Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/zE-RCnhNIidf6ycWuaP-hAG-CS0.roa
File: zE-RCnhNIidf6ycWuaP-hAG-CS0.roa (raw, json)
Hash identifier: hemIzH+3xrpPKaXgpM4x0FJDpERJFXiDm8UwQt7k63Y=
Subject key identifier: CC:4F:91:0A:78:4D:22:27:5F:EB:27:16:B9:A3:FE:84:01:BE:09:2D
Certificate issuer: /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial: 01877CDA6A5DE0EA5BFE31634D07AA474CFF
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/zE-RCnhNIidf6ycWuaP-hAG-CS0.roa
Signing time: Thu 13 Apr 2023 23:01:41 +0000
ROA not before: Thu 13 Apr 2023 23:01:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42313
IP address blocks: 79.106.242.0/23 maxlen: 23
79.106.244.0/23 maxlen: 23
79.106.240.0/21 maxlen: 21
79.106.246.0/23 maxlen: 23
79.106.255.0/24 maxlen: 24
79.106.254.0/24 maxlen: 24
185.171.146.0/24 maxlen: 24
185.171.144.0/23 maxlen: 23
79.106.84.0/24 maxlen: 24
79.106.90.0/24 maxlen: 24
79.106.95.0/24 maxlen: 24
79.106.96.0/19 maxlen: 19
79.106.94.0/23 maxlen: 23
79.106.104.0/24 maxlen: 24
79.106.102.0/24 maxlen: 24
79.106.103.0/24 maxlen: 24
79.106.101.0/24 maxlen: 24
79.106.107.0/24 maxlen: 24
79.106.118.0/23 maxlen: 23
79.106.117.0/24 maxlen: 24
79.106.125.0/24 maxlen: 24
79.106.123.0/24 maxlen: 24
79.106.124.0/24 maxlen: 24
79.106.122.0/24 maxlen: 24
79.106.120.0/24 maxlen: 24
79.106.127.0/24 maxlen: 24
79.106.128.0/19 maxlen: 19
79.106.126.0/24 maxlen: 24
79.106.32.0/19 maxlen: 19
79.106.37.0/24 maxlen: 24
79.106.56.0/22 maxlen: 22
79.106.64.0/19 maxlen: 19
79.106.64.0/24 maxlen: 24
79.106.77.0/24 maxlen: 24
79.106.192.0/19 maxlen: 19
79.106.195.0/24 maxlen: 24
79.106.194.0/23 maxlen: 23
79.106.196.0/24 maxlen: 24
79.106.205.0/24 maxlen: 24
79.106.204.0/24 maxlen: 24
79.106.210.0/24 maxlen: 24
79.106.211.0/24 maxlen: 24
79.106.209.0/24 maxlen: 24
79.106.207.0/24 maxlen: 24
79.106.215.0/24 maxlen: 24
79.106.214.0/24 maxlen: 24
79.106.218.0/23 maxlen: 23
79.106.220.0/24 maxlen: 24
79.106.224.0/19 maxlen: 19
79.106.229.0/24 maxlen: 24
79.106.230.0/24 maxlen: 24
79.106.228.0/24 maxlen: 24
79.106.232.0/22 maxlen: 22
79.106.240.0/23 maxlen: 23
79.106.160.0/19 maxlen: 19
79.106.176.0/21 maxlen: 21
79.106.0.0/24 maxlen: 24
79.106.0.0/19 maxlen: 19
79.106.0.0/17 maxlen: 17
79.106.0.0/16 maxlen: 16
217.24.240.0/21 maxlen: 21
217.24.240.0/20 maxlen: 20
217.24.248.0/21 maxlen: 21
217.24.248.0/24 maxlen: 24
217.24.254.0/24 maxlen: 24
2a05:fdc0::/32 maxlen: 32
2a05:fdc0:2200::/40 maxlen: 40
2a05:fdc0:3100::/40 maxlen: 40
2a05:fdc0:3200::/40 maxlen: 40
2a05:fdc2:6000::/36 maxlen: 36
2a05:fdc2:1000::/36 maxlen: 36
2a05:fdc2:9000::/36 maxlen: 36
2a05:fdc2:8000::/36 maxlen: 36
2a05:fdc2:7000::/36 maxlen: 36
2a05:fdc2:2000::/36 maxlen: 36
2a05:fdc2::/32 maxlen: 32
2a05:fdc2:3000::/36 maxlen: 36
2a05:fdc2:4000::/36 maxlen: 36
2a05:fdc0::/29 maxlen: 29
2a05:fdc1::/32 maxlen: 32
2a05:fdc0:1000::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7c:da:6a:5d:e0:ea:5b:fe:31:63:4d:07:aa:47:4c:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Validity
Not Before: Apr 13 23:01:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc4f910a784d22275feb2716b9a3fe8401be092d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b6:51:45:1c:3f:d5:d0:a1:37:da:a2:21:76:
7c:85:7b:6b:15:da:e2:ff:49:90:d8:07:99:06:49:
