Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/tGZmfO8QU8nMv75JWLy2ifqk63s.roa
File: tGZmfO8QU8nMv75JWLy2ifqk63s.roa (raw, json)
Hash identifier: 2Va5OIpUYr8044brLTSNaw5MM3kXVZjGGe100zBzHX8=
Subject key identifier: B4:66:66:7C:EF:10:53:C9:CC:BF:BE:49:58:BC:B6:89:FA:A4:EB:7B
Certificate issuer: /CN=ebf760c05773c15d73676450344668fefb723447
Certificate serial: 018572D5C89E80AF203FCB2268B608606625
Authority key identifier: EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/tGZmfO8QU8nMv75JWLy2ifqk63s.roa
Signing time: Mon 02 Jan 2023 14:14:51 +0000
ROA not before: Mon 02 Jan 2023 14:14:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50597
IP address blocks: 85.194.198.0/24 maxlen: 24
85.194.197.0/24 maxlen: 24
85.194.199.0/24 maxlen: 24
85.194.196.0/22 maxlen: 22
85.194.196.0/24 maxlen: 24
37.98.226.0/24 maxlen: 24
37.98.225.0/24 maxlen: 24
37.98.224.0/24 maxlen: 24
37.98.224.0/21 maxlen: 21
37.98.228.0/24 maxlen: 24
37.98.227.0/24 maxlen: 24
37.98.230.0/24 maxlen: 24
37.98.229.0/24 maxlen: 24
37.98.231.0/24 maxlen: 24
109.205.112.0/24 maxlen: 24
109.205.115.0/24 maxlen: 24
109.205.118.0/24 maxlen: 24
109.205.114.0/23 maxlen: 23
109.205.114.0/24 maxlen: 24
109.205.117.0/24 maxlen: 24
109.205.116.0/24 maxlen: 24
109.205.112.0/21 maxlen: 21
109.205.113.0/24 maxlen: 24
185.76.32.0/24 maxlen: 24
185.76.32.0/22 maxlen: 22
185.76.34.0/24 maxlen: 24
185.76.33.0/24 maxlen: 24
185.76.35.0/24 maxlen: 24
109.205.119.0/24 maxlen: 24
85.113.91.0/24 maxlen: 24
85.113.90.0/23 maxlen: 23
85.113.90.0/24 maxlen: 24
2a05:55c1:e::/48 maxlen: 48
2a05:55c1:4::/48 maxlen: 48
2a05:55c1:6::/48 maxlen: 48
2a05:55c1:1::/48 maxlen: 48
2a05:55c0::/29 maxlen: 29
2a05:55c1:3::/48 maxlen: 48
2a05:55c1:5::/48 maxlen: 48
2a05:55c1:2::/48 maxlen: 48
2a05:55c1:7::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:d5:c8:9e:80:af:20:3f:cb:22:68:b6:08:60:66:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf760c05773c15d73676450344668fefb723447
Validity
Not Before: Jan 2 14:14:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b466667cef1053c9ccbfbe4958bcb689faa4eb7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:34:fe:57:31:f6:09:ee:59:be:1a:c6:c6:ad:
ca:0c:79:d1:c7:28:d1:c4:d9:76:47:82:19:29:b5:
86:4b:56:db:ed:47:a2:fd:89:d5:f0:a9:cc:a8:ad:
81:ef:1a:53:da:e2:dc:50:0b:8c:2f:f6:d3:93:1d:
59:6d:56:0f:cc:9a:8d:8e:25:ce:83:13:64:54:fe:
61:2f:b7:cb:f4:14:32:67:74:a6:e9:e7:e3:ad:23:
30:d4:88:fd:eb:bb:20:4e:a3:0f:ad:46:f0:53:8e:
9c:29:ff:6c:12:90:81:c7:ba:3c:00:73:65:07:ad:
41:18:80:06:25:c2:d9:f2:12:df:cd:f6:73:2b:c1:
e0:2f:8a:dc:6c:68:1c:eb:ef:1d:9d:d7:4e:54:36:
59:20:6c:b2:54:4b:e0:b2:bb:5b:17:dd:d1:de:07:
53:d5:1a:be:a8:12:2e:16:a9:bd:d1:27:d5:3e:16:
65:5b:97:59:5f:a0:70:eb:62:bc:05:df:e8:39:17:
e5:dc:af:b3:70:08:aa:0c:b4:ea:df:da:1b:3c:88:
d1:36:bb:fc:d5:4d:0c:dd:7a:98:e0:8f:16:9a:82:
29:ef:2a:51:37:1a:d4:d0:b1:05:fd:d8:7c:2a:c1:
7d:5d:a0:53:64:6c:ff:6c:d3:82:99:27:f9:f8:fd:
c7:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:66:66:7C:EF:10:53:C9:CC:BF:BE:49:58:BC:B6:89:FA:A4:EB:7B
