Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/CzoDDILBVLxn_-ZXp5MPe536SIY.roa
File: CzoDDILBVLxn_-ZXp5MPe536SIY.roa (raw, json)
Hash identifier: n5DxBnDyFhSXJBzYPHpb6ItcKimWOQRjff4OMOmmlYg=
Subject key identifier: 0B:3A:03:0C:82:C1:54:BC:67:FF:E6:57:A7:93:0F:7B:9D:FA:48:86
Certificate issuer: /CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Certificate serial: 018A131431F701CD8195F297C6C5308CCA3F
Authority key identifier: 34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/CzoDDILBVLxn_-ZXp5MPe536SIY.roa
Signing time: Sun 20 Aug 2023 13:13:25 +0000
ROA not before: Sun 20 Aug 2023 13:13:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51235
IP address blocks: 185.136.182.0/24 maxlen: 24
185.136.183.0/24 maxlen: 24
185.136.180.0/24 maxlen: 24
185.136.181.0/24 maxlen: 24
195.2.234.0/24 maxlen: 24
185.107.244.0/24 maxlen: 24
185.107.245.0/24 maxlen: 24
185.107.246.0/24 maxlen: 24
185.107.247.0/24 maxlen: 24
2a12:5440::/45 maxlen: 45
2a12:5440:8::/45 maxlen: 45
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:30:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:13:14:31:f7:01:cd:81:95:f2:97:c6:c5:30:8c:ca:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34531c54b1e7956c2cc371b23e0a75567aa27518
Validity
Not Before: Aug 20 13:13:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=0b3a030c82c154bc67ffe657a7930f7b9dfa4886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a2:30:18:13:36:4c:de:08:67:4f:27:75:76:
57:ce:67:34:af:2c:7d:6e:a2:ec:ff:3f:f6:74:78:
28:25:dd:bf:cb:29:c1:fc:f8:da:9a:10:75:2e:ef:
83:be:a7:df:9e:93:84:13:0e:8f:c1:8a:bc:86:d4:
6d:05:0c:c5:5b:c8:30:4c:12:13:11:ed:01:80:24:
ac:d5:ca:c5:53:83:e6:b3:02:bc:fc:e6:b3:ba:e4:
a1:09:22:3d:68:59:95:7d:4e:d4:12:fc:7c:35:0f:
29:9d:0e:c3:3a:5a:c3:af:8a:9e:c1:d7:26:72:a8:
af:7f:c9:d5:38:54:7e:71:db:b4:ea:32:fe:6e:01:
8a:bc:42:9f:95:44:8e:c0:15:81:39:73:e6:f8:88:
19:13:19:9f:75:af:f8:db:b9:06:7e:fa:52:a2:7a:
76:ed:92:00:e5:f0:2c:fd:52:2e:b3:0c:1d:30:cb:
c3:85:35:4a:96:20:86:06:4a:d4:db:5b:ac:cd:2f:
a4:70:db:93:18:84:e4:22:1c:48:48:07:b6:8b:3a:
62:95:56:11:7a:ee:7d:40:59:ce:45:60:ca:1c:c2:
d4:81:38:33:bf:c0:38:e1:c1:9b:88:f3:5b:74:33:
75:61:5f:ff:78:03:60:63:b8:d5:1c:87:16:03:d3:
32:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:3A:03:0C:82:C1:54:BC:67:FF:E6:57:A7:93:0F:7B:9D:FA:48:86
X509v3 Authority Key Identifier:
keyid:34:53:1C:54:B1:E7:95:6C:2C:C3:71:B2:3E:0A:75:56:7A:A2:75:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFMcVLHnlWwsw3GyPgp1VnqidRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/CzoDDILBVLxn_-ZXp5MPe536SIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/8efa86-c35f-41b6-ad01-4906103dbd16/1/NFMcVLHnlWwsw3GyPgp1VnqidRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.107.244.0/22
