Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Zr8dLHQlIGRjkTuhl06AMEIgSTM.roa
File: Zr8dLHQlIGRjkTuhl06AMEIgSTM.roa (raw, json)
Hash identifier: ISfBHOjzJ/mTB4J5bmh3JLJPD2zITuuh+O+d8KNPM38=
Subject key identifier: 66:BF:1D:2C:74:25:20:64:63:91:3B:A1:97:4E:80:30:42:20:49:33
Certificate issuer: /CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Certificate serial: 018B3A20BF159166451CA5876E74A9E01615
Authority key identifier: 60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Zr8dLHQlIGRjkTuhl06AMEIgSTM.roa
Signing time: Mon 16 Oct 2023 20:15:06 +0000
ROA not before: Mon 16 Oct 2023 20:15:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24877
IP address blocks: 88.223.100.0/22 maxlen: 22
84.55.0.0/20 maxlen: 20
84.55.16.0/21 maxlen: 21
84.55.24.0/21 maxlen: 21
88.223.132.0/22 maxlen: 22
88.223.139.0/24 maxlen: 24
88.223.136.0/23 maxlen: 23
88.223.136.0/24 maxlen: 24
88.223.140.0/22 maxlen: 22
88.223.64.0/21 maxlen: 21
88.223.72.0/21 maxlen: 21
84.55.44.0/23 maxlen: 23
84.55.40.0/22 maxlen: 22
84.55.38.0/23 maxlen: 23
88.223.156.0/22 maxlen: 22
84.55.46.0/23 maxlen: 23
88.222.0.0/17 maxlen: 17
88.222.128.0/18 maxlen: 18
217.147.42.0/23 maxlen: 23
217.147.39.0/24 maxlen: 24
88.222.248.0/22 maxlen: 22
88.222.192.0/20 maxlen: 20
88.222.216.0/24 maxlen: 24
88.222.224.0/20 maxlen: 20
217.147.33.0/24 maxlen: 24
217.147.32.0/24 maxlen: 24
2a01:7c80:8000::/33 maxlen: 33
Validation: Failed, certificate revoked on Sat 18 Nov 2023 06:10:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3a:20:bf:15:91:66:45:1c:a5:87:6e:74:a9:e0:16:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60661758ce330622470a39ae8d6ef4a2044f83c4
Validity
Not Before: Oct 16 20:15:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66bf1d2c7425206463913ba1974e803042204933
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:f6:3c:92:03:79:2f:28:4b:c3:19:cc:b5:0c:
36:10:d8:91:87:f1:ba:56:e3:8c:b6:ea:6e:18:2f:
1a:38:6f:7b:2e:90:7d:9a:71:31:ae:a9:32:08:0e:
0a:86:61:e5:c4:2f:07:13:78:36:29:26:c4:e5:aa:
94:de:31:76:20:2a:94:7d:00:7e:a3:36:7b:94:18:
7f:92:2a:ab:d5:c1:28:b9:77:fd:fb:31:ef:2f:0b:
95:c6:66:e5:78:0d:ab:2d:b6:3c:6d:af:15:8f:4a:
cd:f1:23:67:ac:54:4b:4d:ff:ef:fe:b6:63:56:e4:
60:b6:51:16:73:22:1c:72:de:36:7f:67:01:cc:38:
7e:78:de:27:d1:09:94:f8:38:93:21:25:1e:01:c7:
5a:b0:7b:5a:f5:cb:01:7d:2f:6f:23:d2:4a:ac:10:
61:ff:39:d3:a6:a4:b6:91:06:13:53:21:75:b8:c5:
25:e7:08:ed:8d:db:7e:96:ba:0a:6b:77:b5:6f:68:
2f:0e:b4:2c:97:af:0e:d5:e7:54:68:05:40:0c:79:
45:77:1a:18:b6:7b:dc:9a:73:85:93:0d:32:95:a9:
6d:d4:9e:e9:b7:fc:52:82:bd:a7:17:1e:8b:ba:f9:
50:f6:cb:d2:f3:93:7e:94:b5:80:ea:74:ae:f2:61:
55:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:BF:1D:2C:74:25:20:64:63:91:3B:A1:97:4E:80:30:42:20:49:33
X509v3 Authority Key Identifier:
keyid:60:66:17:58:CE:33:06:22:47:0A:39:AE:8D:6E:F4:A2:04:4F:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGYXWM4zBiJHCjmujW70ogRPg8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/Zr8dLHQlIGRjkTuhl06AMEIgSTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/edd128-6d6e-49e3-b77e-1f8746945483/1/YGYXWM4zBiJHCjmujW70ogRPg8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.55.0.0/19
