Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/zKZfceJ4xNAVrm7pZc4k3mGoMqo.roa
File: zKZfceJ4xNAVrm7pZc4k3mGoMqo.roa (raw, json)
Hash identifier: iCNVU3ilUgotdORKD2VA8gKNt4t9oaLR58HUXGIAc7U=
Subject key identifier: CC:A6:5F:71:E2:78:C4:D0:15:AE:6E:E9:65:CE:24:DE:61:A8:32:AA
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018649994A0180E04DB126CAAF63B22D7B17
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/zKZfceJ4xNAVrm7pZc4k3mGoMqo.roa
Signing time: Mon 13 Feb 2023 07:07:07 +0000
ROA not before: Mon 13 Feb 2023 07:07:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209408
IP address blocks: 45.66.224.0/22 maxlen: 22
81.29.146.0/24 maxlen: 24
81.29.149.0/24 maxlen: 24
81.29.147.0/24 maxlen: 24
81.29.156.0/24 maxlen: 24
2a09:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:49:99:4a:01:80:e0:4d:b1:26:ca:af:63:b2:2d:7b:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Feb 13 07:07:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cca65f71e278c4d015ae6ee965ce24de61a832aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:db:ef:f7:f2:00:e3:3c:76:eb:5e:96:18:
f8:72:73:12:39:92:be:47:89:b2:22:55:00:38:f3:
30:e3:14:4a:e6:32:0e:b4:8a:a5:c6:b2:5d:a1:32:
9e:bf:b6:67:85:b4:6e:17:81:80:0c:14:d2:41:82:
dc:e2:93:7d:0c:4d:72:fc:6e:87:0c:53:11:46:09:
32:8a:15:42:da:cc:45:d8:b0:7c:8d:00:d4:2d:b1:
05:aa:a9:6a:5e:f2:71:0f:dc:a8:79:fe:1a:b2:40:
43:ed:cd:b5:d4:30:59:33:ab:3c:5e:66:71:b7:de:
6c:c1:ff:61:e0:c0:4a:3e:62:e5:ff:37:e2:ab:e5:
d8:3c:5f:e1:cf:5a:89:54:d6:92:fd:cd:95:2f:a9:
43:26:b5:47:14:d2:b8:6d:d5:41:02:ca:41:37:0d:
1d:98:87:db:32:d0:00:34:d6:e5:5a:1e:12:e6:52:
19:d8:66:2a:df:03:5f:90:04:fd:d8:22:2e:94:23:
8e:9f:51:c3:b2:06:d2:53:4f:90:d3:63:1f:89:d2:
55:ed:7b:53:22:cf:39:d8:41:4e:83:a4:e5:38:b9:
75:8a:9d:c3:1f:7a:ff:97:44:9f:42:d7:55:a1:03:
3d:0f:7c:46:f4:7e:bb:12:d5:2e:be:b6:7d:45:62:
f3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:A6:5F:71:E2:78:C4:D0:15:AE:6E:E9:65:CE:24:DE:61:A8:32:AA
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/zKZfceJ4xNAVrm7pZc4k3mGoMqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.224.0/22
81.29.146.0/23
81.29.149.0/24
81.29.156.0/24
IPv6:
2a09:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
76:76:80:f6:27:87:b5:01:dc:40:60:ff:fc:e7:ee:dc:ee:ee:
a8:61:e0:0f:4b:8b:82:31:70:3b:3d:63:97:8d:82:c8:e4:b8:
f3:63:69:44:86:8d:ca:fc:bf:9e:1a:58:c0:62:74:48:ef:ee:
47:aa:be:94:93:aa:ed:c2:f5:a0:6d:44:3e:ef:1a:bb:99:83:
b7:54:5d:3a:02:3d:63:08:00:a5:ce:8c:38:a3:52:a8:ad:67:
d3:53:87:17:71:80:27:a8:06:93:46:d6:7e:55:0d:38:8c:d4:
c4:38:94:5a:4c:9e:a1:59:11:d9:08:15:dd:bb:20:6e:19:1f:
21:f8:2f:65:eb:e9:1e:7a:b4:b6:5d:12:87:74:0e:da:66:1d:
50:9b:40:a8:e1:4a:73:cf:11:ba:0c:bb:f8:94:e6:8b:78:8f:
b3:a7:2f:fc:b8:ad:eb:12:2b:14:da:7d:cc:9e:5d:b8:4e:b9:
93:31:dd:5a:ae:55:29:f7:98:18:d9:36:70:e4:d5:50:34:61:
f5:3e:33:6b:50:b0:3e:f0:55:ff:92:17:b7:b8:b6:f5:bb:9e:
bf:b4:0a:77:c3:da:5f:d8:ad:f0:e6:e4:b0:2a:8e:ca:8a:46:
50:99:f6:e0:35:c2:de:0d:a1:a5:77:6d:1a:fc:57:3c:39:f2:
73:79:5e:19
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYZJmUoBgOBNsSbKr2OyLXsXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjMwMjEzMDcwNzA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2E2NWY3MWUyNzhjNGQwMTVhZTZlZTk2NWNlMjRkZTYxYTgzMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG/b7/fyAOM8dutelhj4cnMSOZK+
R4myIlUAOPMw4xRK5jIOtIqlxrJdoTKev7ZnhbRuF4GADBTSQYLc4pN9DE1y/G6H
DFMRRgkyihVC2sxF2LB8jQDULbEFqqlqXvJxD9yoef4askBD7c211DBZM6s8XmZx
t95swf9h4MBKPmLl/zfiq+XYPF/hz1qJVNaS/c2VL6lDJrVHFNK4bdVBAspBNw0d
mIfbMtAANNblWh4S5lIZ2GYq3wNfkAT92CIulCOOn1HDsgbSU0+Q02MfidJV7XtT
Is852EFOg6TlOLl1ip3DH3r/l0SfQtdVoQM9D3xG9H67EtUuvrZ9RWLzwQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMymX3HieMTQFa5u6WXOJN5hqDKqMB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvektaZmNlSjR4TkFWcm03cFpjNGszbUdvTXFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLULgAwQB
UR2SAwQAUR2VAwQAUR2cMA0EAgACMAcDBQMqCWxAMA0GCSqGSIb3DQEBCwUAA4IB
AQB2doD2J4e1AdxAYP/85+7c7u6oYeAPS4uCMXA7PWOXjYLI5LjzY2lEho3K/L+e
GljAYnRI7+5Hqr6Uk6rtwvWgbUQ+7xq7mYO3VF06Aj1jCAClzow4o1KorWfTU4cX
cYAnqAaTRtZ+VQ04jNTEOJRaTJ6hWRHZCBXduyBuGR8h+C9l6+keerS2XRKHdA7a
Zh1Qm0Co4UpzzxG6DLv4lOaLeI+zpy/8uK3rEisU2n3Mnl24TrmTMd1arlUp95gY
2TZw5NVQNGH1PjNrULA+8FX/khe3uLb1u56/tAp3w9pf2K3w5uSwKo7KikZQmfbg
NcLeDaGld20a/Fc8OfJzeV4Z
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:56 2023 by rpki-client on console-fra.rpki-client.org