Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa
File: ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa (raw, json)
Hash identifier: dVluysOuem+R4SwWakLiHaFwjG+l/x/vdYEeCySqX2Q=
Subject key identifier: 65:BB:12:61:14:BA:BE:E5:AA:B0:0B:67:93:F9:82:68:7E:16:6D:86
Certificate issuer: /CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Certificate serial: 0188480AC1B390A2DE8E5F62B2722CB93CAF
Authority key identifier: 05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa
Signing time: Tue 23 May 2023 09:57:24 +0000
ROA not before: Tue 23 May 2023 09:57:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29422
IP address blocks: 194.29.192.0/21 maxlen: 21
81.17.192.0/21 maxlen: 21
109.75.224.0/21 maxlen: 21
194.79.16.0/22 maxlen: 22
185.123.116.0/22 maxlen: 22
80.69.160.0/21 maxlen: 21
80.69.168.0/22 maxlen: 22
2a01:51c0::/29 maxlen: 29
2001:1bc8::/32 maxlen: 32
2a01:51c1::/32 maxlen: 32
2001:1bc8::/29 maxlen: 29
2a01:51c0::/32 maxlen: 32
2001:67c:70::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:48:0a:c1:b3:90:a2:de:8e:5f:62:b2:72:2c:b9:3c:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=053d04e72bb249c79eb1168cf1d43a3ca548c206
Validity
Not Before: May 23 09:57:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65bb126114babee5aab00b6793f982687e166d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:27:e0:ac:c0:36:d7:a6:a5:cb:a5:18:bb:5d:
88:f2:44:b7:e8:cf:be:d9:18:6d:b9:7f:1e:2b:ce:
2f:d2:3f:55:69:03:3b:36:c2:b3:98:6c:ad:22:55:
83:e6:eb:a0:b0:9d:96:05:76:21:41:81:00:06:95:
c7:af:46:8a:f3:57:4f:c6:bf:76:50:65:d4:5b:9d:
81:5f:e8:9c:1f:c3:c6:b3:40:50:7e:65:30:04:b8:
93:d9:8c:7a:ad:25:7b:9f:70:c6:c2:00:a8:87:b8:
21:2b:0a:db:6c:94:72:67:a9:80:40:5a:61:26:48:
90:c5:e2:c9:8e:e1:96:19:5c:26:43:b9:eb:06:ad:
c4:b6:18:cd:09:57:60:af:11:35:ff:91:5c:63:0e:
6b:8e:70:40:a9:ff:dc:8d:08:cf:54:d9:5a:67:e3:
bf:a6:02:af:56:d1:58:c4:45:a2:42:86:22:db:48:
f6:dd:7b:7d:90:e6:18:3f:ff:2d:42:7d:d4:36:c3:
1c:4d:d6:f1:2d:89:94:e0:9e:4c:a9:9f:80:82:6f:
6a:73:ec:2c:88:52:f1:46:81:39:37:dc:a6:7d:d7:
21:58:6f:ba:30:f4:a3:65:9d:4b:2e:bc:aa:84:a1:
e8:ee:51:6d:0a:98:c6:2e:e2:20:76:32:5a:77:f5:
8c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BB:12:61:14:BA:BE:E5:AA:B0:0B:67:93:F9:82:68:7E:16:6D:86
X509v3 Authority Key Identifier:
keyid:05:3D:04:E7:2B:B2:49:C7:9E:B1:16:8C:F1:D4:3A:3C:A5:48:C2:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BT0E5yuySceesRaM8dQ6PKVIwgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/ZbsSYRS6vuWqsAtnk_mCaH4WbYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/3550b4-51b5-448b-ab62-2a813dbf4582/1/BT0E5yuySceesRaM8dQ6PKVIwgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.160.0-80.69.171.255
