Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ZwKvsLj2HIX_NB8VAE2GTWRSQGs.roa
File: ZwKvsLj2HIX_NB8VAE2GTWRSQGs.roa (raw, json)
Hash identifier: D5hEKqDtfuVbe1ctJ0RgRywGwBlNbgYf/cYsPc7GKe0=
Subject key identifier: 67:02:AF:B0:B8:F6:1C:85:FF:34:1F:15:00:4D:86:4D:64:52:40:6B
Certificate issuer: /CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Certificate serial: 0185704BE352C2EB46B0DEA5B913DB8F15AE
Authority key identifier: 21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ZwKvsLj2HIX_NB8VAE2GTWRSQGs.roa
Signing time: Mon 02 Jan 2023 02:24:59 +0000
ROA not before: Mon 02 Jan 2023 02:24:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 91.184.160.0/19 maxlen: 19
109.75.80.0/20 maxlen: 20
185.231.252.0/22 maxlen: 22
185.194.151.0/24 maxlen: 24
212.88.128.0/19 maxlen: 19
37.230.0.0/19 maxlen: 19
176.126.64.0/23 maxlen: 23
176.126.71.0/24 maxlen: 24
176.126.68.0/23 maxlen: 23
176.126.75.0/24 maxlen: 24
176.126.76.0/24 maxlen: 24
176.126.72.0/23 maxlen: 23
185.168.11.0/24 maxlen: 24
185.168.8.0/24 maxlen: 24
217.24.224.0/20 maxlen: 20
185.186.144.0/23 maxlen: 23
212.82.48.0/20 maxlen: 20
185.203.123.0/24 maxlen: 24
185.222.139.0/24 maxlen: 24
194.35.184.0/23 maxlen: 23
194.35.188.0/23 maxlen: 23
176.126.82.0/24 maxlen: 24
185.166.190.0/23 maxlen: 23
185.166.189.0/24 maxlen: 24
176.126.80.0/23 maxlen: 23
176.126.79.0/24 maxlen: 24
185.35.109.0/24 maxlen: 24
185.35.110.0/23 maxlen: 23
185.161.200.0/23 maxlen: 23
93.186.0.0/20 maxlen: 20
2a02:5a0::/29 maxlen: 29
2a02:5a0::/32 maxlen: 128
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:4b:e3:52:c2:eb:46:b0:de:a5:b9:13:db:8f:15:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=212be0ea71cf437e08efdf3fe798eaf984131c46
Validity
Not Before: Jan 2 02:24:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6702afb0b8f61c85ff341f15004d864d6452406b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:50:26:a1:4b:e6:ed:12:47:79:11:fa:d8:e5:
43:ed:96:d1:af:2a:27:6c:67:ce:8d:10:61:64:18:
ae:a0:9b:60:14:99:da:da:20:f9:e8:42:05:6e:62:
86:e2:c2:35:34:18:96:e4:bf:84:cd:05:c2:83:6a:
be:17:5e:72:57:63:48:72:4e:4e:d0:2b:1a:fd:04:
5e:78:d3:8f:09:75:3e:fc:70:f7:6c:14:6c:75:0b:
82:24:5a:4d:13:dd:95:a3:91:27:18:26:cd:50:69:
0e:0d:dc:c2:d5:d7:b4:dc:a1:1b:17:6d:25:29:ea:
57:72:68:eb:d2:57:a8:19:7d:6b:21:19:23:98:a1:
3d:ac:d0:14:05:ca:10:d9:9d:13:3b:b2:4e:f2:1f:
a7:2d:01:c4:19:0a:b5:ba:1d:af:58:4e:d9:68:b1:
80:a3:45:95:77:29:dc:47:d3:4b:35:49:f7:2e:30:
a2:12:90:99:e1:61:e9:dd:50:2c:0f:c9:78:70:ee:
3e:ee:08:f6:17:3f:0d:78:b0:18:1e:38:c6:c1:c2:
ca:6e:85:cb:3c:80:af:d7:23:19:84:5a:72:df:db:
6e:47:17:b8:de:98:37:f5:90:d4:64:61:44:14:97:
10:ed:f4:5d:15:3a:1b:21:c5:ee:df:bc:ed:4c:3a:
e0:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:02:AF:B0:B8:F6:1C:85:FF:34:1F:15:00:4D:86:4D:64:52:40:6B
X509v3 Authority Key Identifier:
keyid:21:2B:E0:EA:71:CF:43:7E:08:EF:DF:3F:E7:98:EA:F9:84:13:1C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ISvg6nHPQ34I798_55jq-YQTHEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ZwKvsLj2HIX_NB8VAE2GTWRSQGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/1babfc-79e6-45df-8c40-72568f06fe10/1/ISvg6nHPQ34I798_55jq-YQTHEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.0.0/19