X509v3 Authority Key Identifier:
keyid:EB:F7:60:C0:57:73:C1:5D:73:67:64:50:34:46:68:FE:FB:72:34:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/tGZmfO8QU8nMv75JWLy2ifqk63s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/931f81-c409-4d3a-95df-49098897ee4a/1/6_dgwFdzwV1zZ2RQNEZo_vtyNEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.224.0/21
85.113.90.0/23
85.194.196.0/22
109.205.112.0/21
185.76.32.0/22
IPv6:
2a05:55c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:dd:71:58:d1:7c:1f:02:28:4e:1f:1d:85:e6:8c:10:4e:78:
6f:34:d3:d7:ff:34:d9:6f:72:83:22:b0:19:a0:61:8a:bc:d1:
0f:02:aa:47:80:52:99:39:69:5f:84:1b:9b:4b:b5:05:e4:53:
7e:e7:0b:e2:82:32:73:7c:33:07:ff:f9:5b:83:2f:fa:70:65:
f3:c1:9b:7e:39:4a:3c:fe:45:9c:a4:20:ca:79:4e:2a:a3:9a:
18:1b:ba:e4:e9:a3:b9:93:af:4a:96:90:67:bb:ea:a3:6b:ae:
0a:44:94:a8:ef:ad:ce:1d:4b:95:db:20:7f:5f:71:be:dd:de:
0a:4e:99:fe:9c:67:da:93:1a:c3:88:3c:24:65:29:23:26:c1:
c7:e7:e9:32:ac:ad:8d:ac:6c:06:7a:34:ab:c1:60:af:cc:30:
30:15:30:66:34:c7:96:d8:7d:72:fd:52:bf:e3:5d:e5:f1:0a:
69:8b:87:96:78:21:39:e0:45:72:48:68:b4:40:a9:72:5d:43:
db:89:56:15:c1:43:4c:28:e1:93:0b:c6:d1:e7:67:92:22:b3:
16:e4:d8:79:a4:9e:17:60:90:a1:49:78:be:1b:80:df:3e:a5:
0d:2d:ed:b2:5f:05:c1:88:d5:8d:ba:6c:3b:6e:e7:e7:d8:43:
a6:a0:b5:19
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVy1ciegK8gP8siaLYIYGYlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjc2MGMwNTc3M2MxNWQ3MzY3NjQ1MDM0NDY2OGZlZmI3
MjM0NDcwHhcNMjMwMTAyMTQxNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDY2NjY3Y2VmMTA1M2M5Y2NiZmJlNDk1OGJjYjY4OWZhYTRlYjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDT+VzH2Ce5ZvhrGxq3KDHnRxyjR
xNl2R4IZKbWGS1bb7Uei/YnV8KnMqK2B7xpT2uLcUAuML/bTkx1ZbVYPzJqNjiXO
gxNkVP5hL7fL9BQyZ3Sm6efjrSMw1Ij967sgTqMPrUbwU46cKf9sEpCBx7o8AHNl
B61BGIAGJcLZ8hLfzfZzK8HgL4rcbGgc6+8dnddOVDZZIGyyVEvgsrtbF93R3gdT
1Rq+qBIuFqm90SfVPhZlW5dZX6Bw62K8Bd/oORfl3K+zcAiqDLTq39obPIjRNrv8
1U0M3XqY4I8WmoIp7ypRNxrU0LEF/dh8KsF9XaBTZGz/bNOCmSf5+P3H6wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLRmZnzvEFPJzL++SVi8ton6pOt7MB8GA1UdIwQY
MBaAFOv3YMBXc8Fdc2dkUDRGaP77cjRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYt
NDkwOTg4OTdlZTRhLzEvdEdabWZPOFFVOG5Ndjc1SldMeTJpZnFrNjNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy85MzFmODEtYzQwOS00ZDNhLTk1ZGYtNDkwOTg4OTdlZTRh
LzEvNl9kZ3dGZHp3VjF6WjJSUU5FWm9fdnR5TkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJWLgAwQB
VXFaAwQCVcLEAwQDbc1wAwQCuUwgMA0EAgACMAcDBQMqBVXAMA0GCSqGSIb3DQEB
CwUAA4IBAQCG3XFY0XwfAihOHx2F5owQTnhvNNPX/zTZb3KDIrAZoGGKvNEPAqpH
gFKZOWlfhBubS7UF5FN+5wvigjJzfDMH//lbgy/6cGXzwZt+OUo8/kWcpCDKeU4q
o5oYG7rk6aO5k69KlpBnu+qja64KRJSo763OHUuV2yB/X3G+3d4KTpn+nGfakxrD
iDwkZSkjJsHH5+kyrK2NrGwGejSrwWCvzDAwFTBmNMeW2H1y/VK/413l8Qppi4eW
eCE54EVySGi0QKlyXUPbiVYVwUNMKOGTC8bR52eSIrMW5Nh5pJ4XYJChSXi+G4Df
PqUNLe2yXwXBiNWNumw7bufn2EOmoLUZ
-----END CERTIFICATE-----
Generated at Mon Jan 1 19:27:40 2024 by rpki-client on console-fra.rpki-client.org