Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/IrrExIVZsP12ZN6OlyhaB0nSj9M.roa
File: IrrExIVZsP12ZN6OlyhaB0nSj9M.roa (raw, json)
Hash identifier: EoPTCfzAMvd34AlBNMk+ZteU2/zHuWx6xevdtbBxcu8=
Subject key identifier: 22:BA:C4:C4:85:59:B0:FD:76:64:DE:8E:97:28:5A:07:49:D2:8F:D3
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 0185CB23DDC0DD2FB85F8D057C622400479A
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/IrrExIVZsP12ZN6OlyhaB0nSj9M.roa
Signing time: Thu 19 Jan 2023 17:46:43 +0000
ROA not before: Thu 19 Jan 2023 17:46:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.40.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.115.204.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:cb:23:dd:c0:dd:2f:b8:5f:8d:05:7c:62:24:00:47:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 19 17:46:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=22bac4c48559b0fd7664de8e97285a0749d28fd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:3a:68:9f:f3:09:59:c2:07:a8:65:4c:b5:ba:
1c:1e:51:75:c1:0f:54:a1:22:f9:d8:2f:4a:ee:20:
fc:bc:b3:95:1b:2a:b0:fc:37:c0:26:e8:53:9f:69:
24:2e:9f:b8:8d:e7:bd:09:2e:8b:c4:68:1e:b5:d0:
a4:d7:66:6d:a2:a5:03:85:a6:ce:20:7c:4a:9c:30:
77:78:c7:17:30:65:38:06:c0:87:fe:e6:49:bf:f0:
40:8a:d9:94:08:ac:4d:51:c4:c0:06:ba:54:6f:39:
fd:90:79:59:1b:73:a4:03:34:81:7b:aa:64:07:83:
10:b7:38:cb:58:3c:52:a9:d2:57:a6:d1:06:97:7c:
6c:82:19:f8:0b:5b:2e:26:12:bd:2f:29:c7:59:e5:
cf:c8:9e:fa:db:a1:6d:44:3a:1d:75:49:ac:2c:50:
db:68:6d:a0:4b:a0:bd:ab:fd:db:f5:78:a1:dd:8b:
57:33:c3:c5:b5:6f:2a:39:02:c9:c2:9d:eb:d8:45:
0e:55:52:d4:f8:22:6d:14:5b:0e:be:b1:20:d9:b8:
b8:0a:64:0c:cb:4d:2f:f5:9c:3e:91:a4:0d:32:67:
60:40:4b:0f:5c:87:9a:ed:15:bf:0f:1e:6b:e3:d4:
90:66:b4:ed:ca:14:70:e3:eb:bb:9a:8f:46:7c:9a:
10:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BA:C4:C4:85:59:B0:FD:76:64:DE:8E:97:28:5A:07:49:D2:8F:D3
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/IrrExIVZsP12ZN6OlyhaB0nSj9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.115.207.0/24
85.153.4.0/24
85.153.6.0-85.153.8.255
85.153.12.0/22
85.153.24.0/22
85.153.29.0/24
85.153.32.0/24
85.153.34.0-85.153.42.255
85.153.52.0-85.153.56.255
85.153.59.0-85.153.63.255
85.153.65.0-85.153.73.255
85.153.80.0/20
85.153.108.0/22
85.153.113.0/24
85.153.118.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
78:81:97:07:fc:81:f7:69:23:ab:6e:eb:90:53:5c:7c:11:a6:
7c:78:e8:2f:9e:a6:9e:35:d6:18:b1:f3:54:0a:be:3a:ff:b8:
ae:63:8a:e6:16:94:8d:35:fa:c0:4a:b3:27:09:f2:f7:ce:0a:
ff:46:75:88:b4:77:a8:a2:d0:fa:d7:84:34:ad:8f:0e:32:2c:
ea:7c:d6:0c:37:fe:a1:79:15:50:d8:62:d0:50:74:ca:92:38:
0f:39:fe:d5:20:da:c2:02:1f:cc:da:6c:79:f6:12:54:49:5b:
b1:64:72:1e:30:8d:61:72:ac:f8:27:c7:f7:dc:71:f5:1b:44:
1b:a0:42:4c:46:b4:cf:d8:99:79:8f:f6:4a:cb:c0:2e:42:4c:
53:ea:eb:6d:fd:a8:39:4b:96:5c:34:42:04:24:fa:0d:f6:f5:
6d:80:46:17:25:67:e2:f1:91:5b:1d:82:f3:20:71:d4:15:a2:
85:6d:6b:ac:85:19:e7:85:5d:79:2a:3e:23:21:b2:9d:55:55:
b7:5f:c4:7d:e2:72:17:4b:8f:8a:1e:01:57:8a:af:60:8d:fc:
c2:ba:be:4e:ce:62:5a:98:21:82:f0:b5:e6:83:66:2a:0b:69:
67:9f:86:30:e3:b8:2e:c0:77:5b:3d:d1:2d:41:ce:88:2e:61:
17:27:9f:2a
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYXLI93A3S+4X40FfGIkAEeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwMTE5MTc0NjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJhYzRjNDg1NTliMGZkNzY2NGRlOGU5NzI4NWEwNzQ5ZDI4ZmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDpon/MJWcIHqGVMtbocHlF1wQ9U
oSL52C9K7iD8vLOVGyqw/DfAJuhTn2kkLp+4jee9CS6LxGgetdCk12ZtoqUDhabO
IHxKnDB3eMcXMGU4BsCH/uZJv/BAitmUCKxNUcTABrpUbzn9kHlZG3OkAzSBe6pk
B4MQtzjLWDxSqdJXptEGl3xsghn4C1suJhK9LynHWeXPyJ7626FtRDoddUmsLFDb
aG2gS6C9q/3b9Xih3YtXM8PFtW8qOQLJwp3r2EUOVVLU+CJtFFsOvrEg2bi4CmQM
y00v9Zw+kaQNMmdgQEsPXIea7RW/Dx5r49SQZrTtyhRw4+u7mo9GfJoQgwIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFCK6xMSFWbD9dmTejpcoWgdJ0o/TMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvSXJyRXhJVlpzUDEyWk42T2x5aGFCMG5TajlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABV
c8wDBABVc88DBABVmQQwDAMEAVWZBgMEAFWZCAMEAlWZDAMEAlWZGAMEAFWZHQME
AFWZIDAMAwQBVZkiAwQAVZkqMAwDBAJVmTQDBABVmTgwDAMEAFWZOwMEBlWZADAM
AwQAVZlBAwQBVZlIAwQEVZlQAwQCVZlsAwQAVZlxMAwDBAFVmXYDBABVmX4wDQYJ
KoZIhvcNAQELBQADggEBAHiBlwf8gfdpI6tu65BTXHwRpnx46C+epp411hix81QK
vjr/uK5jiuYWlI01+sBKsycJ8vfOCv9GdYi0d6ii0PrXhDStjw4yLOp81gw3/qF5
FVDYYtBQdMqSOA85/tUg2sICH8zabHn2ElRJW7Fkch4wjWFyrPgnx/fccfUbRBug
QkxGtM/YmXmP9krLwC5CTFPq6239qDlLllw0QgQk+g329W2ARhclZ+LxkVsdgvMg
cdQVooVta6yFGeeFXXkqPiMhsp1VVbdfxH3ichdLj4oeAVeKr2CN/MK6vk7OYlqY
IYLwteaDZioLaWefhjDjuC7Ad1s90S1BzoguYRcnnyo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org