Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/dzRKLEdkQAZVU-xelKyfbqkDeaQ.roa
File: dzRKLEdkQAZVU-xelKyfbqkDeaQ.roa (raw, json)
Hash identifier: 3kYVa3WXRJjK6fRlo+6OvHYroO1jEsD0/SSPKOTS/a8=
Subject key identifier: 77:34:4A:2C:47:64:40:06:55:53:EC:5E:94:AC:9F:6E:A9:03:79:A4
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01872CF6920643EECA7D9B203167CE1B5458
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/dzRKLEdkQAZVU-xelKyfbqkDeaQ.roa
Signing time: Wed 29 Mar 2023 10:42:49 +0000
ROA not before: Wed 29 Mar 2023 10:42:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207990
IP address blocks: 194.53.70.0/24 maxlen: 32
45.156.224.0/22 maxlen: 32
194.124.240.0/24 maxlen: 32
194.124.239.0/24 maxlen: 32
194.124.248.0/24 maxlen: 32
194.124.247.0/24 maxlen: 32
193.228.58.0/23 maxlen: 32
188.119.154.0/24 maxlen: 32
45.154.192.0/22 maxlen: 32
193.254.27.0/24 maxlen: 32
193.254.28.0/24 maxlen: 32
45.82.96.0/22 maxlen: 32
45.84.228.0/22 maxlen: 32
139.28.120.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.223.248.0/22 maxlen: 32
63.141.36.0/23 maxlen: 32
194.0.133.0/24 maxlen: 32
194.0.136.0/24 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:2c:f6:92:06:43:ee:ca:7d:9b:20:31:67:ce:1b:54:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Mar 29 10:42:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=77344a2c476440065553ec5e94ac9f6ea90379a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:1a:5f:b6:74:36:67:6b:0c:c3:e7:fc:c1:72:
17:86:64:ca:7d:a1:2e:78:51:1e:1b:32:fe:a5:f2:
1a:58:0e:7f:17:aa:a2:51:e2:e4:d4:2e:a8:43:1a:
22:9f:21:d8:88:eb:de:4e:ad:c0:a3:4c:30:ec:8a:
ec:17:ba:90:95:dc:49:7c:81:bc:5d:49:d5:71:05:
c4:98:de:84:0e:66:ef:b1:0a:41:18:e8:94:3c:60:
22:40:b8:84:49:0c:d3:03:f5:06:aa:d4:aa:26:e2:
0d:41:8b:f6:4b:af:97:50:98:59:e0:3a:1a:ae:76:
a0:9e:2d:f6:d1:36:ce:bf:ab:b8:64:62:1c:e5:fd:
46:f5:3d:b2:8c:d2:d1:4a:c5:2a:04:79:c8:6a:60:
95:1d:95:3f:cc:52:b2:c3:dc:b5:77:f1:e6:a3:dd:
be:11:28:ac:44:84:71:bd:25:31:90:32:f2:77:ab:
b8:a7:16:a8:15:0e:09:2d:d3:93:c0:12:db:75:ea:
32:ab:be:05:07:d7:0a:3b:3f:7f:16:bc:3c:f9:fc:
8b:fb:ab:79:5e:6f:10:96:ba:81:d9:df:a7:6b:7b:
6f:de:4f:78:49:b7:cc:f0:65:c8:f6:00:29:cb:67:
20:f0:e9:42:3d:c3:56:69:9e:f3:db:ed:64:23:64:
b3:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:34:4A:2C:47:64:40:06:55:53:EC:5E:94:AC:9F:6E:A9:03:79:A4
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/dzRKLEdkQAZVU-xelKyfbqkDeaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.96.0/22
45.84.228.0/22
45.154.192.0/22
45.156.224.0/22
63.141.36.0/23
