Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/zbdAIvSsobsXiraa65g22eH7kD8.roa
File: zbdAIvSsobsXiraa65g22eH7kD8.roa (raw, json)
Hash identifier: cIIAComxXHGOI0hBJYQEeNn0DltFo1ka6UYXEA1n6r4=
Subject key identifier: CD:B7:40:22:F4:AC:A1:BB:17:8A:B6:9A:EB:98:36:D9:E1:FB:90:3F
Certificate issuer: /CN=567190854786a16afa6b0ec78dfb0620abaacfef
Certificate serial: 018CCA99035D53FE4877993A1469BC188ADD
Authority key identifier: 56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/zbdAIvSsobsXiraa65g22eH7kD8.roa
Signing time: Tue 02 Jan 2024 14:34:34 +0000
ROA not before: Tue 02 Jan 2024 14:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 178.238.144.0/20 maxlen: 20
90.155.64.0/19 maxlen: 20
5.172.160.0/20 maxlen: 20
90.155.96.0/20 maxlen: 20
194.4.172.0/22 maxlen: 22
5.172.170.0/24 maxlen: 24
90.155.0.0/18 maxlen: 24
81.187.0.0/16 maxlen: 23
81.2.64.0/18 maxlen: 18
217.169.0.0/19 maxlen: 19
2001:8b0::/32 maxlen: 63
2001:8b0:a::666/128 maxlen: 128
Validation: Failed, certificate revoked on Wed 28 Aug 2024 14:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:03:5d:53:fe:48:77:99:3a:14:69:bc:18:8a:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567190854786a16afa6b0ec78dfb0620abaacfef
Validity
Not Before: Jan 2 14:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdb74022f4aca1bb178ab69aeb9836d9e1fb903f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:b4:e7:15:cf:3d:a8:61:0b:0b:db:8a:29:
9b:84:98:47:37:d3:fb:f0:e5:94:21:b2:ff:cb:47:
bf:30:4b:f3:d2:25:1c:6a:ec:e4:50:b2:1e:9e:3f:
8a:f8:56:36:c8:88:f5:86:82:2d:a2:33:76:6b:79:
53:d9:0a:75:84:14:12:6c:e5:70:d3:ed:ca:8b:45:
28:6a:87:c8:ed:9e:a2:98:4a:32:a0:51:ce:88:29:
4f:2b:9b:ea:d6:70:a4:08:30:0f:fb:b9:22:70:1b:
1e:ee:83:42:bc:ab:eb:9d:ca:df:7c:22:ec:06:09:
7c:d9:71:eb:6a:28:85:e8:9f:9d:21:36:4b:11:85:
eb:10:f4:21:7b:0d:39:01:5d:bf:3a:d0:18:ad:e2:
1b:25:e1:0e:5c:24:8e:62:d3:af:d7:6b:07:8c:88:
ed:a3:26:03:6c:f2:3a:74:51:0b:ff:14:6a:3b:2e:
13:2b:3e:bf:66:7e:d3:17:e5:9e:8e:99:fd:30:0c:
b6:8f:48:af:5f:24:d6:05:1a:b2:1b:42:57:49:76:
35:8b:33:e5:fc:af:de:e6:d8:1d:c8:7e:3e:7c:44:
67:be:e8:9f:1e:27:11:7b:bf:ce:8a:95:65:6f:53:
6c:83:47:12:fa:01:30:1d:52:4e:11:22:0f:f2:c2:
ff:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B7:40:22:F4:AC:A1:BB:17:8A:B6:9A:EB:98:36:D9:E1:FB:90:3F
X509v3 Authority Key Identifier:
keyid:56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/zbdAIvSsobsXiraa65g22eH7kD8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.160.0/20
81.2.64.0/18
81.187.0.0/16
90.155.0.0-90.155.111.255
