:c7:80:6e:44:b8:61:e8:64:c4:70:
e0:0f:b4:02:d1:cb:ac:51:d2:af:8b:fc:32:9a:5c:
da:4e:48:2b:bd:53:0e:e2:9c:62:f5:c3:63:5c:07:
53:64:ea:3f:9a:d2:67:36:79:5e:44:e2:7f:f1:52:
7d:3c:20:2c:75:7a:84:ce:d2:bd:0d:73:86:fb:57:
ec:5e:47:15:5c:14:14:74:7a:ac:5d:ad:15:2d:a2:
e0:15:72:b9:20:99:82:84:e7:61:d0:64:0e:d3:cf:
19:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:9C:E4:C8:05:05:40:6D:91:6E:2B:09:21:54:58:73:CE:35:57:92
X509v3 Authority Key Identifier:
keyid:76:7B:C0:2A:58:59:62:3F:56:3E:A8:4A:6B:B0:A2:92:0D:5B:3E:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dnvAKlhZYj9WPqhKa7Cikg1bPpE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/TZzkyAUFQG2RbisJIVRYc841V5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/cdabc4-bae5-4d99-9e17-6815548bf33f/1/dnvAKlhZYj9WPqhKa7Cikg1bPpE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.184.0/22
45.142.196.0/24
79.134.128.0/19
185.139.220.0/22
IPv6:
2a07:140::/29
Signature Algorithm: sha256WithRSAEncryption
57:a9:8e:9f:a7:9c:a7:c0:9b:fa:55:7c:7f:b4:3f:0a:a1:d6:
f6:8d:88:a1:bf:f5:5f:2f:dc:00:76:d4:c2:e1:e3:f5:38:4a:
fa:5f:eb:2b:9e:98:51:a7:be:35:8e:8a:6d:6f:fd:db:a9:fb:
20:b1:4d:16:b5:56:03:1d:56:61:32:2a:43:2c:fd:2d:92:74:
3e:b4:57:5b:ac:23:78:93:ea:ea:f1:d8:79:44:b0:bf:94:11:
50:e5:df:f1:39:12:64:0b:0d:89:ed:cc:21:d4:03:93:fb:28:
c5:53:14:77:62:88:67:60:bd:d7:6c:47:f3:57:8b:6c:78:6b:
ea:7b:58:85:50:d2:a6:34:74:e6:19:1b:fc:06:5b:37:90:1e:
40:22:f4:de:63:fd:f6:80:65:ef:c9:20:21:d3:a5:56:26:af:
b4:46:85:04:e6:f4:d0:69:57:72:44:f9:47:4e:aa:2a:4b:0f:
2d:77:0b:19:0b:59:42:30:0f:89:86:a0:28:7b:bc:42:8f:88:
82:ff:15:ee:0a:3d:e3:70:41:c5:04:40:46:84:02:81:6c:78:
86:65:7a:8a:38:f6:c1:1f:6d:8e:47:f0:84:5d:ef:df:32:f4:
b9:a2:7d:e5:0d:d4:9a:8f:4d:69:80:ff:ec:b0:5f:e4:3a:39:
a0:27:d2:b9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYvmgHnujSIbdIAj1ovST2LWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2N2JjMDJhNTg1OTYyM2Y1NjNlYTg0YTZiYjBhMjkyMGQ1
YjNlOTEwHhcNMjMxMTE5MDczNDIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDljZTRjODA1MDU0MDZkOTE2ZTJiMDkyMTU0NTg3M2NlMzU1NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeU6HWCZC6vVIRz6pocAc5uv3RAf
eWSAZ6hH9yNpGUYneyAVz9z0jzquz3Rd8lBndHiAKV52xFNrElg6qTjN/uR7Yqcs
Hbc8VSZLrm6tafv7PgWwutRslOAEcYlyTo/Lp6luOi514zX7MZFmqLhS54LcAC38
4cEXUHlsXthiQOY9N8QsuXURBmf556QrQSY8KuxB3E+mhfPuZceAbkS4YehkxHDg
D7QC0cusUdKvi/wymlzaTkgrvVMO4pxi9cNjXAdTZOo/mtJnNnleROJ/8VJ9PCAs
dXqEztK9DXOG+1fsXkcVXBQUdHqsXa0VLaLgFXK5IJmChOdh0GQO088Z6wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE2c5MgFBUBtkW4rCSFUWHPONVeSMB8GA1UdIwQY
MBaAFHZ7wCpYWWI/Vj6oSmuwopINWz6RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTct
NjgxNTU0OGJmMzNmLzEvVFp6a3lBVUZRRzJSYmlzSklWUlljODQxVjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9jZGFiYzQtYmFlNS00ZDk5LTllMTctNjgxNTU0OGJmMzNm
LzEvZG52QUtsaFpZajlXUHFoS2E3Q2lrZzFiUHBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCBce4AwQA
LY7EAwQFT4aAAwQCuYvcMA0EAgACMAcDBQMqBwFAMA0GCSqGSIb3DQEBCwUAA4IB
AQBXqY6fp5ynwJv6VXx/tD8Kodb2jYihv/VfL9wAdtTC4eP1OEr6X+srnphRp741
joptb/3bqfsgsU0WtVYDHVZhMipDLP0tknQ+tFdbrCN4k+rq8dh5RLC/lBFQ5d/x
ORJkCw2J7cwh1AOT+yjFUxR3YohnYL3XbEfzV4tseGvqe1iFUNKmNHTmGRv8Bls3
kB5AIvTeY/32gGXvySAh06VWJq+0RoUE5vTQaVdyRPlHTqoqSw8tdwsZC1lCMA+J
hqAoe7xCj4iC/xXuCj3jcEHFBEBGhAKBbHiGZXqKOPbBH22OR/CEXe/fMvS5on3l
DdSaj01pgP/ssF/kOjmgJ9K5
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:14:17 2024 by rpki-client on console-ams.rpki-client.org