Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa
File: ZQCk9k8pVcylwhiAbPoM7NGau2o.roa (raw, json)
Hash identifier: h80DSaoduVf9MTdJ7zRlKCtMAxctb4Ol5zC0apA7zz8=
Subject key identifier: 65:00:A4:F6:4F:29:55:CC:A5:C2:18:80:6C:FA:0C:EC:D1:9A:BB:6A
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01915018FA9D849CCF30EEC99B4041399424
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa
Signing time: Wed 14 Aug 2024 08:54:59 +0000
ROA not before: Wed 14 Aug 2024 08:54:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34577
IP address blocks: 37.60.141.0/24 maxlen: 24
87.120.0.0/22 maxlen: 22
87.120.12.0/24 maxlen: 24
87.120.14.0/23 maxlen: 23
87.120.44.0/23 maxlen: 23
87.120.45.119/32 maxlen: 32
87.120.178.0/23 maxlen: 23
87.120.180.0/22 maxlen: 22
87.120.184.0/22 maxlen: 22
87.120.190.0/23 maxlen: 23
87.121.48.0/22 maxlen: 22
87.121.88.0/23 maxlen: 23
93.123.40.0/24 maxlen: 24
93.123.41.0/24 maxlen: 24
93.123.42.0/24 maxlen: 24
93.123.43.0/24 maxlen: 24
93.123.44.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.66.0/24 maxlen: 24
93.123.67.0/24 maxlen: 24
93.123.96.0/22 maxlen: 22
94.156.123.0/24 maxlen: 24
212.73.149.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 12:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:18:fa:9d:84:9c:cf:30:ee:c9:9b:40:41:39:94:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Aug 14 08:54:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6500a4f64f2955cca5c218806cfa0cecd19abb6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:84:13:bb:12:29:16:24:8a:ad:87:99:95:45:
b9:8a:25:5f:4d:41:78:e9:18:57:17:ae:3f:dd:37:
a2:3c:dd:7e:56:6e:f1:91:0e:ab:71:38:a4:8a:44:
0f:63:7c:2c:28:74:0a:fa:90:43:4e:77:ad:33:3f:
33:f6:2b:86:dd:1c:29:78:96:d6:08:50:d8:3d:13:
d4:7f:4d:03:36:69:3a:42:83:fa:50:c7:81:92:c7:
d8:a8:b7:f5:a6:6b:4c:15:41:49:63:c1:a1:bb:e0:
2f:6b:d8:43:75:f6:5b:37:65:0d:b1:95:c9:fa:3d:
52:41:84:07:3c:e8:db:0c:79:0d:94:d5:4e:90:e9:
52:0d:cb:6b:46:9f:a2:fa:ac:8d:c4:d5:89:0a:d1:
d8:01:2f:58:52:30:85:71:38:57:5f:43:0e:be:b2:
af:99:fa:28:fa:c4:58:cc:7a:5d:e2:8f:e1:1c:e1:
5a:5f:40:6e:5d:fb:58:3f:2d:26:fa:0a:5b:9e:0a:
f6:33:a2:43:25:03:4d:78:34:dc:a1:0c:3a:65:9e:
98:73:78:d0:dd:ec:1a:b3:36:0e:2e:2f:e1:22:10:
05:ec:04:82:ad:66:1a:e4:e7:d3:68:1f:20:51:5a:
3e:ed:4a:3d:cd:86:e5:1a:a9:1a:16:80:5a:18:cb:
a6:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:00:A4:F6:4F:29:55:CC:A5:C2:18:80:6C:FA:0C:EC:D1:9A:BB:6A
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ZQCk9k8pVcylwhiAbPoM7NGau2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.60.141.0/24
