Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/1-ZKLHE426Y5e8z8g_4AHYU6fdJQ.roa
File: 1-ZKLHE426Y5e8z8g_4AHYU6fdJQ.roa (raw, json)
Hash identifier: ZMiS00NmmgRNiJV1ySojPeBxmI8nRgPui+FzGeHoxpw=
Subject key identifier: F9:92:8B:1C:4E:36:E9:8E:5E:F3:3F:20:FF:80:07:61:4E:9F:74:94
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018C62E9C62E38E18937E64A00C6C80256D8
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/1-ZKLHE426Y5e8z8g_4AHYU6fdJQ.roa
Signing time: Wed 13 Dec 2023 11:22:16 +0000
ROA not before: Wed 13 Dec 2023 11:22:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8648
IP address blocks: 82.141.0.0/18 maxlen: 24
37.218.248.0/21 maxlen: 24
212.110.96.0/19 maxlen: 24
195.62.96.0/19 maxlen: 24
185.117.248.0/22 maxlen: 24
185.84.80.0/23 maxlen: 24
185.84.82.0/24 maxlen: 24
192.162.84.0/22 maxlen: 24
213.146.96.0/19 maxlen: 24
31.47.240.0/20 maxlen: 24
81.88.27.0/24 maxlen: 24
5.44.96.0/20 maxlen: 24
2a02:248::/32 maxlen: 48
2001:880::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Dec 2023 14:14:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:e9:c6:2e:38:e1:89:37:e6:4a:00:c6:c8:02:56:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Dec 13 11:22:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f9928b1c4e36e98e5ef33f20ff8007614e9f7494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e5:14:32:ed:72:33:50:0d:4c:c1:b8:e7:8e:
d9:a6:41:7b:db:50:4d:f5:02:1b:67:76:e2:17:a3:
42:b0:94:0c:86:02:c9:58:19:4b:e6:42:19:87:ce:
d2:69:19:1b:b1:f5:4d:74:8d:b7:f2:d0:8e:9d:e3:
cc:d0:a8:fa:d1:58:52:1f:1f:89:c0:ac:13:c8:d3:
b3:c1:7d:72:54:28:3c:8f:b4:0f:40:a4:e2:72:59:
41:a4:87:d2:57:93:5b:ec:31:ce:1c:20:82:7e:72:
57:37:7f:b4:90:9a:06:b6:5d:55:5f:b0:ab:e0:ff:
c5:a6:fc:f6:83:d3:22:cb:5c:1e:2c:65:00:c9:f5:
f1:8e:4b:cc:8e:bf:f6:be:93:95:95:1e:d5:68:f1:
a8:70:11:23:c8:d3:c0:cb:45:5b:ef:8d:9e:9f:1f:
ae:e7:af:80:f7:99:5c:49:2b:87:d2:d0:52:df:b1:
9d:0e:81:bb:52:91:d2:6d:89:d3:01:aa:2d:f9:b7:
69:3a:3b:e9:92:80:98:64:7c:f7:8e:3e:7e:fd:7a:
11:55:da:32:61:29:e4:0e:ce:02:fe:fa:cf:ce:d7:
33:ad:d5:fb:1f:85:8b:49:c8:57:2c:33:c1:57:f7:
85:5a:de:63:3b:28:c3:6d:cd:67:42:76:47:39:99:
5e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:92:8B:1C:4E:36:E9:8E:5E:F3:3F:20:FF:80:07:61:4E:9F:74:94
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/1-ZKLHE426Y5e8z8g_4AHYU6fdJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.96.0/20
31.47.240.0/20
37.218.248.0/21
81.88.27.0/24
82.141.0.0/18
185.84.80.0-185.84.82.255
185.117.248.0/22
192.162.84.0/22
195.62.96.0/19
