Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ZCOPggOGW2OzfN75u1C-gvSnTmE.roa
File: ZCOPggOGW2OzfN75u1C-gvSnTmE.roa (raw, json)
Hash identifier: KK2ODAW3a07u2IiaGiCInTKt/Mab4tD1aO4ls/M3LkI=
Subject key identifier: 64:23:8F:82:03:86:5B:63:B3:7C:DE:F9:BB:50:BE:82:F4:A7:4E:61
Certificate issuer: /CN=567190854786a16afa6b0ec78dfb0620abaacfef
Certificate serial: 01856E8B5950AFA9D5215815F1AFAC70C683
Authority key identifier: 56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ZCOPggOGW2OzfN75u1C-gvSnTmE.roa
Signing time: Sun 01 Jan 2023 18:15:04 +0000
ROA not before: Sun 01 Jan 2023 18:15:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20712
IP address blocks: 178.238.144.0/20 maxlen: 20
90.155.64.0/19 maxlen: 20
5.172.160.0/20 maxlen: 20
90.155.96.0/20 maxlen: 20
194.4.172.0/22 maxlen: 22
5.172.170.0/24 maxlen: 24
90.155.0.0/18 maxlen: 24
81.187.0.0/16 maxlen: 23
81.2.64.0/18 maxlen: 18
217.169.0.0/19 maxlen: 19
2001:8b0::/32 maxlen: 63
2001:8b0:a::666/128 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 14:34:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:8b:59:50:af:a9:d5:21:58:15:f1:af:ac:70:c6:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567190854786a16afa6b0ec78dfb0620abaacfef
Validity
Not Before: Jan 1 18:15:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64238f8203865b63b37cdef9bb50be82f4a74e61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:c1:14:25:20:da:e7:c0:b0:63:2e:f2:c0:95:
02:99:44:49:22:b2:fc:44:f6:54:a4:4e:95:08:4c:
6b:ed:fd:7a:ca:5e:79:33:fa:eb:f0:d4:e0:b1:35:
98:f3:3c:f6:cb:8b:76:2a:7f:be:03:74:5e:f0:01:
54:34:a2:ea:e6:a2:4f:2c:b8:02:8c:38:e8:0b:51:
da:f3:bd:28:97:8f:07:a1:7c:bf:c0:19:bf:ee:8a:
dd:a8:d9:ce:8f:e4:9c:c3:46:b2:7b:bd:6f:bc:3a:
fd:ce:69:e8:01:36:d3:d4:58:b7:27:b8:a0:0c:d9:
7f:0c:21:94:ab:e2:69:a1:21:cb:97:81:34:b4:00:
db:f7:88:44:70:40:d6:13:a2:83:3c:9b:9a:ac:b8:
04:77:df:01:71:94:60:e0:5a:ca:28:45:a1:15:ee:
8c:bf:28:c9:9d:dc:77:b3:0f:db:92:57:a0:76:69:
dd:db:ea:df:16:a7:a8:a4:81:ca:5f:d8:e0:b4:d0:
0b:38:19:39:f4:7a:45:3d:fd:09:97:63:e2:56:7d:
97:de:1e:3f:c4:7d:fc:ee:67:9c:c8:97:65:6f:db:
23:44:5c:0e:2c:ec:98:50:ba:fd:ff:bf:49:e5:02:
b0:b5:2d:8b:6a:05:5a:40:49:0e:07:ed:11:cd:19:
d8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:23:8F:82:03:86:5B:63:B3:7C:DE:F9:BB:50:BE:82:F4:A7:4E:61
X509v3 Authority Key Identifier:
keyid:56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ZCOPggOGW2OzfN75u1C-gvSnTmE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.160.0/20
81.2.64.0/18
81.187.0.0/16
90.155.0.0-90.155.111.255
