Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/ZSyYYMK0fHPCZSCocFunZQnrVlk.roa
File: ZSyYYMK0fHPCZSCocFunZQnrVlk.roa (raw, json)
Hash identifier: UFbbfAXMZSBjO8tbdbPigoHz6kHDtlhDIccrGZ0FYLU=
Subject key identifier: 65:2C:98:60:C2:B4:7C:73:C2:65:20:A8:70:5B:A7:65:09:EB:56:59
Certificate issuer: /CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Certificate serial: 0185728C8F53DA7E92C798BD954F7863EC10
Authority key identifier: 01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/ZSyYYMK0fHPCZSCocFunZQnrVlk.roa
Signing time: Mon 02 Jan 2023 12:54:52 +0000
ROA not before: Mon 02 Jan 2023 12:54:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50369
IP address blocks: 195.200.86.0/23 maxlen: 23
89.46.168.0/22 maxlen: 22
89.46.172.0/22 maxlen: 22
185.135.64.0/24 maxlen: 24
194.150.216.0/23 maxlen: 23
185.135.66.0/23 maxlen: 23
185.135.65.0/24 maxlen: 24
188.241.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:8c:8f:53:da:7e:92:c7:98:bd:95:4f:78:63:ec:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0146b429f8c49611fcfea1efa1a51b9c0eddb6e7
Validity
Not Before: Jan 2 12:54:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=652c9860c2b47c73c26520a8705ba76509eb5659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1b:22:ae:0a:8e:e9:75:e4:c7:42:03:98:1e:
ab:0c:03:d5:ce:67:28:4a:a9:8c:02:98:91:35:d7:
0a:79:21:26:e5:a5:e5:ea:ff:35:68:0f:a1:56:28:
fd:fd:40:43:28:9d:8f:7c:63:eb:8b:bd:29:24:95:
ff:e4:7f:cc:e6:e7:b7:71:71:dd:72:44:c7:e1:c5:
97:3a:6b:fc:a8:d6:8f:a1:86:24:76:d1:8f:4c:29:
41:70:b8:0e:19:36:ee:38:99:90:f7:fb:48:52:9b:
28:f6:00:71:85:4c:9d:bd:27:a4:dc:7e:44:10:e9:
b3:26:94:f5:c4:00:18:17:e5:70:d4:95:3d:0f:ee:
dd:fa:16:65:10:6a:51:38:aa:12:55:5c:6b:17:dc:
a9:f4:51:03:5f:78:d4:89:58:5d:69:05:e3:51:42:
ac:7d:da:d1:7a:a5:c5:6d:1e:9d:a3:fd:6d:63:fd:
3b:37:d6:2a:6e:76:92:9f:39:d3:e4:a2:2a:0a:f0:
d5:02:59:7a:df:ef:19:ff:d5:9f:5f:04:73:58:29:
ff:2e:68:b9:fa:f5:cc:8f:af:db:be:f5:cc:55:f2:
fb:1c:5b:7b:df:d6:e9:43:c6:e9:cd:e9:c1:dc:98:
5a:24:20:cb:f4:d5:18:1b:03:98:c7:5f:98:0e:c8:
f2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2C:98:60:C2:B4:7C:73:C2:65:20:A8:70:5B:A7:65:09:EB:56:59
X509v3 Authority Key Identifier:
keyid:01:46:B4:29:F8:C4:96:11:FC:FE:A1:EF:A1:A5:1B:9C:0E:DD:B6:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AUa0KfjElhH8_qHvoaUbnA7dtuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/ZSyYYMK0fHPCZSCocFunZQnrVlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/e5e379-656d-4622-a7bc-ea26e746a0ad/1/AUa0KfjElhH8_qHvoaUbnA7dtuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.168.0/21
