Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/ZwHa-92U3ySNJLxRZOFlrkjwIoU.roa
File: ZwHa-92U3ySNJLxRZOFlrkjwIoU.roa (raw, json)
Hash identifier: btsp8Y7KDji67zLVMcYpojtfZF97Hw72Ppa7piG+JKo=
Subject key identifier: 67:01:DA:FB:DD:94:DF:24:8D:24:BC:51:64:E1:65:AE:48:F0:22:85
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C6F18D035110C475A2D1543E9B75F2BD6
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/ZwHa-92U3ySNJLxRZOFlrkjwIoU.roa
Signing time: Fri 15 Dec 2023 20:09:06 +0000
ROA not before: Fri 15 Dec 2023 20:09:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209910
IP address blocks: 185.236.249.0/24 maxlen: 24
185.236.251.0/24 maxlen: 24
185.236.250.0/24 maxlen: 24
185.236.248.0/24 maxlen: 24
185.236.248.0/22 maxlen: 22
45.65.64.0/22 maxlen: 22
193.84.93.0/24 maxlen: 24
193.84.92.0/24 maxlen: 24
185.200.78.0/24 maxlen: 24
185.200.76.0/24 maxlen: 24
185.200.76.0/22 maxlen: 22
185.200.79.0/24 maxlen: 24
193.84.48.0/23 maxlen: 23
193.84.48.0/24 maxlen: 24
193.84.49.0/24 maxlen: 24
5.252.93.0/24 maxlen: 24
5.252.92.0/24 maxlen: 24
5.252.94.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:6f:18:d0:35:11:0c:47:5a:2d:15:43:e9:b7:5f:2b:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 15 20:09:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6701dafbdd94df248d24bc5164e165ae48f02285
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:07:f5:8a:d5:a1:22:5c:06:50:72:c3:ce:10:
2b:3d:97:d6:7f:f8:42:dc:51:f6:05:eb:2e:77:74:
b6:43:d2:7f:f9:5b:4d:36:82:23:82:5d:de:71:25:
1a:38:e1:5b:75:de:f7:59:a9:62:d2:b7:86:02:cc:
85:ac:d8:ca:1e:04:96:be:7b:98:d8:69:04:51:aa:
21:28:e2:00:4f:31:77:88:d9:a5:67:cc:6a:79:ce:
6b:d3:2b:d7:a5:be:84:b5:10:ab:71:32:d6:dd:3a:
4d:8a:06:0b:68:9d:97:d1:9d:ff:ad:96:27:d3:ff:
8a:84:1b:4f:99:53:8a:87:eb:99:e3:8e:8e:53:06:
79:a7:ef:84:f2:8c:8b:35:e5:e5:f6:89:e6:23:33:
34:2f:05:59:91:92:5d:52:c6:f7:32:b4:74:0d:69:
25:75:03:09:30:90:ff:69:90:83:f4:1c:c0:3e:44:
21:82:73:c8:6a:a5:92:15:db:50:d3:3e:cc:b4:62:
28:02:5d:9e:73:cb:ec:44:75:14:de:6f:26:d7:fb:
7f:28:22:0f:99:26:70:82:1d:c4:bd:ff:ac:72:10:
7f:8c:ed:ef:09:90:94:f1:de:b3:46:86:cb:73:ef:
90:07:d1:97:35:d1:97:7c:bd:60:f0:7b:c9:49:6a:
72:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:01:DA:FB:DD:94:DF:24:8D:24:BC:51:64:E1:65:AE:48:F0:22:85
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/ZwHa-92U3ySNJLxRZOFlrkjwIoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.92.0/22
45.65.64.0/22
185.200.76.0/22
185.236.248.0/22
193.84.48.0/23
193.84.92.0/23
Signature Algorithm: sha256WithRSAEncryption
70:3f:65:12:13:42:25:62:2c:f3:ee:29:77:9c:5e:62:ee:cc:
d3:b4:b6:8f:e4:3f:81:0e:bc:8f:74:45:e1:4d:a5:cd:6d:1b:
6a:af:bc:58:28:0c:e5:98:0c:08:e9:6d:a7:d9:69:3d:c0:6f:
38:53:8a:73:85:1d:5b:92:e4:ea:73:f2:2c:01:b2:c4:68:20:
3c:37:73:75:4a:33:ba:30:87:42:d0:6c:08:bf:f9:c2:37:cb:
8d:db:29:21:29:06:04:04:67:0e:e3:5c:dc:b5:b9:12:d0:b5:
bc:f8:a8:cf:37:a6:cc:60:b4:94:c0:87:ae:72:b4:77:f9:e3:
41:7b:a3:a2:b8:74:bd:56:7b:8c:16:c6:e6:25:86:f9:95:f4:
26:ae:ec:77:5b:3b:3d:86:64:85:f1:b3:f5:12:62:63:d3:e2:
f4:2b:83:d0:1c:18:3b:c0:8c:d7:ed:58:0f:02:ec:fa:26:7d:
26:99:aa:f3:20:44:e6:79:7c:87:76:69:41:3e:55:d4:a5:03:
8f:61:3e:cc:01:59:b7:4d:8a:f1:7d:05:9c:32:98:ba:aa:ac:
e2:24:bd:a6:64:99:42:b6:82:ce:93:ea:4a:53:8a:06:c5:b4:
2a:5b:37:1a:c5:0b:d9:63:0e:0a:d3:41:71:43:a2:18:18:57:
c4:f1:72:97
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYxvGNA1EQxHWi0VQ+m3XyvWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjE1MjAwOTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzAxZGFmYmRkOTRkZjI0OGQyNGJjNTE2NGUxNjVhZTQ4ZjAyMjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgf1itWhIlwGUHLDzhArPZfWf/hC
3FH2Besud3S2Q9J/+VtNNoIjgl3ecSUaOOFbdd73Wali0reGAsyFrNjKHgSWvnuY
2GkEUaohKOIATzF3iNmlZ8xqec5r0yvXpb6EtRCrcTLW3TpNigYLaJ2X0Z3/rZYn
0/+KhBtPmVOKh+uZ446OUwZ5p++E8oyLNeXl9onmIzM0LwVZkZJdUsb3MrR0DWkl
dQMJMJD/aZCD9BzAPkQhgnPIaqWSFdtQ0z7MtGIoAl2ec8vsRHUU3m8m1/t/KCIP
mSZwgh3Evf+schB/jO3vCZCU8d6zRobLc++QB9GXNdGXfL1g8HvJSWpydQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGcB2vvdlN8kjSS8UWThZa5I8CKFMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvWndIYS05MlUzeVNOSkx4UlpPRmxya2p3SW9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBfxcAwQC
LUFAAwQCuchMAwQCuez4AwQBwVQwAwQBwVRcMA0GCSqGSIb3DQEBCwUAA4IBAQBw
P2USE0IlYizz7il3nF5i7szTtLaP5D+BDryPdEXhTaXNbRtqr7xYKAzlmAwI6W2n
2Wk9wG84U4pzhR1bkuTqc/IsAbLEaCA8N3N1SjO6MIdC0GwIv/nCN8uN2ykhKQYE
BGcO41zctbkS0LW8+KjPN6bMYLSUwIeucrR3+eNBe6OiuHS9VnuMFsbmJYb5lfQm
rux3Wzs9hmSF8bP1EmJj0+L0K4PQHBg7wIzX7VgPAuz6Jn0mmarzIETmeXyHdmlB
PlXUpQOPYT7MAVm3TYrxfQWcMpi6qqziJL2mZJlCtoLOk+pKU4oGxbQqWzcaxQvZ
Yw4K00FxQ6IYGFfE8XKX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org