Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/ZsciNKz8hSdltoVLnW5sakMXk-0.roa
File: ZsciNKz8hSdltoVLnW5sakMXk-0.roa (raw, json)
Hash identifier: UBCNqeSNEuPjZ0UOMgnR/7147edhYt46BTnIjHjnmOY=
Subject key identifier: 66:C7:22:34:AC:FC:85:27:65:B6:85:4B:9D:6E:6C:6A:43:17:93:ED
Certificate issuer: /CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Certificate serial: 018871FDB3E048793614F9E2B0E195AB059D
Authority key identifier: EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/ZsciNKz8hSdltoVLnW5sakMXk-0.roa
Signing time: Wed 31 May 2023 13:27:11 +0000
ROA not before: Wed 31 May 2023 13:27:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57152
IP address blocks: 185.73.128.0/22 maxlen: 24
104.247.172.0/24 maxlen: 24
104.247.171.0/24 maxlen: 24
104.247.170.0/24 maxlen: 24
104.247.175.0/24 maxlen: 24
104.247.174.0/24 maxlen: 24
104.247.173.0/24 maxlen: 24
104.247.179.0/24 maxlen: 24
104.247.178.0/24 maxlen: 24
104.247.177.0/24 maxlen: 24
104.247.176.0/24 maxlen: 24
104.247.182.0/24 maxlen: 24
104.247.180.0/24 maxlen: 24
104.247.186.0/24 maxlen: 24
104.247.185.0/24 maxlen: 24
104.247.184.0/24 maxlen: 24
185.137.215.0/24 maxlen: 24
2a03:a5a0::/32 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Nov 2023 13:57:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:fd:b3:e0:48:79:36:14:f9:e2:b0:e1:95:ab:05:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eea02b197dbaf7deb74e0a27d9d4ecd3fae1e8ed
Validity
Not Before: May 31 13:27:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=66c72234acfc852765b6854b9d6e6c6a431793ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:99:3d:13:d9:fc:0c:78:d9:81:b2:ca:93:1a:
55:a8:f9:93:e2:1d:93:f4:ae:b7:9a:b8:57:11:52:
17:b5:b7:8c:b3:f4:80:9f:b9:3a:22:db:d5:2e:d2:
a3:3b:d6:bf:cc:70:89:7d:7c:01:da:31:69:db:36:
49:91:50:f6:bf:b6:86:aa:2c:e3:a3:03:e4:61:13:
75:e2:4a:ad:81:91:e5:cb:58:d3:ae:af:95:aa:75:
c8:74:2f:6e:69:7d:24:80:93:ec:c3:16:99:71:eb:
54:e4:01:17:b3:f7:50:37:ea:6b:5c:72:19:17:b6:
4d:a7:34:e7:76:54:bb:f8:37:47:da:2e:b5:f7:34:
5a:b4:e8:b0:cd:9a:12:72:86:81:43:ef:b8:18:9e:
17:1c:fd:c9:3d:9c:a3:3d:28:33:37:8b:56:e2:40:
c6:3d:2d:45:30:d1:74:99:c9:5f:88:85:ba:50:eb:
36:06:7b:52:01:d0:3f:56:b4:61:4b:a4:08:d2:42:
cf:b8:0d:7b:0f:a5:28:01:39:dd:20:0f:73:34:97:
83:ec:f1:c5:3a:67:5e:6a:c1:60:cc:77:12:33:c1:
49:c1:10:63:ff:62:c3:4a:dc:79:49:7b:80:d3:d4:
d4:c0:9c:d1:38:7d:f1:3f:93:89:8d:68:6c:2c:12:
48:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C7:22:34:AC:FC:85:27:65:B6:85:4B:9D:6E:6C:6A:43:17:93:ED
X509v3 Authority Key Identifier:
keyid:EE:A0:2B:19:7D:BA:F7:DE:B7:4E:0A:27:D9:D4:EC:D3:FA:E1:E8:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7qArGX269963Tgon2dTs0_rh6O0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/ZsciNKz8hSdltoVLnW5sakMXk-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/971b11-280e-4ced-b99c-bbccab913b5d/1/7qArGX269963Tgon2dTs0_rh6O0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