139.28.120.0/22
185.36.254.0/24
185.223.248.0/22
188.119.154.0/24
193.228.58.0/23
193.254.27.0-193.254.28.255
194.0.133.0/24
194.0.136.0/24
194.53.70.0/24
194.124.239.0-194.124.240.255
194.124.247.0-194.124.248.255
Signature Algorithm: sha256WithRSAEncryption
47:a8:11:56:f5:ba:8e:9e:cb:cd:09:3c:7a:7e:7c:9d:c9:6c:
28:9a:27:13:27:86:e7:b4:d6:dd:1a:60:8d:01:4d:ed:95:fd:
51:4d:a9:bd:52:55:97:7b:e4:9f:75:94:48:56:bc:93:bf:19:
ff:57:d0:be:75:50:3b:e8:0d:68:a2:36:8c:98:77:fe:9f:8c:
fd:48:87:1f:f6:95:f5:eb:45:82:ef:0a:bb:36:d6:eb:ea:79:
24:d6:c6:4f:0d:3a:2f:a4:b1:a5:96:49:f1:9d:3b:56:9e:dc:
c5:15:7b:18:26:8d:56:2e:e8:8d:4d:46:22:62:6f:3d:a6:8a:
08:a5:db:9d:14:c9:3f:b5:20:35:6e:d6:12:80:b4:e2:7b:44:
1a:47:cd:b0:e2:a6:8b:3e:b9:fa:07:de:ca:70:c0:d8:a2:cc:
de:38:36:bf:ff:7d:42:3f:fa:8c:3a:fd:b8:36:d7:69:03:e6:
a8:dc:4d:0e:8f:38:10:2f:d4:12:94:aa:0f:17:80:c1:33:81:
2e:3c:7e:44:c5:bf:25:8a:1f:9f:82:3c:b4:34:11:8e:4e:87:
a6:a9:2d:6d:72:4a:f4:45:70:f3:99:fb:f3:d7:4c:fc:1b:00:
74:4d:27:94:d4:9f:ad:90:11:5e:81:d9:05:5f:f6:79:1f:56:
9e:2d:45:7b
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAYcs9pIGQ+7KfZsgMWfOG1RYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjMwMzI5MTA0MjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzM0NGEyYzQ3NjQ0MDA2NTU1M2VjNWU5NGFjOWY2ZWE5MDM3OWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBpftnQ2Z2sMw+f8wXIXhmTKfaEu
eFEeGzL+pfIaWA5/F6qiUeLk1C6oQxoinyHYiOveTq3Ao0ww7IrsF7qQldxJfIG8
XUnVcQXEmN6EDmbvsQpBGOiUPGAiQLiESQzTA/UGqtSqJuINQYv2S6+XUJhZ4Doa
rnagni320TbOv6u4ZGIc5f1G9T2yjNLRSsUqBHnIamCVHZU/zFKyw9y1d/Hmo92+
ESisRIRxvSUxkDLyd6u4pxaoFQ4JLdOTwBLbdeoyq74FB9cKOz9/Frw8+fyL+6t5
Xm8QlrqB2d+na3tv3k94SbfM8GXI9gApy2cg8OlCPcNWaZ7z2+1kI2SzFwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFHc0SixHZEAGVVPsXpSsn26pA3mkMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvZHpSS0xFZGtRQVpWVS14ZWxLeWZicWtEZWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCLVJg
AwQCLVTkAwQCLZrAAwQCLZzgAwQBP40kAwQCixx4AwQAuST+AwQCud/4AwQAvHea
AwQBweQ6MAwDBADB/hsDBADB/hwDBADCAIUDBADCAIgDBADCNUYwDAMEAMJ87wME
AMJ88DAMAwQAwnz3AwQAwnz4MA0GCSqGSIb3DQEBCwUAA4IBAQBHqBFW9bqOnsvN
CTx6fnydyWwomicTJ4bntNbdGmCNAU3tlf1RTam9UlWXe+SfdZRIVryTvxn/V9C+
dVA76A1oojaMmHf+n4z9SIcf9pX160WC7wq7Ntbr6nkk1sZPDTovpLGllknxnTtW
ntzFFXsYJo1WLuiNTUYiYm89pooIpdudFMk/tSA1btYSgLTie0QaR82w4qaLPrn6
B97KcMDYoszeODa//31CP/qMOv24NtdpA+ao3E0OjzgQL9QSlKoPF4DBM4EuPH5E
xb8lih+fgjy0NBGOToemqS1tckr0RXDzmfvz10z8GwB0TSeU1J+tkBFegdkFX/Z5
H1aeLUV7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:22 2023 by rpki-client on console-ams.rpki-client.org