Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KZRlalI7idYRiIPtKmJXiNGSAv4.roa
File: KZRlalI7idYRiIPtKmJXiNGSAv4.roa (raw, json)
Hash identifier: hXgmgjkJEciptxMpjYtagF4m6seUvI8LYRu0UXGnPk0=
Subject key identifier: 29:94:65:6A:52:3B:89:D6:11:88:83:ED:2A:62:57:88:D1:92:02:FE
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0185EECCAC02E8F82526FA81E1BA12FADEC3
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KZRlalI7idYRiIPtKmJXiNGSAv4.roa
Signing time: Thu 26 Jan 2023 15:57:48 +0000
ROA not before: Thu 26 Jan 2023 15:57:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209641
IP address blocks: 185.5.248.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
185.87.48.0/22 maxlen: 22
185.87.50.0/24 maxlen: 24
185.87.48.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.87.49.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
139.28.220.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
95.214.10.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
185.105.119.0/24 maxlen: 24
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.216.0/22 maxlen: 22
185.105.118.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.230.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.200.0/23 maxlen: 23
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ee:cc:ac:02:e8:f8:25:26:fa:81:e1:ba:12:fa:de:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Jan 26 15:57:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2994656a523b89d6118883ed2a625788d19202fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8a:f3:ed:53:33:f4:f1:36:7f:36:4e:01:0c:
a6:49:16:51:18:b7:00:1e:14:8a:ff:fe:27:18:a4:
a9:1b:db:88:ca:63:d7:47:9b:f2:d2:b4:2e:f4:9d:
8f:82:58:a7:a7:39:22:b6:8c:60:ee:38:11:57:0f:
d8:45:fe:5e:44:81:f4:2b:ff:83:b9:9f:cc:8c:fa:
26:bd:51:ac:d1:e3:99:ab:15:12:2b:5d:c5:5a:b4:
1e:1d:b3:2d:e6:6f:61:68:cf:9d:77:0c:55:20:70:
ab:73:9c:16:fe:cb:4d:3c:29:f0:95:ce:9e:7f:92:
6e:19:45:65:1d:77:a0:0b:3c:af:1b:78:b3:5e:05:
02:63:a3:c7:4b:e6:c7:d0:da:bd:fb:65:ba:c1:c0:
e6:99:1c:cd:67:72:ee:ce:9e:1d:09:db:cd:96:d8:
0c:fa:49:3a:ae:ec:8d:26:41:dc:1d:50:4e:4d:a2:
04:88:23:24:50:92:91:4d:e7:58:69:68:b6:de:44:
b6:96:ba:90:14:ba:09:92:ea:ea:c3:ec:21:cf:8c:
38:50:71:c3:6d:a2:9a:52:0c:36:e1:d0:08:18:3f:
ed:8c:25:04:91:aa:f2:7f:61:2c:53:db:fe:98:ce:
d5:69:af:c1:cf:10:62:f4:f2:11:9a:60:0c:2c:1f:
84:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:94:65:6A:52:3B:89:D6:11:88:83:ED:2A:62:57:88:D1:92:02:FE
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/KZRlalI7idYRiIPtKmJXiNGSAv4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.66.0/23