91.184.160.0/19
93.186.0.0/20
109.75.80.0/20
176.126.64.0/23
176.126.68.0/23
176.126.71.0-176.126.73.255
176.126.75.0-176.126.76.255
176.126.79.0-176.126.82.255
185.35.109.0-185.35.111.255
185.161.200.0/23
185.166.189.0-185.166.191.255
185.168.8.0/24
185.168.11.0/24
185.186.144.0/23
185.194.151.0/24
185.203.123.0/24
185.222.139.0/24
185.231.252.0/22
194.35.184.0/23
194.35.188.0/23
212.82.48.0/20
212.88.128.0/19
217.24.224.0/20
IPv6:
2a02:5a0::/29
Signature Algorithm: sha256WithRSAEncryption
5c:3d:ab:92:c3:48:6d:2f:c1:47:c7:35:b3:c8:0c:6b:20:a9:
65:22:7c:f6:39:9f:f5:ce:de:aa:1f:8e:6c:77:59:ad:a8:11:
6f:e4:1a:4f:bc:39:bb:b1:42:9a:66:47:46:b6:ad:c7:c4:f2:
9f:68:10:bc:7f:90:00:f7:c9:44:5f:04:c2:b2:b7:ed:9d:81:
9e:93:dd:cc:0b:d0:47:3b:d5:37:5d:d0:3c:d1:8e:f1:43:64:
7b:a4:70:c6:c7:0d:6e:03:a0:99:a8:7d:a3:e4:46:0b:59:c7:
92:7a:59:de:cb:82:30:c8:80:db:3e:2d:c5:2c:2b:24:37:8f:
56:cb:ec:e5:3a:e6:4f:63:0c:e2:71:79:df:3b:86:77:05:cf:
bf:f4:ca:de:84:fb:cc:bb:08:91:e1:d6:0a:bb:5c:41:58:e4:
ef:a5:57:88:0c:fb:c7:2e:9f:aa:e3:8d:8d:1c:2d:b3:e3:a3:
9b:16:2d:24:11:62:9a:03:97:ca:9d:4d:36:24:45:17:cd:b3:
ba:55:36:ea:db:ca:99:b0:f9:84:90:78:ae:6b:9e:1e:8d:09:
d3:80:24:f0:72:01:2a:a6:20:23:ee:ad:33:90:59:16:78:8d:
ac:0a:30:48:39:55:d5:43:63:a5:35:f6:16:79:ef:f2:2d:e4:
03:29:7a:c0
-----BEGIN CERTIFICATE-----
MIIFwzCCBKugAwIBAgISAYVwS+NSwutGsN6luRPbjxWuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMmJlMGVhNzFjZjQzN2UwOGVmZGYzZmU3OThlYWY5ODQx
MzFjNDYwHhcNMjMwMTAyMDIyNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzAyYWZiMGI4ZjYxYzg1ZmYzNDFmMTUwMDRkODY0ZDY0NTI0MDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnVAmoUvm7RJHeRH62OVD7ZbRryon
bGfOjRBhZBiuoJtgFJna2iD56EIFbmKG4sI1NBiW5L+EzQXCg2q+F15yV2NIck5O
0Csa/QReeNOPCXU+/HD3bBRsdQuCJFpNE92Vo5EnGCbNUGkODdzC1de03KEbF20l
KepXcmjr0leoGX1rIRkjmKE9rNAUBcoQ2Z0TO7JO8h+nLQHEGQq1uh2vWE7ZaLGA
o0WVdyncR9NLNUn3LjCiEpCZ4WHp3VAsD8l4cO4+7gj2Fz8NeLAYHjjGwcLKboXL
PICv1yMZhFpy39tuRxe43pg39ZDUZGFEFJcQ7fRdFTobIcXu37ztTDrgGwIDAQAB
o4ICzzCCAsswHQYDVR0OBBYEFGcCr7C49hyF/zQfFQBNhk1kUkBrMB8GA1UdIwQY
MBaAFCEr4Opxz0N+CO/fP+eY6vmEExxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAt
NzI1NjhmMDZmZTEwLzEvWndLdnNMajJISVhfTkI4VkFFMkdUV1JTUUdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8xYmFiZmMtNzllNi00NWRmLThjNDAtNzI1NjhmMDZmZTEw
LzEvSVN2ZzZuSFBRMzRJNzk4XzU1anEtWVFUSEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHkBggrBgEFBQcBBwEB/wSB1DCB0TCBvwQCAAEwgbgDBAUl
5gADBAVbuKADBARdugADBARtS1ADBAGwfkADBAGwfkQwDAMEALB+RwMEAbB+SDAM
AwQAsH5LAwQAsH5MMAwDBACwfk8DBACwflIwDAMEALkjbQMEBLkjYAMEAbmhyDAM
AwQAuaa9AwQGuaaAAwQAuagIAwQAuagLAwQBubqQAwQAucKXAwQAuct7AwQAud6L
AwQCuef8AwQBwiO4AwQBwiO8AwQE1FIwAwQF1FiAAwQE2RjgMA0EAgACMAcDBQMq
AgWgMA0GCSqGSIb3DQEBCwUAA4IBAQBcPauSw0htL8FHxzWzyAxrIKllInz2OZ/1
zt6qH45sd1mtqBFv5BpPvDm7sUKaZkdGtq3HxPKfaBC8f5AA98lEXwTCsrftnYGe
k93MC9BHO9U3XdA80Y7xQ2R7pHDGxw1uA6CZqH2j5EYLWceSelney4IwyIDbPi3F
LCskN49Wy+zlOuZPYwzicXnfO4Z3Bc+/9MrehPvMuwiR4dYKu1xBWOTvpVeIDPvH
Lp+q442NHC2z46ObFi0kEWKaA5fKnU02JEUXzbO6VTbq28qZsPmEkHiua54ejQnT
gCTwcgEqpiAj7q0zkFkWeI2sCjBIOVXVQ2OlNfYWee/yLeQDKXrA
-----END CERTIFICATE-----
Generated at Mon Jan 1 21:19:53 2024 by rpki-client on console-ams.rpki-client.org