Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/zK7UfORTo9GdTyPet1cFs1hkhfA.roa
File: zK7UfORTo9GdTyPet1cFs1hkhfA.roa (raw, json)
Hash identifier: nZbty35cP+k8UvUXmEdTjHGzshV9IG7KsMILn5PeG48=
Subject key identifier: CC:AE:D4:7C:E4:53:A3:D1:9D:4F:23:DE:B7:57:05:B3:58:64:85:F0
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 01856F5DF57E460C92C6A7648382AAB23A08
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/zK7UfORTo9GdTyPet1cFs1hkhfA.roa
Signing time: Sun 01 Jan 2023 22:05:06 +0000
ROA not before: Sun 01 Jan 2023 22:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198589
IP address blocks: 37.77.48.0/21 maxlen: 21
37.77.49.0/24 maxlen: 24
37.77.48.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.50.0/24 maxlen: 24
37.77.52.0/24 maxlen: 24
37.77.55.0/24 maxlen: 24
37.77.54.0/24 maxlen: 24
37.77.53.0/24 maxlen: 24
5.62.133.0/24 maxlen: 24
5.62.137.0/24 maxlen: 24
5.62.136.0/24 maxlen: 24
5.62.135.0/24 maxlen: 24
5.62.134.0/24 maxlen: 24
5.62.139.0/24 maxlen: 24
5.62.138.0/24 maxlen: 24
5.62.140.0/24 maxlen: 24
5.62.144.0/24 maxlen: 24
5.62.143.0/24 maxlen: 24
5.62.144.0/21 maxlen: 21
5.62.142.0/24 maxlen: 24
5.62.141.0/24 maxlen: 24
5.62.145.0/24 maxlen: 24
5.62.147.0/24 maxlen: 24
5.62.146.0/24 maxlen: 24
5.62.151.0/24 maxlen: 24
5.62.150.0/24 maxlen: 24
5.62.149.0/24 maxlen: 24
5.62.148.0/24 maxlen: 24
5.62.130.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
5.62.128.0/24 maxlen: 24
5.62.128.0/20 maxlen: 20
5.62.132.0/24 maxlen: 24
5.62.131.0/24 maxlen: 24
185.69.4.0/22 maxlen: 22
185.69.4.0/24 maxlen: 24
185.69.7.0/24 maxlen: 24
185.69.6.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
31.7.83.0/24 maxlen: 24
31.7.82.0/24 maxlen: 24
31.7.81.0/24 maxlen: 24
31.7.80.0/24 maxlen: 24
31.7.85.0/24 maxlen: 24
31.7.84.0/24 maxlen: 24
31.7.86.0/24 maxlen: 24
31.7.87.0/24 maxlen: 24
2a00:c9e0:0:1::/64 maxlen: 64
2a00:c9e0::/48 maxlen: 48
2a00:c9e0::/32 maxlen: 32
2a00:c9e0::/62 maxlen: 62
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:f5:7e:46:0c:92:c6:a7:64:83:82:aa:b2:3a:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Jan 1 22:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccaed47ce453a3d19d4f23deb75705b3586485f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:7a:c6:16:89:ec:be:24:51:b9:61:88:6a:2e:
9c:ef:de:95:99:cc:26:d0:1b:f2:1e:e2:01:a4:17:
ec:4f:fb:d4:09:cc:70:8b:b1:05:9d:1c:00:23:41:
be:4e:0c:a6:f6:bb:76:1b:9e:8b:61:fb:0b:44:5d:
33:d7:12:48:3e:29:e4:de:8b:0f:a7:16:7d:9c:4e:
7b:15:ba:3a:72:c1:94:d3:e5:a7:74:51:5a:a3:42:
89:a8:2f:99:6a:24:b5:00:01:c2:aa:84:e6:e9:be:
2f:f9:12:2a:68:31:d2:cc:00:70:3d:50:5a:d7:d0:
d6:20:56:06:1f:87:31:d2:b7:36:cf:b5:38:76:e0:
18:64:7a:b2:80:ce:e4:c9:95:ec:24:0a:63:e5:94:
e7:24:78:be:d6:c0:9e:dd:bb:68:cc:a0:5c:c1:c6:
7e:3b:8f:2b:94:d8:a0:59:2c:20:30:8c:2c:cf:0d:
49:75:e7:15:7f:18:18:02:37:7f:75:d2:cd:98:95:
7a:5b:51:4f:2f:d4:fd:af:ff:0d:4f:2e:89:7d:a3:
c3:16:b0:75:74:5a:46:16:d5:58:16:84:7a:e6:d2:
01:06:dd:c9:2c:09:17:81:65:c1:9b:b7:cb:6d:11:
55:32:ec:7f:bd:c3:ca:06:fc:b0:8a:1e:3a:3a:14:
96:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AE:D4:7C:E4:53:A3:D1:9D:4F:23:DE:B7:57:05:B3:58:64:85:F0
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/zK7UfORTo9GdTyPet1cFs1hkhfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0-5.62.151.255
31.7.80.0/21
37.77.48.0/21
185.69.4.0/22
IPv6:
2a00:c9e0::/32
Signature Algorithm: sha256WithRSAEncryption
81:dc:b7:44:4c:e5:65:c2:80:45:e6:c3:35:7e:8f:1c:18:be:
57:e5:91:77:59:77:1e:78:1c:45:00:19:11:b4:dd:10:e9:1b:
59:25:85:84:02:b7:1f:30:fa:6b:e2:75:46:62:bd:ab:9a:ae:
eb:a0:9d:be:95:fe:20:b8:36:9f:1f:2d:34:d9:a7:28:69:aa:
85:ff:31:9a:f2:49:d0:07:37:25:06:39:53:04:5b:bd:d3:76:
72:c0:ef:d5:63:ef:1b:1a:a0:fe:8a:a5:e6:a7:90:b4:2f:50:
28:62:d0:b5:11:ad:c4:53:67:66:53:b3:c3:c6:96:74:53:61:
ac:1a:51:66:e0:3d:94:9a:da:6e:58:d6:bf:6d:42:97:30:d3:
fe:9b:d3:d2:50:cd:4c:ce:0c:86:0c:6f:bd:93:e5:72:4e:2d:
27:f9:68:86:c2:db:4e:09:19:a6:3e:4b:4a:be:06:1c:8a:d2:
60:a3:9d:cd:92:8b:47:3d:47:6e:8d:3c:2a:fe:e2:39:d6:bd:
3d:36:ae:34:69:35:dd:9c:53:d8:c3:53:4b:db:04:9f:33:25:
9e:c1:03:81:cc:4c:18:a8:e9:e7:90:99:06:a0:5b:e9:34:ed:
d5:71:29:ef:b3:31:da:d8:19:86:76:b3:6f:44:7d:06:83:f8:
a3:e5:14:f9
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYVvXfV+RgySxqdkg4KqsjoIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjMwMTAxMjIwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FlZDQ3Y2U0NTNhM2QxOWQ0ZjIzZGViNzU3MDViMzU4NjQ4NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXrGFonsviRRuWGIai6c796Vmcwm
0BvyHuIBpBfsT/vUCcxwi7EFnRwAI0G+Tgym9rt2G56LYfsLRF0z1xJIPink3osP
pxZ9nE57Fbo6csGU0+WndFFao0KJqC+ZaiS1AAHCqoTm6b4v+RIqaDHSzABwPVBa
19DWIFYGH4cx0rc2z7U4duAYZHqygM7kyZXsJApj5ZTnJHi+1sCe3btozKBcwcZ+
O48rlNigWSwgMIwszw1JdecVfxgYAjd/ddLNmJV6W1FPL9T9r/8NTy6JfaPDFrB1
dFpGFtVYFoR65tIBBt3JLAkXgWXBm7fLbRFVMux/vcPKBvywih46OhSWOQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFMyu1HzkU6PRnU8j3rdXBbNYZIXwMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEveks3VWZPUlRvOUdkVHlQZXQxY0ZzMWhraGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAcFPoAD
BAMFPpADBAMfB1ADBAMlTTADBAK5RQQwDQQCAAIwBwMFACoAyeAwDQYJKoZIhvcN
AQELBQADggEBAIHct0RM5WXCgEXmwzV+jxwYvlflkXdZdx54HEUAGRG03RDpG1kl
hYQCtx8w+mvidUZivauaruugnb6V/iC4Np8fLTTZpyhpqoX/MZrySdAHNyUGOVME
W73TdnLA79Vj7xsaoP6KpeankLQvUChi0LURrcRTZ2ZTs8PGlnRTYawaUWbgPZSa
2m5Y1r9tQpcw0/6b09JQzUzODIYMb72T5XJOLSf5aIbC204JGaY+S0q+BhyK0mCj
nc2Si0c9R26NPCr+4jnWvT02rjRpNd2cU9jDU0vbBJ8zJZ7BA4HMTBio6eeQmQag
W+k07dVxKe+zMdrYGYZ2s29EfQaD+KPlFPk=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org