Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/259NZP-2BSmYr6-fGTyHxn0Ghv0.roa
File: 259NZP-2BSmYr6-fGTyHxn0Ghv0.roa (raw, json)
Hash identifier: x0r2WR0DR6GrchEVuQ9HzPmmtIadp08Sf9xfB+inJmo=
Subject key identifier: DB:9F:4D:64:FF:B6:05:29:98:AF:AF:9F:19:3C:87:C6:7D:06:86:FD
Certificate issuer: /CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Certificate serial: 0185DDE20E4D40E788E04683491971082BA1
Authority key identifier: 65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/259NZP-2BSmYr6-fGTyHxn0Ghv0.roa
Signing time: Mon 23 Jan 2023 09:07:37 +0000
ROA not before: Mon 23 Jan 2023 09:07:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56510
IP address blocks: 91.235.174.0/24 maxlen: 24
195.88.202.0/23 maxlen: 23
195.69.225.0/24 maxlen: 24
188.227.204.0/22 maxlen: 22
185.38.103.0/24 maxlen: 24
2a02:7f84::/30 maxlen: 30
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:dd:e2:0e:4d:40:e7:88:e0:46:83:49:19:71:08:2b:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65ba15d47ba4f4482764472d8d97146a1ebbbf86
Validity
Not Before: Jan 23 09:07:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=db9f4d64ffb6052998afaf9f193c87c67d0686fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0a:97:35:c6:c4:15:f6:34:4d:d5:06:cb:3a:
3e:cc:db:c4:d7:2a:b3:8d:2b:0c:a9:d7:43:4c:b8:
a9:49:d3:05:5d:11:4d:51:3d:24:3e:da:13:3f:c0:
dc:55:6d:27:c9:82:86:b8:7d:f7:0c:52:56:44:2a:
71:83:0f:83:20:62:8c:40:76:72:68:2d:06:64:48:
5e:88:ef:9b:c1:5f:e0:0d:d3:a3:be:a8:1f:4a:78:
5d:c1:c7:05:83:3f:ea:7c:ab:67:ff:67:1b:62:b5:
81:0f:55:b7:7b:f0:c1:73:43:8f:74:96:dc:92:57:
3d:a6:47:6f:c8:e8:33:a5:7b:d3:a5:b9:f8:82:12:
0d:8b:15:1d:24:b6:82:6c:9d:c2:67:d2:de:d6:2f:
3e:32:8e:90:c2:ee:b0:ff:5f:98:35:ee:c8:78:d0:
16:4f:18:ef:7d:ba:d3:ad:c5:32:dc:5c:ec:76:7f:
ec:f5:e0:93:7d:72:a6:96:be:6c:d0:8e:6a:64:8b:
71:6b:9f:42:f0:b2:07:4b:da:28:58:16:cd:22:12:
59:1f:c7:65:b8:61:1b:31:6b:4b:b4:60:be:cb:de:
ae:9c:de:dc:58:23:0d:5d:52:b5:1d:8c:97:0f:12:
9d:38:4e:f2:09:9e:49:75:46:da:0e:2f:87:52:ac:
7a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:9F:4D:64:FF:B6:05:29:98:AF:AF:9F:19:3C:87:C6:7D:06:86:FD
X509v3 Authority Key Identifier:
keyid:65:BA:15:D4:7B:A4:F4:48:27:64:47:2D:8D:97:14:6A:1E:BB:BF:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZboV1Huk9EgnZEctjZcUah67v4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/259NZP-2BSmYr6-fGTyHxn0Ghv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/3090dc-7d28-4228-8380-fe3b918c3097/1/ZboV1Huk9EgnZEctjZcUah67v4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.174.0/24
185.38.103.0/24
