Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/zyCl89xo_YV5F_mINzh6khE1Zu4.roa
File: zyCl89xo_YV5F_mINzh6khE1Zu4.roa (raw, json)
Hash identifier: elPXrAv2OsR5OYDGqM5i6IEuveclWrc6MsrY1HmPbq4=
Subject key identifier: CF:20:A5:F3:DC:68:FD:85:79:17:F9:88:37:38:7A:92:11:35:66:EE
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 01856E0AEFFCA075C1ADB648583CF1BB2B04
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/zyCl89xo_YV5F_mINzh6khE1Zu4.roa
Signing time: Sun 01 Jan 2023 15:54:48 +0000
ROA not before: Sun 01 Jan 2023 15:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200350
IP address blocks: 89.169.128.0/18 maxlen: 24
84.201.128.0/18 maxlen: 24
217.28.224.0/20 maxlen: 24
62.84.112.0/20 maxlen: 24
130.193.32.0/19 maxlen: 24
185.206.164.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
158.160.0.0/16 maxlen: 24
46.21.244.0/22 maxlen: 24
178.154.192.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
51.250.0.0/17 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:0a:ef:fc:a0:75:c1:ad:b6:48:58:3c:f1:bb:2b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Jan 1 15:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf20a5f3dc68fd857917f98837387a92113566ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:45:96:9d:8e:64:ca:e1:99:e1:ee:db:a7:6f:
f3:b3:f1:a5:1e:12:30:db:16:6b:4f:cb:de:0d:97:
f7:68:1a:9b:47:ce:6b:7b:8c:b4:73:1e:2f:0f:66:
db:de:24:e8:8f:d6:9a:a3:81:7c:d2:0e:4e:89:2e:
2a:df:b7:09:59:b3:cc:be:84:2d:23:f0:05:c2:1e:
65:ce:8a:98:e4:b1:a8:46:eb:f9:84:6d:73:2c:37:
ee:a4:79:64:7b:33:af:99:30:06:ae:0c:2f:40:c0:
fa:02:e9:cd:7a:10:cf:62:ca:c8:0c:f5:04:24:f6:
18:15:ff:f7:61:78:bc:b6:7d:5f:38:8e:28:12:b9:
32:08:1f:8e:5a:e0:c2:05:d9:90:ac:29:eb:58:9a:
4a:51:3c:bc:96:5f:b5:14:40:7b:4d:98:65:19:4b:
26:bc:12:52:d4:5a:ef:53:3b:2e:df:9c:c0:e9:9a:
6c:ae:92:8e:f3:c9:34:96:c7:9d:5c:5a:f4:94:02:
bb:d6:45:0e:ec:b4:ef:31:76:b0:47:ee:ba:59:e5:
a0:8e:e1:88:bd:e0:b4:2a:d3:5d:2b:40:73:f4:31:
ba:bc:cf:67:40:b8:d5:6c:3c:22:e1:9f:92:3a:70:
2c:2d:f9:a0:41:a5:ee:37:dc:cb:bb:3f:fd:07:a0:
d1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:20:A5:F3:DC:68:FD:85:79:17:F9:88:37:38:7A:92:11:35:66:EE
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/zyCl89xo_YV5F_mINzh6khE1Zu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.96.0/22
46.21.244.0/22
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.169.128.0/18
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:c4:e6:73:ed:f0:54:04:9a:73:38:07:07:8f:9d:fc:9d:e2:
aa:4d:f1:90:d7:19:7f:c3:96:08:a4:2c:ad:7d:53:aa:30:67:
ba:9c:5f:59:bd:e4:67:63:7e:be:ff:3e:d7:7c:80:eb:f6:13:
51:40:de:b3:6f:bd:24:c2:91:41:be:47:25:e8:70:a4:7f:69:
50:71:6f:57:fc:75:82:df:92:99:5c:9a:2e:f2:4a:e9:ab:0c:
cc:5e:fc:57:c9:9f:37:cf:3b:90:e2:4a:72:97:6b:5c:95:81:
43:82:6b:5f:9f:99:f3:2a:22:9a:6c:e3:b2:4b:0e:a8:9a:98:
1b:ec:a0:42:09:96:35:a4:ac:13:71:64:cc:0c:48:36:21:55:
9b:02:b6:04:7d:9d:3e:b1:d1:22:c5:d4:9f:01:b2:14:e8:4e:
ff:04:e3:58:1e:2b:d4:a5:6d:91:c5:a9:f1:3d:eb:af:9f:c5:
d3:e1:be:05:a1:b8:c4:89:e0:4a:3f:74:f1:e5:27:74:11:dd:
10:8f:68:c2:43:11:be:c7:5f:d0:92:c5:52:c9:07:8a:d5:c2:
f7:48:ba:8c:e9:19:4f:21:e7:e1:06:44:af:30:89:15:b3:17:
a9:e4:6b:23:41:95:fd:50:d7:c8:ab:38:1a:5f:aa:fd:1f:89:
86:f7:d1:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAYVuCu/8oHXBrbZIWDzxuysEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjMwMTAxMTU1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjIwYTVmM2RjNjhmZDg1NzkxN2Y5ODgzNzM4N2E5MjExMzU2NmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUWWnY5kyuGZ4e7bp2/zs/GlHhIw
2xZrT8veDZf3aBqbR85re4y0cx4vD2bb3iToj9aao4F80g5OiS4q37cJWbPMvoQt
I/AFwh5lzoqY5LGoRuv5hG1zLDfupHlkezOvmTAGrgwvQMD6AunNehDPYsrIDPUE
JPYYFf/3YXi8tn1fOI4oErkyCB+OWuDCBdmQrCnrWJpKUTy8ll+1FEB7TZhlGUsm
vBJS1FrvUzsu35zA6ZpsrpKO88k0lsedXFr0lAK71kUO7LTvMXawR+66WeWgjuGI
veC0KtNdK0Bz9DG6vM9nQLjVbDwi4Z+SOnAsLfmgQaXuN9zLuz/9B6DREQIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFM8gpfPcaP2FeRf5iDc4epIRNWbuMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvenlDbDg5eG9fWVY1Rl9tSU56aDZraEUxWnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwXwQCAAEwWQMEAi2FYAME
Ai4V9AMEBzP6AAMEBD5UcAMEBlTJgAMEBFT8gAMEBlmpgAMEBYLBIAMDAJ6gAwQG
sprAAwQCuc6kAwQBudjCAwQCwSDYAwQE2RzgAwQD2caoMA0EAgACMAcDBQMqDdbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCNxOZz7fBUBJpzOAcHj538neKqTfGQ1xl/w5YI
pCytfVOqMGe6nF9ZveRnY36+/z7XfIDr9hNRQN6zb70kwpFBvkcl6HCkf2lQcW9X
/HWC35KZXJou8krpqwzMXvxXyZ83zzuQ4kpyl2tclYFDgmtfn5nzKiKabOOySw6o
mpgb7KBCCZY1pKwTcWTMDEg2IVWbArYEfZ0+sdEixdSfAbIU6E7/BONYHivUpW2R
xanxPeuvn8XT4b4FobjEieBKP3Tx5Sd0Ed0Qj2jCQxG+x1/QksVSyQeK1cL3SLqM
6RlPIefhBkSvMIkVsxep5GsjQZX9UNfIqzgaX6r9H4mG99GS
-----END CERTIFICATE-----
Generated at Mon Jan 1 04:40:51 2024 by rpki-client on console-ams.rpki-client.org