Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZWv_wohDVmRf6Mpshy5Z61bBkag.roa
File: ZWv_wohDVmRf6Mpshy5Z61bBkag.roa (raw, json)
Hash identifier: lvy30/iHekag8j655qMQFlE+MGSiArEQWNrGhk9P9ks=
Subject key identifier: 65:6B:FF:C2:88:43:56:64:5F:E8:CA:6C:87:2E:59:EB:56:C1:91:A8
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0185A6010C794FA110AC22BACA93BA2B5CFA
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZWv_wohDVmRf6Mpshy5Z61bBkag.roa
Signing time: Thu 12 Jan 2023 12:42:44 +0000
ROA not before: Thu 12 Jan 2023 12:42:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212552
IP address blocks: 212.90.102.0/23 maxlen: 24
185.215.244.0/23 maxlen: 24
103.75.196.0/22 maxlen: 24
82.115.16.0/24 maxlen: 24
193.36.84.0/23 maxlen: 24
82.115.24.0/22 maxlen: 24
82.115.20.0/23 maxlen: 24
46.249.100.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 04:38:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a6:01:0c:79:4f:a1:10:ac:22:ba:ca:93:ba:2b:5c:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 12 12:42:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=656bffc2884356645fe8ca6c872e59eb56c191a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f5:43:ed:ff:20:fa:cc:ab:50:3d:87:f6:03:
9b:7a:40:fa:58:44:b7:20:f5:f6:70:f9:75:41:89:
09:08:e6:dd:fb:41:81:6e:e5:e9:91:fd:ef:51:a4:
5f:73:a9:f9:08:fc:84:81:bb:7f:2a:23:2d:6d:15:
a5:72:88:fd:b5:40:5e:ce:56:51:ca:50:bb:b2:d1:
2f:40:12:70:dd:10:28:b5:d0:e4:b6:b9:39:38:60:
3a:31:18:05:ff:77:2e:78:f4:6d:46:6a:10:0d:64:
c0:7c:68:41:f8:67:b2:68:70:50:e9:ed:67:fd:98:
ea:98:5b:62:69:39:ba:92:59:63:ad:f0:3b:24:ce:
5d:6a:cf:32:26:6d:84:9f:89:4b:9c:a2:44:15:17:
4a:db:2f:17:2b:79:c5:83:eb:7c:fe:62:af:f2:e2:
4b:b9:8c:7b:72:45:a9:e9:6b:88:16:f2:87:52:58:
a2:26:d4:66:a4:b4:b0:90:26:59:db:08:3c:77:b3:
f6:52:fa:43:bd:29:58:01:cf:3c:79:66:3a:ee:30:
51:56:95:85:67:48:ad:3c:ee:4b:df:3f:38:4a:79:
f3:cc:0f:71:5c:c9:73:b3:fa:f5:69:a2:a1:15:fb:
2b:c2:e9:65:d7:51:e1:d6:5b:11:e7:e3:f0:f6:37:
42:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:6B:FF:C2:88:43:56:64:5F:E8:CA:6C:87:2E:59:EB:56:C1:91:A8
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZWv_wohDVmRf6Mpshy5Z61bBkag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.249.100.0/22
82.115.16.0/24
82.115.20.0/23
82.115.24.0/22
103.75.196.0/22
185.215.244.0/23
193.36.84.0/23
212.90.102.0/23
Signature Algorithm: sha256WithRSAEncryption
9d:ad:82:c8:cb:2b:2e:0c:14:af:44:92:ee:d5:25:fd:c3:3e:
ab:3c:2a:de:2d:6e:97:e1:30:e5:e5:98:81:d6:a6:c7:79:28:
b4:c9:d3:4a:06:11:0b:a9:27:cc:79:12:a7:30:07:75:36:32:
28:3b:b5:2f:4b:4f:da:cf:41:25:2a:7e:8f:e4:de:ff:6a:ef:
45:c0:6b:58:f0:11:95:53:41:4d:41:18:95:2e:ba:63:a5:4f:
56:d0:22:8a:35:44:b3:3d:3d:79:e2:14:e5:94:57:58:4b:e6:
a7:fd:b7:f8:ad:53:ef:74:24:4a:c3:a4:f1:37:aa:c2:a9:a4:
56:1d:4c:d8:18:95:93:46:51:ba:ab:c4:31:f5:bd:15:66:19:
da:4d:35:d8:e0:db:18:d7:5a:1d:e5:03:18:5f:5c:2f:63:26:
d0:a3:82:29:1c:c6:84:41:4b:bf:bb:2b:92:32:e4:85:d5:06:
85:78:02:4e:2c:fd:0c:dd:f4:9d:29:4f:bd:43:ce:e2:8a:8c:
24:45:d5:a0:88:af:de:04:69:2f:5f:b5:27:85:64:84:2a:c9:
e8:ed:31:f0:8b:bd:d9:1e:87:a1:7e:20:6f:34:74:35:a7:98:
c3:0b:59:53:1d:f1:2a:47:94:ff:2c:65:35:34:b1:de:45:f0:
c7:4d:23:18
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYWmAQx5T6EQrCK6ypO6K1z6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwMTEyMTI0MjQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTZiZmZjMjg4NDM1NjY0NWZlOGNhNmM4NzJlNTllYjU2YzE5MWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfVD7f8g+syrUD2H9gObekD6WES3
IPX2cPl1QYkJCObd+0GBbuXpkf3vUaRfc6n5CPyEgbt/KiMtbRWlcoj9tUBezlZR
ylC7stEvQBJw3RAotdDktrk5OGA6MRgF/3cuePRtRmoQDWTAfGhB+GeyaHBQ6e1n
/ZjqmFtiaTm6klljrfA7JM5das8yJm2En4lLnKJEFRdK2y8XK3nFg+t8/mKv8uJL
uYx7ckWp6WuIFvKHUliiJtRmpLSwkCZZ2wg8d7P2UvpDvSlYAc88eWY67jBRVpWF
Z0itPO5L3z84SnnzzA9xXMlzs/r1aaKhFfsrwull11Hh1lsR5+Pw9jdCBQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGVr/8KIQ1ZkX+jKbIcuWetWwZGoMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWld2X3dvaERWbVJmNk1wc2h5NVo2MWJCa2FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLvlkAwQA
UnMQAwQBUnMUAwQCUnMYAwQCZ0vEAwQBudf0AwQBwSRUAwQB1FpmMA0GCSqGSIb3
DQEBCwUAA4IBAQCdrYLIyysuDBSvRJLu1SX9wz6rPCreLW6X4TDl5ZiB1qbHeSi0
ydNKBhELqSfMeRKnMAd1NjIoO7UvS0/az0ElKn6P5N7/au9FwGtY8BGVU0FNQRiV
LrpjpU9W0CKKNUSzPT154hTllFdYS+an/bf4rVPvdCRKw6TxN6rCqaRWHUzYGJWT
RlG6q8Qx9b0VZhnaTTXY4NsY11od5QMYX1wvYybQo4IpHMaEQUu/uyuSMuSF1QaF
eAJOLP0M3fSdKU+9Q87iiowkRdWgiK/eBGkvX7UnhWSEKsno7THwi73ZHoehfiBv
NHQ1p5jDC1lTHfEqR5T/LGU1NLHeRfDHTSMY
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org