Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa
File: ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa (raw, json)
Hash identifier: yRznUs+tJf8sEP0R42ss8Mn59DRzE3108JvvuY8QEfo=
Subject key identifier: 64:FB:D2:01:8D:06:30:1E:60:38:37:CF:00:C0:BE:4C:63:4B:FE:F4
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01856D53F2C7E41E3B1ED98FACA0A5B71D61
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa
Signing time: Sun 01 Jan 2023 12:34:56 +0000
ROA not before: Sun 01 Jan 2023 12:34:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207743
IP address blocks: 188.74.129.0/24 maxlen: 24
188.74.132.0/22 maxlen: 24
188.119.156.0/23 maxlen: 24
5.154.252.0/23 maxlen: 23
5.157.130.0/23 maxlen: 23
5.157.129.0/24 maxlen: 24
5.154.254.0/23 maxlen: 23
37.35.42.0/23 maxlen: 23
37.35.40.0/23 maxlen: 23
178.157.72.0/22 maxlen: 24
188.74.210.0/23 maxlen: 23
178.157.102.0/23 maxlen: 23
188.74.240.0/22 maxlen: 24
188.74.140.0/22 maxlen: 22
188.74.168.0/23 maxlen: 23
188.74.182.0/23 maxlen: 23
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:f2:c7:e4:1e:3b:1e:d9:8f:ac:a0:a5:b7:1d:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 1 12:34:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64fbd2018d06301e603837cf00c0be4c634bfef4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8e:54:26:22:d9:94:95:24:df:86:4d:1e:92:
e5:83:49:a7:53:d9:70:21:42:08:83:d1:3f:04:ba:
d0:2a:0e:6a:b9:84:88:29:01:70:ca:05:c0:03:33:
fc:91:44:72:ed:12:1a:31:37:06:23:89:3c:67:93:
de:ad:a0:8e:db:3b:1d:28:15:04:c7:9c:b3:aa:6f:
8f:c4:87:6c:db:9b:45:28:3d:fe:a4:8f:74:16:97:
73:85:50:ae:94:d3:5e:2e:63:81:ea:7d:97:8d:6b:
40:ba:c5:eb:0f:50:d6:6f:8a:90:4b:ce:af:a6:ee:
1f:18:4d:e5:49:b3:ea:30:4f:68:f9:45:7f:31:a5:
af:8a:a4:a5:0c:b0:be:ab:00:2a:a1:31:83:62:32:
ee:45:e3:8e:c5:e3:2b:9f:75:a0:21:0f:54:e0:cd:
47:00:c0:8e:f1:5c:aa:15:3e:b3:21:61:e8:e8:8e:
aa:0e:23:37:60:c1:50:d8:79:d5:5e:bf:04:f4:fb:
eb:15:27:dd:13:93:03:84:63:4e:72:11:6c:0e:58:
f3:d7:a8:41:17:4b:3d:6d:c7:5b:9b:e0:c3:f7:e0:
92:ee:5c:eb:eb:29:d6:cd:31:6d:a9:88:ce:c6:f2:
77:ff:71:c8:02:0f:1d:80:2a:5b:c6:4c:2d:68:88:
bb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:FB:D2:01:8D:06:30:1E:60:38:37:CF:00:C0:BE:4C:63:4B:FE:F4
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ZPvSAY0GMB5gODfPAMC-TGNL_vQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.252.0/22
5.157.129.0-5.157.131.255
37.35.40.0/22
178.157.72.0/22
178.157.102.0/23
