Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/dZ1e7b-FsrqbjF7sp5YvJ_8b43w.roa
File: dZ1e7b-FsrqbjF7sp5YvJ_8b43w.roa (raw, json)
Hash identifier: gCHg+eO3nQTTnalRNEjJ6WYaK8NHcAKJ+LGTL+jD3Vs=
Subject key identifier: 75:9D:5E:ED:BF:85:B2:BA:9B:8C:5E:EC:A7:96:2F:27:FF:1B:E3:7C
Certificate issuer: /CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a
Certificate serial: 018572E7F6D547CE4718EBD852F881A1F800
Authority key identifier: 1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/dZ1e7b-FsrqbjF7sp5YvJ_8b43w.roa
Signing time: Mon 02 Jan 2023 14:34:42 +0000
ROA not before: Mon 02 Jan 2023 14:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201035
IP address blocks: 46.253.240.0/23 maxlen: 23
46.253.240.0/24 maxlen: 24
46.253.240.0/20 maxlen: 24
46.253.241.0/24 maxlen: 24
46.253.245.0/24 maxlen: 24
46.253.246.0/23 maxlen: 23
46.253.246.0/24 maxlen: 24
46.253.244.0/22 maxlen: 22
46.253.244.0/23 maxlen: 23
46.253.244.0/24 maxlen: 24
46.253.249.0/24 maxlen: 24
46.253.247.0/24 maxlen: 24
46.253.248.0/24 maxlen: 24
46.253.248.0/23 maxlen: 23
46.253.254.0/24 maxlen: 24
46.253.254.0/23 maxlen: 23
46.253.255.0/24 maxlen: 24
185.209.104.0/22 maxlen: 22
185.209.104.0/23 maxlen: 23
185.209.104.0/24 maxlen: 24
185.209.105.0/24 maxlen: 24
185.209.106.0/23 maxlen: 23
185.209.106.0/24 maxlen: 24
185.209.107.0/24 maxlen: 24
2a04:1c40::/31 maxlen: 31
2a04:1c40::/30 maxlen: 30
2a04:1c40::/29 maxlen: 29
2a04:1c41::/33 maxlen: 33
2a04:1c47:c000::/34 maxlen: 34
2a04:1c40:c000::/34 maxlen: 34
2a04:1c40::/32 maxlen: 32
2a04:1c40::/33 maxlen: 33
2a04:1c42::/32 maxlen: 32
2a04:1c42::/40 maxlen: 40
2a04:1c42:c000::/34 maxlen: 34
2a04:1c42:4000::/34 maxlen: 34
2a04:1c42::/34 maxlen: 34
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:e7:f6:d5:47:ce:47:18:eb:d8:52:f8:81:a1:f8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a
Validity
Not Before: Jan 2 14:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=759d5eedbf85b2ba9b8c5eeca7962f27ff1be37c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:79:71:6c:5b:f7:65:28:02:2e:d1:c1:42:f7:
61:c1:4e:3b:35:09:db:0c:86:87:90:b7:f9:41:1c:
79:7d:bc:a5:af:98:b7:6f:91:a1:14:02:b2:c7:d0:
c3:4a:9b:6b:ff:b6:fe:17:1f:e5:7a:9c:7d:ad:83:
e3:67:2d:1a:a3:17:24:4d:73:ba:28:53:24:6c:54:
af:7b:e9:75:29:ca:00:54:44:8d:fc:e3:83:d8:4c:
5d:b8:54:51:f7:4e:3a:98:a7:32:10:20:89:17:66:
d6:3f:b2:a8:1b:16:8a:c0:cc:12:be:41:1f:b4:d2:
62:00:35:3d:1a:48:df:c3:4f:0b:c0:0b:f7:a0:c1:
df:ca:66:c0:e1:44:dc:76:00:3e:cc:b6:71:71:a1:
4a:ab:62:f0:69:fe:04:b3:74:7e:d5:ca:00:ad:0b:
2a:1f:3c:0d:29:2e:81:e3:86:ae:89:6c:f3:ba:03:
ce:6d:56:03:e2:0c:78:d7:12:52:9a:7a:3f:c2:b0:
61:d0:ba:ea:77:e1:69:1d:0a:4e:3c:d5:d7:1c:d6:
5e:5f:33:8f:63:c4:8c:18:90:cd:61:6f:11:52:2a:
80:f0:a7:ef:db:d3:d2:ce:4b:72:c4:e9:8d:40:18:
4a:21:6c:70:df:1b:48:c6:79:72:c9:48:5c:3a:ed:
3a:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:9D:5E:ED:BF:85:B2:BA:9B:8C:5E:EC:A7:96:2F:27:FF:1B:E3:7C
X509v3 Authority Key Identifier:
keyid:1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/dZ1e7b-FsrqbjF7sp5YvJ_8b43w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/HZoJxRB-fkTKeNxy1RlzftPdMRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.240.0/20
185.209.104.0/22
IPv6:
2a04:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
04:b3:cc:37:5e:64:c4:cf:c4:c6:f3:66:76:2c:d3:0e:aa:64:
fa:a4:8e:d4:a2:15:17:4e:bc:4c:dc:09:1d:af:fb:7e:67:d5:
80:df:44:61:b3:9f:07:88:15:99:9f:40:75:8f:c5:f3:6d:92:
0d:d7:33:45:73:d1:6f:3c:0c:cb:55:b4:08:5c:c2:e9:36:bd:
79:03:48:e0:43:bf:3f:52:88:fc:e9:26:56:75:5d:0a:41:ce:
1d:ce:86:23:4b:49:04:b8:0e:68:4c:cc:e6:6e:af:55:17:d3:
e2:73:66:45:8c:71:fb:da:6a:2a:a2:20:ed:c5:ef:ca:06:e9:
ef:76:ac:12:06:5f:55:56:cb:bb:72:5f:80:71:95:7c:ae:3c:
70:e0:60:10:c1:4a:06:14:a0:83:f1:6e:90:aa:ec:4b:bc:2b:
ae:08:2d:83:04:ec:a2:78:70:d8:c1:38:77:04:29:e8:92:8b:
55:05:e7:cd:2f:2b:b3:b8:3a:22:ee:34:3c:1a:68:df:ae:f0:
bc:46:49:3a:88:fb:8b:f3:a6:22:5e:37:f4:ab:02:65:08:dc:
90:82:85:b2:ba:a6:01:67:0c:54:00:a5:4b:64:80:1a:2b:16:
b6:05:0b:b5:88:28:71:11:ef:86:e1:89:7f:50:d3:a7:3a:a4:
05:71:f1:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVy5/bVR85HGOvYUviBofgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWEwOWM1MTA3ZTdlNDRjYTc4ZGM3MmQ1MTk3MzdlZDNk
ZDMxMWEwHhcNMjMwMTAyMTQzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTlkNWVlZGJmODViMmJhOWI4YzVlZWNhNzk2MmYyN2ZmMWJlMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXlxbFv3ZSgCLtHBQvdhwU47NQnb
DIaHkLf5QRx5fbylr5i3b5GhFAKyx9DDSptr/7b+Fx/lepx9rYPjZy0aoxckTXO6
KFMkbFSve+l1KcoAVESN/OOD2ExduFRR9046mKcyECCJF2bWP7KoGxaKwMwSvkEf
tNJiADU9Gkjfw08LwAv3oMHfymbA4UTcdgA+zLZxcaFKq2Lwaf4Es3R+1coArQsq
HzwNKS6B44auiWzzugPObVYD4gx41xJSmno/wrBh0Lrqd+FpHQpOPNXXHNZeXzOP
Y8SMGJDNYW8RUiqA8Kfv29PSzktyxOmNQBhKIWxw3xtIxnlyyUhcOu06lQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHWdXu2/hbK6m4xe7KeWLyf/G+N8MB8GA1UdIwQY
MBaAFB2aCcUQfn5EynjcctUZc37T3TEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTct
NjMyMGEzNTZlNDM0LzEvZFoxZTdiLUZzcnFiakY3c3A1WXZKXzhiNDN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTctNjMyMGEzNTZlNDM0
LzEvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELv3wAwQC
udFoMA0EAgACMAcDBQMqBBxAMA0GCSqGSIb3DQEBCwUAA4IBAQAEs8w3XmTEz8TG
82Z2LNMOqmT6pI7UohUXTrxM3Akdr/t+Z9WA30Rhs58HiBWZn0B1j8XzbZIN1zNF
c9FvPAzLVbQIXMLpNr15A0jgQ78/Uoj86SZWdV0KQc4dzoYjS0kEuA5oTMzmbq9V
F9Pic2ZFjHH72moqoiDtxe/KBunvdqwSBl9VVsu7cl+AcZV8rjxw4GAQwUoGFKCD
8W6QquxLvCuuCC2DBOyieHDYwTh3BCnokotVBefNLyuzuDoi7jQ8GmjfrvC8Rkk6
iPuL86YiXjf0qwJlCNyQgoWyuqYBZwxUAKVLZIAaKxa2BQu1iChxEe+G4Yl/UNOn
OqQFcfFI
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:42 2023 by rpki-client on console-ams.rpki-client.org