Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/SrZyh2wXqfkH_in5C2_oQM6UC-c.roa
File: SrZyh2wXqfkH_in5C2_oQM6UC-c.roa (raw, json)
Hash identifier: ntg7I2kMrCzrlf816ENFj+UDLmP/STNrzGg0HSO6N8U=
Subject key identifier: 4A:B6:72:87:6C:17:A9:F9:07:FE:29:F9:0B:6F:E8:40:CE:94:0B:E7
Certificate issuer: /CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Certificate serial: 01872D013F9FE94AE0E3E3B290605F853C9E
Authority key identifier: D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/SrZyh2wXqfkH_in5C2_oQM6UC-c.roa
Signing time: Wed 29 Mar 2023 10:54:29 +0000
ROA not before: Wed 29 Mar 2023 10:54:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 194.41.120.0/22 maxlen: 32
80.240.98.0/23 maxlen: 32
217.194.136.0/23 maxlen: 32
217.194.139.0/24 maxlen: 32
217.194.144.0/24 maxlen: 32
193.31.56.0/22 maxlen: 32
212.107.0.0/22 maxlen: 32
217.194.152.0/24 maxlen: 32
217.194.151.0/24 maxlen: 32
213.255.204.0/24 maxlen: 32
213.255.207.0/24 maxlen: 32
185.4.226.0/24 maxlen: 32
78.138.8.0/24 maxlen: 32
83.229.0.0/23 maxlen: 32
83.229.7.0/24 maxlen: 32
91.196.180.0/22 maxlen: 32
194.31.176.0/22 maxlen: 32
213.255.194.0/24 maxlen: 32
213.255.193.0/24 maxlen: 32
213.255.199.0/24 maxlen: 32
213.255.196.0/24 maxlen: 32
83.229.66.0/24 maxlen: 32
83.229.92.0/24 maxlen: 32
83.229.110.0/24 maxlen: 32
83.229.116.0/22 maxlen: 32
83.229.114.0/24 maxlen: 32
83.229.12.0/23 maxlen: 32
78.138.41.0/24 maxlen: 32
83.229.27.0/24 maxlen: 32
83.229.30.0/24 maxlen: 32
188.190.104.0/22 maxlen: 32
83.229.36.0/23 maxlen: 32
193.42.56.0/22 maxlen: 32
78.138.53.0/24 maxlen: 32
78.138.54.0/23 maxlen: 32
78.138.63.0/24 maxlen: 32
195.3.136.0/22 maxlen: 32
83.229.58.0/23 maxlen: 32
188.190.120.0/22 maxlen: 32
194.187.36.0/22 maxlen: 32
83.229.60.0/24 maxlen: 32
217.194.130.0/23 maxlen: 32
31.40.228.0/22 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2d:01:3f:9f:e9:4a:e0:e3:e3:b2:90:60:5f:85:3c:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d63156c1836f16c3b430effbb72ac69932ea9b
Validity
Not Before: Mar 29 10:54:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4ab672876c17a9f907fe29f90b6fe840ce940be7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4a:08:0c:3f:62:a3:cf:4b:e3:9c:fc:6b:33:
b0:c9:2a:e0:05:35:a5:3a:0e:c5:1b:da:3b:06:06:
be:d8:4d:96:b7:87:ba:02:7e:6a:e4:9b:3a:ff:55:
97:6f:25:79:d6:35:54:f0:40:4e:fa:0e:0d:37:fb:
35:b5:1a:10:5d:49:0d:c2:28:b2:07:d3:24:25:b7:
9a:10:40:a1:90:ed:b6:42:fe:b0:0e:9e:0d:90:1a:
13:0a:a4:fa:b2:43:a5:c7:58:c7:d4:4e:81:48:71:
c5:54:b6:20:92:92:91:08:8a:6f:1e:fe:17:8f:bc:
ba:c1:10:e4:fa:6d:93:af:e6:e8:35:bd:62:c1:40:
e1:b4:14:ef:c7:9f:14:ae:ed:23:61:33:bd:4c:d1:
28:18:ca:6a:de:22:e4:c9:49:d1:40:85:15:49:36:
65:09:2e:dd:d8:d9:d2:da:aa:ec:8c:9c:95:4b:d6:
31:7c:9e:02:23:14:87:58:1e:ef:d9:0d:40:16:ea:
0c:42:9f:db:97:7f:99:8b:4b:31:92:03:67:06:6d:
33:1f:d1:a4:1e:65:42:a2:63:f9:36:17:70:db:6d:
9e:36:b0:0d:b5:85:65:90:0d:e2:85:ad:12:b5:f1:
1a:0b:c0:6d:23:d7:2f:44:a6:da:f5:83:e8:a5:87:
b7:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:B6:72:87:6C:17:A9:F9:07:FE:29:F9:0B:6F:E8:40:CE:94:0B:E7
X509v3 Authority Key Identifier:
keyid:D9:D6:31:56:C1:83:6F:16:C3:B4:30:EF:FB:B7:2A:C6:99:32:EA:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dYxVsGDbxbDtDDv-7cqxpky6ps.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/SrZyh2wXqfkH_in5C2_oQM6UC-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/8f46be-028b-4d03-a973-fda011e5c972/1/2dYxVsGDbxbDtDDv-7cqxpky6ps.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.228.0/22
78.138.8.0/24
78.138.41.0/24
78.138.53.0-78.138.55.255
78.138.63.0/24
80.240.98.0/23
83.229.0.0/23
83.229.7.0/24
83.229.12.0/23
83.229.27.0/24
83.229.30.0/24
83.229.36.0/23
83.229.58.0-83.229.60.255
83.229.66.0/24
83.229.92.0/24
83.229.110.0/24
83.229.114.0/24
83.229.116.0/22
91.196.180.0/22
185.4.226.0/24
188.190.104.0/22
188.190.120.0/22
193.31.56.0/22
193.42.56.0/22
194.31.176.0/22
194.41.120.0/22
194.187.36.0/22
195.3.136.0/22
212.107.0.0/22
213.255.193.0-213.255.194.255
213.255.196.0/24
213.255.199.0/24
213.255.204.0/24
213.255.207.0/24
217.194.130.0/23
217.194.136.0/23
217.194.139.0/24
217.194.144.0/24
217.194.151.0-217.194.152.255
Signature Algorithm: sha256WithRSAEncryption
77:89:bf:f4:e2:a0:db:e7:ab:49:a6:62:f4:ff:3e:8a:ec:61:
33:a8:c9:6c:d5:e4:e7:1b:3f:b7:88:65:92:41:94:ca:3c:2b:
06:88:d8:19:8a:e7:92:de:9c:6b:c8:19:a5:7a:84:12:41:0f:
48:9e:36:3e:45:74:e8:3c:02:42:d5:38:c6:41:fa:92:6c:55:
a5:a7:d6:98:8c:e7:80:9d:1e:e4:9e:2f:ef:04:ff:c0:d0:e4:
01:ac:bd:85:79:d7:5d:23:f1:e7:0b:8d:8b:8d:38:53:08:6e:
4b:5e:73:26:b8:42:8e:b6:aa:c1:ab:77:29:e3:d9:93:eb:c9:
a3:44:6d:d6:07:9d:d9:be:5f:3c:99:e4:19:07:53:b8:70:21:
c4:91:a0:16:8a:ed:5c:d1:51:b7:44:37:d7:bb:16:a7:10:51:
35:26:f7:d3:dc:4a:d1:ba:ec:b8:33:8c:2d:56:a6:6e:7c:c1:
c5:ac:2d:cb:8c:99:36:b4:57:5f:ac:45:9d:50:0e:9e:81:1a:
1c:d6:9a:07:a0:b3:36:b3:6d:50:7b:5b:cb:c8:f2:cb:61:ca:
f9:7a:70:d3:32:03:78:ee:2a:38:8a:77:8b:9c:2b:e5:f5:49:
19:8f:95:c4:e1:36:09:bd:ca:40:d9:6e:98:e2:e4:4b:70:78:
c6:9c:03:e0
-----BEGIN CERTIFICATE-----
MIIGCzCCBPOgAwIBAgISAYctAT+f6Urg4+OykGBfhTyeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDYzMTU2YzE4MzZmMTZjM2I0MzBlZmZiYjcyYWM2OTkz
MmVhOWIwHhcNMjMwMzI5MTA1NDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWI2NzI4NzZjMTdhOWY5MDdmZTI5ZjkwYjZmZTg0MGNlOTQwYmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUoIDD9io89L45z8azOwySrgBTWl
Og7FG9o7Bga+2E2Wt4e6An5q5Js6/1WXbyV51jVU8EBO+g4NN/s1tRoQXUkNwiiy
B9MkJbeaEEChkO22Qv6wDp4NkBoTCqT6skOlx1jH1E6BSHHFVLYgkpKRCIpvHv4X
j7y6wRDk+m2Tr+boNb1iwUDhtBTvx58Uru0jYTO9TNEoGMpq3iLkyUnRQIUVSTZl
CS7d2NnS2qrsjJyVS9YxfJ4CIxSHWB7v2Q1AFuoMQp/bl3+Zi0sxkgNnBm0zH9Gk
HmVComP5Nhdw222eNrANtYVlkA3iha0StfEaC8BtI9cvRKba9YPopYe3uQIDAQAB
o4IDFzCCAxMwHQYDVR0OBBYEFEq2codsF6n5B/4p+Qtv6EDOlAvnMB8GA1UdIwQY
MBaAFNnWMVbBg28Ww7Qw7/u3KsaZMuqbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMt
ZmRhMDExZTVjOTcyLzEvU3JaeWgyd1hxZmtIX2luNUMyX29RTTZVQy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy84ZjQ2YmUtMDI4Yi00ZDAzLWE5NzMtZmRhMDExZTVjOTcy
LzEvMmRZeFZzR0RieGJEdEREdi03Y3F4cGt5NnBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKwYIKwYBBQUHAQcBAf8EggEaMIIBFjCCARIEAgABMIIB
CgMEAh8o5AMEAE6KCAMEAE6KKTAMAwQAToo1AwQDToowAwQAToo/AwQBUPBiAwQB
U+UAAwQAU+UHAwQBU+UMAwQAU+UbAwQAU+UeAwQBU+UkMAwDBAFT5ToDBABT5TwD
BABT5UIDBABT5VwDBABT5W4DBABT5XIDBAJT5XQDBAJbxLQDBAC5BOIDBAK8vmgD
BAK8vngDBALBHzgDBALBKjgDBALCH7ADBALCKXgDBALCuyQDBALDA4gDBALUawAw
DAMEANX/wQMEANX/wgMEANX/xAMEANX/xwMEANX/zAMEANX/zwMEAdnCggMEAdnC
iAMEANnCiwMEANnCkDAMAwQA2cKXAwQA2cKYMA0GCSqGSIb3DQEBCwUAA4IBAQB3
ib/04qDb56tJpmL0/z6K7GEzqMls1eTnGz+3iGWSQZTKPCsGiNgZiueS3pxryBml
eoQSQQ9InjY+RXToPAJC1TjGQfqSbFWlp9aYjOeAnR7kni/vBP/A0OQBrL2Feddd
I/HnC42LjThTCG5LXnMmuEKOtqrBq3cp49mT68mjRG3WB53Zvl88meQZB1O4cCHE
kaAWiu1c0VG3RDfXuxanEFE1JvfT3ErRuuy4M4wtVqZufMHFrC3LjJk2tFdfrEWd
UA6egRoc1poHoLM2s21Qe1vLyPLLYcr5enDTMgN47io4ineLnCvl9UkZj5XE4TYJ
vcpA2W6Y4uRLcHjGnAPg
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:45 2024 by rpki-client on console-fra.rpki-client.org