Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/zTmbK7QxTP5OMjYnzHtt8QuABwo.roa
File: zTmbK7QxTP5OMjYnzHtt8QuABwo.roa (raw, json)
Hash identifier: NR6jALe0nXRutgGdxid49eH4LhgdD9rHUlT94urA4pE=
Subject key identifier: CD:39:9B:2B:B4:31:4C:FE:4E:32:36:27:CC:7B:6D:F1:0B:80:07:0A
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 01856C1CA0ADB0D5624CBD7C7A4763B74444
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/zTmbK7QxTP5OMjYnzHtt8QuABwo.roa
Signing time: Sun 01 Jan 2023 06:54:53 +0000
ROA not before: Sun 01 Jan 2023 06:54:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203061
IP address blocks: 188.212.6.0/23 maxlen: 23
185.207.37.0/24 maxlen: 24
185.207.38.0/24 maxlen: 24
185.183.44.0/22 maxlen: 22
79.110.239.0/24 maxlen: 24
79.110.239.0/25 maxlen: 25
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:a0:ad:b0:d5:62:4c:bd:7c:7a:47:63:b7:44:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Jan 1 06:54:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd399b2bb4314cfe4e323627cc7b6df10b80070a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:70:7d:6f:d2:02:4e:37:62:0b:4a:5b:00:
db:a5:ed:b5:07:4c:a9:77:db:1e:31:b3:8f:64:1a:
e6:d4:8f:2f:57:00:f1:4b:4f:aa:52:26:dc:51:7f:
c0:97:15:72:0c:65:84:d4:0f:28:cb:f8:72:6f:55:
d4:18:a6:34:46:52:30:82:16:2b:58:6e:7b:ea:1c:
92:a4:83:c0:f7:bb:8a:77:24:a3:dc:a9:78:df:aa:
6c:e7:61:ba:f3:d1:9e:c1:41:86:2f:f2:5e:d6:4f:
c9:69:95:7f:a5:8a:a9:ac:f4:fd:e7:d3:6f:22:3e:
ee:24:9f:e5:cc:2c:75:29:e6:de:14:e4:d5:7b:1a:
a2:dc:71:7e:d8:9d:d0:92:aa:54:75:d6:d3:93:ba:
b4:9f:95:6a:77:f0:95:c1:7b:82:45:d6:a8:1e:db:
e5:2e:90:70:1e:cf:7c:64:60:82:89:b2:b9:e8:f6:
c5:f5:a2:e2:96:aa:65:fb:28:f1:ff:2b:1b:28:25:
1f:cd:67:9c:73:d4:43:b1:22:e6:31:26:e9:57:5e:
ba:ae:64:e6:c2:dc:a3:19:3c:11:5c:59:bf:b7:d6:
24:72:b8:1f:59:2e:b6:ba:80:0a:07:00:cd:e5:ab:
d7:6b:fd:5e:ba:50:d3:0d:ff:43:67:5e:5a:a3:ee:
3a:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:39:9B:2B:B4:31:4C:FE:4E:32:36:27:CC:7B:6D:F1:0B:80:07:0A
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/zTmbK7QxTP5OMjYnzHtt8QuABwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.239.0/24
185.183.44.0/22
185.207.37.0-185.207.38.255
188.212.6.0/23
Signature Algorithm: sha256WithRSAEncryption
57:5b:13:95:0a:f7:c5:a2:21:95:87:62:6a:d7:5c:af:e5:43:
6b:ff:c2:c8:fb:e9:46:63:cf:96:2a:67:95:0c:a3:f1:5d:45:
8f:84:de:8c:38:78:64:c0:ff:7b:74:13:28:c1:17:1f:05:ff:
08:29:f7:03:58:cc:50:2f:06:60:b6:10:82:87:8f:77:ad:9b:
d0:2d:24:7d:6e:dc:fb:96:a1:9a:ae:6c:83:7a:da:b6:49:9c:
ad:51:78:cb:ae:a9:7b:e6:3a:dc:c0:e5:e9:2c:fb:96:11:10:
df:27:09:a8:e3:70:d4:44:19:09:2f:4f:b1:3c:61:89:21:d9:
e9:0e:f4:06:d7:73:27:1e:64:1e:76:b4:a6:7c:f8:b9:22:5a:
97:43:29:3b:d2:c3:7a:79:30:22:96:5c:b2:e3:33:7f:c8:42:
e9:73:aa:af:46:39:5f:cb:45:b5:76:41:47:30:bb:cd:c6:4c:
cd:47:fa:f7:29:63:5d:7a:15:5c:e1:57:89:c9:0f:fa:b4:5c:
03:71:4c:99:b9:28:c5:49:31:cb:a0:04:37:97:e0:c1:9e:b1:
83:9e:30:00:93:3f:7d:3d:af:09:69:2c:c5:a1:93:0d:6f:b8:
27:5c:f1:21:4b:a6:a7:d9:7a:bd:a2:6e:dc:4c:50:77:ad:42:
47:4f:58:7e
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYVsHKCtsNViTL18ekdjt0REMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjMwMTAxMDY1NDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDM5OWIyYmI0MzE0Y2ZlNGUzMjM2MjdjYzdiNmRmMTBiODAwNzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaFwfW/SAk43YgtKWwDbpe21B0yp
d9seMbOPZBrm1I8vVwDxS0+qUibcUX/AlxVyDGWE1A8oy/hyb1XUGKY0RlIwghYr
WG576hySpIPA97uKdySj3Kl436ps52G689GewUGGL/Je1k/JaZV/pYqprPT959Nv
Ij7uJJ/lzCx1KebeFOTVexqi3HF+2J3QkqpUddbTk7q0n5Vqd/CVwXuCRdaoHtvl
LpBwHs98ZGCCibK56PbF9aLilqpl+yjx/ysbKCUfzWecc9RDsSLmMSbpV166rmTm
wtyjGTwRXFm/t9YkcrgfWS62uoAKBwDN5avXa/1eulDTDf9DZ15ao+46AwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM05myu0MUz+TjI2J8x7bfELgAcKMB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvelRtYks3UXhUUDVPTWpZbnpIdHQ4UXVBQndvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAT27vAwQC
ubcsMAwDBAC5zyUDBAC5zyYDBAG81AYwDQYJKoZIhvcNAQELBQADggEBAFdbE5UK
98WiIZWHYmrXXK/lQ2v/wsj76UZjz5YqZ5UMo/FdRY+E3ow4eGTA/3t0EyjBFx8F
/wgp9wNYzFAvBmC2EIKHj3etm9AtJH1u3PuWoZqubIN62rZJnK1ReMuuqXvmOtzA
5eks+5YREN8nCajjcNREGQkvT7E8YYkh2ekO9AbXcyceZB52tKZ8+LkiWpdDKTvS
w3p5MCKWXLLjM3/IQulzqq9GOV/LRbV2QUcwu83GTM1H+vcpY116FVzhV4nJD/q0
XANxTJm5KMVJMcugBDeX4MGesYOeMACTP309rwlpLMWhkw1vuCdc8SFLpqfZer2i
btxMUHetQkdPWH4=
-----END CERTIFICATE-----
Generated at Mon Jan 1 02:54:04 2024 by rpki-client on console-ams.rpki-client.org