Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/z4raq5KhzmErHNRZ0gqYzqLE1ug.roa
File: z4raq5KhzmErHNRZ0gqYzqLE1ug.roa (raw, json)
Hash identifier: mBxHjgx2ulX4yWzlG/ATGTwuCWEa4sE6zWuPqIBQDO4=
Subject key identifier: CF:8A:DA:AB:92:A1:CE:61:2B:1C:D4:59:D2:0A:98:CE:A2:C4:D6:E8
Certificate issuer: /CN=29921518c5da1b84c5971a79bc74e8ac0770fd49
Certificate serial: 018CC493231B2D5BACFEEE6691573836FE44
Authority key identifier: 29:92:15:18:C5:DA:1B:84:C5:97:1A:79:BC:74:E8:AC:07:70:FD:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZIVGMXaG4TFlxp5vHTorAdw_Uk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/z4raq5KhzmErHNRZ0gqYzqLE1ug.roa
Signing time: Mon 01 Jan 2024 10:30:26 +0000
ROA not before: Mon 01 Jan 2024 10:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201603
IP address blocks: 94.177.20.0/24 maxlen: 24
91.217.32.0/23 maxlen: 23
185.69.104.0/22 maxlen: 22
188.214.108.0/24 maxlen: 24
2a05:2140::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 22 Feb 2024 15:23:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:23:1b:2d:5b:ac:fe:ee:66:91:57:38:36:fe:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29921518c5da1b84c5971a79bc74e8ac0770fd49
Validity
Not Before: Jan 1 10:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf8adaab92a1ce612b1cd459d20a98cea2c4d6e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:44:cd:15:0f:0a:a8:3f:53:a0:ac:35:4a:8e:
cd:48:1d:57:6a:0e:5c:f5:3a:2b:0e:ff:23:0b:51:
c3:f5:b1:d9:e5:29:02:46:15:3c:93:b3:4d:1e:68:
e0:f4:6b:62:5e:47:04:f9:0b:92:7b:bd:64:93:b3:
f6:e3:12:78:e7:d4:cf:2d:96:66:bf:f0:e6:ac:37:
94:d9:67:cf:f2:4a:c7:07:42:12:10:5e:4b:d0:95:
8a:51:cb:9c:59:74:a2:d6:03:62:ce:55:9d:c9:46:
90:3f:d2:84:f9:c0:bc:51:a3:86:96:84:2e:ea:df:
8f:68:63:25:2e:2b:69:12:96:b4:06:96:4b:0a:e1:
b4:c9:b4:14:bf:86:7a:8f:75:b1:f6:b8:86:7c:b8:
5e:79:15:ca:43:e2:9f:30:95:79:53:a6:8a:94:2a:
86:da:68:eb:fe:51:4a:5d:83:a0:7b:fc:e7:ca:96:
8f:2b:78:5c:ad:d8:94:88:21:a5:ee:6c:de:70:e3:
1c:dc:90:14:86:a1:3f:f5:e1:3a:d8:8e:fd:6b:81:
24:3e:44:71:1c:29:ae:d1:69:5c:10:0e:45:95:31:
5f:54:40:5f:91:90:ea:93:ea:ab:61:aa:71:06:44:
05:46:54:3f:f1:72:6b:ac:72:62:9a:16:23:41:cb:
64:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:8A:DA:AB:92:A1:CE:61:2B:1C:D4:59:D2:0A:98:CE:A2:C4:D6:E8
X509v3 Authority Key Identifier:
keyid:29:92:15:18:C5:DA:1B:84:C5:97:1A:79:BC:74:E8:AC:07:70:FD:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZIVGMXaG4TFlxp5vHTorAdw_Uk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/z4raq5KhzmErHNRZ0gqYzqLE1ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/715835-bc1d-4cb8-9618-4ef283ce7ff1/1/KZIVGMXaG4TFlxp5vHTorAdw_Uk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.32.0/23
