Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZxH9mzKKnxbBi93_dvpa-oAdOPQ.roa
File: ZxH9mzKKnxbBi93_dvpa-oAdOPQ.roa (raw, json)
Hash identifier: I7C7732TR8F0HB1R94NgJkbGoWYifcUaldOLue/jV3k=
Subject key identifier: 67:11:FD:9B:32:8A:9F:16:C1:8B:DD:FF:76:FA:5A:FA:80:1D:38:F4
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018B12D496A50E82AC8E68DCA3618D26382B
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZxH9mzKKnxbBi93_dvpa-oAdOPQ.roa
Signing time: Mon 09 Oct 2023 05:06:43 +0000
ROA not before: Mon 09 Oct 2023 05:06:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 142430
IP address blocks: 194.87.49.0/24 maxlen: 24
195.58.37.0/24 maxlen: 24
212.192.246.0/24 maxlen: 24
195.133.61.0/24 maxlen: 24
195.133.63.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Oct 2023 05:58:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:12:d4:96:a5:0e:82:ac:8e:68:dc:a3:61:8d:26:38:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 9 05:06:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6711fd9b328a9f16c18bddff76fa5afa801d38f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8b:92:91:d0:e3:3a:13:1c:5b:38:39:03:dc:
94:2c:e5:3e:fd:d7:d4:24:0c:60:c1:2c:72:dc:35:
d9:1d:58:4e:64:9e:29:eb:42:d7:83:a4:9f:72:cc:
d1:97:63:f1:af:b0:96:fb:18:27:50:63:48:e0:0a:
38:57:4b:97:c8:30:e0:8a:96:36:cc:d7:4b:40:b5:
ac:ad:a5:bd:c2:86:40:91:59:76:8c:61:e4:03:99:
5a:e7:fe:91:22:37:85:48:06:9c:73:47:70:59:59:
9f:b7:da:dc:02:34:92:b4:21:68:ff:28:6a:7a:db:
fa:f4:a9:c2:12:43:1f:45:43:c0:bc:ff:93:56:87:
42:46:b5:71:9e:8b:2d:42:63:5e:2b:e0:84:78:ca:
54:3e:43:18:18:25:c3:82:9f:00:95:ae:4f:77:40:
6b:9a:93:d2:4e:9a:46:e7:5c:17:47:d8:d0:7f:cb:
4a:c7:41:75:8c:50:66:ec:d6:73:46:36:24:cd:f4:
a7:f7:69:f3:86:fd:c6:eb:32:20:d6:f6:b0:b1:ab:
59:75:76:94:be:13:7b:51:38:2d:ab:73:67:a6:3a:
d5:cc:c9:b2:74:ca:7f:06:9e:a5:cd:43:9f:d0:f3:
cb:0e:69:aa:18:05:46:f1:c8:a6:2e:e7:05:49:4f:
28:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:11:FD:9B:32:8A:9F:16:C1:8B:DD:FF:76:FA:5A:FA:80:1D:38:F4
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/ZxH9mzKKnxbBi93_dvpa-oAdOPQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.49.0/24
195.58.37.0/24
195.133.61.0/24
195.133.63.0/24
212.192.246.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:ca:30:07:68:2d:e8:02:e7:e3:f8:83:d9:fc:33:d2:71:31:
0f:c6:91:83:76:0f:21:96:58:98:e8:e6:c8:c8:aa:cf:52:16:
f9:dc:eb:4f:01:5f:18:e7:81:8c:b0:90:b3:19:3e:e1:aa:fe:
71:a0:a8:7b:18:41:d3:a7:2c:30:3d:58:d0:d4:97:1b:59:42:
44:74:69:58:55:cf:63:df:ae:05:18:c3:3c:cf:2c:31:51:94:
be:71:55:86:dc:3e:ed:9b:fe:ba:bf:6a:b8:8d:c3:51:d2:4f:
27:c4:b3:3c:5b:f3:61:d3:75:22:a7:aa:82:95:26:be:11:6a:
17:c1:fc:1f:66:0c:49:41:cf:57:41:33:ef:a2:b1:95:db:f0:
4a:a1:5b:30:a7:a9:fe:04:39:7b:08:82:b6:a5:bb:bd:a6:35:
af:b6:d6:2e:8f:df:95:80:cd:d9:3b:cc:4f:8e:f3:46:02:56:
29:c1:17:7e:a6:84:d7:e4:e8:fe:b7:67:f2:86:bc:8c:57:20:
33:7f:c7:1c:e4:41:6b:34:5f:d6:0f:e0:e2:bc:34:91:df:ab:
41:a9:56:2b:dc:a2:f3:dc:17:84:47:1c:9a:39:a1:03:4f:f8:
da:09:ad:39:23:88:21:f6:3d:f6:77:9e:71:39:2d:3d:74:6e:
ee:ae:25:b1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYsS1JalDoKsjmjco2GNJjgrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMxMDA5MDUwNjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzExZmQ5YjMyOGE5ZjE2YzE4YmRkZmY3NmZhNWFmYTgwMWQzOGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYuSkdDjOhMcWzg5A9yULOU+/dfU
JAxgwSxy3DXZHVhOZJ4p60LXg6SfcszRl2Pxr7CW+xgnUGNI4Ao4V0uXyDDgipY2
zNdLQLWsraW9woZAkVl2jGHkA5la5/6RIjeFSAacc0dwWVmft9rcAjSStCFo/yhq
etv69KnCEkMfRUPAvP+TVodCRrVxnostQmNeK+CEeMpUPkMYGCXDgp8Ala5Pd0Br
mpPSTppG51wXR9jQf8tKx0F1jFBm7NZzRjYkzfSn92nzhv3G6zIg1vawsatZdXaU
vhN7UTgtq3NnpjrVzMmydMp/Bp6lzUOf0PPLDmmqGAVG8cimLucFSU8oOQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGcR/Zsyip8WwYvd/3b6WvqAHTj0MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvWnhIOW16S0tueGJCaTkzX2R2cGEtb0FkT1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwlcxAwQA
wzolAwQAw4U9AwQAw4U/AwQA1MD2MA0GCSqGSIb3DQEBCwUAA4IBAQAeyjAHaC3o
Aufj+IPZ/DPScTEPxpGDdg8hlliY6ObIyKrPUhb53OtPAV8Y54GMsJCzGT7hqv5x
oKh7GEHTpywwPVjQ1JcbWUJEdGlYVc9j364FGMM8zywxUZS+cVWG3D7tm/66v2q4
jcNR0k8nxLM8W/Nh03Uip6qClSa+EWoXwfwfZgxJQc9XQTPvorGV2/BKoVswp6n+
BDl7CIK2pbu9pjWvttYuj9+VgM3ZO8xPjvNGAlYpwRd+poTX5Oj+t2fyhryMVyAz
f8cc5EFrNF/WD+DivDSR36tBqVYr3KLz3BeERxyaOaEDT/jaCa05I4gh9j32d55x
OS09dG7uriWx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:20 2024 by rpki-client on console-fra.rpki-client.org