178.238.144.0/20
194.4.172.0/22
217.169.0.0/19
IPv6:
2001:8b0::/32
Signature Algorithm: sha256WithRSAEncryption
9b:0b:90:61:66:83:d0:9f:1a:11:ff:8f:99:09:0c:fb:31:03:
e9:16:1c:f9:de:88:d5:c7:fb:db:33:cd:fc:b2:ec:a8:d9:6d:
d0:71:0b:ee:1f:fe:07:df:f1:e0:ec:8e:81:7c:2f:8f:a1:72:
f6:99:cb:86:5e:cb:2c:ec:cf:ba:0a:03:71:aa:70:23:30:b3:
c4:fb:eb:57:c3:87:18:e7:0f:81:e0:08:48:d6:0f:4a:0f:b2:
ef:3a:a9:ed:9f:ca:40:fb:d9:a4:ff:35:2d:5f:86:9b:34:ab:
1e:6d:45:6f:aa:8e:9c:27:3f:3d:71:a1:84:ea:ad:51:cf:37:
d2:10:d4:12:19:8c:25:1a:7a:05:f1:91:65:bd:27:33:6c:3e:
49:8b:2e:56:6c:f2:21:54:81:6f:49:a9:d4:4c:f8:54:12:11:
dd:d4:03:ad:7a:8c:a5:43:c0:4c:d8:d2:61:d4:b6:2c:73:3c:
7a:97:86:2a:9d:c3:93:8a:cc:57:3e:52:75:b9:cb:9d:f5:5c:
64:c6:77:17:3e:3d:8c:83:58:33:a4:12:71:10:c2:ad:a5:08:
ae:af:35:c6:02:84:05:9e:8a:9e:5c:9f:86:df:c0:92:76:26:
64:d1:63:1a:ca:89:9b:b9:e5:d8:ee:b4:05:fd:03:9a:5e:08:
20:c9:b0:4f
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYVui1lQr6nVIVgV8a+scMaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzE5MDg1NDc4NmExNmFmYTZiMGVjNzhkZmIwNjIwYWJh
YWNmZWYwHhcNMjMwMTAxMTgxNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIzOGY4MjAzODY1YjYzYjM3Y2RlZjliYjUwYmU4MmY0YTc0ZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx8EUJSDa58CwYy7ywJUCmURJIrL8
RPZUpE6VCExr7f16yl55M/rr8NTgsTWY8zz2y4t2Kn++A3Re8AFUNKLq5qJPLLgC
jDjoC1Ha870ol48HoXy/wBm/7ordqNnOj+Scw0aye71vvDr9zmnoATbT1Fi3J7ig
DNl/DCGUq+JpoSHLl4E0tADb94hEcEDWE6KDPJuarLgEd98BcZRg4FrKKEWhFe6M
vyjJndx3sw/bklegdmnd2+rfFqeopIHKX9jgtNALOBk59HpFPf0Jl2PiVn2X3h4/
xH387mecyJdlb9sjRFwOLOyYULr9/79J5QKwtS2LagVaQEkOB+0RzRnYAwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFGQjj4IDhltjs3ze+btQvoL0p05hMB8GA1UdIwQY
MBaAFFZxkIVHhqFq+msOx437BiCrqs/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEt
NzNmZjQwOTU5MzQ4LzEvWkNPUGdnT0dXMk96Zk43NXUxQy1ndlNuVG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEtNzNmZjQwOTU5MzQ4
LzEvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEBaygAwQG
UQJAAwMAUbswCwMDAFqbAwQEWptgAwQEsu6QAwQCwgSsAwQF2akAMA0EAgACMAcD
BQAgAQiwMA0GCSqGSIb3DQEBCwUAA4IBAQCbC5BhZoPQnxoR/4+ZCQz7MQPpFhz5
3ojVx/vbM838suyo2W3QcQvuH/4H3/Hg7I6BfC+PoXL2mcuGXsss7M+6CgNxqnAj
MLPE++tXw4cY5w+B4AhI1g9KD7LvOqntn8pA+9mk/zUtX4abNKsebUVvqo6cJz89
caGE6q1RzzfSENQSGYwlGnoF8ZFlvSczbD5Jiy5WbPIhVIFvSanUTPhUEhHd1AOt
eoylQ8BM2NJh1LYsczx6l4YqncOTisxXPlJ1ucud9VxkxncXPj2Mg1gzpBJxEMKt
pQiurzXGAoQFnoqeXJ+G38CSdiZk0WMayombueXY7rQF/QOaXgggybBP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:26 2024 by rpki-client on console-fra.rpki-client.org