Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1yxTIaqjAaMLxN8Ta4tBKrVBSz8.roa
File: 1yxTIaqjAaMLxN8Ta4tBKrVBSz8.roa (raw, json)
Hash identifier: LztKSYDnznd38OgXm2zH68MswcPKnUtvUrBiOpXZGnk=
Subject key identifier: D7:2C:53:21:AA:A3:01:A3:0B:C4:DF:13:6B:8B:41:2A:B5:41:4B:3F
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 01856F5DC32CC45F8235108674FBBF8154CE
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1yxTIaqjAaMLxN8Ta4tBKrVBSz8.roa
Signing time: Sun 01 Jan 2023 22:04:53 +0000
ROA not before: Sun 01 Jan 2023 22:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8447
IP address blocks: 212.183.0.0/17 maxlen: 17
80.75.56.0/21 maxlen: 21
192.164.128.0/19 maxlen: 19
178.188.0.0/14 maxlen: 14
93.82.0.0/15 maxlen: 15
213.33.63.0/24 maxlen: 24
188.45.0.0/16 maxlen: 16
193.187.212.0/22 maxlen: 22
192.164.64.0/21 maxlen: 21
193.187.216.0/21 maxlen: 21
193.187.224.0/20 maxlen: 20
192.164.80.0/20 maxlen: 20
91.112.0.0/14 maxlen: 14
193.187.240.0/22 maxlen: 22
192.164.96.0/19 maxlen: 19
213.33.0.0/17 maxlen: 17
80.75.34.0/24 maxlen: 24
80.75.32.0/19 maxlen: 19
192.164.224.0/19 maxlen: 19
88.116.0.0/15 maxlen: 15
93.111.0.0/16 maxlen: 16
195.3.64.0/18 maxlen: 18
188.20.0.0/14 maxlen: 14
89.144.192.0/18 maxlen: 18
46.74.0.0/15 maxlen: 15
194.48.124.0/22 maxlen: 22
194.48.128.0/21 maxlen: 21
194.48.136.0/22 maxlen: 22
194.48.136.0/24 maxlen: 24
192.164.208.0/20 maxlen: 20
176.66.0.0/18 maxlen: 18
80.240.224.0/20 maxlen: 20
192.164.0.0/19 maxlen: 19
88.116.217.0/24 maxlen: 24
192.164.32.0/22 maxlen: 22
192.164.40.0/21 maxlen: 21
192.164.39.0/24 maxlen: 24
176.66.128.0/17 maxlen: 17
192.164.48.0/20 maxlen: 20
92.248.0.0/17 maxlen: 17
84.20.160.0/19 maxlen: 19
80.120.0.0/14 maxlen: 14
46.206.0.0/15 maxlen: 15
62.46.0.0/15 maxlen: 15
2001:4bb8::/29 maxlen: 29
2001:890::/29 maxlen: 29
2001:870::/29 maxlen: 29
2001:850::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:5d:c3:2c:c4:5f:82:35:10:86:74:fb:bf:81:54:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 22:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d72c5321aaa301a30bc4df136b8b412ab5414b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a0:8a:7e:e5:bc:1d:2f:5c:1d:99:c2:89:29:
c2:cb:73:fe:7d:af:de:67:17:a6:21:71:2d:30:9d:
3f:d2:5b:0b:5f:e8:aa:d8:f0:da:55:e1:b3:5b:88:
f8:e1:0d:13:82:90:56:d6:66:6d:22:c1:b3:17:fd:
6f:85:a1:01:fd:53:c5:eb:e9:1e:19:01:54:1c:3e:
63:a2:31:fe:22:49:cb:b2:b8:88:29:e3:70:e5:b9:
8f:68:95:a2:37:7b:71:5e:38:bd:bb:be:23:9d:d7:
cc:99:68:2e:8a:2b:ab:a3:7f:61:27:29:1e:69:17:
3c:f5:8c:7d:cf:5d:10:dc:0c:2c:63:03:62:f1:a6:
c1:56:e2:fa:e6:42:29:e3:b8:44:82:76:a2:fb:17:
a7:6a:a7:12:d1:d3:e0:d1:58:1b:7a:5b:64:2f:30:
55:12:a1:07:81:0c:58:d1:7c:2a:7a:a8:22:22:ed:
83:53:21:0a:3c:25:1f:b9:fc:7d:eb:a2:9f:4d:91:
81:d2:1c:3e:58:2e:e1:af:2e:cb:79:41:f3:2b:65:
99:43:43:ba:51:98:11:6f:b0:a5:bb:42:62:e3:1c:
96:f8:84:f0:16:94:af:1e:44:57:cb:84:6e:79:95:
00:c0:8a:f8:24:2d:34:c6:88:6d:52:bd:7c:e9:a5:
dd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:2C:53:21:AA:A3:01:A3:0B:C4:DF:13:6B:8B:41:2A:B5:41:4B:3F
