Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/on2ZzyGuz4Yurz2Mhh3aAA4zSi4.roa
File: on2ZzyGuz4Yurz2Mhh3aAA4zSi4.roa (raw, json)
Hash identifier: 5eA2NgUNKSTzgptNkTozqQg3Bd9Ig5Ao69rdXNFK3FI=
Subject key identifier: A2:7D:99:CF:21:AE:CF:86:2E:AF:3D:8C:86:1D:DA:00:0E:33:4A:2E
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0185710C2CC65AD1790D8CD796134348FEA0
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/on2ZzyGuz4Yurz2Mhh3aAA4zSi4.roa
Signing time: Mon 02 Jan 2023 05:55:01 +0000
ROA not before: Mon 02 Jan 2023 05:55:01 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9009
IP address blocks: 212.60.13.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
5.182.185.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
217.197.170.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:0c:2c:c6:5a:d1:79:0d:8c:d7:96:13:43:48:fe:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 2 05:55:01 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a27d99cf21aecf862eaf3d8c861dda000e334a2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f3:3a:90:b8:e0:17:82:d5:f5:47:5f:db:df:
7b:21:5d:27:4c:ad:f3:b8:24:78:7e:9e:ad:28:35:
82:06:87:fb:a2:5d:3a:33:d3:c1:5b:47:f0:0a:97:
99:30:eb:ac:e7:bd:a3:95:80:fc:ed:81:ad:38:de:
f0:35:f9:dc:31:0e:21:2f:96:65:df:98:56:d9:3f:
86:5f:cd:48:d1:ad:89:b1:65:3e:b4:92:a9:a1:91:
b3:35:25:01:9e:81:97:ed:8a:2e:0c:b5:09:cc:ca:
52:68:72:94:c2:c2:c0:41:1c:50:cd:89:cb:8c:3c:
2d:97:23:c6:99:12:7b:2d:2b:9b:2b:c0:ab:c5:c1:
7c:78:2e:6d:79:2d:32:10:c7:84:ca:c8:d7:f9:13:
bb:00:8b:8b:29:d3:dd:2c:79:d8:2e:41:d7:16:75:
82:8f:b0:5a:ea:61:55:7e:f6:7b:a2:b1:17:aa:a3:
5b:54:70:84:6a:c5:5c:ac:37:cd:01:d3:a6:94:75:
c3:b2:a1:30:f9:f3:25:5a:77:39:ae:93:ab:71:f6:
6e:6c:3e:f4:f9:7b:b2:e1:d9:fd:f9:23:a3:7e:4e:
ac:46:93:e7:86:1a:cf:1b:56:08:b9:b0:03:d0:85:
f8:f3:89:ca:e4:f2:64:ea:d8:94:c3:b9:6a:d7:12:
b4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7D:99:CF:21:AE:CF:86:2E:AF:3D:8C:86:1D:DA:00:0E:33:4A:2E
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/on2ZzyGuz4Yurz2Mhh3aAA4zSi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
147.78.207.0/24
162.218.93.0/24
185.161.190.0/24
185.201.42.0/24
185.205.204.0/24
185.208.152.0/23
185.253.120.0/23
212.60.13.0/24
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:57:68:33:23:b6:b0:e5:ed:38:6a:9d:51:89:d1:95:8e:fd:
c6:04:bb:05:77:f7:d5:a1:46:f8:4b:25:fe:13:d8:28:6a:ff:
51:18:dc:dc:c1:2b:f4:ec:7a:ab:2a:fd:83:17:3f:e4:c6:28:
60:aa:80:87:41:4d:79:cb:4e:e4:8d:00:78:62:94:08:0c:af:
2f:26:3c:88:c3:cb:64:29:6a:80:ca:36:fc:de:70:e3:52:9a:
4a:27:a6:20:83:53:9b:43:54:31:2f:9e:c3:2d:85:e7:f2:ec:
a4:fd:31:a8:a4:1e:6b:6d:db:6e:31:ad:24:3d:b9:25:91:84:
6e:48:1b:cc:46:3c:af:3b:6a:11:d0:64:44:64:50:03:bd:7c:
93:e3:22:26:aa:5e:25:36:1e:ba:b2:8e:6e:65:4e:9d:b5:67:
87:06:57:06:9c:b9:09:eb:15:ee:ff:f7:1b:68:52:7a:db:8a:
2c:87:e3:3d:cb:06:7e:56:06:5a:67:9d:1c:ac:da:a3:43:8e:
ab:c4:4c:fd:e8:9f:c2:0e:3c:77:91:a5:55:e7:88:0f:a2:d0:
08:f4:b0:89:26:af:40:af:ef:df:50:81:98:48:67:ae:fd:40:
af:2c:4f:24:6d:8b:4e:36:5d:96:a2:ad:c8:da:50:37:b5:f5:
ea:d2:c7:ed
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAYVxDCzGWtF5DYzXlhNDSP6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjMwMTAyMDU1NTAxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdkOTljZjIxYWVjZjg2MmVhZjNkOGM4NjFkZGEwMDBlMzM0YTJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfM6kLjgF4LV9Udf2997IV0nTK3z
uCR4fp6tKDWCBof7ol06M9PBW0fwCpeZMOus572jlYD87YGtON7wNfncMQ4hL5Zl
35hW2T+GX81I0a2JsWU+tJKpoZGzNSUBnoGX7YouDLUJzMpSaHKUwsLAQRxQzYnL
jDwtlyPGmRJ7LSubK8CrxcF8eC5teS0yEMeEysjX+RO7AIuLKdPdLHnYLkHXFnWC
j7Ba6mFVfvZ7orEXqqNbVHCEasVcrDfNAdOmlHXDsqEw+fMlWnc5rpOrcfZubD70
+Xuy4dn9+SOjfk6sRpPnhhrPG1YIubAD0IX484nK5PJk6tiUw7lq1xK0hwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKJ9mc8hrs+GLq89jIYd2gAOM0ouMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvb24yWnp5R3V6NFl1cnoyTWhoM2FBQTR6U2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQABba5AwQB
BbbEAwQATh/NAwQAT2K3AwQAXPkdAwQAXpqrAwQAXpqyAwQAk07PAwQAotpdAwQA
uaG+AwQAuckqAwQAuc3MAwQBudCYAwQBuf14AwQA1DwNAwQA2cWqMA0GCSqGSIb3
DQEBCwUAA4IBAQCcV2gzI7aw5e04ap1RidGVjv3GBLsFd/fVoUb4SyX+E9goav9R
GNzcwSv07HqrKv2DFz/kxihgqoCHQU15y07kjQB4YpQIDK8vJjyIw8tkKWqAyjb8
3nDjUppKJ6Ygg1ObQ1QxL57DLYXn8uyk/TGopB5rbdtuMa0kPbklkYRuSBvMRjyv
O2oR0GREZFADvXyT4yImql4lNh66so5uZU6dtWeHBlcGnLkJ6xXu//cbaFJ624os
h+M9ywZ+VgZaZ50crNqjQ46rxEz96J/CDjx3kaVV54gPotAI9LCJJq9Ar+/fUIGY
SGeu/UCvLE8kbYtONl2Woq3I2lA3tfXq0sft
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:49 2023 by rpki-client on console-ams.rpki-client.org