87.120.0.0/22
87.120.12.0/24
87.120.14.0/23
87.120.44.0/23
87.120.178.0-87.120.187.255
87.120.190.0/23
87.121.48.0/22
87.121.88.0/23
93.123.40.0-93.123.44.255
93.123.47.0/24
93.123.66.0/23
93.123.96.0/22
94.156.123.0/24
212.73.149.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:9a:a9:70:36:e8:09:54:37:ab:6b:bd:f9:2a:c9:e5:9f:84:
3c:dd:4f:0a:c5:4b:9e:3d:84:66:2a:f3:07:a0:ac:16:82:25:
66:f0:76:54:14:09:08:de:54:5d:e7:37:66:a1:f4:77:20:5c:
06:48:e0:f4:6c:82:cd:25:3b:6c:e9:ce:c3:3c:a8:ff:78:8e:
5e:71:f6:ee:70:62:f0:d2:7b:a9:93:e1:c6:8f:a3:ff:81:07:
88:8c:c2:8a:7e:b6:4c:08:7c:e4:c0:19:d4:61:48:76:63:1c:
5f:3b:dd:6f:c5:ca:df:47:4f:e8:70:c6:39:00:0c:71:f8:f4:
3d:06:b5:71:3b:ef:ca:62:96:c1:6e:b6:52:ce:3e:9e:d2:06:
b4:ec:92:d0:36:12:b7:12:0e:46:fd:3d:ec:a7:0e:84:01:a6:
54:eb:47:63:65:eb:1d:c2:0d:7f:4f:6d:59:a2:d4:99:b6:38:
45:ff:7a:b6:fc:89:42:3d:30:c9:68:f1:86:a5:63:e2:87:34:
91:ff:73:84:30:46:5f:69:e8:e3:19:7d:8a:08:80:a8:2c:dc:
db:e8:b7:56:d8:3e:14:85:09:43:fc:59:a5:b7:f5:17:99:ed:
ae:a1:24:f5:cd:70:d4:3e:d4:34:ea:fe:8d:ac:58:57:96:15:
b6:58:1c:ba
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZFQGPqdhJzPMO7Jm0BBOZQkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwODE0MDg1NDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAwYTRmNjRmMjk1NWNjYTVjMjE4ODA2Y2ZhMGNlY2QxOWFiYjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4QTuxIpFiSKrYeZlUW5iiVfTUF4
6RhXF64/3TeiPN1+Vm7xkQ6rcTikikQPY3wsKHQK+pBDTnetMz8z9iuG3RwpeJbW
CFDYPRPUf00DNmk6QoP6UMeBksfYqLf1pmtMFUFJY8Ghu+Ava9hDdfZbN2UNsZXJ
+j1SQYQHPOjbDHkNlNVOkOlSDctrRp+i+qyNxNWJCtHYAS9YUjCFcThXX0MOvrKv
mfoo+sRYzHpd4o/hHOFaX0BuXftYPy0m+gpbngr2M6JDJQNNeDTcoQw6ZZ6Yc3jQ
3ewaszYOLi/hIhAF7ASCrWYa5OfTaB8gUVo+7Uo9zYblGqkaFoBaGMumPQIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFGUApPZPKVXMpcIYgGz6DOzRmrtqMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWlFDazlrOHBWY3lsd2hpQWJQb003TkdhdTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEACU8jQME
Ald4AAMEAFd4DAMEAVd4DgMEAVd4LDAMAwQBV3iyAwQCV3i4AwQBV3i+AwQCV3kw
AwQBV3lYMAwDBANdeygDBABdeywDBABdey8DBAFde0IDBAJde2ADBABenHsDBADU
SZUwDQYJKoZIhvcNAQELBQADggEBAG+aqXA26AlUN6trvfkqyeWfhDzdTwrFS549
hGYq8wegrBaCJWbwdlQUCQjeVF3nN2ah9HcgXAZI4PRsgs0lO2zpzsM8qP94jl5x
9u5wYvDSe6mT4caPo/+BB4iMwop+tkwIfOTAGdRhSHZjHF873W/Fyt9HT+hwxjkA
DHH49D0GtXE778pilsFutlLOPp7SBrTsktA2ErcSDkb9PeynDoQBplTrR2Nl6x3C
DX9PbVmi1Jm2OEX/erb8iUI9MMlo8YalY+KHNJH/c4QwRl9p6OMZfYoIgKgs3Nvo
t1bYPhSFCUP8WaW39ReZ7a6hJPXNcNQ+1DTq/o2sWFeWFbZYHLo=
-----END CERTIFICATE-----
Generated at Tue Sep 17 18:26:52 2024 by rpki-client on console-ams.rpki-client.org