104.247.170.0-104.247.180.255
104.247.182.0/24
104.247.184.0-104.247.186.255
185.73.128.0/22
185.137.215.0/24
IPv6:
2a03:a5a0::/32
Signature Algorithm: sha256WithRSAEncryption
b0:19:e1:3d:00:b1:5a:21:e1:8e:0d:5d:73:fd:a5:75:62:27:
78:ea:a1:fe:46:e4:40:79:8a:13:35:b2:38:1a:05:c8:7d:44:
ee:03:6f:2f:20:50:1a:44:3e:b2:3d:83:8d:32:bc:65:22:78:
40:ec:02:ab:ce:98:55:64:e3:05:b7:78:6a:65:bc:8e:d0:52:
e7:9b:32:c2:68:9c:e8:05:17:47:c2:a3:c0:a0:36:d1:41:9d:
52:b8:bd:fa:fd:bb:70:87:a4:f0:ca:f2:d0:6b:32:c6:72:3c:
99:2d:dd:b0:3c:a3:3d:6b:c3:21:05:ae:a2:81:89:86:22:03:
e9:ec:1d:a6:cd:b1:34:9d:f9:2b:7e:93:f3:7a:11:5d:59:d0:
8c:6b:4d:e9:b7:39:43:77:97:d3:cc:e8:d0:80:e9:83:86:a1:
c1:4e:9b:f9:da:56:a3:7b:12:82:f2:32:c8:bf:57:f6:15:ac:
16:b9:23:0b:20:27:d7:a4:96:c6:ff:1c:13:05:a6:2b:08:39:
1e:07:84:cd:b7:7e:54:7c:7f:81:2f:a3:0a:c7:13:db:e5:54:
1e:16:ce:eb:a6:60:c2:ee:fa:0b:4d:8d:04:fa:dd:24:cb:5c:
ea:49:1f:b3:80:08:48:fe:e7:bd:a8:56:84:99:ce:69:21:79:
46:06:ad:e8
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYhx/bPgSHk2FPnisOGVqwWdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYTAyYjE5N2RiYWY3ZGViNzRlMGEyN2Q5ZDRlY2QzZmFl
MWU4ZWQwHhcNMjMwNTMxMTMyNzExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmM3MjIzNGFjZmM4NTI3NjViNjg1NGI5ZDZlNmM2YTQzMTc5M2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnpk9E9n8DHjZgbLKkxpVqPmT4h2T
9K63mrhXEVIXtbeMs/SAn7k6ItvVLtKjO9a/zHCJfXwB2jFp2zZJkVD2v7aGqizj
owPkYRN14kqtgZHly1jTrq+VqnXIdC9uaX0kgJPswxaZcetU5AEXs/dQN+prXHIZ
F7ZNpzTndlS7+DdH2i619zRatOiwzZoScoaBQ++4GJ4XHP3JPZyjPSgzN4tW4kDG
PS1FMNF0mclfiIW6UOs2BntSAdA/VrRhS6QI0kLPuA17D6UoATndIA9zNJeD7PHF
OmdeasFgzHcSM8FJwRBj/2LDStx5SXuA09TUwJzROH3xP5OJjWhsLBJI9QIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFGbHIjSs/IUnZbaFS51ubGpDF5PtMB8GA1UdIwQY
MBaAFO6gKxl9uvfet04KJ9nU7NP64ejtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMt
YmJjY2FiOTEzYjVkLzEvWnNjaU5LejhoU2RsdG9WTG5XNXNha01Yay0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS85NzFiMTEtMjgwZS00Y2VkLWI5OWMtYmJjY2FiOTEzYjVk
LzEvN3FBckdYMjY5OTYzVGdvbjJkVHMwX3JoNk8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTA0BAIAATAuMAwDBAFo96oD
BABo97QDBABo97YwDAMEA2j3uAMEAGj3ugMEArlJgAMEALmJ1zANBAIAAjAHAwUA
KgOloDANBgkqhkiG9w0BAQsFAAOCAQEAsBnhPQCxWiHhjg1dc/2ldWIneOqh/kbk
QHmKEzWyOBoFyH1E7gNvLyBQGkQ+sj2DjTK8ZSJ4QOwCq86YVWTjBbd4amW8jtBS
55sywmic6AUXR8KjwKA20UGdUri9+v27cIek8Mry0GsyxnI8mS3dsDyjPWvDIQWu
ooGJhiID6ewdps2xNJ35K36T83oRXVnQjGtN6bc5Q3eX08zo0IDpg4ahwU6b+dpW
o3sSgvIyyL9X9hWsFrkjCyAn16SWxv8cEwWmKwg5HgeEzbd+VHx/gS+jCscT2+VU
HhbO66Zgwu76C02NBPrdJMtc6kkfs4AISP7nvahWhJnOaSF5Rgat6A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:09 2024 by rpki-client on console-fra.rpki-client.org