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/1yxTIaqjAaMLxN8Ta4tBKrVBSz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.74.0.0/15
46.206.0.0/15
62.46.0.0/15
80.75.32.0/19
80.120.0.0/14
80.240.224.0/20
84.20.160.0/19
88.116.0.0/15
89.144.192.0/18
91.112.0.0/14
92.248.0.0/17
93.82.0.0/15
93.111.0.0/16
176.66.0.0/18
176.66.128.0/17
178.188.0.0/14
188.20.0.0/14
188.45.0.0/16
192.164.0.0-192.164.35.255
192.164.39.0-192.164.71.255
192.164.80.0-192.164.159.255
192.164.208.0-192.164.255.255
193.187.212.0-193.187.243.255
194.48.124.0-194.48.139.255
195.3.64.0/18
212.183.0.0/17
213.33.0.0/17
IPv6:
2001:850::/29
2001:870::/29
2001:890::/29
2001:4bb8::/29
Signature Algorithm: sha256WithRSAEncryption
c0:9a:92:5c:d7:95:1a:68:7c:47:90:18:af:19:95:47:de:2a:
dc:68:dd:46:4a:98:f2:50:7d:44:9c:b5:7b:97:e9:3b:f0:ad:
96:5d:34:be:b6:fd:48:ba:42:27:4a:d0:af:30:23:5b:5d:52:
7a:5b:7d:ff:e7:1c:0d:ea:b4:7e:15:ad:7f:76:00:d7:90:d2:
ff:a7:b7:83:82:ed:b3:58:5f:d1:06:fb:05:78:4e:0b:24:42:
79:85:15:2d:07:d3:d6:23:32:0c:e4:e7:71:9b:15:74:3e:61:
10:d7:32:f9:97:bf:3c:85:97:2e:ef:20:19:00:c9:6e:46:f9:
fd:eb:26:d3:e0:b9:19:c1:80:0e:b7:93:ae:66:de:ba:88:88:
a7:bb:88:f6:43:44:3f:f4:e0:d1:e2:f2:07:1f:db:e8:c5:e2:
f5:b8:18:ba:20:8b:7b:da:6b:30:08:25:9b:3c:9b:5b:a6:b8:
c4:8a:5c:b6:dc:18:ab:19:7c:6e:68:2a:15:fe:51:70:63:2a:
2b:52:bb:95:f6:c5:46:eb:c7:1d:d1:3a:18:41:0a:c2:99:22:
34:e6:b8:6c:3b:c2:b6:5d:a8:d6:cf:d1:4c:65:a7:44:52:7a:
d2:d0:e3:d1:73:6b:96:70:2f:08:fc:ea:0c:6e:fa:0e:2a:46:
53:54:cd:9a
-----BEGIN CERTIFICATE-----
MIIF5jCCBM6gAwIBAgISAYVvXcMsxF+CNRCGdPu/gVTOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjMwMTAxMjIwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzJjNTMyMWFhYTMwMWEzMGJjNGRmMTM2YjhiNDEyYWI1NDE0YjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKCKfuW8HS9cHZnCiSnCy3P+fa/e
ZxemIXEtMJ0/0lsLX+iq2PDaVeGzW4j44Q0TgpBW1mZtIsGzF/1vhaEB/VPF6+ke
GQFUHD5jojH+IknLsriIKeNw5bmPaJWiN3txXji9u74jndfMmWguiiuro39hJyke
aRc89Yx9z10Q3AwsYwNi8abBVuL65kIp47hEgnai+xenaqcS0dPg0VgbeltkLzBV
EqEHgQxY0XwqeqgiIu2DUyEKPCUfufx966KfTZGB0hw+WC7hry7LeUHzK2WZQ0O6
UZgRb7Clu0Ji4xyW+ITwFpSvHkRXy4RueZUAwIr4JC00xohtUr186aXdqwIDAQAB
o4IC8jCCAu4wHQYDVR0OBBYEFNcsUyGqowGjC8TfE2uLQSq1QUs/MB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvMXl4VElhcWpBYU1MeE44VGE0dEJLclZCU3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBgYIKwYBBQUHAQcBAf8EgfYwgfMwgcwEAgABMIHFAwMB
LkoDAwEuzgMDAT4uAwQFUEsgAwMCUHgDBARQ8OADBAVUFKADAwFYdAMEBlmQwAMD
AltwAwQHXPgAAwMBXVIDAwBdbwMEBrBCAAMEB7BCgAMDArK8AwMCvBQDAwC8LTAL
AwMCwKQDBALApCAwDAMEAMCkJwMEA8CkQDAMAwQEwKRQAwQFwKSAMAsDBATApNAD
AwDApDAMAwQCwbvUAwQCwbvwMAwDBALCMHwDBALCMIgDBAbDA0ADBAfUtwADBAfV
IQAwIgQCAAIwHAMFAyABCFADBQMgAQhwAwUDIAEIkAMFAyABS7gwDQYJKoZIhvcN
AQELBQADggEBAMCaklzXlRpofEeQGK8ZlUfeKtxo3UZKmPJQfUSctXuX6TvwrZZd
NL62/Ui6QidK0K8wI1tdUnpbff/nHA3qtH4VrX92ANeQ0v+nt4OC7bNYX9EG+wV4
TgskQnmFFS0H09YjMgzk53GbFXQ+YRDXMvmXvzyFly7vIBkAyW5G+f3rJtPguRnB
gA63k65m3rqIiKe7iPZDRD/04NHi8gcf2+jF4vW4GLogi3vaazAIJZs8m1umuMSK
XLbcGKsZfG5oKhX+UXBjKitSu5X2xUbrxx3ROhhBCsKZIjTmuGw7wrZdqNbP0Uxl
p0RSetLQ49Fza5ZwLwj86gxu+g4qRlNUzZo=
-----END CERTIFICATE-----
Generated at Tue Aug 22 08:12:29 2023 by rpki-client on console-fra.rpki-client.org