81.17.192.0/21
109.75.224.0/21
185.123.116.0/22
194.29.192.0/21
194.79.16.0/22
IPv6:
2001:67c:70::/48
2001:1bc8::/29
2a01:51c0::/29
Signature Algorithm: sha256WithRSAEncryption
a3:f1:a3:27:43:02:e7:0b:4f:76:7c:1f:41:bf:6d:53:4b:c4:
d4:e3:68:fe:24:15:53:56:65:d2:f6:d2:a4:16:54:04:9b:de:
ef:4c:ff:42:43:5e:64:8f:a7:b4:29:c2:09:ee:44:e2:32:bf:
c5:7e:16:34:42:d6:c7:a6:4c:88:f2:da:0f:60:ed:34:73:bc:
5f:37:90:5d:d5:a4:18:cf:82:96:f7:82:5b:b0:d5:99:9a:d8:
47:87:6e:5b:90:8a:fe:7e:9c:42:3a:bb:a3:e4:6e:33:43:04:
28:67:4b:7d:54:8f:dd:68:bf:eb:ea:50:83:51:59:12:ed:30:
d1:97:82:5f:4e:49:5c:1b:af:18:eb:47:f8:f2:2c:88:6e:b8:
6b:a1:10:00:6e:2c:e1:01:c1:08:68:6f:8e:d4:38:2f:e5:4a:
6e:13:d5:85:9d:f7:38:0d:3d:66:42:16:f4:11:70:a2:1f:ef:
cd:e4:fa:9e:de:de:d7:61:6f:ee:55:77:aa:e4:58:cb:80:00:
40:a9:fb:6d:66:7b:c2:05:6d:89:04:d2:76:ba:8c:f9:a9:a7:
09:27:81:a5:43:e1:bf:7c:84:9c:09:d2:f1:bf:72:e8:06:86:
b9:f6:5c:df:d0:ca:88:69:2a:e6:ea:cd:4d:16:17:34:82:f2:
7f:ca:8e:f4
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYhICsGzkKLejl9isnIsuTyvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1M2QwNGU3MmJiMjQ5Yzc5ZWIxMTY4Y2YxZDQzYTNjYTU0
OGMyMDYwHhcNMjMwNTIzMDk1NzI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJiMTI2MTE0YmFiZWU1YWFiMDBiNjc5M2Y5ODI2ODdlMTY2ZDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSfgrMA216aly6UYu12I8kS36M++
2RhtuX8eK84v0j9VaQM7NsKzmGytIlWD5uugsJ2WBXYhQYEABpXHr0aK81dPxr92
UGXUW52BX+icH8PGs0BQfmUwBLiT2Yx6rSV7n3DGwgCoh7ghKwrbbJRyZ6mAQFph
JkiQxeLJjuGWGVwmQ7nrBq3EthjNCVdgrxE1/5FcYw5rjnBAqf/cjQjPVNlaZ+O/
pgKvVtFYxEWiQoYi20j23Xt9kOYYP/8tQn3UNsMcTdbxLYmU4J5MqZ+Agm9qc+ws
iFLxRoE5N9ymfdchWG+6MPSjZZ1LLryqhKHo7lFtCpjGLuIgdjJad/WM/wIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGW7EmEUur7lqrALZ5P5gmh+Fm2GMB8GA1UdIwQY
MBaAFAU9BOcrsknHnrEWjPHUOjylSMIGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjIt
MmE4MTNkYmY0NTgyLzEvWmJzU1lSUzZ2dVdxc0F0bmtfbUNhSDRXYllZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8zNTUwYjQtNTFiNS00NDhiLWFiNjItMmE4MTNkYmY0NTgy
LzEvQlQwRTV5dXlTY2Vlc1JhTThkUTZQS1ZJd2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAyBAIAATAsMAwDBAVQRaAD
BAJQRagDBANREcADBANtS+ADBAK5e3QDBAPCHcADBALCTxAwHQQCAAIwFwMHACAB
BnwAcAMFAyABG8gDBQMqAVHAMA0GCSqGSIb3DQEBCwUAA4IBAQCj8aMnQwLnC092
fB9Bv21TS8TU42j+JBVTVmXS9tKkFlQEm97vTP9CQ15kj6e0KcIJ7kTiMr/FfhY0
QtbHpkyI8toPYO00c7xfN5Bd1aQYz4KW94JbsNWZmthHh25bkIr+fpxCOruj5G4z
QwQoZ0t9VI/daL/r6lCDUVkS7TDRl4JfTklcG68Y60f48iyIbrhroRAAbizhAcEI
aG+O1Dgv5UpuE9WFnfc4DT1mQhb0EXCiH+/N5Pqe3t7XYW/uVXeq5FjLgABAqftt
ZnvCBW2JBNJ2uoz5qacJJ4GlQ+G/fIScCdLxv3LoBoa59lzf0MqIaSrm6s1NFhc0
gvJ/yo70
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:08 2023 by rpki-client on console-ams.rpki-client.org