188.227.204.0/22
195.69.225.0/24
195.88.202.0/23
IPv6:
2a02:7f84::/30
Signature Algorithm: sha256WithRSAEncryption
9c:af:fa:35:4b:fc:4b:0c:0a:bd:f8:b9:78:4c:da:15:42:49:
76:1a:60:2b:43:6d:28:ed:2b:41:4b:37:37:39:93:cb:f4:f1:
59:12:d6:38:76:43:51:61:95:94:17:12:ad:c9:21:d6:72:46:
d8:21:62:c9:55:35:7f:ed:1a:4b:5c:90:73:ab:89:dc:c9:b9:
9a:75:cb:59:fb:85:35:fb:dd:82:e7:9e:32:f9:2a:4d:bc:a5:
ed:93:41:9f:fd:b1:24:b1:a9:5b:4f:e1:81:62:20:f1:d1:db:
21:11:8a:87:cf:7e:a6:ae:23:58:bb:45:6e:43:93:15:f7:7a:
e6:ac:0f:b2:a1:47:70:f7:7d:20:06:59:91:11:79:01:2c:9f:
bf:63:7a:ef:85:0b:41:22:68:b3:24:84:7b:eb:a8:e3:5c:f5:
f7:8f:ee:e2:43:2a:ba:60:2c:16:2f:1d:9e:a2:99:5b:ba:82:
39:fa:50:b5:ac:64:6b:54:86:a9:4a:cf:cd:fc:6c:47:fc:d4:
29:40:f9:8d:54:d8:fc:54:7f:55:00:aa:7f:08:bc:36:18:43:
20:82:ea:bb:bd:fd:a5:44:f6:80:61:da:98:81:9f:52:9c:5a:
93:2e:50:c8:8e:10:80:3a:51:05:04:49:b9:a9:d2:e5:57:5b:
e2:17:7d:6c
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYXd4g5NQOeI4EaDSRlxCCuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YmExNWQ0N2JhNGY0NDgyNzY0NDcyZDhkOTcxNDZhMWVi
YmJmODYwHhcNMjMwMTIzMDkwNzM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjlmNGQ2NGZmYjYwNTI5OThhZmFmOWYxOTNjODdjNjdkMDY4NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQqXNcbEFfY0TdUGyzo+zNvE1yqz
jSsMqddDTLipSdMFXRFNUT0kPtoTP8DcVW0nyYKGuH33DFJWRCpxgw+DIGKMQHZy
aC0GZEheiO+bwV/gDdOjvqgfSnhdwccFgz/qfKtn/2cbYrWBD1W3e/DBc0OPdJbc
klc9pkdvyOgzpXvTpbn4ghINixUdJLaCbJ3CZ9Le1i8+Mo6Qwu6w/1+YNe7IeNAW
TxjvfbrTrcUy3Fzsdn/s9eCTfXKmlr5s0I5qZItxa59C8LIHS9ooWBbNIhJZH8dl
uGEbMWtLtGC+y96unN7cWCMNXVK1HYyXDxKdOE7yCZ5JdUbaDi+HUqx68wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNufTWT/tgUpmK+vnxk8h8Z9Bob9MB8GA1UdIwQY
MBaAFGW6FdR7pPRIJ2RHLY2XFGoeu7+GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAt
ZmUzYjkxOGMzMDk3LzEvMjU5TlpQLTJCU21ZcjYtZkdUeUh4bjBHaHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8zMDkwZGMtN2QyOC00MjI4LTgzODAtZmUzYjkxOGMzMDk3
LzEvWmJvVjFIdWs5RWduWkVjdGpaY1VhaDY3djRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW+uuAwQA
uSZnAwQCvOPMAwQAw0XhAwQBw1jKMA0EAgACMAcDBQIqAn+EMA0GCSqGSIb3DQEB
CwUAA4IBAQCcr/o1S/xLDAq9+Ll4TNoVQkl2GmArQ20o7StBSzc3OZPL9PFZEtY4
dkNRYZWUFxKtySHWckbYIWLJVTV/7RpLXJBzq4ncybmadctZ+4U1+92C554y+SpN
vKXtk0Gf/bEksalbT+GBYiDx0dshEYqHz36mriNYu0VuQ5MV93rmrA+yoUdw930g
BlmREXkBLJ+/Y3rvhQtBImizJIR766jjXPX3j+7iQyq6YCwWLx2eoplbuoI5+lC1
rGRrVIapSs/N/GxH/NQpQPmNVNj8VH9VAKp/CLw2GEMgguq7vf2lRPaAYdqYgZ9S
nFqTLlDIjhCAOlEFBEm5qdLlV1viF31s
-----END CERTIFICATE-----
Generated at Tue Jan 2 06:52:18 2024 by rpki-client on console-fra.rpki-client.org