Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zGI-Dr71YN_v6tCWQ2YVsfbd-SM.roa
File: zGI-Dr71YN_v6tCWQ2YVsfbd-SM.roa (raw, json)
Hash identifier: LVJ7RzKqfy8kQubisF0/9Fu746W2NqgbWLBsbSzsJvU=
Subject key identifier: CC:62:3E:0E:BE:F5:60:DF:EF:EA:D0:96:43:66:15:B1:F6:DD:F9:23
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018A8DB7D7774DC14005E02FBDF415A75015
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zGI-Dr71YN_v6tCWQ2YVsfbd-SM.roa
Signing time: Wed 13 Sep 2023 08:45:50 +0000
ROA not before: Wed 13 Sep 2023 08:45:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2895
IP address blocks: 185.103.100.0/22 maxlen: 22
147.45.0.0/16 maxlen: 16
193.233.4.0/24 maxlen: 24
193.233.0.0/22 maxlen: 22
193.233.10.0/23 maxlen: 23
193.233.8.0/24 maxlen: 24
2001:640::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8d:b7:d7:77:4d:c1:40:05:e0:2f:bd:f4:15:a7:50:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Sep 13 08:45:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc623e0ebef560dfefead096436615b1f6ddf923
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4e:d6:04:36:be:3f:88:57:6b:da:b7:28:62:
5b:e3:9e:2f:6b:7f:2a:76:70:22:55:1f:88:dd:d7:
78:8a:3c:06:b4:bc:fd:06:c2:c7:d2:13:c1:c3:5d:
05:60:18:dc:c5:54:0e:41:a1:d0:99:c3:dd:54:b1:
73:9d:3a:f7:df:79:77:e2:eb:5b:59:b0:99:90:db:
55:9e:36:3e:3e:8f:70:c4:03:ea:79:52:af:d0:b7:
09:8f:8d:bc:f2:05:cc:92:05:3c:ec:13:b2:2f:16:
2c:11:00:2e:da:24:d4:57:96:78:c0:5b:a8:50:f7:
c2:49:cd:ba:e5:6d:56:bc:e5:25:11:c0:9c:a0:85:
56:0d:44:64:98:ba:4f:d4:99:d0:d0:16:d4:02:15:
77:fb:da:68:61:86:43:a0:39:bf:9c:5c:97:fb:6b:
95:87:8b:5b:7c:aa:04:ea:07:82:99:d4:1c:3c:bd:
1a:a8:b5:1f:00:5b:a0:b1:b9:c6:9f:e2:20:6e:50:
2e:fb:7e:24:fc:80:15:30:12:39:c3:94:06:ab:15:
53:b9:0f:2d:90:3d:76:34:b1:62:37:f1:87:0c:85:
41:35:46:85:3a:6b:71:12:d4:52:b0:32:fd:86:ff:
51:dd:11:44:d8:85:81:ca:7b:bf:35:c7:04:97:81:
a0:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:62:3E:0E:BE:F5:60:DF:EF:EA:D0:96:43:66:15:B1:F6:DD:F9:23
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zGI-Dr71YN_v6tCWQ2YVsfbd-SM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.0.0/16
185.103.100.0/22
193.233.0.0-193.233.4.255
193.233.8.0/24
193.233.10.0/23
IPv6:
2001:640::/32
Signature Algorithm: sha256WithRSAEncryption
81:25:e1:d2:53:37:57:42:56:88:be:d2:47:91:35:77:e6:e2:
90:89:a2:c2:0a:b9:e3:a3:a4:a9:f3:87:5d:cd:d5:3f:04:dc:
81:14:c7:31:4a:c1:6a:21:2f:02:de:a2:e0:a6:55:a8:02:7d:
08:cd:b9:49:e4:ea:fb:ec:88:94:35:6c:02:15:b5:31:e1:09:
92:66:89:22:2e:35:c4:79:bf:a5:2a:4e:1c:1b:bb:4b:af:ad:
c7:0f:6d:2f:82:c9:9c:db:da:0c:c9:14:f1:ab:eb:30:54:64:
2c:8b:62:89:76:ed:ce:c3:4c:dd:de:a3:60:20:68:20:c7:43:
71:b8:a9:7f:7b:12:3a:77:36:a7:d5:fb:9d:03:db:ad:7b:d4:
40:95:d6:7d:c7:4b:71:00:40:2e:2d:e2:0a:03:aa:e0:f1:0b:
e5:c8:37:47:b9:40:b5:df:96:68:06:78:65:74:85:8a:f9:e2:
c1:a1:ff:b4:fd:2a:49:f2:4b:4f:44:c6:65:65:93:01:1f:73:
1a:c0:a6:9b:df:22:34:bf:e7:86:9f:bc:11:02:30:c0:c4:78:
9b:b1:e3:94:aa:c4:f0:fd:a6:e6:88:10:cf:87:87:95:29:bf:
4e:89:e3:7d:5b:3f:ee:ad:d7:47:65:f8:7b:e9:88:4a:87:72:
88:af:fb:52
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYqNt9d3TcFABeAvvfQVp1AVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjMwOTEzMDg0NTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzYyM2UwZWJlZjU2MGRmZWZlYWQwOTY0MzY2MTViMWY2ZGRmOTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE7WBDa+P4hXa9q3KGJb454va38q
dnAiVR+I3dd4ijwGtLz9BsLH0hPBw10FYBjcxVQOQaHQmcPdVLFznTr333l34utb
WbCZkNtVnjY+Po9wxAPqeVKv0LcJj4288gXMkgU87BOyLxYsEQAu2iTUV5Z4wFuo
UPfCSc265W1WvOUlEcCcoIVWDURkmLpP1JnQ0BbUAhV3+9poYYZDoDm/nFyX+2uV
h4tbfKoE6geCmdQcPL0aqLUfAFugsbnGn+IgblAu+34k/IAVMBI5w5QGqxVTuQ8t
kD12NLFiN/GHDIVBNUaFOmtxEtRSsDL9hv9R3RFE2IWBynu/NccEl4GgPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFMxiPg6+9WDf7+rQlkNmFbH23fkjMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvekdJLURyNzFZTl92NnRDV1EyWVZzZmJkLVNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwMAky0DBAK5
Z2QwCwMDAMHpAwQAwekEAwQAwekIAwQBwekKMA0EAgACMAcDBQAgAQZAMA0GCSqG
SIb3DQEBCwUAA4IBAQCBJeHSUzdXQlaIvtJHkTV35uKQiaLCCrnjo6Sp84ddzdU/
BNyBFMcxSsFqIS8C3qLgplWoAn0IzblJ5Or77IiUNWwCFbUx4QmSZokiLjXEeb+l
Kk4cG7tLr63HD20vgsmc29oMyRTxq+swVGQsi2KJdu3Ow0zd3qNgIGggx0NxuKl/
exI6dzan1fudA9ute9RAldZ9x0txAEAuLeIKA6rg8QvlyDdHuUC135ZoBnhldIWK
+eLBof+0/SpJ8ktPRMZlZZMBH3MawKab3yI0v+eGn7wRAjDAxHibseOUqsTw/abm
iBDPh4eVKb9OieN9Wz/urddHZfh76YhKh3KIr/tS
-----END CERTIFICATE-----
Generated at Tue Oct 24 21:39:28 2023 by rpki-client on console-ams.rpki-client.org