84.55.38.0-84.55.47.255
88.222.0.0-88.222.207.255
88.222.216.0/24
88.222.224.0/20
88.222.248.0/22
88.223.64.0/20
88.223.100.0/22
88.223.132.0-88.223.137.255
88.223.139.0-88.223.143.255
88.223.156.0/22
217.147.32.0/23
217.147.39.0/24
217.147.42.0/23
IPv6:
2a01:7c80:8000::/33
Signature Algorithm: sha256WithRSAEncryption
2e:4e:f2:87:88:4e:a9:2d:18:85:e3:c0:99:af:39:b6:7b:86:
4f:b6:69:00:c2:74:3d:33:aa:d1:e4:09:95:18:49:66:41:92:
b9:5d:7f:11:94:bd:9b:87:08:98:79:62:ed:b7:9a:a8:c0:b3:
02:7b:0b:4a:fd:2c:d2:13:e8:4d:32:0b:5a:7a:94:5e:79:a0:
95:65:59:64:35:c1:8e:75:0d:47:0a:5a:72:62:a6:23:ba:7c:
ac:b8:35:52:59:3d:59:fc:ad:86:54:f7:c5:84:64:60:19:04:
12:59:08:10:f6:c0:f9:2c:81:bc:be:50:d5:36:c1:b3:08:eb:
fe:9b:7b:97:d6:44:74:aa:b3:c2:f5:a6:14:ee:82:a0:b0:a6:
90:9a:42:5c:ed:78:dd:f7:c9:cd:3f:b4:14:a7:07:0e:1f:48:
c7:ed:e8:f1:de:c7:97:f9:07:29:50:19:25:bd:dc:62:7e:92:
f2:9a:ac:2c:1b:64:0e:ff:34:44:7b:57:96:d6:91:93:32:52:
ed:ea:91:d9:2e:ea:c9:ff:86:de:80:8b:ec:f4:21:63:a7:af:
3e:2d:a9:fc:0b:6e:ef:c5:01:78:7d:c5:59:38:60:dd:ac:14:
e7:c0:e8:3d:4a:9c:d5:3f:ab:d3:d0:59:97:30:7e:dd:4d:10:
52:41:d7:47
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYs6IL8VkWZFHKWHbnSp4BYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjYxNzU4Y2UzMzA2MjI0NzBhMzlhZThkNmVmNGEyMDQ0
ZjgzYzQwHhcNMjMxMDE2MjAxNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmJmMWQyYzc0MjUyMDY0NjM5MTNiYTE5NzRlODAzMDQyMjA0OTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnPY8kgN5LyhLwxnMtQw2ENiRh/G6
VuOMtupuGC8aOG97LpB9mnExrqkyCA4KhmHlxC8HE3g2KSbE5aqU3jF2ICqUfQB+
ozZ7lBh/kiqr1cEouXf9+zHvLwuVxmbleA2rLbY8ba8Vj0rN8SNnrFRLTf/v/rZj
VuRgtlEWcyIcct42f2cBzDh+eN4n0QmU+DiTISUeAcdasHta9csBfS9vI9JKrBBh
/znTpqS2kQYTUyF1uMUl5wjtjdt+lroKa3e1b2gvDrQsl68O1edUaAVADHlFdxoY
tnvcmnOFkw0ylalt1J7pt/xSgr2nFx6LuvlQ9svS85N+lLWA6nSu8mFVrQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFGa/HSx0JSBkY5E7oZdOgDBCIEkzMB8GA1UdIwQY
MBaAFGBmF1jOMwYiRwo5ro1u9KIET4PEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2Ut
MWY4NzQ2OTQ1NDgzLzEvWnI4ZExIUWxJR1Jqa1R1aGwwNkFNRUlnU1RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9lZGQxMjgtNmQ2ZS00OWUzLWI3N2UtMWY4NzQ2OTQ1NDgz
LzEvWUdZWFdNNHpCaUpIQ2ptdWpXNzBvZ1JQZzhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB5BAIAATBzAwQFVDcA
MAwDBAFUNyYDBARUNyAwCwMDAVjeAwQEWN7AAwQAWN7YAwQEWN7gAwQCWN74AwQE
WN9AAwQCWN9kMAwDBAJY34QDBAFY34gwDAMEAFjfiwMEBFjfgAMEAljfnAMEAdmT
IAMEANmTJwMEAdmTKjAOBAIAAjAIAwYHKgF8gIAwDQYJKoZIhvcNAQELBQADggEB
AC5O8oeITqktGIXjwJmvObZ7hk+2aQDCdD0zqtHkCZUYSWZBkrldfxGUvZuHCJh5
Yu23mqjAswJ7C0r9LNIT6E0yC1p6lF55oJVlWWQ1wY51DUcKWnJipiO6fKy4NVJZ
PVn8rYZU98WEZGAZBBJZCBD2wPksgby+UNU2wbMI6/6be5fWRHSqs8L1phTugqCw
ppCaQlzteN33yc0/tBSnBw4fSMft6PHex5f5BylQGSW93GJ+kvKarCwbZA7/NER7
V5bWkZMyUu3qkdku6sn/ht6Ai+z0IWOnrz4tqfwLbu/FAXh9xVk4YN2sFOfA6D1K
nNU/q9PQWZcwft1NEFJB10c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:40 2024 by rpki-client on console-ams.rpki-client.org