185.136.180.0/22
195.2.234.0/24
IPv6:
2a12:5440::/44
Signature Algorithm: sha256WithRSAEncryption
1a:74:04:99:3b:c4:7e:02:8c:b7:a2:aa:ed:23:ad:a3:0f:d2:
a1:dd:65:42:71:37:6d:a1:5f:91:9b:b4:32:fb:4c:1a:2d:2a:
ea:68:07:58:4a:35:ee:97:86:a0:d0:ca:c5:7f:fb:74:52:c0:
cd:e7:35:25:51:7f:c4:84:e7:ea:8c:66:a2:56:63:59:1e:5e:
c8:c7:bd:0d:f0:5a:91:df:35:ae:f7:91:8c:6e:98:84:34:6a:
79:fb:dc:68:92:78:23:09:6a:27:e3:ed:e6:67:e3:95:1c:ad:
47:14:fb:f3:bc:17:1a:55:12:1b:c2:07:f0:25:d3:8b:97:dd:
70:e2:39:65:eb:4b:38:36:b8:96:13:f2:db:69:1e:16:ac:54:
bd:6e:a2:11:d9:7e:f2:8f:af:24:e5:7e:52:c0:82:a9:ae:5e:
85:69:ae:00:f6:d6:c6:31:70:77:76:e0:f6:87:9e:a5:e4:3b:
9e:bc:41:ec:55:cf:a9:1e:b2:75:e7:22:59:29:5c:38:d5:ac:
c3:36:8f:f7:b4:d8:19:fb:8d:8e:12:39:1f:53:13:c7:b4:88:
a0:8b:e1:93:7f:43:1c:32:8b:54:58:93:4a:70:8a:c6:92:6d:
59:e0:a1:9f:01:84:a5:22:11:e4:09:a5:28:21:aa:64:26:27:
69:0b:83:e9
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYoTFDH3Ac2BlfKXxsUwjMo/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NTMxYzU0YjFlNzk1NmMyY2MzNzFiMjNlMGE3NTU2N2Fh
Mjc1MTgwHhcNMjMwODIwMTMxMzI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjNhMDMwYzgyYzE1NGJjNjdmZmU2NTdhNzkzMGY3YjlkZmE0ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6IwGBM2TN4IZ08ndXZXzmc0ryx9
bqLs/z/2dHgoJd2/yynB/PjamhB1Lu+DvqffnpOEEw6PwYq8htRtBQzFW8gwTBIT
Ee0BgCSs1crFU4PmswK8/OazuuShCSI9aFmVfU7UEvx8NQ8pnQ7DOlrDr4qewdcm
cqivf8nVOFR+cdu06jL+bgGKvEKflUSOwBWBOXPm+IgZExmfda/427kGfvpSonp2
7ZIA5fAs/VIuswwdMMvDhTVKliCGBkrU21uszS+kcNuTGITkIhxISAe2izpilVYR
eu59QFnORWDKHMLUgTgzv8A44cGbiPNbdDN1YV//eANgY7jVHIcWA9MyDwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAs6AwyCwVS8Z//mV6eTD3ud+kiGMB8GA1UdIwQY
MBaAFDRTHFSx55VsLMNxsj4KdVZ6onUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEt
NDkwNjEwM2RiZDE2LzEvQ3pvRERJTEJWTHhuXy1aWHA1TVBlNTM2U0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS84ZWZhODYtYzM1Zi00MWI2LWFkMDEtNDkwNjEwM2RiZDE2
LzEvTkZNY1ZMSG5sV3dzdzNHeVBncDFWbnFpZFJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQCuWv0AwQC
uYi0AwQAwwLqMA8EAgACMAkDBwQqElRAAAAwDQYJKoZIhvcNAQELBQADggEBABp0
BJk7xH4CjLeiqu0jraMP0qHdZUJxN22hX5GbtDL7TBotKupoB1hKNe6XhqDQysV/
+3RSwM3nNSVRf8SE5+qMZqJWY1keXsjHvQ3wWpHfNa73kYxumIQ0ann73GiSeCMJ
aifj7eZn45UcrUcU+/O8FxpVEhvCB/Al04uX3XDiOWXrSzg2uJYT8ttpHhasVL1u
ohHZfvKPryTlflLAgqmuXoVprgD21sYxcHd24PaHnqXkO568QexVz6kesnXnIlkp
XDjVrMM2j/e02Bn7jY4SOR9TE8e0iKCL4ZN/Qxwyi1RYk0pwisaSbVngoZ8BhKUi
EeQJpSghqmQmJ2kLg+k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:49 2024 by rpki-client on console-fra.rpki-client.org