178.238.144.0/20
194.4.172.0/22
217.169.0.0/19
IPv6:
2001:8b0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:0d:81:2f:ea:a5:e0:32:a4:fe:7b:5a:51:be:cc:29:6c:67:
4a:ba:98:01:01:c4:1a:63:c2:ce:ea:08:21:90:b0:3c:b2:be:
18:4c:00:ab:dc:57:28:af:98:76:e6:67:9b:c6:15:ba:5e:5d:
f5:20:0b:e1:6b:6e:1a:04:e7:dd:09:ac:ac:90:7d:84:5f:08:
b0:bc:c8:ae:8b:ad:7c:e7:de:d1:18:13:d6:72:93:3e:5f:c8:
83:d9:8a:e8:9b:88:d8:53:18:6d:1b:87:81:22:e8:ea:0c:57:
de:69:02:ba:20:bd:78:ce:5b:a6:57:be:4e:fe:2d:0f:63:c4:
4b:7e:b5:f6:5b:19:6b:a3:02:cf:69:6c:3a:98:06:7b:ce:b7:
6f:d7:e8:28:98:ab:bd:3d:b4:c9:61:d6:df:22:f7:08:29:4b:
c5:57:ed:05:b3:80:43:b1:65:3e:9a:bd:75:58:d3:96:c5:f0:
6b:2b:4d:2d:3d:22:3b:b2:bb:ed:06:b9:45:81:a0:3f:89:88:
9b:f7:13:c6:9d:e4:6a:9e:bf:4b:a3:c4:5a:ee:a7:25:63:7e:
76:ed:a0:cc:d3:b4:62:74:26:74:f8:20:63:c5:f0:4e:4f:02:
c3:c1:2b:41:e0:c9:2b:2a:81:db:27:9a:b5:0d:e5:14:c8:eb:
cd:26:f3:a8
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzKmQNdU/5Id5k6FGm8GIrdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzE5MDg1NDc4NmExNmFmYTZiMGVjNzhkZmIwNjIwYWJh
YWNmZWYwHhcNMjQwMTAyMTQzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGI3NDAyMmY0YWNhMWJiMTc4YWI2OWFlYjk4MzZkOWUxZmI5MDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvS05xXPPahhCwvbiimbhJhHN9P7
8OWUIbL/y0e/MEvz0iUcauzkULIenj+K+FY2yIj1hoItojN2a3lT2Qp1hBQSbOVw
0+3Ki0UoaofI7Z6imEoyoFHOiClPK5vq1nCkCDAP+7kicBse7oNCvKvrncrffCLs
Bgl82XHraiiF6J+dITZLEYXrEPQhew05AV2/OtAYreIbJeEOXCSOYtOv12sHjIjt
oyYDbPI6dFEL/xRqOy4TKz6/Zn7TF+Wejpn9MAy2j0ivXyTWBRqyG0JXSXY1izPl
/K/e5tgdyH4+fERnvuifHicRe7/OipVlb1Nsg0cS+gEwHVJOESIP8sL/0QIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFM23QCL0rKG7F4q2muuYNtnh+5A/MB8GA1UdIwQY
MBaAFFZxkIVHhqFq+msOx437BiCrqs/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEt
NzNmZjQwOTU5MzQ4LzEvemJkQUl2U3NvYnNYaXJhYTY1ZzIyZUg3a0Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEtNzNmZjQwOTU5MzQ4
LzEvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQEBaygAwQG
UQJAAwMAUbswCwMDAFqbAwQEWptgAwQEsu6QAwQCwgSsAwQF2akAMA0EAgACMAcD
BQAgAQiwMA0GCSqGSIb3DQEBCwUAA4IBAQAMDYEv6qXgMqT+e1pRvswpbGdKupgB
AcQaY8LO6gghkLA8sr4YTACr3Fcor5h25mebxhW6Xl31IAvha24aBOfdCayskH2E
XwiwvMiui618597RGBPWcpM+X8iD2Yrom4jYUxhtG4eBIujqDFfeaQK6IL14zlum
V75O/i0PY8RLfrX2WxlrowLPaWw6mAZ7zrdv1+gomKu9PbTJYdbfIvcIKUvFV+0F
s4BDsWU+mr11WNOWxfBrK00tPSI7srvtBrlFgaA/iYib9xPGneRqnr9Lo8Ra7qcl
Y3527aDM07RidCZ0+CBjxfBOTwLDwStB4MkrKoHbJ5q1DeUUyOvNJvOo
-----END CERTIFICATE-----
Generated at Wed Aug 28 17:52:54 2024 by rpki-client on console-fra.rpki-client.org