Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Xcs0uCo1Ot-mcw9b4snI1KmIVd0.roa
File: Xcs0uCo1Ot-mcw9b4snI1KmIVd0.roa (raw, json)
Hash identifier: 1BQ5KN7ytZJb/bBbPjd/xzFTmjm/x4IZFnVxJiQ50qQ=
Subject key identifier: 5D:CB:34:B8:2A:35:3A:DF:A6:73:0F:5B:E2:C9:C8:D4:A9:88:55:DD
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 018613065D06445DBE1EB39FE6D651766C27
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Xcs0uCo1Ot-mcw9b4snI1KmIVd0.roa
Signing time: Thu 02 Feb 2023 16:47:09 +0000
ROA not before: Thu 02 Feb 2023 16:47:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 85.153.12.0/22 maxlen: 22
85.153.24.0/22 maxlen: 22
85.153.29.0/24 maxlen: 24
85.153.32.0/24 maxlen: 24
85.153.34.0/24 maxlen: 24
85.153.36.0/22 maxlen: 22
85.153.35.0/24 maxlen: 24
85.153.41.0/24 maxlen: 24
85.153.42.0/24 maxlen: 24
85.153.40.0/24 maxlen: 24
85.153.56.0/24 maxlen: 24
85.153.52.0/22 maxlen: 22
85.153.59.0/24 maxlen: 24
85.153.60.0/22 maxlen: 22
85.115.204.0/24 maxlen: 24
85.115.207.0/24 maxlen: 24
85.153.4.0/24 maxlen: 24
85.153.7.0/24 maxlen: 24
85.153.6.0/24 maxlen: 24
85.153.8.0/24 maxlen: 24
85.153.125.0/24 maxlen: 24
85.153.124.0/24 maxlen: 24
85.153.120.0/24 maxlen: 24
85.153.119.0/24 maxlen: 24
85.153.121.0/24 maxlen: 24
85.153.123.0/24 maxlen: 24
85.153.122.0/24 maxlen: 24
85.153.126.0/24 maxlen: 24
85.153.68.0/22 maxlen: 22
85.153.66.0/24 maxlen: 24
85.153.65.0/24 maxlen: 24
85.153.67.0/24 maxlen: 24
85.153.73.0/24 maxlen: 24
85.153.72.0/24 maxlen: 24
85.153.83.0/24 maxlen: 24
85.153.82.0/24 maxlen: 24
85.153.84.0/22 maxlen: 22
85.153.80.0/24 maxlen: 24
85.153.81.0/24 maxlen: 24
85.153.88.0/22 maxlen: 22
85.153.92.0/24 maxlen: 24
85.153.93.0/24 maxlen: 24
85.153.95.0/24 maxlen: 24
85.153.94.0/24 maxlen: 24
85.153.104.0/22 maxlen: 22
85.153.108.0/22 maxlen: 22
85.153.113.0/24 maxlen: 24
85.153.118.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:13:06:5d:06:44:5d:be:1e:b3:9f:e6:d6:51:76:6c:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Feb 2 16:47:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dcb34b82a353adfa6730f5be2c9c8d4a98855dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b9:a4:08:8d:b2:53:a1:d9:44:91:2c:20:a2:
5a:9c:d5:c6:45:07:f1:56:b2:c3:6a:50:eb:b1:e4:
9d:37:be:0e:39:08:a0:82:5f:10:33:6a:8e:0c:bf:
e0:e5:18:ab:00:6a:5d:13:a8:b3:11:d1:ad:22:d7:
48:1b:3c:17:65:38:25:61:a8:cd:4d:da:d9:33:80:
ce:17:c8:c7:38:94:6a:38:ab:a2:18:cb:ef:e9:cf:
f5:f9:75:3b:26:b7:9c:14:5a:4b:a2:72:11:11:e1:
e6:53:54:39:d1:f1:8c:ba:2a:e6:24:38:5b:7d:10:
b9:96:a4:85:34:9c:92:f7:dd:5f:f6:70:08:4e:7a:
4e:a6:45:e9:25:8a:8f:fe:d0:2d:97:4d:eb:54:b9:
84:8d:34:bf:c6:1b:2c:09:53:c9:b8:6a:0f:5d:c6:
06:93:5b:be:51:62:9b:f9:97:83:e5:1f:2f:15:d1:
ad:f5:b2:04:88:97:26:05:23:8e:c3:72:76:b6:8d:
e7:6b:0b:c5:d3:34:79:6b:42:3e:b3:6d:26:3b:30:
7c:0a:eb:be:b9:8f:b9:84:44:ec:76:1b:08:dd:3b:
d5:fd:6f:c7:3b:26:08:07:2b:4a:84:2f:84:64:fe:
1d:c4:26:c1:e3:16:10:c4:0d:28:e4:e1:b7:5d:be:
83:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:34:B8:2A:35:3A:DF:A6:73:0F:5B:E2:C9:C8:D4:A9:88:55:DD
