Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/fJzDGUKcQl5fKSvhoWnSADjqOpw.roa
File: fJzDGUKcQl5fKSvhoWnSADjqOpw.roa (raw, json)
Hash identifier: WyqOd/LTBVL+5BnH6V0wwTMdeLi3iKD1g1cO0LnhdFo=
Subject key identifier: 7C:9C:C3:19:42:9C:42:5E:5F:29:2B:E1:A1:69:D2:00:38:EA:3A:9C
Certificate issuer: /CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Certificate serial: 01857355D25AC575D9A6B2890CDF9EA64832
Authority key identifier: 08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/fJzDGUKcQl5fKSvhoWnSADjqOpw.roa
Signing time: Mon 02 Jan 2023 16:34:42 +0000
ROA not before: Mon 02 Jan 2023 16:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21472
IP address blocks: 162.33.228.0/23 maxlen: 23
185.149.176.0/22 maxlen: 22
195.49.144.0/22 maxlen: 22
91.224.190.0/23 maxlen: 23
5.2.16.0/21 maxlen: 21
5.2.16.0/23 maxlen: 23
5.2.18.0/23 maxlen: 23
5.2.23.0/24 maxlen: 24
5.2.20.0/23 maxlen: 23
185.79.56.0/24 maxlen: 24
185.79.56.0/22 maxlen: 22
2a00:e740::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:55:d2:5a:c5:75:d9:a6:b2:89:0c:df:9e:a6:48:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08953a5f11a8279cdf8798960de1e22eb1227d95
Validity
Not Before: Jan 2 16:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7c9cc319429c425e5f292be1a169d20038ea3a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c4:00:40:21:c5:61:b5:5c:23:91:52:70:f5:
d9:32:e0:83:22:e3:e5:78:aa:3c:f0:5c:ac:01:23:
fc:e9:c9:e0:82:9e:d2:17:5c:43:64:c8:88:36:a8:
55:d5:3d:12:40:1c:df:9f:95:af:f7:1e:0b:cf:45:
77:5e:74:04:52:7b:c1:14:9b:80:11:29:51:5c:1e:
b0:29:1f:06:f9:d8:7b:dd:22:c5:a5:7c:81:7c:25:
20:c1:2c:a2:03:d7:35:e2:e0:1c:dc:c2:7d:86:92:
41:02:75:d6:33:92:4a:ea:d1:30:b9:52:b7:2d:62:
26:95:d6:23:0a:9c:d5:67:d8:a7:e2:5d:91:d0:d5:
23:d5:af:60:59:5c:a2:9f:ab:24:38:28:9a:ae:52:
1a:75:99:76:b5:d4:96:c9:aa:2e:e5:8a:46:0a:e5:
3f:7c:b6:96:c5:9a:5d:c8:97:06:a8:c9:4c:62:6a:
05:5f:c1:17:81:34:a8:b2:16:64:59:b2:92:ab:23:
c9:91:d3:ec:7d:9a:0b:40:98:04:84:5c:88:eb:d6:
21:28:ee:51:1b:0d:a6:00:b1:71:cb:ce:28:a6:91:
9a:35:36:2c:2a:8f:65:4a:a8:1c:9f:75:6d:c1:0d:
f2:fa:a1:4b:58:4c:d4:7a:dd:ab:b8:19:cb:d7:af:
88:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:9C:C3:19:42:9C:42:5E:5F:29:2B:E1:A1:69:D2:00:38:EA:3A:9C
X509v3 Authority Key Identifier:
keyid:08:95:3A:5F:11:A8:27:9C:DF:87:98:96:0D:E1:E2:2E:B1:22:7D:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJU6XxGoJ5zfh5iWDeHiLrEifZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/fJzDGUKcQl5fKSvhoWnSADjqOpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/cc94c8-72e4-4398-b37b-71169567e39c/1/CJU6XxGoJ5zfh5iWDeHiLrEifZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.16.0/21
