Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/xn5Ko-YW0tUXKb5j1kSOt1j-rms.roa
File: xn5Ko-YW0tUXKb5j1kSOt1j-rms.roa (raw, json)
Hash identifier: ek7XL5ekl5lNJP52BHMYtoRu8LDK/FiKUr6LCLsa2JM=
Subject key identifier: C6:7E:4A:A3:E6:16:D2:D5:17:29:BE:63:D6:44:8E:B7:58:FE:AE:6B
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0185714C2030A5C8A584D61D97D7C5EEE078
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/xn5Ko-YW0tUXKb5j1kSOt1j-rms.roa
Signing time: Mon 02 Jan 2023 07:04:52 +0000
ROA not before: Mon 02 Jan 2023 07:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16202
IP address blocks: 83.221.72.0/21 maxlen: 21
83.221.80.0/20 maxlen: 20
83.221.80.0/21 maxlen: 21
83.221.88.0/21 maxlen: 21
83.221.64.0/19 maxlen: 19
83.221.64.0/21 maxlen: 21
83.221.64.0/20 maxlen: 20
92.206.160.0/19 maxlen: 19
89.186.128.0/19 maxlen: 19
89.186.128.0/21 maxlen: 21
89.186.128.0/20 maxlen: 20
77.64.224.0/20 maxlen: 20
77.64.240.0/20 maxlen: 20
77.64.252.0/23 maxlen: 23
77.64.254.0/23 maxlen: 23
92.206.128.0/18 maxlen: 18
92.206.190.0/23 maxlen: 23
89.186.136.0/21 maxlen: 21
217.68.160.0/19 maxlen: 19
217.68.160.0/20 maxlen: 20
89.186.144.0/20 maxlen: 20
89.186.144.0/21 maxlen: 21
92.206.192.0/18 maxlen: 18
217.68.176.0/20 maxlen: 20
89.186.152.0/21 maxlen: 21
92.206.224.0/19 maxlen: 19
95.168.128.0/20 maxlen: 20
95.168.128.0/19 maxlen: 19
95.168.144.0/20 maxlen: 20
77.64.160.0/19 maxlen: 19
77.64.192.0/19 maxlen: 19
77.64.192.0/20 maxlen: 20
92.206.64.0/18 maxlen: 18
185.44.148.0/22 maxlen: 22
185.44.150.0/23 maxlen: 23
77.64.208.0/20 maxlen: 20
77.64.128.0/17 maxlen: 17
77.64.128.0/19 maxlen: 19
77.64.128.0/18 maxlen: 18
92.206.0.0/17 maxlen: 17
92.206.0.0/18 maxlen: 18
92.206.0.0/16 maxlen: 16
77.64.146.0/23 maxlen: 23
2a02:2454:8000::/33 maxlen: 33
2a02:2457:100::/40 maxlen: 40
2a00:c1a0::/32 maxlen: 32
2a00:c1a0::/34 maxlen: 34
2a00:c1a0:8000::/34 maxlen: 34
2a00:c1a0:4000::/34 maxlen: 34
2a00:c1a0:c000::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:4c:20:30:a5:c8:a5:84:d6:1d:97:d7:c5:ee:e0:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jan 2 07:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c67e4aa3e616d2d51729be63d6448eb758feae6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0d:a9:23:c4:fc:8c:11:27:c4:aa:5e:82:01:
dd:fd:d5:80:ea:0a:82:9a:aa:9f:8e:ea:c3:b8:20:
63:82:52:44:20:7f:cb:56:f2:95:cb:7f:23:a4:1c:
8c:e0:a2:52:7b:96:ac:0e:db:17:ad:72:fb:0d:02:
6e:39:ef:05:3b:6f:05:2e:f4:08:3e:84:46:0c:68:
ec:00:51:95:4c:5a:db:28:19:47:63:8e:fa:bc:69:
aa:65:9d:11:78:93:dc:08:15:74:5b:d1:f7:31:3c:
5f:a1:88:0d:38:1f:96:b3:3d:5c:94:91:9b:55:af:
66:e0:f6:71:ea:02:2d:09:8d:ce:67:d2:86:15:c4:
fb:8c:fd:a9:5e:2e:47:89:6b:60:d8:b2:3a:7f:eb:
10:9f:a4:46:e7:bb:93:19:13:ec:e7:df:d0:7b:26:
f4:73:02:1a:5d:46:c0:3a:a4:0d:29:fc:c7:be:ab:
31:9c:71:7a:b9:e0:67:45:1a:66:fc:bd:02:2f:d8:
