Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/zS_4d18eYHGMbzGg9svIiYZgus8.roa
File: zS_4d18eYHGMbzGg9svIiYZgus8.roa (raw, json)
Hash identifier: eNxb/jdpsu+/1geoVv/JmUAimLVTrv+EXpy+lY3OjTY=
Subject key identifier: CD:2F:F8:77:5F:1E:60:71:8C:6F:31:A0:F6:CB:C8:89:86:60:BA:CF
Certificate issuer: /CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Certificate serial: 018E0D61422A180403162AFC14D6CCC2381D
Authority key identifier: 0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/zS_4d18eYHGMbzGg9svIiYZgus8.roa
Signing time: Tue 05 Mar 2024 06:51:01 +0000
ROA not before: Tue 05 Mar 2024 06:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58289
IP address blocks: 91.147.111.0/24 maxlen: 24
185.162.234.0/24 maxlen: 24
193.43.251.0/24 maxlen: 24
194.31.133.0/24 maxlen: 24
194.31.135.0/24 maxlen: 24
2a0e:6600::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 26 Mar 2024 04:36:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:61:42:2a:18:04:03:16:2a:fc:14:d6:cc:c2:38:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a7327805df20fb5c1d6f4e89074743caeb24af7
Validity
Not Before: Mar 5 06:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd2ff8775f1e60718c6f31a0f6cbc8898660bacf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:ed:41:54:2b:c3:59:fb:59:c4:c3:ea:53:79:
f2:33:6e:b4:31:6f:e5:fd:7d:f6:df:9f:31:fa:80:
c5:d6:76:6e:d0:3c:06:ef:f0:a9:f2:11:6a:33:2c:
8c:fa:6b:74:a4:1b:e3:4b:61:08:f8:20:69:ff:a1:
06:50:74:bc:db:5f:64:88:ba:83:12:a1:03:78:26:
5e:8d:7c:30:79:c9:5c:b3:74:90:f4:4f:2b:0f:c4:
ae:68:35:57:36:2a:16:b2:97:e0:75:96:e4:8a:f6:
05:10:d6:d3:7f:e6:1d:aa:4a:19:af:16:9a:47:18:
0f:d5:80:93:db:bc:52:b8:70:c5:a4:4e:dd:61:34:
bd:16:ba:4e:c2:e0:63:01:97:15:36:07:9c:7e:d5:
2f:cb:a3:a0:60:71:62:42:76:e2:07:a8:2a:5e:5f:
eb:af:f6:e8:a8:b9:5e:7b:49:1e:9e:73:75:46:6c:
7a:dc:f0:a7:91:e9:7d:16:8c:65:6d:b5:60:9e:72:
0f:06:b5:ce:d0:24:c7:5b:be:c6:9d:56:03:ba:60:
2f:54:9d:c9:54:07:52:68:cf:7a:5d:3e:a1:8e:b1:
58:00:89:f4:78:7e:fe:aa:56:c0:8c:a2:ff:66:eb:
a8:6d:c7:11:e0:d4:ad:89:4a:ef:66:8a:8b:ef:dd:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2F:F8:77:5F:1E:60:71:8C:6F:31:A0:F6:CB:C8:89:86:60:BA:CF
X509v3 Authority Key Identifier:
keyid:0A:73:27:80:5D:F2:0F:B5:C1:D6:F4:E8:90:74:74:3C:AE:B2:4A:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CnMngF3yD7XB1vTokHR0PK6ySvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/zS_4d18eYHGMbzGg9svIiYZgus8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/8b1fac-5a21-4848-a66a-10bb4579d528/1/CnMngF3yD7XB1vTokHR0PK6ySvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.111.0/24
