Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/KzyY6uVZxr60Sa5jdGLdKC2u4hc.roa
File: KzyY6uVZxr60Sa5jdGLdKC2u4hc.roa (raw, json)
Hash identifier: H5shvBGLDtPcb96z2eGhdRTjB90BMHRi46GSPRgDFi4=
Subject key identifier: 2B:3C:98:EA:E5:59:C6:BE:B4:49:AE:63:74:62:DD:28:2D:AE:E2:17
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 018C460211CE17479DCC0D3A39D87A2D8712
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/KzyY6uVZxr60Sa5jdGLdKC2u4hc.roa
Signing time: Thu 07 Dec 2023 20:39:49 +0000
ROA not before: Thu 07 Dec 2023 20:39:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1273
IP address blocks: 194.70.32.0/22 maxlen: 22
194.70.37.0/24 maxlen: 24
194.70.38.0/23 maxlen: 23
194.70.40.0/21 maxlen: 21
194.70.48.0/20 maxlen: 20
194.70.64.0/20 maxlen: 20
212.248.192.0/18 maxlen: 18
195.173.0.0/16 maxlen: 16
212.240.0.0/16 maxlen: 16
195.11.0.0/16 maxlen: 16
194.70.4.0/22 maxlen: 22
194.70.2.0/24 maxlen: 24
194.70.0.0/23 maxlen: 23
194.70.8.0/21 maxlen: 21
194.70.16.0/20 maxlen: 20
194.70.80.0/21 maxlen: 21
194.70.88.0/22 maxlen: 22
193.195.0.0/17 maxlen: 17
194.70.92.0/23 maxlen: 23
194.70.95.0/24 maxlen: 24
194.70.96.0/19 maxlen: 19
194.217.0.0/16 maxlen: 16
194.70.128.0/18 maxlen: 18
194.70.240.0/20 maxlen: 20
193.195.160.0/19 maxlen: 19
193.195.192.0/18 maxlen: 18
194.70.192.0/19 maxlen: 19
194.70.224.0/21 maxlen: 21
193.195.128.0/21 maxlen: 21
194.70.232.0/23 maxlen: 23
193.195.136.0/23 maxlen: 23
193.195.139.0/24 maxlen: 24
194.70.235.0/24 maxlen: 24
194.70.236.0/22 maxlen: 22
193.195.144.0/20 maxlen: 20
193.195.140.0/24 maxlen: 24
193.195.142.0/23 maxlen: 23
194.159.0.0/16 maxlen: 16
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:46:02:11:ce:17:47:9d:cc:0d:3a:39:d8:7a:2d:87:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: Dec 7 20:39:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b3c98eae559c6beb449ae637462dd282daee217
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:89:2d:16:1e:92:83:f6:29:54:a3:74:d6:06:
4f:db:9d:95:cd:d9:03:1c:8f:ad:cf:02:ac:af:5f:
f3:59:89:3a:17:93:d7:b9:58:92:cf:2f:1b:af:6a:
b2:8f:33:09:7e:bf:6a:25:d4:9e:a7:b9:62:68:8d:
5c:c5:ab:f3:a9:6b:10:47:8d:3f:c8:93:58:68:26:
40:f5:2b:81:7d:0d:93:a6:cb:dd:ff:2f:07:86:18:
17:4e:a0:d3:30:47:8d:fd:6d:f1:b8:cf:44:e5:a4:
4c:d8:8a:46:30:71:e5:ab:c0:2f:ff:bf:9e:1f:26:
3c:bb:64:80:cd:47:8e:4b:6b:e8:64:69:7d:c4:52:
7d:2e:b5:41:f0:b2:10:9c:fe:94:91:67:b2:e0:47:
f9:ae:a9:9d:87:25:ca:a0:32:1d:59:8d:95:bf:5b:
8f:bb:62:18:10:b5:0b:3a:fd:f7:36:ca:13:d0:7f:
7e:38:5d:92:75:93:b4:99:3a:ce:a3:0f:12:bf:6f:
21:ff:73:63:4c:da:0d:c9:6a:11:c3:68:a4:35:5d:
f7:d8:2f:fd:28:cf:07:fe:32:87:90:8d:6d:13:39:
f6:3e:bb:09:4e:e0:93:07:06:ce:f1:0c:7b:6e:94:
2b:e5:91:b3:4c:c3:a1:60:75:08:07:ce:ff:8d:4f:
cd:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:3C:98:EA:E5:59:C6:BE:B4:49:AE:63:74:62:DD:28:2D:AE:E2:17