94.177.20.0/24
185.69.104.0/22
188.214.108.0/24
IPv6:
2a05:2140::/29
Signature Algorithm: sha256WithRSAEncryption
5f:d2:a5:49:59:30:48:a4:23:13:02:a3:07:13:42:c6:38:09:
3b:46:9d:8c:98:74:14:19:5d:e1:b3:32:11:f1:a1:20:b5:42:
91:1a:c0:82:54:73:53:76:41:fb:f1:67:62:d4:f8:58:b7:80:
32:91:ab:52:3e:e2:22:3b:58:f2:74:df:c7:7e:bc:be:46:9d:
b0:7e:94:0b:ff:a3:e5:b4:c8:87:21:3f:35:bd:90:59:ae:0d:
56:17:bf:d1:ec:38:38:fa:b0:dc:3a:58:30:0f:52:e4:95:74:
0e:03:91:28:46:d2:e7:a9:5a:45:2c:33:93:15:b4:8b:c0:a4:
24:7d:e4:19:a5:5d:25:1b:15:fe:65:81:5f:fb:f8:f8:53:ee:
d4:18:aa:48:64:b2:01:4b:bc:07:4b:95:67:2b:21:95:75:73:
02:94:63:89:58:4d:b6:b0:b7:93:47:78:5c:b3:89:57:8d:34:
1b:7e:4d:35:58:68:c2:a7:ff:4a:8f:0e:d9:d9:44:c3:d1:eb:
de:2b:c0:ff:bc:5b:4f:69:cd:15:ea:33:b7:63:76:b4:75:4f:
a9:b8:9e:3e:91:76:50:57:7c:ba:f1:d9:e9:c1:76:d3:04:0b:
2c:db:51:bd:59:55:3a:b9:31:b3:5b:af:f0:8a:53:15:5a:98:
27:ce:5b:bb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEkyMbLVus/u5mkVc4Nv5EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTIxNTE4YzVkYTFiODRjNTk3MWE3OWJjNzRlOGFjMDc3
MGZkNDkwHhcNMjQwMTAxMTAzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjhhZGFhYjkyYTFjZTYxMmIxY2Q0NTlkMjBhOThjZWEyYzRkNmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0TNFQ8KqD9ToKw1So7NSB1Xag5c
9TorDv8jC1HD9bHZ5SkCRhU8k7NNHmjg9GtiXkcE+QuSe71kk7P24xJ459TPLZZm
v/DmrDeU2WfP8krHB0ISEF5L0JWKUcucWXSi1gNizlWdyUaQP9KE+cC8UaOGloQu
6t+PaGMlLitpEpa0BpZLCuG0ybQUv4Z6j3Wx9riGfLheeRXKQ+KfMJV5U6aKlCqG
2mjr/lFKXYOge/znypaPK3hcrdiUiCGl7mzecOMc3JAUhqE/9eE62I79a4EkPkRx
HCmu0WlcEA5FlTFfVEBfkZDqk+qrYapxBkQFRlQ/8XJrrHJimhYjQctk9QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM+K2quSoc5hKxzUWdIKmM6ixNboMB8GA1UdIwQY
MBaAFCmSFRjF2huExZcaebx06KwHcP1JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1pJVkdNWGFHNFRGbHhwNXZIVG9yQWR3X1VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy83MTU4MzUtYmMxZC00Y2I4LTk2MTgt
NGVmMjgzY2U3ZmYxLzEvejRyYXE1S2h6bUVySE5SWjBncVl6cUxFMXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy83MTU4MzUtYmMxZC00Y2I4LTk2MTgtNGVmMjgzY2U3ZmYx
LzEvS1pJVkdNWGFHNFRGbHhwNXZIVG9yQWR3X1VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBW9kgAwQA
XrEUAwQCuUVoAwQAvNZsMA0EAgACMAcDBQMqBSFAMA0GCSqGSIb3DQEBCwUAA4IB
AQBf0qVJWTBIpCMTAqMHE0LGOAk7Rp2MmHQUGV3hszIR8aEgtUKRGsCCVHNTdkH7
8Wdi1PhYt4AykatSPuIiO1jydN/Hfry+Rp2wfpQL/6PltMiHIT81vZBZrg1WF7/R
7Dg4+rDcOlgwD1LklXQOA5EoRtLnqVpFLDOTFbSLwKQkfeQZpV0lGxX+ZYFf+/j4
U+7UGKpIZLIBS7wHS5VnKyGVdXMClGOJWE22sLeTR3hcs4lXjTQbfk01WGjCp/9K
jw7Z2UTD0eveK8D/vFtPac0V6jO3Y3a0dU+puJ4+kXZQV3y68dnpwXbTBAss21G9
WVU6uTGzW6/wilMVWpgnzlu7
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:42:44 2024 by rpki-client on console-ams.rpki-client.org