91.224.190.0/23
162.33.228.0/23
185.79.56.0/22
185.149.176.0/22
195.49.144.0/22
IPv6:
2a00:e740::/32
Signature Algorithm: sha256WithRSAEncryption
81:d1:99:c6:a2:6e:bc:dd:ee:91:b5:34:00:fc:f6:b5:c9:82:
ed:67:80:57:28:97:40:e8:08:89:52:cc:d3:eb:2b:13:cb:00:
60:46:5d:bd:19:9e:e4:f0:5d:11:20:a5:74:a6:3f:eb:5f:25:
24:26:17:5c:a2:1f:fa:f7:30:f7:73:3e:7d:88:38:f6:0f:b8:
0a:8d:c9:7b:7e:7b:1d:cf:59:ee:62:ab:b3:f7:8f:ab:a8:0c:
64:d6:94:12:f3:a0:de:23:91:fd:41:16:1b:d3:7b:15:6e:09:
2b:08:38:39:06:2f:47:cc:85:c7:d2:e8:a5:89:d6:1e:31:66:
45:11:58:e9:01:ce:5b:e2:23:49:a1:1a:c6:77:30:23:5c:08:
30:ee:ff:25:a6:44:ac:86:23:8b:d6:86:87:bb:78:6d:15:6e:
0f:65:4e:f8:16:59:b0:f8:fd:6e:8d:85:96:92:de:7c:dd:73:
2b:94:dd:35:dd:12:79:ac:85:c3:31:d3:32:fe:5d:1a:17:64:
8f:ed:6f:26:43:cf:93:b9:ea:64:30:70:89:37:f4:a3:0b:5d:
f6:4e:b4:32:3c:40:47:06:3a:38:5d:a6:0a:ba:0d:18:bb:b8:
54:e3:4d:8e:13:59:35:27:a3:97:69:74:fe:7e:5a:a0:89:1a:
cf:a0:2c:f5
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYVzVdJaxXXZprKJDN+epkgyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OTUzYTVmMTFhODI3OWNkZjg3OTg5NjBkZTFlMjJlYjEy
MjdkOTUwHhcNMjMwMTAyMTYzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzljYzMxOTQyOWM0MjVlNWYyOTJiZTFhMTY5ZDIwMDM4ZWEzYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMQAQCHFYbVcI5FScPXZMuCDIuPl
eKo88FysASP86cnggp7SF1xDZMiINqhV1T0SQBzfn5Wv9x4Lz0V3XnQEUnvBFJuA
ESlRXB6wKR8G+dh73SLFpXyBfCUgwSyiA9c14uAc3MJ9hpJBAnXWM5JK6tEwuVK3
LWImldYjCpzVZ9in4l2R0NUj1a9gWVyin6skOCiarlIadZl2tdSWyaou5YpGCuU/
fLaWxZpdyJcGqMlMYmoFX8EXgTSoshZkWbKSqyPJkdPsfZoLQJgEhFyI69YhKO5R
Gw2mALFxy84oppGaNTYsKo9lSqgcn3VtwQ3y+qFLWEzUet2ruBnL16+IpwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHycwxlCnEJeXykr4aFp0gA46jqcMB8GA1UdIwQY
MBaAFAiVOl8RqCec34eYlg3h4i6xIn2VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2It
NzExNjk1NjdlMzljLzEvZkp6REdVS2NRbDVmS1N2aG9XblNBRGpxT3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9jYzk0YzgtNzJlNC00Mzk4LWIzN2ItNzExNjk1NjdlMzlj
LzEvQ0pVNlh4R29KNXpmaDVpV0RlSGlMckVpZlpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDBQIQAwQB
W+C+AwQBoiHkAwQCuU84AwQCuZWwAwQCwzGQMA0EAgACMAcDBQAqAOdAMA0GCSqG
SIb3DQEBCwUAA4IBAQCB0ZnGom683e6RtTQA/Pa1yYLtZ4BXKJdA6AiJUszT6ysT
ywBgRl29GZ7k8F0RIKV0pj/rXyUkJhdcoh/69zD3cz59iDj2D7gKjcl7fnsdz1nu
Yquz94+rqAxk1pQS86DeI5H9QRYb03sVbgkrCDg5Bi9HzIXH0uilidYeMWZFEVjp
Ac5b4iNJoRrGdzAjXAgw7v8lpkSshiOL1oaHu3htFW4PZU74Flmw+P1ujYWWkt58
3XMrlN013RJ5rIXDMdMy/l0aF2SP7W8mQ8+TuepkMHCJN/SjC132TrQyPEBHBjo4
XaYKug0Yu7hU402OE1k1J6OXaXT+flqgiRrPoCz1
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:58 2023 by rpki-client on console-ams.rpki-client.org