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/Xcs0uCo1Ot-mcw9b4snI1KmIVd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.204.0/24
85.115.207.0/24
85.153.4.0/24
85.153.6.0-85.153.8.255
85.153.12.0/22
85.153.24.0/22
85.153.29.0/24
85.153.32.0/24
85.153.34.0-85.153.42.255
85.153.52.0-85.153.56.255
85.153.59.0-85.153.63.255
85.153.65.0-85.153.73.255
85.153.80.0/20
85.153.104.0/21
85.153.113.0/24
85.153.118.0-85.153.126.255
Signature Algorithm: sha256WithRSAEncryption
52:1d:8a:cc:b2:72:df:9f:15:40:da:0f:a6:8e:9d:89:e9:30:
fa:ac:b5:d9:0f:bb:0f:63:32:5a:9a:93:c4:aa:11:f0:c4:9d:
44:bb:2d:88:8d:69:75:e5:05:cd:26:4b:b4:45:4d:6c:b0:52:
ed:b4:1a:da:87:da:43:26:73:19:88:81:5b:a6:1a:9b:48:66:
6d:f0:65:d1:99:79:3f:bd:0a:3f:68:9d:de:22:2e:cb:24:ae:
68:f0:eb:06:83:cb:8d:d0:cb:da:21:08:6e:d7:1e:bc:61:c0:
04:66:a9:b5:6b:c0:dc:99:d9:f0:be:be:82:22:b4:74:5e:d1:
b7:b8:d8:5f:22:3e:e6:a5:83:80:8d:58:63:80:ea:d0:88:f0:
29:69:73:7e:25:69:46:81:3a:8c:44:b5:c6:b2:45:98:63:3a:
ad:87:58:31:2a:06:61:c8:44:a1:8a:c6:6a:87:bc:e1:65:81:
0b:d6:51:dc:db:5f:c4:d7:a3:37:27:15:a3:b6:47:af:44:9b:
10:6c:cc:75:b1:4a:57:73:fb:f3:f4:8b:c6:53:f3:df:ac:14:
d3:4d:a6:94:8b:18:e8:f3:f8:8a:76:4b:73:b6:cf:b7:a1:f8:
47:c7:49:67:ec:34:a5:26:f3:d1:c6:08:14:8b:f5:61:9d:c0:
e3:f6:c2:43
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAYYTBl0GRF2+HrOf5tZRdmwnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYTE4NWQwZWIwY2E3ODExYzU4NjQyNWRlMGU5NjBlMWNm
ZWI2MWIwHhcNMjMwMjAyMTY0NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNiMzRiODJhMzUzYWRmYTY3MzBmNWJlMmM5YzhkNGE5ODg1NWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7mkCI2yU6HZRJEsIKJanNXGRQfx
VrLDalDrseSdN74OOQiggl8QM2qODL/g5RirAGpdE6izEdGtItdIGzwXZTglYajN
TdrZM4DOF8jHOJRqOKuiGMvv6c/1+XU7JrecFFpLonIREeHmU1Q50fGMuirmJDhb
fRC5lqSFNJyS991f9nAITnpOpkXpJYqP/tAtl03rVLmEjTS/xhssCVPJuGoPXcYG
k1u+UWKb+ZeD5R8vFdGt9bIEiJcmBSOOw3J2to3nawvF0zR5a0I+s20mOzB8Cuu+
uY+5hETsdhsI3TvV/W/HOyYIBytKhC+EZP4dxCbB4xYQxA0o5OG3Xb6DMQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFF3LNLgqNTrfpnMPW+LJyNSpiFXdMB8GA1UdIwQY
MBaAFDGhhdDrDKeBHFhkJd4Olg4c/rYbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUt
MWRjYzg2YzExZTc0LzEvWGNzMHVDbzFPdC1tY3c5YjRzbkkxS21JVmQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8wODFjNmUtMWQ2NS00Y2NkLTk2ZjUtMWRjYzg2YzExZTc0
LzEvTWFHRjBPc01wNEVjV0dRbDNnNldEaHotdGhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBlwQCAAEwgZADBABV
c8wDBABVc88DBABVmQQwDAMEAVWZBgMEAFWZCAMEAlWZDAMEAlWZGAMEAFWZHQME
AFWZIDAMAwQBVZkiAwQAVZkqMAwDBAJVmTQDBABVmTgwDAMEAFWZOwMEBlWZADAM
AwQAVZlBAwQBVZlIAwQEVZlQAwQDVZloAwQAVZlxMAwDBAFVmXYDBABVmX4wDQYJ
KoZIhvcNAQELBQADggEBAFIdisyyct+fFUDaD6aOnYnpMPqstdkPuw9jMlqak8Sq
EfDEnUS7LYiNaXXlBc0mS7RFTWywUu20GtqH2kMmcxmIgVumGptIZm3wZdGZeT+9
Cj9ond4iLsskrmjw6waDy43Qy9ohCG7XHrxhwARmqbVrwNyZ2fC+voIitHRe0be4
2F8iPualg4CNWGOA6tCI8Clpc34laUaBOoxEtcayRZhjOq2HWDEqBmHIRKGKxmqH
vOFlgQvWUdzbX8TXozcnFaO2R69EmxBszHWxSldz+/P0i8ZT89+sFNNNppSLGOjz
+Ip2S3O2z7eh+EfHSWfsNKUm89HGCBSL9WGdwOP2wkM=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:34 2023 by rpki-client on console-ams.rpki-client.org