Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/lUtzrRcq_Rg5bzgt4HGs0MxWclc.roa
File: lUtzrRcq_Rg5bzgt4HGs0MxWclc.roa (raw, json)
Hash identifier: VBOpWwR28qVRvoeuLAetRLbVIGCSWDQTJs1iZLlXAiw=
Subject key identifier: 95:4B:73:AD:17:2A:FD:18:39:6F:38:2D:E0:71:AC:D0:CC:56:72:57
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01856D4AE893BEA815E86798596E8D9943C0
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/lUtzrRcq_Rg5bzgt4HGs0MxWclc.roa
Signing time: Sun 01 Jan 2023 12:25:03 +0000
ROA not before: Sun 01 Jan 2023 12:25:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:4a:e8:93:be:a8:15:e8:67:98:59:6e:8d:99:43:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 1 12:25:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=954b73ad172afd18396f382de071acd0cc567257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:74:9e:df:50:b9:d3:53:2e:e2:31:cd:f6:c5:
2d:70:cb:a1:35:69:2a:c6:2a:46:db:d1:ed:be:0f:
eb:ef:8d:59:c1:5b:21:b3:b6:95:87:15:d2:fd:4e:
0d:4b:df:43:95:5e:50:ca:6d:9c:94:53:c6:dd:05:
be:18:23:9c:0b:14:28:53:33:01:2a:46:5d:ee:2a:
8f:c9:ba:46:9b:7f:f5:40:38:91:c0:7a:b6:f9:2f:
b7:a7:a0:24:5e:f4:bd:fc:ad:cb:d4:8d:52:b5:c5:
51:e5:97:45:ee:0a:d5:aa:42:8e:73:b8:5b:89:16:
1d:6f:24:22:43:31:84:4e:d6:94:d0:85:f5:3b:b9:
3d:73:05:4f:ca:c6:44:ed:1d:6d:fe:78:89:ba:b5:
3f:99:2d:6b:76:fd:17:b6:f2:d1:04:7a:db:5c:5d:
36:3c:d1:41:60:42:e8:b0:6a:18:cf:e0:24:2f:9c:
3d:30:dc:38:59:d9:5c:10:df:1b:c9:30:0d:73:5f:
69:f3:df:ab:8a:94:60:17:c9:0a:2f:ce:ac:4f:d4:
9a:91:b1:7f:0a:68:ab:c6:46:52:d9:44:da:50:ab:
fe:ec:ed:72:fc:a1:8a:d5:be:fb:b1:ae:c2:ef:31:
5f:94:3b:00:34:d2:7b:96:a2:f7:a4:84:ea:b0:07:
11:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:4B:73:AD:17:2A:FD:18:39:6F:38:2D:E0:71:AC:D0:CC:56:72:57
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/lUtzrRcq_Rg5bzgt4HGs0MxWclc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
37:07:10:3e:13:af:47:62:6d:41:5f:16:ef:87:7c:ab:e8:be:
f6:92:64:86:60:d1:5b:50:f4:0d:5f:fa:18:77:c4:81:70:09:
ba:48:c0:27:cd:49:40:28:11:7d:00:e2:d5:91:a8:e2:e0:d1:
5c:bd:7a:cf:49:17:ac:95:34:1a:49:e1:0d:2f:0d:a8:b0:65:
71:ab:39:4e:a1:d0:05:0c:9b:4c:e1:32:55:85:84:1f:92:f1:
a7:a3:22:28:d9:9a:4b:2f:2e:7e:ea:8e:40:83:00:ee:9c:2e:
4a:95:60:89:72:bd:23:65:9a:fd:8b:ef:e4:42:30:23:90:ad:
e6:1a:93:51:24:76:e2:1b:2a:2b:8f:41:7b:fa:8e:ba:6b:ab:
8a:35:92:89:06:48:24:d9:11:44:18:a6:bd:99:f8:40:59:90:
66:3b:0d:67:62:88:c3:21:a6:7e:58:76:a3:14:5b:41:da:b3:
a6:8d:c4:b7:8f:59:d7:10:e8:47:03:66:a1:4e:d0:eb:c2:0d:
ea:cd:c5:5c:a7:51:67:4c:0b:24:03:0d:a1:d0:0e:e0:73:89:
54:df:74:77:47:8d:ef:79:4f:0e:80:cb:1e:28:30:7e:7a:3e:
c9:dc:d4:30:2c:60:47:bd:14:7a:56:3a:a4:f1:a8:12:3d:82:
50:df:a9:0e
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYVtSuiTvqgV6GeYWW6NmUPAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwMTAxMTIyNTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTRiNzNhZDE3MmFmZDE4Mzk2ZjM4MmRlMDcxYWNkMGNjNTY3MjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunSe31C501Mu4jHN9sUtcMuhNWkq
xipG29Htvg/r741ZwVshs7aVhxXS/U4NS99DlV5Qym2clFPG3QW+GCOcCxQoUzMB
KkZd7iqPybpGm3/1QDiRwHq2+S+3p6AkXvS9/K3L1I1StcVR5ZdF7grVqkKOc7hb
iRYdbyQiQzGETtaU0IX1O7k9cwVPysZE7R1t/niJurU/mS1rdv0XtvLRBHrbXF02
PNFBYELosGoYz+AkL5w9MNw4WdlcEN8byTANc19p89+ripRgF8kKL86sT9SakbF/
CmirxkZS2UTaUKv+7O1y/KGK1b77sa7C7zFflDsANNJ7lqL3pITqsAcRwwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFJVLc60XKv0YOW84LeBxrNDMVnJXMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvbFV0enJSY3FfUmc1YnpndDRIR3MwTXhXY2xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGwEAgABMGYDBABOKNgD
BAFVwVwDBABVwV8DBABX+TIDBABanOcDBABe5HoDBACwOd0DBAC5aHADBAC5aHMD
BAC84Q4DBAC84TwDBADByXMDBALCI3QDBADZGVsDBADZGV8DBADZl+UDBADZl+cw
DwQCAAIwCQMHACoDbwAACDANBgkqhkiG9w0BAQsFAAOCAQEANwcQPhOvR2JtQV8W
74d8q+i+9pJkhmDRW1D0DV/6GHfEgXAJukjAJ81JQCgRfQDi1ZGo4uDRXL16z0kX
rJU0GknhDS8NqLBlcas5TqHQBQybTOEyVYWEH5Lxp6MiKNmaSy8ufuqOQIMA7pwu
SpVgiXK9I2Wa/Yvv5EIwI5Ct5hqTUSR24hsqK49Be/qOumurijWSiQZIJNkRRBim
vZn4QFmQZjsNZ2KIwyGmflh2oxRbQdqzpo3Et49Z1xDoRwNmoU7Q68IN6s3FXKdR
Z0wLJAMNodAO4HOJVN90d0eN73lPDoDLHigwfno+ydzUMCxgR70UelY6pPGoEj2C
UN+pDg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:41 2023 by rpki-client on console-ams.rpki-client.org