212.110.96.0/19
213.146.96.0/19
IPv6:
2001:880::/32
2a02:248::/32
Signature Algorithm: sha256WithRSAEncryption
84:a5:f0:c4:f9:34:ef:dc:af:b4:a3:5f:83:af:0b:24:29:1c:
93:c9:31:b5:8e:3a:53:e5:5e:f3:4e:4c:53:a0:eb:5d:26:e9:
d6:43:21:7a:9c:50:1e:21:de:0f:b0:32:51:68:3d:00:b9:89:
02:8c:12:b5:db:5e:0a:9e:55:5f:82:47:d5:7f:40:e7:a6:13:
bf:b0:0d:f5:b7:49:89:1b:2e:e5:af:21:d9:51:3d:a4:bb:98:
8b:c0:d5:c5:1a:3a:9e:30:3f:22:7f:84:a9:cf:ef:5e:d8:73:
77:30:f7:9f:58:c8:d1:5b:e2:5a:37:c9:73:72:45:13:a7:1b:
b5:eb:34:3f:15:5a:46:09:ed:5f:c5:ee:1b:c2:0d:24:cb:38:
e4:b0:8e:18:4b:90:ea:42:62:41:69:e5:57:f1:52:75:99:22:
eb:54:94:07:ee:a8:26:1a:00:b2:67:b6:3b:70:db:71:21:34:
ca:27:a4:1e:51:63:c0:7a:a3:f4:c4:0b:79:ad:65:57:a0:f1:
7f:a5:d0:d0:1b:23:e8:47:16:1a:2c:93:af:1b:8c:e6:e6:ba:
59:99:a7:14:93:50:ac:b3:2a:05:95:ca:ae:0c:8d:a3:18:7c:
c2:6d:bd:e0:88:f9:bb:6d:c9:98:4f:6f:93:9a:20:5c:be:e0:
24:af:c6:d1
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAYxi6cYuOOGJN+ZKAMbIAlbYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjMxMjEzMTEyMjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTkyOGIxYzRlMzZlOThlNWVmMzNmMjBmZjgwMDc2MTRlOWY3NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeUUMu1yM1ANTMG4547ZpkF721BN
9QIbZ3biF6NCsJQMhgLJWBlL5kIZh87SaRkbsfVNdI238tCOnePM0Kj60VhSHx+J
wKwTyNOzwX1yVCg8j7QPQKTicllBpIfSV5Nb7DHOHCCCfnJXN3+0kJoGtl1VX7Cr
4P/Fpvz2g9Miy1weLGUAyfXxjkvMjr/2vpOVlR7VaPGocBEjyNPAy0Vb742enx+u
56+A95lcSSuH0tBS37GdDoG7UpHSbYnTAaot+bdpOjvpkoCYZHz3jj5+/XoRVdoy
YSnkDs4C/vrPztczrdX7H4WLSchXLDPBV/eFWt5jOyjDbc1nQnZHOZleZwIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFPmSixxONumOXvM/IP+AB2FOn3SUMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvMS1aS0xIRTQyNlk1ZTh6OGdfNEFIWVU2ZmRKUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYjQvZjYxN2E1LTMyNDAtNDhjNC1iNzE2LTc0MWMxZDhkZWEy
Yi8xL3hDY0kzNU9WU3F4Z0d1OFlOYjFkYVNSZnNDOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjB5BggrBgEFBQcBBwEB/wRqMGgwUAQCAAEwSgMEBAUsYAME
BB8v8AMEAyXa+AMEAFFYGwMEBlKNADAMAwQEuVRQAwQAuVRSAwQCuXX4AwQCwKJU
AwQFwz5gAwQF1G5gAwQF1ZJgMBQEAgACMA4DBQAgAQiAAwUAKgICSDANBgkqhkiG
9w0BAQsFAAOCAQEAhKXwxPk079yvtKNfg68LJCkck8kxtY46U+Ve805MU6DrXSbp
1kMhepxQHiHeD7AyUWg9ALmJAowStdteCp5VX4JH1X9A56YTv7AN9bdJiRsu5a8h
2VE9pLuYi8DVxRo6njA/In+Eqc/vXthzdzD3n1jI0VviWjfJc3JFE6cbtes0PxVa
RgntX8XuG8INJMs45LCOGEuQ6kJiQWnlV/FSdZki61SUB+6oJhoAsme2O3DbcSE0
yiekHlFjwHqj9MQLea1lV6Dxf6XQ0Bsj6EcWGiyTrxuM5ua6WZmnFJNQrLMqBZXK
rgyNoxh8wm294Ij5u23JmE9vk5ogXL7gJK/G0Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org