185.135.64.0/22
188.241.210.0/24
194.150.216.0/23
195.200.86.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:55:6f:bc:9e:93:c8:49:36:c6:40:bd:cd:6a:62:c8:56:06:
79:54:07:b9:fe:14:fb:d3:8e:9f:85:5d:e4:e9:fd:d3:63:ee:
7c:e2:39:97:4d:fd:49:d8:b3:52:4b:0e:20:a3:68:52:9c:85:
ff:40:57:0b:fb:54:40:7b:73:f4:00:63:26:dd:5d:80:58:c3:
c9:bf:c7:56:3c:fb:0e:a1:b6:74:6a:4f:51:fd:97:26:eb:20:
88:98:c3:32:b9:f7:bb:ae:cb:a4:80:b3:16:0a:89:78:0b:52:
36:63:9d:69:4e:ec:9f:c4:6b:8c:d2:bb:66:0a:da:c6:de:e4:
4c:d7:f6:bd:ed:c5:ae:9a:13:ef:9d:c5:43:f7:82:35:1c:45:
ba:f0:cf:d4:be:bf:d9:16:45:c9:a3:68:40:6e:fd:15:63:6e:
ef:eb:bd:18:3d:d9:23:67:75:ed:cd:43:8d:9d:45:5b:e1:a3:
44:69:77:b6:4f:ca:49:16:6e:40:9a:d6:39:d1:bc:2e:68:ca:
b7:59:5a:9d:3c:15:fd:26:46:ec:9e:c8:39:cf:6f:56:2f:9a:
d7:34:e9:7d:2e:3f:ce:10:1c:7f:3f:e6:b4:69:bd:3d:6d:f5:
9b:e3:76:8b:d2:17:28:67:cb:3a:78:b1:1f:2e:c9:04:de:24:
ed:ed:01:a4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVyjI9T2n6Sx5i9lU94Y+wQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNDZiNDI5ZjhjNDk2MTFmY2ZlYTFlZmExYTUxYjljMGVk
ZGI2ZTcwHhcNMjMwMTAyMTI1NDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJjOTg2MGMyYjQ3YzczYzI2NTIwYTg3MDViYTc2NTA5ZWI1NjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxsirgqO6XXkx0IDmB6rDAPVzmco
SqmMApiRNdcKeSEm5aXl6v81aA+hVij9/UBDKJ2PfGPri70pJJX/5H/M5ue3cXHd
ckTH4cWXOmv8qNaPoYYkdtGPTClBcLgOGTbuOJmQ9/tIUpso9gBxhUydvSek3H5E
EOmzJpT1xAAYF+Vw1JU9D+7d+hZlEGpROKoSVVxrF9yp9FEDX3jUiVhdaQXjUUKs
fdrReqXFbR6do/1tY/07N9YqbnaSnznT5KIqCvDVAll63+8Z/9WfXwRzWCn/Lmi5
+vXMj6/bvvXMVfL7HFt739bpQ8bpzenB3JhaJCDL9NUYGwOYx1+YDsjypwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGUsmGDCtHxzwmUgqHBbp2UJ61ZZMB8GA1UdIwQY
MBaAFAFGtCn4xJYR/P6h76GlG5wO3bbnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMt
ZWEyNmU3NDZhMGFkLzEvWlN5WVlNSzBmSFBDWlNDb2NGdW5aUW5yVmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC9lNWUzNzktNjU2ZC00NjIyLWE3YmMtZWEyNmU3NDZhMGFk
LzEvQVVhMEtmakVsaEg4X3FIdm9hVWJuQTdkdHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDWS6oAwQC
uYdAAwQAvPHSAwQBwpbYAwQBw8hWMA0GCSqGSIb3DQEBCwUAA4IBAQBrVW+8npPI
STbGQL3NamLIVgZ5VAe5/hT7046fhV3k6f3TY+584jmXTf1J2LNSSw4go2hSnIX/
QFcL+1RAe3P0AGMm3V2AWMPJv8dWPPsOobZ0ak9R/Zcm6yCImMMyufe7rsukgLMW
Col4C1I2Y51pTuyfxGuM0rtmCtrG3uRM1/a97cWumhPvncVD94I1HEW68M/Uvr/Z
FkXJo2hAbv0VY27v670YPdkjZ3XtzUONnUVb4aNEaXe2T8pJFm5AmtY50bwuaMq3
WVqdPBX9Jkbsnsg5z29WL5rXNOl9Lj/OEBx/P+a0ab09bfWb43aL0hcoZ8s6eLEf
LskE3iTt7QGk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:17 2024 by rpki-client on console-fra.rpki-client.org