Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/zLyEGx-dd856nJMJQm3taiMXG5c.roa
File: zLyEGx-dd856nJMJQm3taiMXG5c.roa (raw, json)
Hash identifier: hENcBoe2KsujaEQzWn1s345aNWLWMZdiyoKLYzBkniY=
Subject key identifier: CC:BC:84:1B:1F:9D:77:CE:7A:9C:93:09:42:6D:ED:6A:23:17:1B:97
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 018A1CFE920053762A2E99D323F13297C7DB
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/zLyEGx-dd856nJMJQm3taiMXG5c.roa
Signing time: Tue 22 Aug 2023 11:26:00 +0000
ROA not before: Tue 22 Aug 2023 11:26:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31549
IP address blocks: 217.60.0.0/19 maxlen: 19
217.60.0.0/18 maxlen: 18
217.60.0.0/16 maxlen: 16
217.60.24.0/21 maxlen: 21
217.60.32.0/22 maxlen: 22
217.60.36.0/22 maxlen: 22
217.60.36.0/23 maxlen: 23
217.60.32.0/20 maxlen: 20
217.60.38.0/23 maxlen: 23
217.60.40.0/21 maxlen: 21
217.60.48.0/20 maxlen: 20
37.148.0.0/18 maxlen: 24
37.148.0.0/17 maxlen: 18
217.60.108.0/22 maxlen: 22
217.60.128.0/18 maxlen: 18
217.60.128.0/19 maxlen: 19
217.60.150.0/24 maxlen: 24
217.60.64.0/20 maxlen: 20
217.60.64.0/18 maxlen: 18
217.60.80.0/20 maxlen: 20
217.60.96.0/21 maxlen: 21
217.60.104.0/22 maxlen: 22
151.244.128.0/19 maxlen: 19
94.183.176.0/21 maxlen: 21
84.241.0.0/18 maxlen: 24
31.56.80.0/20 maxlen: 20
31.56.16.0/20 maxlen: 20
31.56.0.0/14 maxlen: 24
31.56.32.0/20 maxlen: 20
185.73.3.0/24 maxlen: 24
185.73.0.0/22 maxlen: 22
151.238.0.0/15 maxlen: 24
185.73.2.0/24 maxlen: 24
185.73.2.0/23 maxlen: 23
185.73.0.0/23 maxlen: 23
151.240.0.0/13 maxlen: 24
85.15.0.0/18 maxlen: 24
151.247.64.0/18 maxlen: 18
217.60.219.0/24 maxlen: 24
217.60.216.0/21 maxlen: 21
217.60.224.0/20 maxlen: 20
217.60.230.0/24 maxlen: 24
217.60.231.0/24 maxlen: 24
217.60.240.0/20 maxlen: 20
37.202.128.0/18 maxlen: 18
37.202.128.0/17 maxlen: 17
217.60.160.0/19 maxlen: 19
217.60.160.0/21 maxlen: 21
217.60.160.0/20 maxlen: 20
217.60.161.0/24 maxlen: 24
217.60.171.0/24 maxlen: 24
217.60.170.0/24 maxlen: 24
217.60.168.0/23 maxlen: 23
217.60.176.0/21 maxlen: 21
217.60.176.0/24 maxlen: 24
217.60.184.0/22 maxlen: 22
37.148.78.0/24 maxlen: 24
217.60.188.0/22 maxlen: 22
217.60.192.0/22 maxlen: 22
217.60.192.0/20 maxlen: 20
217.60.196.0/22 maxlen: 22
217.60.192.0/18 maxlen: 18
217.60.200.0/22 maxlen: 22
94.182.0.0/15 maxlen: 24
217.60.207.0/24 maxlen: 24
217.60.212.0/22 maxlen: 22
217.60.209.0/24 maxlen: 24
217.60.208.0/20 maxlen: 20
217.60.208.0/23 maxlen: 23
37.202.192.0/18 maxlen: 18
37.202.136.0/24 maxlen: 24
31.57.208.0/20 maxlen: 20
2a0e:0:1:3000::/52 maxlen: 52
2a0e:0:1:2000::/52 maxlen: 52
2a0e:0:1:1000::/52 maxlen: 52
2a0e:0:1::/52 maxlen: 52
2a0e::/26 maxlen: 26
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:1c:fe:92:00:53:76:2a:2e:99:d3:23:f1:32:97:c7:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Aug 22 11:26:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccbc841b1f9d77ce7a9c9309426ded6a23171b97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fa:86:ef:3d:a5:95:0e:ca:26:bf:fe:bd:26:
6b:2e:bc:32:8a:5e:8b:b5:ff:e1:26:10:f9:aa:1c:
26:09:c3:28:da:82:23:07:d8:c2:8f:ac:b3:7a:e4:
65:53:5c:16:5d:8d:37:dd:26:6c:15:0b:cb:cf:6e:
ea:b4:7e:7b:f4:e9:2a:9c:71:48:4d:ac:f6:3b:e9:
87:77:d9:a0:87:e8:f1:ee:6c:95:9e:31:b9:54:09:
62:63:1d:fc:13:e6:f3:db:e9:55:d4:ba:6b:7a:57:
a6:fa:27:f2:e7:3c:23:88:02:57:f3:63:bb:2b:f6:
55:42:47:ab:73:67:65:f3:5f:08:59:41:f7:38:78:
a5:92:e6:34:f5:3b:ed:8f:80:1e:88:55:3e:32:2b:
7c:65:9f:f5:43:ad:fa:98:dc:1b:de:50:1a:b5:8b:
be:87:7d:3f:b7:13:f3:1f:df:f0:0b:30:84:9f:1e:
a1:09:c7:f9:98:35:70:87:ce:89:3f:52:0e:e6:d9:
2a:c4:10:3c:e2:2c:af:8f:95:cf:07:bc:35:ea:5f:
6c:a4:68:3b:72:57:4d:92:c1:9e:a1:d5:fd:5c:7c:
1f:0f:3d:c9:20:05:fb:18:0b:ff:4f:3e:18:26:6f:
2d:83:40:a2:c9:2d:95:f7:eb:69:34:c1:0f:b8:ab:
d0:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BC:84:1B:1F:9D:77:CE:7A:9C:93:09:42:6D:ED:6A:23:17:1B:97
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/zLyEGx-dd856nJMJQm3taiMXG5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.0.0/14
37.148.0.0/17
37.202.128.0/17
84.241.0.0/18
85.15.0.0/18
94.182.0.0/15
151.238.0.0-151.247.255.255
185.73.0.0/22
217.60.0.0/16
IPv6:
2a0e::/26
Signature Algorithm: sha256WithRSAEncryption
79:b6:7c:22:3c:46:94:9b:d3:f3:89:e4:6a:8c:81:2c:87:79:
ad:d9:1f:ce:e6:2d:33:dd:1a:de:4c:73:c5:c1:b8:7f:53:32:
c5:87:ea:54:7f:40:4e:07:9a:d8:71:89:13:45:f8:24:0c:12:
d1:5c:c4:56:e2:a5:d6:40:74:08:7d:14:cd:2a:ab:ee:37:c2:
5b:9a:7c:95:88:5e:04:35:5c:fe:04:61:32:10:ec:65:ce:d6:
40:ab:a0:a0:87:98:4b:78:4c:d3:c2:f3:56:e5:9c:5c:8a:ff:
3a:18:0b:f1:b8:19:d2:bf:72:1d:ca:36:4c:b3:1c:83:03:8f:
50:73:e8:f2:41:2f:91:d4:a8:ab:39:17:87:92:e2:42:73:e1:
0b:da:b9:3a:1f:55:bf:c4:82:5c:4f:5c:51:63:e1:e7:2c:6f:
ee:45:e2:d9:2c:27:f7:79:e5:d4:ea:6c:c7:bb:53:2c:59:75:
92:58:ad:54:9e:14:3e:ee:63:e1:f5:97:85:e8:6b:f9:1c:30:
0d:7c:07:38:42:54:99:ac:cf:9a:af:c0:49:b0:52:f8:f9:29:
9c:0b:46:ef:a8:81:11:c1:97:16:42:92:f9:98:d7:f3:8d:16:
f4:91:f4:4a:13:a9:0e:16:7b:23:fa:66:eb:83:26:98:46:84:
bc:56:cd:23
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYoc/pIAU3YqLpnTI/Eyl8fbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjMwODIyMTEyNjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JjODQxYjFmOWQ3N2NlN2E5YzkzMDk0MjZkZWQ2YTIzMTcxYjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/qG7z2llQ7KJr/+vSZrLrwyil6L
tf/hJhD5qhwmCcMo2oIjB9jCj6yzeuRlU1wWXY033SZsFQvLz27qtH579OkqnHFI
Taz2O+mHd9mgh+jx7myVnjG5VAliYx38E+bz2+lV1Lprelem+ify5zwjiAJX82O7
K/ZVQkerc2dl818IWUH3OHilkuY09Tvtj4AeiFU+Mit8ZZ/1Q636mNwb3lAatYu+
h30/txPzH9/wCzCEnx6hCcf5mDVwh86JP1IO5tkqxBA84iyvj5XPB7w16l9spGg7
cldNksGeodX9XHwfDz3JIAX7GAv/Tz4YJm8tg0CiyS2V9+tpNMEPuKvQ3QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMy8hBsfnXfOepyTCUJt7WojFxuXMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvekx5RUd4LWRkODU2bkpNSlFtM3RhaU1YRzVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA/BAIAATA5AwMCHzgDBAcl
lAADBAclyoADBAZU8QADBAZVDwADAwFetjAKAwMBl+4DAwOX8AMEArlJAAMDANk8
MA0EAgACMAcDBQYqDgAAMA0GCSqGSIb3DQEBCwUAA4IBAQB5tnwiPEaUm9PzieRq
jIEsh3mt2R/O5i0z3RreTHPFwbh/UzLFh+pUf0BOB5rYcYkTRfgkDBLRXMRW4qXW
QHQIfRTNKqvuN8JbmnyViF4ENVz+BGEyEOxlztZAq6Cgh5hLeEzTwvNW5Zxciv86
GAvxuBnSv3IdyjZMsxyDA49Qc+jyQS+R1KirOReHkuJCc+EL2rk6H1W/xIJcT1xR
Y+HnLG/uReLZLCf3eeXU6mzHu1MsWXWSWK1UnhQ+7mPh9ZeF6Gv5HDANfAc4QlSZ
rM+ar8BJsFL4+SmcC0bvqIERwZcWQpL5mNfzjRb0kfRKE6kOFnsj+mbrgyaYRoS8
Vs0j
-----END CERTIFICATE-----
Generated at Sat Nov 4 12:25:13 2023 by rpki-client on console-ams.rpki-client.org