Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/Kf6Lw1VHCExPw51J59wFt6B43c4.roa
File: Kf6Lw1VHCExPw51J59wFt6B43c4.roa (raw, json)
Hash identifier: 2UIJPIUFb5cTbNM8KhkS3TsmzoCJAO+tTJMl6/RWf14=
Subject key identifier: 29:FE:8B:C3:55:47:08:4C:4F:C3:9D:49:E7:DC:05:B7:A0:78:DD:CE
Certificate issuer: /CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Certificate serial: 0185E35D911678406A30029824539EF5D137
Authority key identifier: 65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/Kf6Lw1VHCExPw51J59wFt6B43c4.roa
Signing time: Tue 24 Jan 2023 10:40:38 +0000
ROA not before: Tue 24 Jan 2023 10:40:38 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8393
IP address blocks: 149.154.190.0/23 maxlen: 23
193.193.228.0/24 maxlen: 24
193.193.229.0/24 maxlen: 24
193.193.227.0/24 maxlen: 24
193.193.233.0/24 maxlen: 24
193.193.232.0/24 maxlen: 24
193.193.230.0/24 maxlen: 24
193.193.231.0/24 maxlen: 24
193.193.235.0/24 maxlen: 24
193.193.236.0/24 maxlen: 24
193.193.234.0/24 maxlen: 24
193.193.240.0/24 maxlen: 24
193.193.239.0/24 maxlen: 24
193.193.237.0/24 maxlen: 24
193.193.238.0/24 maxlen: 24
193.193.245.0/24 maxlen: 24
193.193.246.0/24 maxlen: 24
193.193.244.0/24 maxlen: 24
193.193.242.0/24 maxlen: 24
193.193.243.0/24 maxlen: 24
193.193.241.0/24 maxlen: 24
193.193.249.0/24 maxlen: 24
193.193.250.0/24 maxlen: 24
193.193.247.0/24 maxlen: 24
193.193.248.0/24 maxlen: 24
193.193.251.0/24 maxlen: 24
193.193.252.0/23 maxlen: 23
193.193.254.0/24 maxlen: 24
193.193.255.0/24 maxlen: 24
193.193.226.0/24 maxlen: 24
193.193.225.0/24 maxlen: 24
193.193.224.0/24 maxlen: 24
213.157.35.0/24 maxlen: 24
213.157.36.0/24 maxlen: 24
213.157.33.0/24 maxlen: 24
213.157.34.0/24 maxlen: 24
213.157.32.0/24 maxlen: 24
213.157.37.0/24 maxlen: 24
213.157.38.0/24 maxlen: 24
213.157.42.0/24 maxlen: 24
213.157.43.0/24 maxlen: 24
213.157.40.0/24 maxlen: 24
213.157.41.0/24 maxlen: 24
213.157.39.0/24 maxlen: 24
213.157.44.0/24 maxlen: 24
213.157.49.0/24 maxlen: 24
213.157.50.0/24 maxlen: 24
213.157.47.0/24 maxlen: 24
213.157.48.0/24 maxlen: 24
213.157.46.0/24 maxlen: 24
213.157.45.0/24 maxlen: 24
213.157.51.0/24 maxlen: 24
213.157.58.0/23 maxlen: 23
213.157.56.0/24 maxlen: 24
213.157.54.0/23 maxlen: 23
213.157.57.0/24 maxlen: 24
213.157.53.0/24 maxlen: 24
213.157.52.0/24 maxlen: 24
213.157.63.0/24 maxlen: 24
213.157.61.0/24 maxlen: 24
213.157.62.0/24 maxlen: 24
213.157.60.0/24 maxlen: 24
91.203.22.0/24 maxlen: 24
91.203.20.0/24 maxlen: 24
91.203.21.0/24 maxlen: 24
185.217.16.0/24 maxlen: 24
185.217.17.0/24 maxlen: 24
185.217.19.0/24 maxlen: 24
185.217.18.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e3:5d:91:16:78:40:6a:30:02:98:24:53:9e:f5:d1:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6525d8b7f19e2fb75cb7f95789d9118f6b1b9705
Validity
Not Before: Jan 24 10:40:38 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=29fe8bc35547084c4fc39d49e7dc05b7a078ddce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:26:d0:46:1b:00:e4:2d:99:a5:01:99:d8:
95:73:96:55:47:25:4e:bd:9b:f3:e4:3f:f0:e1:bd:
58:5d:2b:da:11:b0:2e:3d:cf:48:09:cc:da:38:c5:
5f:66:20:ce:d9:e2:e3:ec:8a:5f:c4:5f:40:33:4b:
53:7e:14:e8:5a:21:63:76:1b:2d:15:c1:ac:94:cf:
a7:95:80:b4:98:15:8b:20:d0:09:fb:9e:e0:d8:97:
18:5a:6b:4e:c5:0c:d9:d8:e1:8e:d4:be:ef:13:53:
9a:68:d1:a7:09:26:37:4e:89:5f:8c:0a:ba:b3:e3:
48:7c:a1:dc:0a:20:1c:4c:d6:34:a3:5d:3f:79:d4:
02:41:80:e5:3a:30:01:ff:4c:7c:ab:bb:a2:03:22:
a5:8a:4f:c8:98:89:20:62:56:a8:5a:ab:81:61:83:
09:5f:50:48:f7:e8:07:a7:78:98:47:0a:d2:51:38:
02:92:03:7a:eb:95:31:83:2e:f9:da:e7:6b:ae:b5:
c2:1c:58:37:33:9f:66:35:8d:b4:9a:97:09:0e:62:
77:5e:93:7d:aa:ba:6f:16:5c:95:6f:6a:fc:07:e4:
cf:e5:e2:f1:5a:10:a5:3f:a9:23:ea:9e:d2:91:37:
14:2e:05:90:5b:36:ec:9b:fc:d3:2a:50:5c:8b:ef:
d5:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:FE:8B:C3:55:47:08:4C:4F:C3:9D:49:E7:DC:05:B7:A0:78:DD:CE
X509v3 Authority Key Identifier:
keyid:65:25:D8:B7:F1:9E:2F:B7:5C:B7:F9:57:89:D9:11:8F:6B:1B:97:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZSXYt_GeL7dct_lXidkRj2sblwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/Kf6Lw1VHCExPw51J59wFt6B43c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/caa385-b2a5-4323-adc5-46603de805ec/1/ZSXYt_GeL7dct_lXidkRj2sblwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.20.0-91.203.22.255
149.154.190.0/23
185.217.16.0/22
193.193.224.0/19
213.157.32.0/19
Signature Algorithm: sha256WithRSAEncryption
89:a1:db:4c:eb:49:e1:cc:26:a6:1a:26:dd:66:ed:be:53:2e:
11:49:c0:a7:60:31:fa:8c:a7:22:76:05:bb:4c:25:c8:ae:86:
79:72:f1:b0:7d:3b:8d:59:e6:19:8d:49:57:0e:0d:bc:33:f6:
4e:45:1a:2d:1c:c3:98:80:3b:26:84:a2:c2:45:7c:a9:3d:5a:
f3:eb:c8:55:8a:99:9f:0a:bb:9a:60:e3:82:2e:62:f9:02:1f:
9d:af:94:aa:30:0a:9c:a8:cc:1d:a8:90:98:fe:2a:e7:5e:e8:
87:5b:0f:56:66:f5:dd:7b:e8:4f:cc:6d:2c:3c:60:47:b6:6b:
aa:b5:e9:5f:2d:36:99:21:8c:5f:7d:38:00:4a:06:c7:e9:4e:
1c:33:a6:ef:10:43:d5:ad:43:e1:98:44:01:47:25:41:c4:79:
68:4d:77:32:f4:2a:b9:f9:49:1d:8f:c1:05:c2:c7:e1:37:9d:
62:24:ac:2d:00:45:7a:d4:26:f7:33:ea:d9:58:91:99:05:bb:
62:00:94:62:0a:a5:65:f2:16:bd:26:95:b4:b1:bf:ba:0b:50:
92:e1:ff:c9:d0:50:8a:d8:a3:56:d3:f2:df:45:51:07:2a:d2:
9b:64:ed:0a:88:47:80:a0:a1:a9:7e:f9:60:5e:df:76:70:46:
db:d5:83:bb
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYXjXZEWeEBqMAKYJFOe9dE3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MjVkOGI3ZjE5ZTJmYjc1Y2I3Zjk1Nzg5ZDkxMThmNmIx
Yjk3MDUwHhcNMjMwMTI0MTA0MDM4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWZlOGJjMzU1NDcwODRjNGZjMzlkNDllN2RjMDViN2EwNzhkZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQAm0EYbAOQtmaUBmdiVc5ZVRyVO
vZvz5D/w4b1YXSvaEbAuPc9ICczaOMVfZiDO2eLj7IpfxF9AM0tTfhToWiFjdhst
FcGslM+nlYC0mBWLINAJ+57g2JcYWmtOxQzZ2OGO1L7vE1OaaNGnCSY3TolfjAq6
s+NIfKHcCiAcTNY0o10/edQCQYDlOjAB/0x8q7uiAyKlik/ImIkgYlaoWquBYYMJ
X1BI9+gHp3iYRwrSUTgCkgN665Uxgy752udrrrXCHFg3M59mNY20mpcJDmJ3XpN9
qrpvFlyVb2r8B+TP5eLxWhClP6kj6p7SkTcULgWQWzbsm/zTKlBci+/VPwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCn+i8NVRwhMT8OdSefcBbegeN3OMB8GA1UdIwQY
MBaAFGUl2Lfxni+3XLf5V4nZEY9rG5cFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUt
NDY2MDNkZTgwNWVjLzEvS2Y2THcxVkhDRXhQdzUxSjU5d0Z0NkI0M2M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9jYWEzODUtYjJhNS00MzIzLWFkYzUtNDY2MDNkZTgwNWVj
LzEvWlNYWXRfR2VMN2RjdF9sWGlka1JqMnNibHdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAJbyxQD
BABbyxYDBAGVmr4DBAK52RADBAXBweADBAXVnSAwDQYJKoZIhvcNAQELBQADggEB
AImh20zrSeHMJqYaJt1m7b5TLhFJwKdgMfqMpyJ2BbtMJciuhnly8bB9O41Z5hmN
SVcODbwz9k5FGi0cw5iAOyaEosJFfKk9WvPryFWKmZ8Ku5pg44IuYvkCH52vlKow
CpyozB2okJj+Kude6IdbD1Zm9d176E/MbSw8YEe2a6q16V8tNpkhjF99OABKBsfp
Thwzpu8QQ9WtQ+GYRAFHJUHEeWhNdzL0Krn5SR2PwQXCx+E3nWIkrC0ARXrUJvcz
6tlYkZkFu2IAlGIKpWXyFr0mlbSxv7oLUJLh/8nQUIrYo1bT8t9FUQcq0ptk7QqI
R4Cgoal++WBe33ZwRtvVg7s=
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:06 2024 by rpki-client on console-ams.rpki-client.org