Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/zSJQsTdyFrZwhm_g4ClLxx7_7os.roa
File: zSJQsTdyFrZwhm_g4ClLxx7_7os.roa (raw, json)
Hash identifier: eAntsJ8G0OSDFXiERPc9U74K7+2q7DrHH5No7PaGc2w=
Subject key identifier: CD:22:50:B1:37:72:16:B6:70:86:6F:E0:E0:29:4B:C7:1E:FF:EE:8B
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018635290E06BAA2A22F59C2893FA361153C
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/zSJQsTdyFrZwhm_g4ClLxx7_7os.roa
Signing time: Thu 09 Feb 2023 07:52:08 +0000
ROA not before: Thu 09 Feb 2023 07:52:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:35:29:0e:06:ba:a2:a2:2f:59:c2:89:3f:a3:61:15:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Feb 9 07:52:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd2250b1377216b670866fe0e0294bc71effee8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:90:47:bf:ff:22:70:f8:fa:86:91:a9:03:75:
2c:3a:1a:25:67:ae:28:38:61:ac:24:6b:54:14:53:
95:db:da:3c:58:2c:90:d7:1c:51:53:2c:08:9c:fa:
a2:6f:7d:24:6d:05:54:c0:13:01:fd:12:3c:0f:15:
f6:ef:0d:75:18:69:42:91:6f:0f:73:37:6a:3a:ff:
c7:dd:2e:4e:5e:ff:d9:09:75:9f:80:9b:b9:0a:6f:
02:42:4b:51:96:65:d7:42:95:8e:2c:32:e0:dd:a7:
f4:15:58:cf:d6:fc:e1:c4:b9:e3:5b:32:49:9e:20:
f5:d7:5c:e0:77:01:aa:a8:80:49:f3:b3:ea:ae:f3:
d0:f1:70:16:70:b4:17:c8:b4:65:c0:6c:a6:1d:bb:
e6:ec:f3:42:5d:72:9f:ea:cf:a0:51:05:93:cb:83:
25:2f:e6:78:66:f8:3c:62:4d:60:bf:c6:0d:ce:4a:
f1:a1:b6:af:98:59:78:9e:5a:64:17:25:bb:74:38:
7c:95:24:99:3e:94:4d:dc:92:34:dc:9e:9d:6a:ec:
b5:c0:a0:b5:43:34:ec:58:13:41:ec:8e:cb:f4:36:
1c:17:a2:45:84:0c:4d:32:a5:da:ba:4f:43:4d:31:
f8:6f:18:53:a6:53:68:f1:07:51:aa:68:93:1a:84:
d7:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:22:50:B1:37:72:16:B6:70:86:6F:E0:E0:29:4B:C7:1E:FF:EE:8B
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/zSJQsTdyFrZwhm_g4ClLxx7_7os.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
32:7f:dd:98:be:fd:7b:2c:cc:b0:ce:0d:1e:96:79:2b:78:45:
d0:0e:40:29:a7:48:09:b5:d2:fa:34:25:4d:c9:48:4c:27:2f:
a4:59:75:76:98:67:e0:7a:c1:a8:8f:00:87:bd:e1:8d:82:dc:
5c:25:f4:45:2a:02:24:04:13:c1:c4:8d:19:7d:d5:23:03:40:
e9:6e:2f:05:80:86:3b:82:01:36:48:49:5c:5f:6b:6d:f4:bf:
ba:d6:70:43:f6:64:f1:e8:92:0a:9b:27:a4:0a:33:ff:4e:7d:
05:b6:5e:fd:c1:98:ce:a6:27:fb:54:e4:ed:7c:62:0b:38:d4:
9c:c9:bf:ce:98:bb:9d:f9:ae:83:0d:fc:1a:73:11:3f:f0:21:
7b:18:58:d8:4a:66:96:9a:a0:6a:a0:5a:8c:0e:d7:d1:21:b6:
b8:57:7a:79:c3:cf:85:9c:36:6b:4d:06:c0:03:52:53:85:e1:
58:1b:95:d9:6c:24:e8:b2:a6:df:7d:8c:61:4a:52:20:5f:74:
ea:7e:da:d8:6b:22:fa:84:89:fc:53:60:cf:e8:28:9f:55:dc:
85:ca:69:fd:1a:54:b0:db:e7:59:d2:db:a7:5b:b9:1c:64:db:
6f:b3:2a:49:6b:01:2a:39:be:24:fb:11:56:04:65:73:a0:44:
59:01:42:6e
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYY1KQ4GuqKiL1nCiT+jYRU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwMjA5MDc1MjA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDIyNTBiMTM3NzIxNmI2NzA4NjZmZTBlMDI5NGJjNzFlZmZlZThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJBHv/8icPj6hpGpA3UsOholZ64o
OGGsJGtUFFOV29o8WCyQ1xxRUywInPqib30kbQVUwBMB/RI8DxX27w11GGlCkW8P
czdqOv/H3S5OXv/ZCXWfgJu5Cm8CQktRlmXXQpWOLDLg3af0FVjP1vzhxLnjWzJJ
niD111zgdwGqqIBJ87PqrvPQ8XAWcLQXyLRlwGymHbvm7PNCXXKf6s+gUQWTy4Ml
L+Z4Zvg8Yk1gv8YNzkrxobavmFl4nlpkFyW7dDh8lSSZPpRN3JI03J6dauy1wKC1
QzTsWBNB7I7L9DYcF6JFhAxNMqXauk9DTTH4bxhTplNo8QdRqmiTGoTX9wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFM0iULE3cha2cIZv4OApS8ce/+6LMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvelNKUXNUZHlGclp3aG1fZzRDbEx4eDdfN29zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTByBAIAATBsAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWpzkAwQAWpznAwQAXuR6AwQAsDndAwQAuWhw
AwQAuWhzAwQAvOEOAwQAvOE8AwQAwclzAwQCwiN0AwQA2RlbAwQA2RlfAwQA2Zfl
AwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEBADJ/3Zi+
/XsszLDODR6WeSt4RdAOQCmnSAm10vo0JU3JSEwnL6RZdXaYZ+B6waiPAIe94Y2C
3Fwl9EUqAiQEE8HEjRl91SMDQOluLwWAhjuCATZISVxfa230v7rWcEP2ZPHokgqb
J6QKM/9OfQW2Xv3BmM6mJ/tU5O18Ygs41JzJv86Yu535roMN/BpzET/wIXsYWNhK
ZpaaoGqgWowO19EhtrhXennDz4WcNmtNBsADUlOF4VgbldlsJOiypt99jGFKUiBf
dOp+2thrIvqEifxTYM/oKJ9V3IXKaf0aVLDb51nS26dbuRxk22+zKklrASo5viT7
EVYEZXOgRFkBQm4=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:41 2023 by rpki-client on console-ams.rpki-client.org