Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/ZHAGYJkCVI4yB70THQ-u5O6h9h4.roa
File: ZHAGYJkCVI4yB70THQ-u5O6h9h4.roa (raw, json)
Hash identifier: uvVydU0tDGMqAvZr2IPZXiyIaqTIvFoTFMPok1xB0XY=
Subject key identifier: 64:70:06:60:99:02:54:8E:32:07:BD:13:1D:0F:AE:E4:EE:A1:F6:1E
Certificate issuer: /CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Certificate serial: 0185DE12921E6B6B16E585ADC0F6F7463158
Authority key identifier: 5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/ZHAGYJkCVI4yB70THQ-u5O6h9h4.roa
Signing time: Mon 23 Jan 2023 10:00:37 +0000
ROA not before: Mon 23 Jan 2023 10:00:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56911
IP address blocks: 176.58.80.0/21 maxlen: 21
185.169.238.0/23 maxlen: 24
185.169.237.0/24 maxlen: 24
185.169.236.0/23 maxlen: 24
185.169.236.0/24 maxlen: 24
195.234.92.0/24 maxlen: 24
185.49.248.0/22 maxlen: 24
185.146.64.0/24 maxlen: 24
2a0a:7300::/32 maxlen: 36
2a01:a620::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:de:12:92:1e:6b:6b:16:e5:85:ad:c0:f6:f7:46:31:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5df5ed040efe2e581754deb5c3cd82d99dfee8d9
Validity
Not Before: Jan 23 10:00:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=647006609902548e3207bd131d0faee4eea1f61e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:92:65:68:72:5c:53:84:58:00:1c:65:50:a0:
1b:24:f2:af:90:10:42:57:64:ee:a4:61:ce:18:28:
21:56:45:90:e5:27:a9:1c:7a:62:ee:43:f8:ce:02:
ea:63:2e:ad:dd:10:10:72:7d:a9:6a:f8:c1:27:03:
28:09:09:dc:e3:0e:d3:3f:82:b5:ba:39:4f:e3:a3:
42:c9:60:83:3c:b0:70:4a:3f:12:f0:bc:97:29:b1:
c0:1e:51:49:22:bd:e6:2a:da:79:ed:1d:77:a5:c4:
07:f9:b9:ff:36:30:75:45:e9:2c:de:8d:de:c6:11:
1b:cb:81:ef:2a:77:0d:8f:3f:7f:cf:9a:8a:67:d5:
e3:28:80:78:50:47:d9:8a:4e:49:b5:71:d3:c0:aa:
c8:1b:52:c2:93:aa:1a:96:ff:3e:ba:ba:dc:d0:a6:
ef:7f:17:5b:a9:22:1a:fa:7f:47:65:75:d6:6a:fd:
9e:9d:c5:6c:88:09:f1:23:0a:20:3a:be:ad:3b:95:
e8:a9:bf:76:55:db:f8:be:06:b8:b9:09:e4:67:7e:
a6:36:2c:9e:b0:9d:84:77:d3:37:6d:51:40:ba:66:
4f:dd:57:82:93:d2:2d:91:f2:dd:0f:a3:51:63:7c:
b4:d0:2c:7f:71:ff:a3:c4:c8:79:2c:66:b9:70:1e:
f5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:70:06:60:99:02:54:8E:32:07:BD:13:1D:0F:AE:E4:EE:A1:F6:1E
X509v3 Authority Key Identifier:
keyid:5D:F5:ED:04:0E:FE:2E:58:17:54:DE:B5:C3:CD:82:D9:9D:FE:E8:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XfXtBA7-LlgXVN61w82C2Z3-6Nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/ZHAGYJkCVI4yB70THQ-u5O6h9h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/b3d76f-6ef9-4c4a-812c-befe4b34c6f0/1/XfXtBA7-LlgXVN61w82C2Z3-6Nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.58.80.0/21
