Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z3gZX9jxDgqqpcXXBzIGmSb34HE.roa
File: z3gZX9jxDgqqpcXXBzIGmSb34HE.roa (raw, json)
Hash identifier: gocgjFh5jzq/u2mbN+mceeQcDCNe1HOymjSSGxRitFg=
Subject key identifier: CF:78:19:5F:D8:F1:0E:0A:AA:A5:C5:D7:07:32:06:99:26:F7:E0:71
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0191A73129C72025436A1766066D708CE906
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z3gZX9jxDgqqpcXXBzIGmSb34HE.roa
Signing time: Sat 31 Aug 2024 06:48:22 +0000
ROA not before: Sat 31 Aug 2024 06:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.115.9.0/24 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
91.132.57.0/24 maxlen: 24
159.255.32.0/22 maxlen: 24
185.231.172.0/22 maxlen: 24
188.214.236.0/22 maxlen: 22
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 03:47:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a7:31:29:c7:20:25:43:6a:17:66:06:6d:70:8c:e9:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 31 06:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf78195fd8f10e0aaaa5c5d70732069926f7e071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f7:20:94:42:56:48:4d:04:d8:9e:2e:be:25:
d2:84:21:85:59:9d:56:70:f8:69:de:81:ce:55:57:
d7:06:00:96:e4:37:c2:a9:63:51:88:94:8b:63:00:
4a:cc:83:1b:ed:d3:68:c7:c5:0f:e8:87:76:ad:b0:
93:29:1a:2f:0d:ea:3f:fa:f4:b8:df:f5:1f:45:7f:
b1:81:99:4b:e5:f7:0a:1d:84:89:d9:3c:ac:4f:eb:
06:c0:61:d2:dd:ef:f1:46:f5:07:16:bc:18:3c:b1:
4c:33:e7:2b:a8:cc:b4:0d:9c:71:54:55:a8:98:5d:
61:7d:8c:ba:f0:5d:02:63:72:88:eb:4a:35:42:96:
9d:ce:cc:a9:1e:09:61:82:3f:5b:26:17:57:fe:b1:
22:15:2c:88:15:3a:f3:cb:48:04:ad:a6:3b:5e:8e:
51:ee:75:f8:ab:ac:8e:3b:8e:0a:70:68:0b:95:a5:
0f:de:28:6c:c8:c4:c6:fc:c2:5b:2a:86:ba:a8:b8:
5e:9c:c2:10:17:8c:4e:c3:f8:ec:77:4e:c8:b1:1a:
c4:19:d5:71:cd:0e:25:f9:2a:df:f9:c6:b5:bc:5c:
51:7e:8f:9c:c7:33:e3:5b:fd:32:10:75:98:4c:57:
7c:30:d5:f8:e4:aa:f8:13:4d:51:0c:3e:ad:6d:8d:
1e:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:78:19:5F:D8:F1:0E:0A:AA:A5:C5:D7:07:32:06:99:26:F7:E0:71
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z3gZX9jxDgqqpcXXBzIGmSb34HE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.115.9.0/24
82.115.28.0/23
89.251.10.0/24
91.132.57.0/24
159.255.32.0/22
185.231.172.0/22
188.214.236.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:ba:66:ef:8b:37:34:c2:e6:0b:ea:f5:0a:46:1e:e0:77:89:
ba:db:00:af:4e:21:d6:7a:0e:ad:8b:1d:bb:a0:f0:3e:95:84:
de:10:4c:61:2c:16:a0:b2:a6:d1:fb:29:55:ce:d4:de:9f:5c:
83:68:64:ac:df:f8:7b:ab:0d:b6:d9:7a:c5:fb:be:8c:c4:f9:
c8:53:07:55:ea:3f:19:39:ac:e0:22:ad:bc:63:fb:b8:9d:09:
75:f7:19:76:b6:40:e3:b5:d2:6a:64:11:a5:5c:25:f1:7f:3f:
60:5a:4c:9c:2b:29:d6:db:8f:b8:68:6b:89:0b:a2:87:75:51:
e8:8b:5d:18:c3:16:39:15:9a:b7:5a:16:7b:ec:0e:8c:d0:31:
5f:9a:d1:d3:0d:38:8a:24:c2:ee:61:e9:03:38:40:2a:6c:56:
bd:69:ea:14:3c:ce:56:12:8e:12:4b:5d:48:26:70:bd:5d:63:
72:c3:26:6f:33:61:b3:2f:50:44:bf:a1:f0:a0:bb:3b:6a:7b:
43:32:81:5c:11:86:03:1c:8c:ba:70:6b:6e:a3:7f:9b:84:27:
5e:9d:74:a1:ef:7f:ce:d2:27:ee:a2:d3:08:f7:bd:29:2d:53:
33:9e:f7:96:79:76:15:60:82:ac:6a:42:ff:f9:35:83:b6:71:
13:98:de:5b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZGnMSnHICVDahdmBm1wjOkGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwODMxMDY0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc4MTk1ZmQ4ZjEwZTBhYWFhNWM1ZDcwNzMyMDY5OTI2ZjdlMDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovcglEJWSE0E2J4uviXShCGFWZ1W
cPhp3oHOVVfXBgCW5DfCqWNRiJSLYwBKzIMb7dNox8UP6Id2rbCTKRovDeo/+vS4
3/UfRX+xgZlL5fcKHYSJ2TysT+sGwGHS3e/xRvUHFrwYPLFMM+crqMy0DZxxVFWo
mF1hfYy68F0CY3KI60o1QpadzsypHglhgj9bJhdX/rEiFSyIFTrzy0gEraY7Xo5R
7nX4q6yOO44KcGgLlaUP3ihsyMTG/MJbKoa6qLhenMIQF4xOw/jsd07IsRrEGdVx
zQ4l+Srf+ca1vFxRfo+cxzPjW/0yEHWYTFd8MNX45Kr4E01RDD6tbY0eKQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM94GV/Y8Q4KqqXF1wcyBpkm9+BxMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvejNnWlg5anhEZ3FxcGNYWEJ6SUdtU2IzNEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAUnMJAwQB
UnMcAwQAWfsKAwQAW4Q5AwQCn/8gAwQCueesAwQCvNbsAwQDvP0IAwQByoVaAwQC
1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQBNumbvizc0wuYL6vUKRh7gd4m62wCvTiHW
eg6tix27oPA+lYTeEExhLBagsqbR+ylVztTen1yDaGSs3/h7qw222XrF+76MxPnI
UwdV6j8ZOazgIq28Y/u4nQl19xl2tkDjtdJqZBGlXCXxfz9gWkycKynW24+4aGuJ
C6KHdVHoi10YwxY5FZq3WhZ77A6M0DFfmtHTDTiKJMLuYekDOEAqbFa9aeoUPM5W
Eo4SS11IJnC9XWNywyZvM2GzL1BEv6HwoLs7antDMoFcEYYDHIy6cGtuo3+bhCde
nXSh73/O0ifuotMI970pLVMznveWeXYVYIKsakL/+TWDtnETmN5b
-----END CERTIFICATE-----
Generated at Wed Sep 4 04:53:39 2024 by rpki-client on console-fra.rpki-client.org