Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/PzqwOIkqZyK7ll7_nDT831iRDe4.roa
File: PzqwOIkqZyK7ll7_nDT831iRDe4.roa (raw, json)
Hash identifier: eTCnhzydqoxaa9mRQIlUJ07uExK1nd/kck9VXs+aOO0=
Subject key identifier: 3F:3A:B0:38:89:2A:67:22:BB:96:5E:FF:9C:34:FC:DF:58:91:0D:EE
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 0186E516E0CF0A1FF16AE463E8AE39364E1A
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/PzqwOIkqZyK7ll7_nDT831iRDe4.roa
Signing time: Wed 15 Mar 2023 11:45:27 +0000
ROA not before: Wed 15 Mar 2023 11:45:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
85.206.160.0/20 maxlen: 32
185.25.48.0/22 maxlen: 32
185.64.104.0/22 maxlen: 32
88.119.160.0/20 maxlen: 32
85.206.240.0/22 maxlen: 32
2a04:2181:c012::/48 maxlen: 64
2a04:2181:c010::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
Validation: Failed, certificate revoked on Fri 21 Jul 2023 05:40:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:e5:16:e0:cf:0a:1f:f1:6a:e4:63:e8:ae:39:36:4e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Mar 15 11:45:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3f3ab038892a6722bb965eff9c34fcdf58910dee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:1e:b0:79:84:f5:ab:46:aa:dd:a1:53:25:9f:
e4:4b:d6:47:25:df:bd:5c:99:3f:3f:47:33:69:90:
76:3d:91:fb:60:57:4b:27:ba:08:1e:95:a7:3c:2f:
34:41:66:20:45:71:80:6b:13:a3:f7:eb:94:26:be:
a6:78:96:fc:2c:0c:c5:72:58:7e:26:85:99:a8:59:
1d:1a:3d:e6:74:ce:af:d9:36:58:44:52:7f:56:31:
e8:20:c1:20:fc:89:bd:1d:ed:1f:db:c5:a3:a6:87:
07:cb:f5:66:21:2a:3e:6b:68:9f:bb:68:5b:dd:93:
3b:72:d6:57:08:87:45:2a:38:34:08:41:20:ae:a0:
57:75:27:15:a6:99:92:da:c1:59:68:00:0e:2c:74:
1b:0b:16:55:29:fe:9b:cb:67:65:b0:6e:3e:14:f8:
8c:23:d9:b5:3d:eb:b9:ee:b4:b0:b3:18:89:d3:85:
9f:69:49:a1:8e:01:56:7a:bf:aa:df:2c:0c:c1:3b:
c1:f2:91:08:79:e8:61:2b:30:5f:e1:c0:57:60:fe:
25:47:59:bf:cd:3e:f9:90:e8:cf:1b:91:45:79:76:
db:81:43:17:ce:8e:41:8b:51:32:db:9d:30:e9:c2:
77:85:09:05:db:eb:b9:6e:a4:de:63:35:90:cc:e0:
16:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:3A:B0:38:89:2A:67:22:BB:96:5E:FF:9C:34:FC:DF:58:91:0D:EE
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/PzqwOIkqZyK7ll7_nDT831iRDe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0/20
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:ff:7b:94:3a:05:9d:ef:1f:71:35:4c:f1:da:b7:b6:41:f6:
84:b0:f1:f5:15:52:25:a2:a3:c3:94:49:53:a6:d4:f0:78:b2:
cc:8e:8d:b6:58:d1:3e:84:9a:11:72:e9:b4:d4:d0:bf:3c:8b:
6d:a0:f9:27:8e:93:a9:0c:42:8e:38:af:ee:5c:11:0d:67:90:
9b:b7:0a:6f:8a:fe:dc:3b:f5:95:93:a2:39:55:bb:99:79:54:
57:12:8a:73:10:c5:90:e9:1f:95:77:ce:53:a5:20:e2:83:ab:
7a:84:ef:61:6e:85:70:15:7d:33:cc:86:4c:b6:79:a6:e9:33:
19:bb:47:5e:64:66:4e:40:17:e4:53:00:e4:72:50:07:79:d5:
89:b2:4c:dc:87:ff:87:73:9a:9b:1c:48:1f:fc:aa:d5:cd:f4:
49:6a:a4:4c:66:86:9e:36:70:f9:59:65:dd:3a:1b:71:51:a4:
57:f3:80:61:9d:3b:42:fc:01:87:bc:8d:0d:2a:5a:22:94:10:
ca:0b:ca:88:3f:4c:f5:99:76:89:8a:ba:6e:f9:67:80:e7:06:
d7:54:99:61:43:9e:7c:83:07:aa:d7:fd:c7:eb:c7:2d:a0:15:
43:fa:a3:b6:0b:e1:6e:84:44:fb:b0:6e:52:37:85:e0:a2:f6:
58:1c:c2:00
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYblFuDPCh/xauRj6K45Nk4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjMwMzE1MTE0NTI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjNhYjAzODg5MmE2NzIyYmI5NjVlZmY5YzM0ZmNkZjU4OTEwZGVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4x6weYT1q0aq3aFTJZ/kS9ZHJd+9
XJk/P0czaZB2PZH7YFdLJ7oIHpWnPC80QWYgRXGAaxOj9+uUJr6meJb8LAzFclh+
JoWZqFkdGj3mdM6v2TZYRFJ/VjHoIMEg/Im9He0f28WjpocHy/VmISo+a2ifu2hb
3ZM7ctZXCIdFKjg0CEEgrqBXdScVppmS2sFZaAAOLHQbCxZVKf6by2dlsG4+FPiM
I9m1Peu57rSwsxiJ04WfaUmhjgFWer+q3ywMwTvB8pEIeehhKzBf4cBXYP4lR1m/
zT75kOjPG5FFeXbbgUMXzo5Bi1Ey250w6cJ3hQkF2+u5bqTeYzWQzOAW1QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD86sDiJKmciu5Ze/5w0/N9YkQ3uMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvUHpxd09Ja3FaeUs3bGw3X25EVDgzMWlSRGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzAqBAIAATAkAwQEVc6gAwQC
Vc7wAwQEWHegAwQAW9ijAwQCuRkwAwQCuUBoMCEEAgACMBsDBQAqBCGAMBIDBwQq
BCGBwBADBwAqBCGBwBIwDQYJKoZIhvcNAQELBQADggEBAAH/e5Q6BZ3vH3E1TPHa
t7ZB9oSw8fUVUiWio8OUSVOm1PB4ssyOjbZY0T6EmhFy6bTU0L88i22g+SeOk6kM
Qo44r+5cEQ1nkJu3Cm+K/tw79ZWTojlVu5l5VFcSinMQxZDpH5V3zlOlIOKDq3qE
72FuhXAVfTPMhky2eabpMxm7R15kZk5AF+RTAORyUAd51YmyTNyH/4dzmpscSB/8
qtXN9ElqpExmhp42cPlZZd06G3FRpFfzgGGdO0L8AYe8jQ0qWiKUEMoLyog/TPWZ
domKum75Z4DnBtdUmWFDnnyDB6rX/cfrxy2gFUP6o7YL4W6ERPuwblI3heCi9lgc
wgA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:23 2024 by rpki-client on console-fra.rpki-client.org