Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/7TVap4LzrQWOJzKZSHz2ZuqYAYQ.roa
File: 7TVap4LzrQWOJzKZSHz2ZuqYAYQ.roa (raw, json)
Hash identifier: PxqkD2bUjNaHD465qHFE7ajinLLp1NQ4sSS35D6Zs9k=
Subject key identifier: ED:35:5A:A7:82:F3:AD:05:8E:27:32:99:48:7C:F6:66:EA:98:01:84
Certificate issuer: /CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Certificate serial: 018572E8028C9AE6E60AB3191C5FA9207647
Authority key identifier: 0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/7TVap4LzrQWOJzKZSHz2ZuqYAYQ.roa
Signing time: Mon 02 Jan 2023 14:34:45 +0000
ROA not before: Mon 02 Jan 2023 14:34:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42160
IP address blocks: 81.95.112.0/24 maxlen: 24
81.95.112.0/22 maxlen: 24
81.95.118.0/23 maxlen: 23
81.95.117.0/24 maxlen: 24
81.95.116.0/24 maxlen: 24
81.95.112.0/20 maxlen: 20
81.95.124.0/22 maxlen: 22
81.95.122.0/23 maxlen: 23
81.95.120.0/23 maxlen: 23
185.55.92.0/22 maxlen: 22
193.110.248.0/23 maxlen: 23
193.110.248.0/21 maxlen: 21
193.110.252.0/22 maxlen: 22
193.110.250.0/23 maxlen: 23
2a02:5940::/32 maxlen: 34
2a02:5940:c000::/34 maxlen: 34
2a02:5940:8000::/34 maxlen: 34
2a02:5940:4000::/34 maxlen: 34
2a02:5940::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e8:02:8c:9a:e6:e6:0a:b3:19:1c:5f:a9:20:76:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1b318e5057a1c10341607cddddadb46d71abf5
Validity
Not Before: Jan 2 14:34:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ed355aa782f3ad058e273299487cf666ea980184
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:08:65:82:7e:0f:3e:94:27:94:9b:30:8e:03:
4c:0d:56:a4:d2:d4:79:16:71:0b:36:04:07:9c:62:
1d:69:c3:4d:0d:51:eb:7d:ad:11:3c:db:31:53:32:
5e:36:76:29:a8:85:10:cc:5a:30:40:c6:f0:8b:32:
1b:d0:c5:9e:32:85:8e:77:dc:24:37:5f:62:35:7d:
72:51:a6:84:16:77:04:1b:10:5a:72:8a:06:52:fe:
38:cb:f1:02:d8:74:54:bd:c3:55:ae:56:db:45:8b:
48:80:42:d3:56:b6:79:4c:85:be:b9:59:73:1c:7d:
41:2e:cd:0f:01:8f:1d:76:09:0e:8d:64:11:06:be:
fd:5b:ce:18:a4:ef:48:8b:d3:8b:65:b4:1e:cc:f8:
67:4d:9c:5a:de:51:59:e0:5f:44:d0:ff:03:20:b9:
12:c7:b7:e8:87:b1:c8:cb:6c:c6:3c:cb:f8:a9:9d:
bd:2b:05:4c:2d:b4:8c:2a:f8:f6:80:26:41:6e:9a:
88:48:38:08:3a:bc:06:8b:01:b2:1f:41:0e:b5:2c:
6c:79:47:b6:34:72:80:41:15:1b:56:91:e8:6d:c6:
b1:cc:86:c8:1e:cf:88:00:fa:0b:5b:8a:d7:ca:96:
ff:10:ed:cc:18:d5:98:a2:7a:ee:e2:ea:c7:c4:26:
06:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:35:5A:A7:82:F3:AD:05:8E:27:32:99:48:7C:F6:66:EA:98:01:84
X509v3 Authority Key Identifier:
keyid:0B:1B:31:8E:50:57:A1:C1:03:41:60:7C:DD:DD:AD:B4:6D:71:AB:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxsxjlBXocEDQWB83d2ttG1xq_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/7TVap4LzrQWOJzKZSHz2ZuqYAYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4b4df7-d72b-474f-963f-59e6a6d4d576/1/CxsxjlBXocEDQWB83d2ttG1xq_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.112.0/20