185.49.248.0/22
185.146.64.0/24
185.169.236.0/22
195.234.92.0/24
IPv6:
2a01:a620::/32
2a0a:7300::/32
Signature Algorithm: sha256WithRSAEncryption
18:f3:be:6d:6c:35:ed:c0:6b:12:11:92:89:19:f8:0a:61:0a:
7d:2e:2a:3a:6d:06:54:97:e1:28:61:41:d6:f0:27:af:fd:db:
01:20:c4:86:20:4e:10:ab:ae:09:7d:99:59:bc:55:1b:2c:29:
a1:2a:dd:9b:24:3a:b9:31:fa:86:47:c8:35:d0:56:bf:0f:82:
06:36:14:72:db:60:01:ff:71:fe:d8:4b:e6:77:21:e8:92:b3:
eb:ab:d8:ae:75:41:68:75:55:1b:15:e7:7f:60:9f:41:bc:67:
e2:9e:ad:e3:34:e1:82:1a:b7:e5:c2:f3:75:25:94:ba:ff:b1:
b1:61:0d:23:b9:cc:b0:af:67:ed:e9:2a:19:ec:f1:9c:39:32:
cc:01:8f:ca:02:78:66:e7:7d:9d:d2:13:b9:b4:d3:df:de:a6:
97:2f:52:a4:01:e5:8b:5b:14:86:e4:72:c8:b0:6c:72:69:2f:
64:6b:c9:06:ca:26:50:b5:33:25:8e:76:c9:97:35:42:1c:20:
d6:de:f3:09:24:69:82:59:5e:2a:79:08:81:e9:6a:25:c4:f6:
ab:d8:b3:d8:bf:60:b9:1b:53:0a:06:10:42:24:58:31:46:e5:
02:c2:b9:78:47:35:f5:73:68:47:fb:19:0b:c4:98:47:10:89:
f8:2d:70:1c
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYXeEpIea2sW5YWtwPb3RjFYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkZjVlZDA0MGVmZTJlNTgxNzU0ZGViNWMzY2Q4MmQ5OWRm
ZWU4ZDkwHhcNMjMwMTIzMTAwMDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDcwMDY2MDk5MDI1NDhlMzIwN2JkMTMxZDBmYWVlNGVlYTFmNjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZJlaHJcU4RYABxlUKAbJPKvkBBC
V2TupGHOGCghVkWQ5SepHHpi7kP4zgLqYy6t3RAQcn2pavjBJwMoCQnc4w7TP4K1
ujlP46NCyWCDPLBwSj8S8LyXKbHAHlFJIr3mKtp57R13pcQH+bn/NjB1Reks3o3e
xhEby4HvKncNjz9/z5qKZ9XjKIB4UEfZik5JtXHTwKrIG1LCk6oalv8+urrc0Kbv
fxdbqSIa+n9HZXXWav2encVsiAnxIwogOr6tO5Xoqb92Vdv4vga4uQnkZ36mNiye
sJ2Ed9M3bVFAumZP3VeCk9ItkfLdD6NRY3y00Cx/cf+jxMh5LGa5cB71swIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGRwBmCZAlSOMge9Ex0PruTuofYeMB8GA1UdIwQY
MBaAFF317QQO/i5YF1TetcPNgtmd/ujZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMt
YmVmZTRiMzRjNmYwLzEvWkhBR1lKa0NWSTR5QjcwVEhRLXU1TzZoOWg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9iM2Q3NmYtNmVmOS00YzRhLTgxMmMtYmVmZTRiMzRjNmYw
LzEvWGZYdEJBNy1MbGdYVk42MXc4MkMyWjMtNk5rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQDsDpQAwQC
uTH4AwQAuZJAAwQCuansAwQAw+pcMBQEAgACMA4DBQAqAaYgAwUAKgpzADANBgkq
hkiG9w0BAQsFAAOCAQEAGPO+bWw17cBrEhGSiRn4CmEKfS4qOm0GVJfhKGFB1vAn
r/3bASDEhiBOEKuuCX2ZWbxVGywpoSrdmyQ6uTH6hkfINdBWvw+CBjYUcttgAf9x
/thL5nch6JKz66vYrnVBaHVVGxXnf2CfQbxn4p6t4zThghq35cLzdSWUuv+xsWEN
I7nMsK9n7ekqGezxnDkyzAGPygJ4Zud9ndITubTT396mly9SpAHli1sUhuRyyLBs
cmkvZGvJBsomULUzJY52yZc1Qhwg1t7zCSRpglleKnkIgelqJcT2q9iz2L9guRtT
CgYQQiRYMUblAsK5eEc19XNoR/sZC8SYRxCJ+C1wHA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:32 2024 by rpki-client on console-ams.rpki-client.org