188.74.129.0/24
188.74.132.0/22
188.74.140.0/22
188.74.168.0/23
188.74.182.0/23
188.74.210.0/23
188.74.240.0/22
188.119.156.0/23
Signature Algorithm: sha256WithRSAEncryption
53:48:aa:d7:e1:fb:81:31:14:51:c7:37:e4:6d:92:d7:b2:e6:
eb:48:5a:a5:88:60:f2:66:56:f8:d8:9c:90:b6:0c:78:89:50:
de:ef:2f:e2:5d:10:3e:38:83:98:bd:04:b9:75:f6:d5:0d:cd:
1d:3d:f4:09:56:0c:00:c3:6a:a1:24:0b:75:3b:6d:3d:ee:f2:
0f:21:eb:ca:a4:8b:40:ba:ff:d3:2d:9d:e8:71:fa:5e:fc:75:
58:64:4c:a1:f5:ba:f6:4c:2c:29:57:e8:2e:06:c7:ae:64:24:
9b:42:cf:73:0c:15:20:a4:5b:1d:fb:2a:a1:cc:5b:f9:aa:87:
c4:e0:75:5c:e2:9b:87:ed:fc:25:4a:92:f7:81:ae:ec:58:f4:
e5:6b:7d:55:68:56:8a:ba:47:ca:5b:ce:0a:fd:e0:85:d6:de:
96:ab:c2:49:60:9a:49:2d:60:76:79:de:1d:a0:74:d1:eb:1e:
5b:8a:7c:2e:59:f2:fe:9d:cf:98:cb:fe:11:49:d4:c0:a6:bc:
27:1f:00:3e:ff:ab:95:dc:c4:51:44:32:c6:84:6b:5f:3e:29:
da:83:88:dd:b3:fd:19:fa:c7:9b:ba:07:8f:23:12:45:e3:ae:
a0:83:75:05:14:27:b7:43:9e:17:43:b4:d0:38:c5:10:5d:7a:
30:42:9c:91
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYVtU/LH5B47HtmPrKCltx1hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjMwMTAxMTIzNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGZiZDIwMThkMDYzMDFlNjAzODM3Y2YwMGMwYmU0YzYzNGJmZWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh45UJiLZlJUk34ZNHpLlg0mnU9lw
IUIIg9E/BLrQKg5quYSIKQFwygXAAzP8kURy7RIaMTcGI4k8Z5PeraCO2zsdKBUE
x5yzqm+PxIds25tFKD3+pI90FpdzhVCulNNeLmOB6n2XjWtAusXrD1DWb4qQS86v
pu4fGE3lSbPqME9o+UV/MaWviqSlDLC+qwAqoTGDYjLuReOOxeMrn3WgIQ9U4M1H
AMCO8VyqFT6zIWHo6I6qDiM3YMFQ2HnVXr8E9PvrFSfdE5MDhGNOchFsDljz16hB
F0s9bcdbm+DD9+CS7lzr6ynWzTFtqYjOxvJ3/3HIAg8dgCpbxkwtaIi7bQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFGT70gGNBjAeYDg3zwDAvkxjS/70MB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWlB2U0FZMEdNQjVnT0RmUEFNQy1UR05MX3ZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQCBZr8MAwD
BAAFnYEDBAIFnYADBAIlIygDBAKynUgDBAGynWYDBAC8SoEDBAK8SoQDBAK8SowD
BAG8SqgDBAG8SrYDBAG8StIDBAK8SvADBAG8d5wwDQYJKoZIhvcNAQELBQADggEB
AFNIqtfh+4ExFFHHN+Rtktey5utIWqWIYPJmVvjYnJC2DHiJUN7vL+JdED44g5i9
BLl19tUNzR099AlWDADDaqEkC3U7bT3u8g8h68qki0C6/9Mtnehx+l78dVhkTKH1
uvZMLClX6C4Gx65kJJtCz3MMFSCkWx37KqHMW/mqh8TgdVzim4ft/CVKkveBruxY
9OVrfVVoVoq6R8pbzgr94IXW3parwklgmkktYHZ53h2gdNHrHluKfC5Z8v6dz5jL
/hFJ1MCmvCcfAD7/q5XcxFFEMsaEa18+KdqDiN2z/Rn6x5u6B48jEkXjrqCDdQUU
J7dDnhdDtNA4xRBdejBCnJE=
-----END CERTIFICATE-----
Generated at Mon Jan 1 13:24:25 2024 by rpki-client on console-fra.rpki-client.org