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/KzyY6uVZxr60Sa5jdGLdKC2u4hc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.195.0.0-193.195.137.255
193.195.139.0-193.195.140.255
193.195.142.0-193.195.255.255
194.70.0.0-194.70.2.255
194.70.4.0-194.70.35.255
194.70.37.0-194.70.93.255
194.70.95.0-194.70.233.255
194.70.235.0-194.70.255.255
194.159.0.0/16
194.217.0.0/16
195.11.0.0/16
195.173.0.0/16
212.240.0.0/16
212.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
06:e3:ac:79:e3:9b:1e:d1:0c:76:e8:7c:cd:41:b0:50:13:f9:
6d:bf:f4:9e:86:58:8e:14:d6:d4:04:16:36:94:02:cd:c0:14:
91:69:cd:3a:4c:a9:39:11:1d:93:52:b7:3a:bd:e4:4d:c0:96:
9e:b1:cf:89:c6:99:c6:9e:66:14:e1:be:c0:4b:b2:89:80:f4:
22:c2:83:99:86:a0:97:50:30:af:1c:0f:6a:e7:e9:27:e0:b1:
2d:e9:99:7e:af:25:56:d7:f1:06:e3:3d:47:37:98:dd:19:aa:
00:b3:60:2f:8e:16:d4:6d:e5:c4:0f:6b:33:71:49:73:c9:4b:
c6:21:b5:cb:f3:57:c4:f0:50:15:5f:ab:24:8d:a6:60:4a:f4:
ba:be:c6:67:cf:9d:01:b8:90:dd:a3:99:7a:65:d7:d0:68:d1:
9b:3e:5f:f1:af:6e:43:6e:49:82:0a:98:5e:75:db:cf:0d:b8:
d4:d4:26:aa:12:80:7d:33:fb:ee:f1:01:2a:c1:45:f5:7e:4f:
8a:02:99:67:fb:77:07:cd:aa:47:57:a6:26:aa:f9:e1:5f:04:
4e:63:6e:0c:c5:d5:7b:91:91:b0:68:f4:c6:57:bb:a9:91:d5:
79:b0:6f:55:94:6c:c2:b0:c4:7c:2a:b0:75:39:74:c5:ed:c6:
88:63:c8:3a
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAYxGAhHOF0edzA06Odh6LYcSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjMxMjA3MjAzOTQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjNjOThlYWU1NTljNmJlYjQ0OWFlNjM3NDYyZGQyODJkYWVlMjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4ktFh6Sg/YpVKN01gZP252VzdkD
HI+tzwKsr1/zWYk6F5PXuViSzy8br2qyjzMJfr9qJdSep7liaI1cxavzqWsQR40/
yJNYaCZA9SuBfQ2Tpsvd/y8HhhgXTqDTMEeN/W3xuM9E5aRM2IpGMHHlq8Av/7+e
HyY8u2SAzUeOS2voZGl9xFJ9LrVB8LIQnP6UkWey4Ef5rqmdhyXKoDIdWY2Vv1uP
u2IYELULOv33NsoT0H9+OF2SdZO0mTrOow8Sv28h/3NjTNoNyWoRw2ikNV332C/9
KM8H/jKHkI1tEzn2PrsJTuCTBwbO8Qx7bpQr5ZGzTMOhYHUIB87/jU/NPwIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFCs8mOrlWca+tEmuY3Ri3SgtruIXMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvS3p5WTZ1Vlp4cjYwU2E1amRHTGRLQzJ1NGhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTCBkgQCAAEwgYswCwMD
AMHDAwQBwcOIMAwDBADBw4sDBADBw4wwCwMEAcHDjgMDAsHAMAsDAwHCRgMEAMJG
AjAMAwQCwkYEAwQCwkYgMAwDBADCRiUDBAHCRlwwDAMEAMJGXwMEAcJG6DALAwQA
wkbrAwMAwkYDAwDCnwMDAMLZAwMAwwsDAwDDrQMDANTwAwQG1PjAMA0GCSqGSIb3
DQEBCwUAA4IBAQAG46x545se0Qx26HzNQbBQE/ltv/SehliOFNbUBBY2lALNwBSR
ac06TKk5ER2TUrc6veRNwJaesc+JxpnGnmYU4b7AS7KJgPQiwoOZhqCXUDCvHA9q
5+kn4LEt6Zl+ryVW1/EG4z1HN5jdGaoAs2AvjhbUbeXED2szcUlzyUvGIbXL81fE
8FAVX6skjaZgSvS6vsZnz50BuJDdo5l6ZdfQaNGbPl/xr25DbkmCCpheddvPDbjU
1CaqEoB9M/vu8QEqwUX1fk+KApln+3cHzapHV6YmqvnhXwROY24MxdV7kZGwaPTG
V7upkdV5sG9VlGzCsMR8KrB1OXTF7caIY8g6
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:16:28 2024 by rpki-client on console-ams.rpki-client.org