Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/z9LSVxQLaWnvRPd6oSAj5dWE884.roa
File: z9LSVxQLaWnvRPd6oSAj5dWE884.roa (raw, json)
Hash identifier: 3i4CEX32Rq1EKrQwdUp2aYkvS5pQzxjw/OO5CXm/q+s=
Subject key identifier: CF:D2:D2:57:14:0B:69:69:EF:44:F7:7A:A1:20:23:E5:D5:84:F3:CE
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 018573717FD9925B263C856661CCAF81621B
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/z9LSVxQLaWnvRPd6oSAj5dWE884.roa
Signing time: Mon 02 Jan 2023 17:04:56 +0000
ROA not before: Mon 02 Jan 2023 17:04:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50613
IP address blocks: 82.221.96.0/19 maxlen: 19
82.221.100.0/23 maxlen: 23
82.221.105.0/24 maxlen: 24
82.221.104.0/24 maxlen: 24
193.107.84.0/22 maxlen: 22
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
82.221.131.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.139.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:71:7f:d9:92:5b:26:3c:85:66:61:cc:af:81:62:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: Jan 2 17:04:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cfd2d257140b6969ef44f77aa12023e5d584f3ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:43:14:5f:a9:d4:26:92:9b:9e:5a:84:26:da:
46:cf:b9:5d:ef:ee:a4:61:59:cd:a7:1a:62:49:f2:
42:9c:8a:52:63:4d:e0:80:a7:5c:5b:17:5c:23:02:
72:52:06:d4:71:3c:7f:b3:32:79:be:5d:36:02:00:
69:7d:c5:25:45:e2:0a:34:cd:ae:35:3d:26:f0:0b:
9e:3c:89:bb:90:2b:a7:c8:3f:89:06:fe:05:c0:d9:
26:77:71:1b:37:53:1f:7a:69:6b:a2:8a:c8:a4:61:
a2:61:25:47:04:2b:e8:46:78:d3:c3:33:68:5a:83:
92:5d:73:23:c7:5f:46:b3:76:17:1f:1c:c1:1f:e6:
d0:65:31:ad:2a:ef:c9:4b:6e:5f:9c:5f:32:9c:cb:
24:ab:97:12:e6:33:5a:d5:af:33:f9:6f:3f:16:ba:
1f:8a:83:90:12:de:7e:ef:f2:73:35:fc:2c:bf:57:
c4:0a:44:d4:5d:1d:f7:9c:8e:7e:0b:31:22:66:4d:
fe:62:9a:f4:ab:99:63:16:c4:be:1a:94:a3:d7:2a:
f8:a0:f1:f2:2e:a6:d7:c2:b7:15:f7:c9:de:2b:83:
9e:e6:97:74:38:5d:c4:25:1c:74:46:37:0a:98:91:
58:2a:ed:ba:d1:ff:d2:9f:97:fe:49:77:38:a4:9e:
5b:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:D2:D2:57:14:0B:69:69:EF:44:F7:7A:A1:20:23:E5:D5:84:F3:CE
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/z9LSVxQLaWnvRPd6oSAj5dWE884.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
21:e3:94:04:ad:c8:10:d3:10:51:d2:6b:9b:0f:bc:f1:bf:18:
c9:71:2d:9b:d3:66:f7:2e:69:0c:54:2f:9a:d2:9c:8e:63:c9:
a9:e4:24:22:e5:56:fb:a0:90:bc:b0:e8:e6:1f:5a:78:09:a3:
24:ed:da:fa:89:01:fb:47:82:f9:d6:b9:c2:d9:e5:26:16:e0:
74:34:91:a4:a9:a6:dd:20:07:19:aa:d9:f8:a4:41:ae:9e:fe:
b4:2f:98:9e:d6:a8:f5:5b:2e:8e:ec:27:f0:0b:d3:64:ff:3b:
07:36:05:af:cc:e2:b8:f2:05:73:94:cf:a3:20:1a:45:d0:1a:
84:c5:21:6a:51:29:80:8e:4a:57:bc:1f:00:97:18:1c:02:ba:
4c:97:c3:98:7a:fb:2b:8a:88:ec:b6:cc:dd:2f:e9:81:3b:87:
49:13:65:9d:19:8e:ef:99:60:d7:e9:1b:f5:e0:82:c6:cb:ec:
ab:ad:ba:db:7c:37:7f:9e:4e:87:1e:cf:c5:de:6e:2f:87:4f:
58:33:b1:bf:c8:31:d9:55:4a:42:75:17:45:1c:a5:d9:f4:b5:
fe:5d:bf:d1:f4:fe:0d:b8:ff:88:a5:bf:7f:92:b0:be:2a:5b:
4d:5e:81:d4:c3:4d:5f:13:c6:fc:83:9c:67:c0:67:42:6f:b0:
e6:ca:a9:b1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVzcX/ZklsmPIVmYcyvgWIbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjMwMTAyMTcwNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmQyZDI1NzE0MGI2OTY5ZWY0NGY3N2FhMTIwMjNlNWQ1ODRmM2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlkMUX6nUJpKbnlqEJtpGz7ld7+6k
YVnNpxpiSfJCnIpSY03ggKdcWxdcIwJyUgbUcTx/szJ5vl02AgBpfcUlReIKNM2u
NT0m8AuePIm7kCunyD+JBv4FwNkmd3EbN1MfemlroorIpGGiYSVHBCvoRnjTwzNo
WoOSXXMjx19Gs3YXHxzBH+bQZTGtKu/JS25fnF8ynMskq5cS5jNa1a8z+W8/Frof
ioOQEt5+7/JzNfwsv1fECkTUXR33nI5+CzEiZk3+Ypr0q5ljFsS+GpSj1yr4oPHy
LqbXwrcV98neK4Oe5pd0OF3EJRx0RjcKmJFYKu260f/Sn5f+SXc4pJ5bCQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM/S0lcUC2lp70T3eqEgI+XVhPPOMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvejlMU1Z4UUxhV252UlBkNm9TQWo1ZFdFODg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAVS3WAD
BAVS3YADBALBa1QwDgQCAAIwCAMGACoCD0ggMA0GCSqGSIb3DQEBCwUAA4IBAQAh
45QErcgQ0xBR0mubD7zxvxjJcS2b02b3LmkMVC+a0pyOY8mp5CQi5Vb7oJC8sOjm
H1p4CaMk7dr6iQH7R4L51rnC2eUmFuB0NJGkqabdIAcZqtn4pEGunv60L5ie1qj1
Wy6O7CfwC9Nk/zsHNgWvzOK48gVzlM+jIBpF0BqExSFqUSmAjkpXvB8AlxgcArpM
l8OYevsriojstszdL+mBO4dJE2WdGY7vmWDX6Rv14ILGy+yrrbrbfDd/nk6HHs/F
3m4vh09YM7G/yDHZVUpCdRdFHKXZ9LX+Xb/R9P4NuP+Ipb9/krC+KltNXoHUw01f
E8b8g5xnwGdCb7Dmyqmx
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:13 2023 by rpki-client on console-fra.rpki-client.org