c3:87:b9:cb:73:17:7f:85:cc:f0:5e:f2:89:25:a9:
e5:81:19:ae:b3:48:b1:7b:02:19:9e:50:98:6b:33:
5c:9d:6e:7a:61:f4:a8:dc:c0:38:e3:ae:27:45:28:
13:3f:10:1e:b3:12:79:b2:7c:68:e4:d7:a2:c9:2a:
49:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:7E:4A:A3:E6:16:D2:D5:17:29:BE:63:D6:44:8E:B7:58:FE:AE:6B
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/xn5Ko-YW0tUXKb5j1kSOt1j-rms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.64.128.0/17
83.221.64.0/19
89.186.128.0/19
92.206.0.0/16
95.168.128.0/19
185.44.148.0/22
217.68.160.0/19
IPv6:
2a00:c1a0::/32
2a02:2454:8000::/33
2a02:2457:100::/40
Signature Algorithm: sha256WithRSAEncryption
ad:92:7e:51:b5:6a:47:c3:a3:b8:cb:85:67:06:6e:6e:6a:b6:
e4:14:e8:e5:ca:1d:3d:97:22:1b:7f:3d:75:70:e4:60:7e:f8:
d2:02:a8:5e:f7:7f:be:06:5b:e1:28:31:29:7a:fa:bb:52:84:
64:5d:59:11:46:ef:51:3b:dc:e7:80:23:3b:1d:5d:ff:b6:d9:
91:6a:86:96:72:f3:aa:bd:cd:20:9c:77:55:e4:5c:3c:a9:9e:
c4:27:80:a3:a8:cd:fc:6e:47:80:3f:d7:6e:eb:1d:e1:96:77:
f2:3a:a1:7e:35:29:7a:99:2b:b4:18:73:10:8e:8a:f4:98:57:
73:60:67:77:a3:f1:b3:51:b5:87:1d:f4:cd:d8:c4:12:3b:e8:
5a:04:17:d2:f4:69:5d:63:58:37:af:d8:df:2f:11:94:e1:11:
f0:22:b1:fc:4d:69:41:27:17:d2:dd:6a:aa:71:4f:43:2d:36:
59:f0:8a:e5:13:8c:13:a6:e4:f7:e1:c9:44:3b:cb:ce:40:e8:
c1:44:d8:8c:72:d1:12:4c:1b:ca:71:d3:37:91:fc:76:85:55:
c9:47:fd:2d:b7:f6:32:53:0b:30:5c:1e:ff:32:ea:df:19:4b:
c5:4f:e8:bd:78:31:32:24:36:05:ca:1f:1e:ea:2d:4b:78:0d:
eb:0d:c8:cc
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYVxTCAwpcilhNYdl9fF7uB4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjMwMTAyMDcwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjdlNGFhM2U2MTZkMmQ1MTcyOWJlNjNkNjQ0OGViNzU4ZmVhZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQ2pI8T8jBEnxKpeggHd/dWA6gqC
mqqfjurDuCBjglJEIH/LVvKVy38jpByM4KJSe5asDtsXrXL7DQJuOe8FO28FLvQI
PoRGDGjsAFGVTFrbKBlHY476vGmqZZ0ReJPcCBV0W9H3MTxfoYgNOB+Wsz1clJGb
Va9m4PZx6gItCY3OZ9KGFcT7jP2pXi5HiWtg2LI6f+sQn6RG57uTGRPs59/Qeyb0
cwIaXUbAOqQNKfzHvqsxnHF6ueBnRRpm/L0CL9jDh7nLcxd/hczwXvKJJanlgRmu
s0ixewIZnlCYazNcnW56YfSo3MA4464nRSgTPxAesxJ5snxo5NeiySpJ2QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMZ+SqPmFtLVFym+Y9ZEjrdY/q5rMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEveG41S28tWVcwdFVYS2I1ajFrU090MWotcm1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAvBAIAATApAwQHTUCAAwQF
U91AAwQFWbqAAwMAXM4DBAVfqIADBAK5LJQDBAXZRKAwHQQCAAIwFwMFACoAwaAD
BgcqAiRUgAMGACoCJFcBMA0GCSqGSIb3DQEBCwUAA4IBAQCtkn5RtWpHw6O4y4Vn
Bm5uarbkFOjlyh09lyIbfz11cORgfvjSAqhe93++BlvhKDEpevq7UoRkXVkRRu9R
O9zngCM7HV3/ttmRaoaWcvOqvc0gnHdV5Fw8qZ7EJ4CjqM38bkeAP9du6x3hlnfy
OqF+NSl6mSu0GHMQjor0mFdzYGd3o/GzUbWHHfTN2MQSO+haBBfS9GldY1g3r9jf
LxGU4RHwIrH8TWlBJxfS3WqqcU9DLTZZ8IrlE4wTpuT34clEO8vOQOjBRNiMctES
TBvKcdM3kfx2hVXJR/0tt/YyUwswXB7/MurfGUvFT+i9eDEyJDYFyh8e6i1LeA3r
DcjM
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:40 2024 by rpki-client on console-ams.rpki-client.org