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
95.214.9.0-95.214.11.255
139.28.220.0/24
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/22
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
64:f6:d4:2e:6e:73:31:be:e0:95:47:75:23:1d:b8:34:c0:2a:
75:9d:59:27:7f:65:5f:b3:3d:4a:81:82:6b:f3:86:28:b6:31:
93:93:43:27:6b:83:aa:ac:72:7c:d4:34:53:b3:6c:68:31:3f:
ea:fb:c3:e5:5a:b6:9f:fb:a2:05:9f:84:29:70:f1:bc:84:3b:
6e:09:9e:78:ef:c4:29:f0:4f:52:6e:34:37:dd:6e:60:8b:e9:
3a:0f:0a:79:52:02:64:b3:5d:57:1f:c8:9f:eb:72:d3:3c:d5:
74:c0:17:bd:49:f4:c5:35:89:6b:b5:7a:9a:f1:0e:3e:48:f9:
b2:58:a4:49:f6:ce:d2:5e:1c:25:7f:8b:3c:56:c3:7b:11:7b:
27:72:1f:ba:7c:62:6f:9c:33:77:9d:8c:10:75:5a:72:8a:82:
bb:c3:b3:d5:a2:25:0a:7a:2e:02:99:a3:11:49:d1:9a:9a:1c:
03:3b:4f:6c:39:2b:7c:32:b3:67:f1:f0:33:6d:07:78:18:26:
8d:94:b9:df:55:ef:d9:98:9b:67:4a:b7:cc:5e:18:c3:24:9a:
8b:a8:aa:1f:72:84:4e:99:cc:e3:fe:8d:d9:3b:55:6d:4b:bd:
57:06:d7:10:3d:0a:4a:86:3e:e8:ee:ce:99:ce:51:e0:a7:c9:
cb:ae:2b:83
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAYXuzKwC6PglJvqB4boS+t7DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjMwMTI2MTU1NzQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTk0NjU2YTUyM2I4OWQ2MTE4ODgzZWQyYTYyNTc4OGQxOTIwMmZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYrz7VMz9PE2fzZOAQymSRZRGLcA
HhSK//4nGKSpG9uIymPXR5vy0rQu9J2Pglinpzkitoxg7jgRVw/YRf5eRIH0K/+D
uZ/MjPomvVGs0eOZqxUSK13FWrQeHbMt5m9haM+ddwxVIHCrc5wW/stNPCnwlc6e
f5JuGUVlHXegCzyvG3izXgUCY6PHS+bH0Nq9+2W6wcDmmRzNZ3Luzp4dCdvNltgM
+kk6ruyNJkHcHVBOTaIEiCMkUJKRTedYaWi23kS2lrqQFLoJkurqw+whz4w4UHHD
baKaUgw24dAIGD/tjCUEkaryf2EsU9v+mM7Vaa/BzxBi9PIRmmAMLB+EowIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFCmUZWpSO4nWEYiD7SpiV4jRkgL+MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvS1pSbGFsSTdpZFlSaUlQdEttSlhpTkdTQXY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTB0BAIAATBuAwQBLVlC
AwQCLYCwAwQAW9lQAwQDXo6IMAwDBABf1gkDBAJf1ggDBACLHNwDBAK5BfgDBAK5
OswDBAK5VzADBAK5aXQDBAK5dZgDBAK5fdgDBAK5feQDBATBfLADBAXCQ8ADBADD
L/oDBADDQlcwRQQCAAIwPwMHACoKkwAAAAMHACoKkwAAAjASAwcEKgqTAADQAwcA
KgqTAADSMBADBQAqCpMBAwcAKgqTAQACAwUAKgqTAjANBgkqhkiG9w0BAQsFAAOC
AQEAZPbULm5zMb7glUd1Ix24NMAqdZ1ZJ39lX7M9SoGCa/OGKLYxk5NDJ2uDqqxy
fNQ0U7NsaDE/6vvD5Vq2n/uiBZ+EKXDxvIQ7bgmeeO/EKfBPUm40N91uYIvpOg8K
eVICZLNdVx/In+ty0zzVdMAXvUn0xTWJa7V6mvEOPkj5slikSfbO0l4cJX+LPFbD
exF7J3Ifunxib5wzd52MEHVacoqCu8Oz1aIlCnouApmjEUnRmpocAztPbDkrfDKz
Z/HwM20HeBgmjZS531Xv2ZibZ0q3zF4YwySai6iqH3KETpnM4/6N2TtVbUu9VwbX
ED0KSoY+6O7Omc5R4KfJy64rgw==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:14 2023 by rpki-client on console.sobornost.net