185.55.92.0/22
193.110.248.0/21
IPv6:
2a02:5940::/32
Signature Algorithm: sha256WithRSAEncryption
33:ee:75:1d:78:47:46:52:ec:16:28:5e:a8:d6:a5:bc:c1:57:
90:d3:01:27:ae:d6:2a:ca:43:62:58:80:b5:5c:c8:12:c2:b8:
9c:0c:5f:bd:c8:9b:45:46:c2:78:5d:fc:08:60:a9:cc:1c:ce:
38:4f:34:c2:b7:19:39:9f:ef:69:01:24:e8:c2:75:54:19:64:
9f:36:a7:f1:5f:46:88:85:45:ef:3c:52:65:1f:0a:e8:8f:41:
c6:23:27:f3:f8:eb:78:9b:86:1d:29:38:6b:03:d0:39:d2:a9:
64:3e:bb:94:78:eb:6f:c5:8a:80:0c:58:2b:12:21:23:1a:39:
ad:f5:cc:ce:f9:65:44:16:71:70:d7:2d:94:4f:88:58:d9:af:
ef:16:0a:e7:ae:8a:e9:e5:0c:bf:ba:f4:51:0c:59:e6:05:fb:
b6:42:57:60:d9:a1:8f:e0:4a:3e:6b:e4:9d:f3:6b:64:02:fb:
da:1d:b2:08:66:5d:6b:c6:a1:31:61:63:50:3f:c3:b2:ae:0a:
4a:94:89:9a:65:e9:79:ba:6f:df:46:bc:b9:2e:65:1e:33:69:
bc:75:cc:cc:0e:7d:33:8a:06:1c:a9:ae:15:d1:46:ea:8e:e2:
87:6c:96:f0:62:50:8f:05:39:18:4e:00:37:63:d2:d0:1c:99:
9c:45:ad:e7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVy6AKMmubmCrMZHF+pIHZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMWIzMThlNTA1N2ExYzEwMzQxNjA3Y2RkZGRhZGI0NmQ3
MWFiZjUwHhcNMjMwMTAyMTQzNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDM1NWFhNzgyZjNhZDA1OGUyNzMyOTk0ODdjZjY2NmVhOTgwMTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAhlgn4PPpQnlJswjgNMDVak0tR5
FnELNgQHnGIdacNNDVHrfa0RPNsxUzJeNnYpqIUQzFowQMbwizIb0MWeMoWOd9wk
N19iNX1yUaaEFncEGxBacooGUv44y/EC2HRUvcNVrlbbRYtIgELTVrZ5TIW+uVlz
HH1BLs0PAY8ddgkOjWQRBr79W84YpO9Ii9OLZbQezPhnTZxa3lFZ4F9E0P8DILkS
x7foh7HIy2zGPMv4qZ29KwVMLbSMKvj2gCZBbpqISDgIOrwGiwGyH0EOtSxseUe2
NHKAQRUbVpHobcaxzIbIHs+IAPoLW4rXypb/EO3MGNWYonru4urHxCYG3wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFO01WqeC860FjicymUh89mbqmAGEMB8GA1UdIwQY
MBaAFAsbMY5QV6HBA0FgfN3drbRtcav1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2Yt
NTllNmE2ZDRkNTc2LzEvN1RWYXA0THpyUVdPSnpLWlNIejJadXFZQVlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YjRkZjctZDcyYi00NzRmLTk2M2YtNTllNmE2ZDRkNTc2
LzEvQ3hzeGpsQlhvY0VEUVdCODNkMnR0RzF4cV9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUV9wAwQC
uTdcAwQDwW74MA0EAgACMAcDBQAqAllAMA0GCSqGSIb3DQEBCwUAA4IBAQAz7nUd
eEdGUuwWKF6o1qW8wVeQ0wEnrtYqykNiWIC1XMgSwricDF+9yJtFRsJ4XfwIYKnM
HM44TzTCtxk5n+9pASTownVUGWSfNqfxX0aIhUXvPFJlHwroj0HGIyfz+Ot4m4Yd
KThrA9A50qlkPruUeOtvxYqADFgrEiEjGjmt9czO+WVEFnFw1y2UT4hY2a/vFgrn
rorp5Qy/uvRRDFnmBfu2Qldg2aGP4Eo+a+Sd82tkAvvaHbIIZl1rxqExYWNQP8Oy
rgpKlImaZel5um/fRry5LmUeM2m8dczMDn0zigYcqa4V0UbqjuKHbJbwYlCPBTkY
TgA3Y9LQHJmcRa3n
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:02:11 2024 by rpki-client on console-ams.rpki-client.org