eb:62:0b:04:85:06:4d:da:62:b5:37:14:91:e6:fa:
72:14:ac:79:2d:7a:80:3e:d7:6a:54:16:b7:b8:ab:
89:15:eb:22:d7:d1:c6:6c:14:79:20:7a:8c:2d:18:
d1:25:99:26:11:84:ad:b4:b6:51:8a:cc:d8:04:d5:
c6:84:b7:fb:db:15:e7:97:00:b9:d2:5f:6e:70:73:
99:52:fd:ce:80:93:55:87:07:65:c8:c7:5a:c0:6e:
bc:6e:2b:c1:37:98:9a:36:69:b1:f1:52:0d:1b:33:
c4:59:02:9c:0a:b2:48:e2:5b:e2:c4:76:fc:19:2c:
72:c6:74:32:ee:7b:0f:72:6a:a8:5c:e7:1e:12:6d:
b3:ce:54:69:93:e5:05:90:97:07:da:91:23:ad:73:
0e:44:c0:7b:9f:93:a5:3d:38:2d:98:4b:97:ed:aa:
34:6e:0e:53:b7:53:d3:53:1b:9b:c4:21:f8:51:8a:
10:0d:52:82:67:20:aa:ac:d8:f3:74:95:68:32:97:
40:2e:47:4d:b8:9d:94:e3:0a:ba:6f:2b:b9:52:3d:
4b:12:45:ea:0f:d8:6e:a3:c3:b8:77:94:0a:f7:cb:
75:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4F:91:0A:78:4D:22:27:5F:EB:27:16:B9:A3:FE:84:01:BE:09:2D
X509v3 Authority Key Identifier:
keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/zE-RCnhNIidf6ycWuaP-hAG-CS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.106.0.0/16
185.171.144.0-185.171.146.255
217.24.240.0/20
IPv6:
2a05:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
0b:d8:7c:5e:16:d0:26:26:3c:ee:71:f7:b8:43:d0:72:3c:01:
a2:be:d7:44:54:3f:ec:3c:20:2b:ad:4a:c3:35:1a:33:f8:48:
9a:8c:69:05:36:09:ae:8d:e3:d2:54:9b:62:42:ed:32:57:c1:
2d:a7:11:11:e0:cb:40:2e:ff:9b:60:90:50:e9:2a:a8:4e:c4:
74:90:72:62:7f:f9:a9:85:4d:67:16:63:8e:be:e7:c0:0b:52:
0e:f2:01:e4:d7:4a:c7:a8:a0:b6:85:e9:23:e1:54:8a:c2:d5:
10:a2:51:9d:3b:ac:5b:34:e5:9d:ed:69:ba:08:57:fb:4b:9a:
39:47:28:dc:26:93:c5:61:b5:fa:7e:14:79:21:27:c1:92:f8:
b0:e5:4f:49:b6:93:c3:36:d8:8e:fb:7a:e9:09:49:71:c1:04:
e3:36:59:a0:bf:af:9f:cc:b5:92:ca:6a:9b:f7:87:a0:d2:8a:
48:53:2d:57:05:5a:ce:88:f0:24:fd:a7:20:b7:62:54:3f:1f:
eb:1d:88:e4:0c:41:8d:3b:6c:61:a5:c6:53:d4:a0:d7:80:30:
2a:2d:8e:27:ba:4d:9e:6b:9c:85:87:59:b6:32:7c:cc:2c:24:
ac:7d:3e:1c:a0:3c:21:9a:1d:00:d7:ba:f3:0c:8e:5c:41:72:
a9:4e:05:18
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYd82mpd4Opb/jFjTQeqR0z/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjMwNDEzMjMwMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRmOTEwYTc4NGQyMjI3NWZlYjI3MTZiOWEzZmU4NDAxYmUwOTJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbZRRRw/1dChN9qiIXZ8hXtrFdri
/0mQ2AeZBknrYgsEhQZN2mK1NxSR5vpyFKx5LXqAPtdqVBa3uKuJFesi19HGbBR5
IHqMLRjRJZkmEYSttLZRiszYBNXGhLf72xXnlwC50l9ucHOZUv3OgJNVhwdlyMda
wG68bivBN5iaNmmx8VINGzPEWQKcCrJI4lvixHb8GSxyxnQy7nsPcmqoXOceEm2z
zlRpk+UFkJcH2pEjrXMORMB7n5OlPTgtmEuX7ao0bg5Tt1PTUxubxCH4UYoQDVKC
ZyCqrNjzdJVoMpdALkdNuJ2U4wq6byu5Uj1LEkXqD9huo8O4d5QK98t1xQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFMxPkQp4TSInX+snFrmj/oQBvgktMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvekUtUkNuaE5JaWRmNnljV3VhUC1oQUctQ1MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwMAT2owDAME
BLmrkAMEALmrkgMEBNkY8DANBAIAAjAHAwUDKgX9wDANBgkqhkiG9w0BAQsFAAOC
AQEAC9h8XhbQJiY87nH3uEPQcjwBor7XRFQ/7DwgK61KwzUaM/hImoxpBTYJro3j
0lSbYkLtMlfBLacREeDLQC7/m2CQUOkqqE7EdJByYn/5qYVNZxZjjr7nwAtSDvIB
5NdKx6igtoXpI+FUisLVEKJRnTusWzTlne1pughX+0uaOUco3CaTxWG1+n4UeSEn
wZL4sOVPSbaTwzbYjvt66QlJccEE4zZZoL+vn8y1kspqm/eHoNKKSFMtVwVazojw
JP2nILdiVD8f6x2I5AxBjTtsYaXGU9Sg14AwKi2OJ7pNnmuchYdZtjJ8zCwkrH0+
HKA8IZodANe68wyOXEFyqU4FGA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:32 2023 by rpki-client on console-ams.rpki-client.org