Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/sZVd2Iugy_yoXk2o1Hgu9mlqY_w.roa
File: sZVd2Iugy_yoXk2o1Hgu9mlqY_w.roa (raw, json)
Hash identifier: uJ/GyQN7Pep5MEe3Y1NA85mgMmOODavkW3GbNrXw+2Y=
Subject key identifier: B1:95:5D:D8:8B:A0:CB:FC:A8:5E:4D:A8:D4:78:2E:F6:69:6A:63:FC
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018A5F44475EE2D8E812266FCB13C5EC92E5
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/sZVd2Iugy_yoXk2o1Hgu9mlqY_w.roa
Signing time: Mon 04 Sep 2023 08:17:04 +0000
ROA not before: Mon 04 Sep 2023 08:17:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20473
IP address blocks: 45.88.160.0/22 maxlen: 24
45.83.148.0/22 maxlen: 24
45.88.168.0/22 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
45.92.124.0/22 maxlen: 24
185.166.152.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/23 maxlen: 24
92.119.40.0/22 maxlen: 24
45.128.72.0/22 maxlen: 24
45.15.124.0/22 maxlen: 24
45.15.128.0/22 maxlen: 24
45.86.76.0/22 maxlen: 24
45.86.72.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.89.96.0/22 maxlen: 24
45.92.192.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.112.0/22 maxlen: 24
45.9.16.0/22 maxlen: 24
45.12.128.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
45.83.84.0/22 maxlen: 24
45.82.244.0/22 maxlen: 24
185.153.180.0/22 maxlen: 24
45.82.248.0/22 maxlen: 24
45.89.196.0/22 maxlen: 24
213.59.112.0/20 maxlen: 24
171.22.116.0/22 maxlen: 24
45.15.184.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
171.22.120.0/22 maxlen: 24
2a0b:a0c0::/29 maxlen: 48
2a0d:e000::/29 maxlen: 48
2a13:4bc0::/29 maxlen: 48
2a09:b440::/48 maxlen: 48
2a09:96c0::/29 maxlen: 48
2a09:ae80::/29 maxlen: 48
2a06:e5c0::/29 maxlen: 48
2a0a:d040::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:5f:44:47:5e:e2:d8:e8:12:26:6f:cb:13:c5:ec:92:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 4 08:17:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b1955dd88ba0cbfca85e4da8d4782ef6696a63fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:bf:e7:bf:7b:0e:8b:16:8a:b9:4a:62:85:01:
fe:ec:98:3e:c9:55:0f:4b:7a:b6:fc:f0:c5:80:c1:
5a:00:40:26:73:7f:fe:f3:a8:5c:c5:41:4d:68:00:
09:d6:08:c5:d1:b0:44:2e:ad:d3:76:81:3f:b0:be:
84:19:db:96:97:39:1b:b9:38:b1:e5:4b:11:b6:f5:
3c:b0:b8:20:11:3a:c0:f9:42:41:09:12:03:bb:6f:
97:92:c2:be:1f:c1:d3:35:25:43:e8:99:6a:f4:14:
13:39:5d:9f:a4:db:0a:d1:1c:f8:0c:48:47:c9:2a:
73:e4:86:cf:e4:65:e9:2e:de:c2:40:43:87:4b:dc:
04:a4:50:3b:76:d2:39:5c:91:26:95:74:ea:ee:75:
50:fd:92:04:1b:20:f7:1c:95:5f:00:66:69:55:14:
51:14:de:4a:a8:cf:21:c6:95:9d:d2:45:50:b3:6f:
1a:2c:d3:86:6b:b9:8a:72:9f:23:59:50:21:76:5f:
d2:0c:05:9f:d1:44:d7:d0:91:2e:b7:2e:36:f2:20:
2f:be:f6:a7:2e:4b:25:01:ed:1d:2a:d2:dd:fe:eb:
d4:19:07:a1:bc:fe:b7:88:b0:44:82:28:3e:d9:95:
51:b7:d0:95:e1:da:b0:ad:b1:d1:c6:35:83:75:fa:
47:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:95:5D:D8:8B:A0:CB:FC:A8:5E:4D:A8:D4:78:2E:F6:69:6A:63:FC
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/sZVd2Iugy_yoXk2o1Hgu9mlqY_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.172.0-2.56.179.255
31.12.92.0/22
45.9.16.0/22
45.12.108.0-45.12.115.255
45.12.128.0/22
45.12.136.0/22
45.15.124.0-45.15.131.255
