Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/z4lkCRfslfP2UgN9WVcXYhv8JEY.roa
File: z4lkCRfslfP2UgN9WVcXYhv8JEY.roa (raw, json)
Hash identifier: kz4lb2zY1z9s+jN5FJzNycLwGvHfxg+RMR2N37EqoPI=
Subject key identifier: CF:89:64:09:17:EC:95:F3:F6:52:03:7D:59:57:17:62:1B:FC:24:46
Certificate issuer: /CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Certificate serial: 018C3B5C9EDE397E04DE588083D00CE68021
Authority key identifier: 1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/z4lkCRfslfP2UgN9WVcXYhv8JEY.roa
Signing time: Tue 05 Dec 2023 19:02:54 +0000
ROA not before: Tue 05 Dec 2023 19:02:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42013
IP address blocks: 2.58.132.0/24 maxlen: 24
2.58.132.0/23 maxlen: 23
2.58.132.0/22 maxlen: 22
194.5.235.0/24 maxlen: 24
91.229.247.0/24 maxlen: 24
185.99.44.0/24 maxlen: 24
185.99.44.0/22 maxlen: 22
185.99.44.0/23 maxlen: 23
185.99.47.0/24 maxlen: 24
185.99.46.0/24 maxlen: 24
185.99.45.0/24 maxlen: 24
185.99.46.0/23 maxlen: 23
2.58.133.0/24 maxlen: 24
2.58.135.0/24 maxlen: 24
2.58.134.0/23 maxlen: 23
2.58.134.0/24 maxlen: 24
212.47.82.0/23 maxlen: 23
212.47.83.0/24 maxlen: 24
212.47.82.0/24 maxlen: 24
185.61.22.0/23 maxlen: 23
185.61.23.0/24 maxlen: 24
185.61.22.0/24 maxlen: 24
185.61.20.0/22 maxlen: 22
185.61.20.0/23 maxlen: 23
185.61.21.0/24 maxlen: 24
185.61.20.0/24 maxlen: 24
185.209.111.0/24 maxlen: 24
185.209.110.0/24 maxlen: 24
185.209.110.0/23 maxlen: 23
185.209.109.0/24 maxlen: 24
185.209.108.0/24 maxlen: 24
185.209.108.0/22 maxlen: 22
185.209.108.0/23 maxlen: 23
2a0b:4d40::/29 maxlen: 29
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:3b:5c:9e:de:39:7e:04:de:58:80:83:d0:0c:e6:80:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ef3cb098d5285020c3be754f8c4ff777aa8a174
Validity
Not Before: Dec 5 19:02:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf89640917ec95f3f652037d595717621bfc2446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:e6:70:85:38:3c:8e:ba:4b:97:cd:63:fe:9b:
28:30:04:7f:31:a0:0a:c8:a6:62:25:e5:6a:80:a3:
cb:83:81:5b:c1:ad:18:5e:7e:e6:5e:e8:61:22:98:
ac:9b:13:bb:97:90:e3:49:07:c4:46:5c:a6:0c:ae:
8f:15:69:a2:6c:ab:f5:09:4e:36:8e:22:51:de:ad:
da:02:7e:7b:8b:6b:1b:7f:0a:97:86:b2:a4:d4:4f:
52:00:a3:bd:02:0d:aa:ae:fd:33:1b:24:81:8b:5c:
55:08:f5:c7:a6:d5:02:68:ff:e1:80:0b:99:a8:d0:
f9:62:d6:7b:17:e9:ee:65:be:46:eb:e4:6b:a1:e7:
b0:8d:7c:b8:01:2d:bc:58:c0:43:1a:fc:8d:05:8e:
2f:38:82:a8:6d:2b:c5:9a:f9:e4:08:dc:5b:9a:a4:
96:94:20:99:68:00:2a:d8:70:27:cf:c7:ea:f7:a7:
63:e0:e4:59:23:0b:2f:c2:93:2d:f7:af:01:33:ba:
76:05:62:96:90:27:da:90:3a:90:d1:41:e3:97:3a:
dd:04:dc:5b:a9:13:07:eb:8b:75:98:a8:5e:59:f8:
6f:4e:6f:1c:d4:53:c0:8f:58:7d:be:2a:65:9a:93:
18:4d:ad:d1:66:d1:de:10:3b:db:99:62:87:3f:85:
c4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:89:64:09:17:EC:95:F3:F6:52:03:7D:59:57:17:62:1B:FC:24:46
X509v3 Authority Key Identifier:
keyid:1E:F3:CB:09:8D:52:85:02:0C:3B:E7:54:F8:C4:FF:77:7A:A8:A1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvPLCY1ShQIMO-dU-MT_d3qooXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/z4lkCRfslfP2UgN9WVcXYhv8JEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/933818-a5bb-4d16-b551-f992b07f323f/1/HvPLCY1ShQIMO-dU-MT_d3qooXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.132.0/22
91.229.247.0/24
185.61.20.0/22
185.99.44.0/22
185.209.108.0/22
194.5.235.0/24
212.47.82.0/23
IPv6:
2a0b:4d40::/29
Signature Algorithm: sha256WithRSAEncryption
5c:d7:52:42:0f:99:87:7e:2e:83:88:67:2c:81:96:7d:17:b2:
79:f0:d6:fa:60:ee:1a:f0:61:e4:29:c2:bb:2e:86:9c:9e:7f:
14:b3:0e:63:cf:57:47:c5:59:04:cd:84:85:47:e1:fb:af:31:
27:4f:2b:8f:a3:ef:50:1b:91:06:2f:07:25:17:62:00:76:95:
0c:49:6c:cd:75:da:8a:d0:01:b0:96:1f:5e:80:24:68:97:eb:
85:41:8e:4c:63:7c:b9:d2:11:29:88:03:53:f2:ed:59:9f:7f:
b9:80:54:2a:49:31:ed:c2:49:3d:fd:05:47:44:06:4c:b8:ec:
54:47:9f:c4:40:47:54:a1:43:1e:3d:43:12:a3:b7:09:b7:3a:
0e:56:55:85:49:ad:7d:82:8c:11:92:d9:3f:5b:32:d0:85:f9:
61:e2:24:2d:e7:64:e4:e8:c7:11:34:59:91:04:66:41:02:f3:
44:19:a4:ae:f2:5f:28:8d:be:12:4f:73:ff:f9:f7:a8:09:8c:
83:ee:d9:c4:e4:b3:42:5d:99:30:30:e8:3d:21:ba:73:b9:fb:
f5:c3:cd:0e:78:e9:29:c5:b1:8b:4c:3e:e1:cd:76:ad:ad:16:
19:ae:cf:19:91:36:68:a8:df:f4:73:19:30:70:19:99:c1:2f:
8a:f2:9c:d6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYw7XJ7eOX4E3liAg9AM5oAhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZjNjYjA5OGQ1Mjg1MDIwYzNiZTc1NGY4YzRmZjc3N2Fh
OGExNzQwHhcNMjMxMjA1MTkwMjU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg5NjQwOTE3ZWM5NWYzZjY1MjAzN2Q1OTU3MTc2MjFiZmMyNDQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvOZwhTg8jrpLl81j/psoMAR/MaAK
yKZiJeVqgKPLg4Fbwa0YXn7mXuhhIpismxO7l5DjSQfERlymDK6PFWmibKv1CU42
jiJR3q3aAn57i2sbfwqXhrKk1E9SAKO9Ag2qrv0zGySBi1xVCPXHptUCaP/hgAuZ
qND5YtZ7F+nuZb5G6+RroeewjXy4AS28WMBDGvyNBY4vOIKobSvFmvnkCNxbmqSW
lCCZaAAq2HAnz8fq96dj4ORZIwsvwpMt968BM7p2BWKWkCfakDqQ0UHjlzrdBNxb
qRMH64t1mKheWfhvTm8c1FPAj1h9viplmpMYTa3RZtHeEDvbmWKHP4XEKQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFM+JZAkX7JXz9lIDfVlXF2Ib/CRGMB8GA1UdIwQY
MBaAFB7zywmNUoUCDDvnVPjE/3d6qKF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEt
Zjk5MmIwN2YzMjNmLzEvejRsa0NSZnNsZlAyVWdOOVdWY1hZaHY4SkVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS85MzM4MTgtYTViYi00ZDE2LWI1NTEtZjk5MmIwN2YzMjNm
LzEvSHZQTENZMVNoUUlNTy1kVS1NVF9kM3Fvb1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCAjqEAwQA
W+X3AwQCuT0UAwQCuWMsAwQCudFsAwQAwgXrAwQB1C9SMA0EAgACMAcDBQMqC01A
MA0GCSqGSIb3DQEBCwUAA4IBAQBc11JCD5mHfi6DiGcsgZZ9F7J58Nb6YO4a8GHk
KcK7Loacnn8Usw5jz1dHxVkEzYSFR+H7rzEnTyuPo+9QG5EGLwclF2IAdpUMSWzN
ddqK0AGwlh9egCRol+uFQY5MY3y50hEpiANT8u1Zn3+5gFQqSTHtwkk9/QVHRAZM
uOxUR5/EQEdUoUMePUMSo7cJtzoOVlWFSa19gowRktk/WzLQhflh4iQt52Tk6McR
NFmRBGZBAvNEGaSu8l8ojb4ST3P/+feoCYyD7tnE5LNCXZkwMOg9Ibpzufv1w80O
eOkpxbGLTD7hzXatrRYZrs8ZkTZoqN/0cxkwcBmZwS+K8pzW
-----END CERTIFICATE-----
Generated at Mon Jan 1 03:23:54 2024 by rpki-client on console-fra.rpki-client.org