185.162.234.0/24
193.43.251.0/24
194.31.133.0/24
194.31.135.0/24
IPv6:
2a0e:6600::/48
Signature Algorithm: sha256WithRSAEncryption
ac:9e:cf:b5:24:2e:ac:d9:3e:00:16:02:3f:38:cf:dd:4b:a3:
3c:da:2b:b8:17:53:a8:53:6a:bd:7c:f5:dc:ef:94:c4:2a:b2:
62:35:98:0a:d3:1d:27:85:62:c9:7b:40:78:e6:21:55:35:33:
ff:04:ea:2b:f0:59:5e:af:42:ac:3f:d8:e3:4b:33:63:7d:c0:
5d:63:ce:03:0c:84:b0:b2:a0:80:61:01:82:57:49:b5:b9:c0:
a5:d3:1c:15:1e:70:83:fb:1e:63:dd:1c:f0:91:70:ef:34:8e:
2f:6f:4f:15:00:61:2d:4f:14:a7:21:8c:12:75:df:b9:2a:5f:
23:fd:f0:d4:30:c9:a6:c1:e4:db:ff:d4:ba:fc:16:aa:35:ff:
0c:fc:96:dc:11:c4:eb:82:10:75:8e:1b:61:c2:32:3e:03:97:
07:5b:a8:2a:97:b3:1e:7d:39:33:ba:d7:3b:cc:7f:26:31:e5:
ad:97:b4:2e:e4:72:ee:cf:c3:a0:e2:5c:4e:f5:b0:94:1e:67:
4d:ef:80:fd:1b:71:be:5b:c5:10:84:45:ae:07:a5:ac:1c:a3:
58:c9:06:88:3a:9a:1a:cd:43:4c:57:d2:5f:dd:eb:47:9d:8f:
77:f1:0e:36:ef:41:6c:e6:9e:c4:97:7a:ae:6e:c1:61:3e:4e:
ad:56:cb:c6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAY4NYUIqGAQDFir8FNbMwjgdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNzMyNzgwNWRmMjBmYjVjMWQ2ZjRlODkwNzQ3NDNjYWVi
MjRhZjcwHhcNMjQwMzA1MDY1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJmZjg3NzVmMWU2MDcxOGM2ZjMxYTBmNmNiYzg4OTg2NjBiYWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAke1BVCvDWftZxMPqU3nyM260MW/l
/X32358x+oDF1nZu0DwG7/Cp8hFqMyyM+mt0pBvjS2EI+CBp/6EGUHS8219kiLqD
EqEDeCZejXwweclcs3SQ9E8rD8SuaDVXNioWspfgdZbkivYFENbTf+YdqkoZrxaa
RxgP1YCT27xSuHDFpE7dYTS9FrpOwuBjAZcVNgecftUvy6OgYHFiQnbiB6gqXl/r
r/boqLlee0kennN1Rmx63PCnkel9FoxlbbVgnnIPBrXO0CTHW77GnVYDumAvVJ3J
VAdSaM96XT6hjrFYAIn0eH7+qlbAjKL/ZuuobccR4NStiUrvZoqL7925BwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFM0v+HdfHmBxjG8xoPbLyImGYLrPMB8GA1UdIwQY
MBaAFApzJ4Bd8g+1wdb06JB0dDyuskr3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEt
MTBiYjQ1NzlkNTI4LzEvelNfNGQxOGVZSEdNYnpHZzlzdklpWVpndXM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS84YjFmYWMtNWEyMS00ODQ4LWE2NmEtMTBiYjQ1NzlkNTI4
LzEvQ25NbmdGM3lEN1hCMXZUb2tIUjBQSzZ5U3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAW5NvAwQA
uaLqAwQAwSv7AwQAwh+FAwQAwh+HMA8EAgACMAkDBwAqDmYAAAAwDQYJKoZIhvcN
AQELBQADggEBAKyez7UkLqzZPgAWAj84z91LozzaK7gXU6hTar189dzvlMQqsmI1
mArTHSeFYsl7QHjmIVU1M/8E6ivwWV6vQqw/2ONLM2N9wF1jzgMMhLCyoIBhAYJX
SbW5wKXTHBUecIP7HmPdHPCRcO80ji9vTxUAYS1PFKchjBJ137kqXyP98NQwyabB
5Nv/1Lr8Fqo1/wz8ltwRxOuCEHWOG2HCMj4DlwdbqCqXsx59OTO61zvMfyYx5a2X
tC7kcu7Pw6DiXE71sJQeZ03vgP0bcb5bxRCERa4Hpawco1jJBog6mhrNQ0xX0l/d
60edj3fxDjbvQWzmnsSXeq5uwWE+Tq1Wy8Y=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:06 2024 by rpki-client on console-ams.rpki-client.org