Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zKzRS5MYlxjUJlrqGnV4bRKqvnQ.roa
File: zKzRS5MYlxjUJlrqGnV4bRKqvnQ.roa (raw, json)
Hash identifier: zMxTFHHbEJ+a6bAqUgriI7fGFGBdd4VttPc8cc7OuX0=
Subject key identifier: CC:AC:D1:4B:93:18:97:18:D4:26:5A:EA:1A:75:78:6D:12:AA:BE:74
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018AA775CEEF6D47157F64D26D8FFD0CB849
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zKzRS5MYlxjUJlrqGnV4bRKqvnQ.roa
Signing time: Mon 18 Sep 2023 08:43:50 +0000
ROA not before: Mon 18 Sep 2023 08:43:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21082
IP address blocks: 193.124.5.0/24 maxlen: 24
194.87.221.0/24 maxlen: 24
195.133.94.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.142.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
194.87.143.0/24 maxlen: 24
212.192.215.0/24 maxlen: 24
212.192.252.0/24 maxlen: 24
212.192.248.0/24 maxlen: 24
212.192.253.0/24 maxlen: 24
212.192.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Sep 2023 09:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a7:75:ce:ef:6d:47:15:7f:64:d2:6d:8f:fd:0c:b8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Sep 18 08:43:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccacd14b93189718d4265aea1a75786d12aabe74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:a6:cf:15:3e:de:c1:ea:da:80:7d:ca:ca:dd:
61:42:36:aa:93:cd:7f:64:f7:e6:9c:02:0e:12:2d:
4b:2e:89:70:9f:46:21:57:81:f3:45:d1:29:03:93:
89:64:ce:f2:28:92:a4:f9:77:35:38:e4:8b:07:93:
5e:ff:9b:11:b8:eb:6b:d6:ed:1d:d9:f7:ca:0a:72:
c1:36:6c:fe:40:61:00:52:c3:33:dc:aa:c7:f8:4b:
f9:60:6b:e0:7c:e3:68:2f:5b:69:38:4d:27:c9:98:
44:10:e4:60:49:05:90:22:d1:7f:21:74:84:fa:00:
09:a2:2f:40:6f:b0:10:ba:5c:e3:9e:bd:b7:61:ba:
fa:14:69:e5:b1:87:87:28:2e:54:33:5f:0b:34:33:
10:f1:82:77:33:88:6b:e8:7c:38:21:e4:ba:28:04:
6b:e5:61:79:15:d5:81:e3:71:51:e0:04:f1:a9:d5:
e0:92:93:38:12:e4:68:6e:ac:49:90:0f:87:73:37:
3b:4a:2f:ae:9b:86:22:f3:8e:e9:94:09:4d:e8:8c:
4d:67:b8:c8:28:aa:42:59:e2:4d:42:a7:b8:a7:0c:
95:59:7c:69:7a:e3:ec:0f:8a:58:1f:2c:89:e4:df:
ae:c1:a7:05:57:e9:c7:b8:b6:ca:dd:bc:d9:73:d3:
60:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AC:D1:4B:93:18:97:18:D4:26:5A:EA:1A:75:78:6D:12:AA:BE:74
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/zKzRS5MYlxjUJlrqGnV4bRKqvnQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.124.5.0/24
194.87.30.0/24
194.87.142.0/23
194.87.221.0/24
195.133.94.0/24
212.192.212.0/24
212.192.215.0/24
212.192.248.0/24
212.192.252.0-212.192.254.255
Signature Algorithm: sha256WithRSAEncryption
8f:42:46:c1:f7:bc:8b:15:f1:d2:55:38:d1:d6:be:e7:20:fd:
54:bb:32:db:93:ac:8a:50:75:bc:6f:cd:26:d5:02:35:1d:e7:
09:f6:3a:a1:71:fe:7d:6a:ae:57:94:65:4a:16:37:f6:54:8e:
94:90:08:28:f5:1e:05:14:49:0d:ab:32:d0:e7:82:22:dd:8a:
df:55:a3:5a:6c:fc:4b:a1:f8:45:7b:d1:14:56:27:cb:e3:75:
fd:bb:31:2b:02:05:6f:81:a9:1d:18:2e:ab:4f:68:d0:03:08:
ba:e9:a9:be:e9:65:96:d7:b6:3a:3f:08:95:01:d9:01:1d:8e:
94:73:65:36:98:02:c1:4f:16:a7:6b:c7:e8:f0:7c:42:ac:ce:
21:7d:51:41:56:cc:5c:51:80:86:0e:ee:0f:cf:b6:95:22:60:
9e:ec:6c:5f:1d:e8:70:ef:17:d5:7b:4d:79:c3:56:22:25:c1:
f4:2e:f2:62:4c:c0:91:ca:07:91:5f:46:6a:c7:2a:69:d8:40:
14:36:4f:31:7e:11:68:3e:75:69:02:d5:ec:4c:b9:aa:0c:16:
96:07:3f:48:c1:63:84:3d:e5:86:69:bb:6a:d6:95:a0:1e:3b:
43:9a:a5:b2:a1:f1:7d:4a:cf:1f:f4:52:1a:a5:4f:35:5c:a1:
9f:b7:63:52
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYqndc7vbUcVf2TSbY/9DLhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjMwOTE4MDg0MzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FjZDE0YjkzMTg5NzE4ZDQyNjVhZWExYTc1Nzg2ZDEyYWFiZTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl6bPFT7eweragH3Kyt1hQjaqk81/
ZPfmnAIOEi1LLolwn0YhV4HzRdEpA5OJZM7yKJKk+Xc1OOSLB5Ne/5sRuOtr1u0d
2ffKCnLBNmz+QGEAUsMz3KrH+Ev5YGvgfONoL1tpOE0nyZhEEORgSQWQItF/IXSE
+gAJoi9Ab7AQulzjnr23Ybr6FGnlsYeHKC5UM18LNDMQ8YJ3M4hr6Hw4IeS6KARr
5WF5FdWB43FR4ATxqdXgkpM4EuRobqxJkA+Hczc7Si+um4Yi847plAlN6IxNZ7jI
KKpCWeJNQqe4pwyVWXxpeuPsD4pYHyyJ5N+uwacFV+nHuLbK3bzZc9NgRwIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFMys0UuTGJcY1CZa6hp1eG0Sqr50MB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvekt6UlM1TVlseGpVSmxycUduVjRiUktxdm5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+AwQAwXwFAwQA
wlceAwQBwleOAwQAwlfdAwQAw4VeAwQA1MDUAwQA1MDXAwQA1MD4MAwDBALUwPwD
BADUwP4wDQYJKoZIhvcNAQELBQADggEBAI9CRsH3vIsV8dJVONHWvucg/VS7MtuT
rIpQdbxvzSbVAjUd5wn2OqFx/n1qrleUZUoWN/ZUjpSQCCj1HgUUSQ2rMtDngiLd
it9Vo1ps/Euh+EV70RRWJ8vjdf27MSsCBW+BqR0YLqtPaNADCLrpqb7pZZbXtjo/
CJUB2QEdjpRzZTaYAsFPFqdrx+jwfEKsziF9UUFWzFxRgIYO7g/PtpUiYJ7sbF8d
6HDvF9V7TXnDViIlwfQu8mJMwJHKB5FfRmrHKmnYQBQ2TzF+EWg+dWkC1exMuaoM
FpYHP0jBY4Q95YZpu2rWlaAeO0OapbKh8X1Kzx/0UhqlTzVcoZ+3Y1I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:49:52 2024 by rpki-client on console-ams.rpki-client.org