45.15.184.0/22
45.82.244.0-45.82.251.255
45.83.84.0/22
45.83.140.0/22
45.83.148.0/22
45.86.72.0/21
45.88.160.0/22
45.88.168.0/22
45.89.96.0/21
45.89.196.0/22
45.92.124.0/22
45.92.160.0/22
45.92.192.0/22
45.128.72.0/22
92.119.40.0/22
171.22.116.0-171.22.123.255
185.149.20.0/22
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.71.255
185.166.152.0/22
185.166.160.0/22
194.33.36.0/22
194.76.136.0/22
213.59.112.0/20
IPv6:
2a06:e5c0::/29
2a09:96c0::/29
2a09:ae80::/29
2a09:b440::/48
2a0a:d040::/29
2a0b:a0c0::/29
2a0d:e000::/29
2a13:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
1c:17:14:fb:68:d7:1e:4f:95:81:88:89:ce:be:f8:7d:41:8d:
88:38:db:cd:23:e9:71:d9:b8:3a:7b:23:24:8a:4f:1d:83:d1:
56:4c:68:77:30:82:cc:dc:cb:6b:95:3b:d3:c2:e3:9e:8b:05:
8a:82:bf:03:46:f6:41:d1:17:a5:dd:c5:37:fd:7d:ee:a0:12:
02:45:a4:0b:c8:31:02:37:85:39:e9:c3:95:cb:f1:30:fe:b2:
93:f5:82:9c:53:29:2f:ae:22:a9:37:0e:5b:74:6b:e9:cd:01:
17:f9:60:85:60:4f:43:58:d1:24:30:67:f5:09:33:81:64:9a:
73:89:a9:6c:43:32:88:7a:b5:3c:8f:47:04:8a:bd:52:a0:81:
66:0e:4c:40:f3:e1:01:95:e0:58:38:17:87:82:dd:46:47:ec:
59:8c:e4:a8:3f:cd:d7:d5:41:a1:6e:44:5a:d8:ec:9d:12:6d:
74:5e:b9:e1:27:13:01:08:78:43:45:1d:69:a1:f9:b2:93:7b:
c4:5d:d5:3c:9e:34:f4:28:13:f9:08:48:4a:36:8c:17:10:2e:
00:3c:e1:42:3e:43:dd:31:04:9c:27:50:c7:30:eb:e0:fe:cf:
d8:22:2d:77:0f:4b:67:35:36:ef:99:19:2d:f7:40:d8:51:5f:
e8:ff:de:f6
-----BEGIN CERTIFICATE-----
MIIGMTCCBRmgAwIBAgISAYpfREde4tjoEiZvyxPF7JLlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwOTA0MDgxNzA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTk1NWRkODhiYTBjYmZjYTg1ZTRkYThkNDc4MmVmNjY5NmE2M2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjb/nv3sOixaKuUpihQH+7Jg+yVUP
S3q2/PDFgMFaAEAmc3/+86hcxUFNaAAJ1gjF0bBELq3TdoE/sL6EGduWlzkbuTix
5UsRtvU8sLggETrA+UJBCRIDu2+XksK+H8HTNSVD6Jlq9BQTOV2fpNsK0Rz4DEhH
ySpz5IbP5GXpLt7CQEOHS9wEpFA7dtI5XJEmlXTq7nVQ/ZIEGyD3HJVfAGZpVRRR
FN5KqM8hxpWd0kVQs28aLNOGa7mKcp8jWVAhdl/SDAWf0UTX0JEuty428iAvvvan
LkslAe0dKtLd/uvUGQehvP63iLBEgig+2ZVRt9CV4dqwrbHRxjWDdfpHlQIDAQAB
o4IDPTCCAzkwHQYDVR0OBBYEFLGVXdiLoMv8qF5NqNR4LvZpamP8MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvc1pWZDJJdWd5X3lvWGsybzFIZ3U5bWxxWV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBUQYIKwYBBQUHAQcBAf8EggFAMIIBPDCB9wQCAAEwgfAw
DAMEAgI4rAMEAgI4sAMEAh8MXAMEAi0JEDAMAwQCLQxsAwQCLQxwAwQCLQyAAwQC
LQyIMAwDBAItD3wDBAItD4ADBAItD7gwDAMEAi1S9AMEAi1S+AMEAi1TVAMEAi1T
jAMEAi1TlAMEAy1WSAMEAi1YoAMEAi1YqAMEAy1ZYAMEAi1ZxAMEAi1cfAMEAi1c
oAMEAi1cwAMEAi2ASAMEAlx3KDAMAwQCqxZ0AwQCqxZ4AwQCuZUUAwQCuZm0AwQC
uZxsMAwDBAC5oUUDBAO5oUADBAK5ppgDBAK5pqADBALCISQDBALCTIgDBATVO3Aw
QAQCAAIwOgMFAyoG5cADBQMqCZbAAwUDKgmugAMHACoJtEAAAAMFAyoK0EADBQMq
C6DAAwUDKg3gAAMFAyoTS8AwDQYJKoZIhvcNAQELBQADggEBABwXFPto1x5PlYGI
ic6++H1BjYg4280j6XHZuDp7IySKTx2D0VZMaHcwgszcy2uVO9PC456LBYqCvwNG
9kHRF6XdxTf9fe6gEgJFpAvIMQI3hTnpw5XL8TD+spP1gpxTKS+uIqk3Dlt0a+nN
ARf5YIVgT0NY0SQwZ/UJM4FkmnOJqWxDMoh6tTyPRwSKvVKggWYOTEDz4QGV4Fg4
F4eC3UZH7FmM5Kg/zdfVQaFuRFrY7J0SbXReueEnEwEIeENFHWmh+bKTe8Rd1Tye
NPQoE/kISEo2jBcQLgA84UI+Q90xBJwnUMcw6+D+z9giLXcPS2c1Nu+ZGS33QNhR
X+j/3vY=
-----END CERTIFICATE-----
Generated at Wed Sep 6 16:07:24 2023 by rpki-client on console-ams.rpki-client.org