Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ZgWoepB13uAh1WDyuw3P-_Kc6w4.roa
File: ZgWoepB13uAh1WDyuw3P-_Kc6w4.roa (raw, json)
Hash identifier: nouPh6ku9mo2S/pWlHHUDn1OE7HjIGO0n0d/rHGwvWY=
Subject key identifier: 66:05:A8:7A:90:75:DE:E0:21:D5:60:F2:BB:0D:CF:FB:F2:9C:EB:0E
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018CF2E370415EECF3923E671C5A6E59A647
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ZgWoepB13uAh1WDyuw3P-_Kc6w4.roa
Signing time: Wed 10 Jan 2024 10:20:40 +0000
ROA not before: Wed 10 Jan 2024 10:20:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
195.180.224.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
194.163.192.0/20 maxlen: 20
195.180.196.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 Jan 2024 10:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f2:e3:70:41:5e:ec:f3:92:3e:67:1c:5a:6e:59:a6:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 10 10:20:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6605a87a9075dee021d560f2bb0dcffbf29ceb0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4e:58:10:6d:c7:75:92:b9:85:e6:59:7c:8a:
1b:d2:03:9a:92:67:95:22:ff:20:cb:ea:9b:73:f4:
5a:41:2b:bc:f9:e9:50:d7:ca:bf:e5:31:3a:95:a4:
ea:63:61:9c:ab:10:81:83:4d:67:70:27:c1:00:d7:
f4:1f:9f:1e:65:36:33:82:32:c9:5d:a0:92:02:48:
4a:e7:f2:a2:95:51:7c:50:88:42:31:a4:0a:7b:7b:
d5:b9:c9:5e:2f:30:d7:c9:62:0f:ee:0f:04:3e:e9:
77:6f:e9:87:dd:b7:b2:f4:10:9d:63:96:59:4b:ac:
99:dd:7a:13:2c:a8:5d:bb:b7:4f:ad:67:57:0a:2a:
17:04:c6:09:b0:de:42:e7:7f:80:c8:1a:c3:73:7d:
fb:d9:be:f2:76:1b:83:46:1e:bb:e8:bd:48:be:e6:
c0:8a:38:de:29:9c:e6:7b:3b:14:19:f2:4f:d8:a6:
81:a1:4d:f7:7b:9b:08:e7:b0:90:16:9a:9b:1a:c7:
97:8a:2b:a3:8f:01:c9:af:9c:3e:ce:bb:1a:00:a7:
43:56:91:72:2b:58:3a:2e:b0:d4:89:b2:66:bb:62:
e2:3f:2a:5a:86:52:a4:f0:8f:f9:e3:a6:7d:7e:3c:
87:8f:e8:0f:0c:8a:8b:56:0e:d7:ff:93:28:20:af:
b8:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:05:A8:7A:90:75:DE:E0:21:D5:60:F2:BB:0D:CF:FB:F2:9C:EB:0E
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/ZgWoepB13uAh1WDyuw3P-_Kc6w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.152.0/22
194.64.164.0/22
194.163.192.0/20
194.233.40.0/22
195.180.196.0/22
195.180.224.0/22
Signature Algorithm: sha256WithRSAEncryption
69:ac:1f:7d:c8:70:79:2b:58:7e:75:78:02:c2:4f:87:7e:55:
1c:30:a2:79:05:fb:4a:76:90:5b:36:24:5f:ea:20:6a:80:ef:
74:3e:5c:b0:47:00:e5:7f:5c:bd:bc:40:c3:06:c6:c7:0d:a2:
98:47:37:63:64:b4:3d:e4:a4:ed:2b:28:81:eb:96:81:85:d2:
a1:74:5b:24:5d:4d:51:8e:f6:25:a6:4a:a8:72:fd:2a:f1:36:
a2:fd:1f:17:4b:e9:2e:28:cc:b0:8e:48:95:42:3c:71:b9:1d:
28:ec:d4:b0:2b:61:b9:de:43:5a:a0:34:be:25:49:41:42:74:
63:e1:be:32:4a:54:ad:1b:94:7f:c6:4e:ea:dd:fa:14:28:72:
d3:74:db:12:27:c1:d2:21:77:f3:51:8b:c5:62:d5:c6:77:f6:
f8:79:87:36:77:b3:8f:ae:f5:2e:cd:23:cc:7d:19:94:de:6e:
4e:5f:76:7f:20:04:91:1b:88:6f:86:3b:a4:c6:49:7d:9f:7b:
46:26:3c:d3:d1:0a:38:b3:bc:8c:2b:8a:7a:3b:a0:42:be:8c:
2b:49:2b:a0:54:32:fc:a5:97:6e:31:d3:bd:2b:e3:e6:53:21:
94:64:e0:be:27:06:52:e8:33:25:4b:d6:08:80:d5:a9:b3:73:
cd:10:e7:f7
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzy43BBXuzzkj5nHFpuWaZHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjQwMTEwMTAyMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjA1YTg3YTkwNzVkZWUwMjFkNTYwZjJiYjBkY2ZmYmYyOWNlYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE5YEG3HdZK5heZZfIob0gOakmeV
Iv8gy+qbc/RaQSu8+elQ18q/5TE6laTqY2GcqxCBg01ncCfBANf0H58eZTYzgjLJ
XaCSAkhK5/KilVF8UIhCMaQKe3vVucleLzDXyWIP7g8EPul3b+mH3bey9BCdY5ZZ
S6yZ3XoTLKhdu7dPrWdXCioXBMYJsN5C53+AyBrDc3372b7ydhuDRh676L1IvubA
ijjeKZzmezsUGfJP2KaBoU33e5sI57CQFpqbGseXiiujjwHJr5w+zrsaAKdDVpFy
K1g6LrDUibJmu2LiPypahlKk8I/546Z9fjyHj+gPDIqLVg7X/5MoIK+4oQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGYFqHqQdd7gIdVg8rsNz/vynOsOMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvWmdXb2VwQjEzdUFoMVdEeXV3M1AtX0tjNnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCwkCYAwQC
wkCkAwQEwqPAAwQCwukoAwQCw7TEAwQCw7TgMA0GCSqGSIb3DQEBCwUAA4IBAQBp
rB99yHB5K1h+dXgCwk+HflUcMKJ5BftKdpBbNiRf6iBqgO90PlywRwDlf1y9vEDD
BsbHDaKYRzdjZLQ95KTtKyiB65aBhdKhdFskXU1RjvYlpkqocv0q8Tai/R8XS+ku
KMywjkiVQjxxuR0o7NSwK2G53kNaoDS+JUlBQnRj4b4ySlStG5R/xk7q3foUKHLT
dNsSJ8HSIXfzUYvFYtXGd/b4eYc2d7OPrvUuzSPMfRmU3m5OX3Z/IASRG4hvhjuk
xkl9n3tGJjzT0Qo4s7yMK4p6O6BCvowrSSugVDL8pZduMdO9K+PmUyGUZOC+JwZS
6DMlS9YIgNWps3PNEOf3
-----END CERTIFICATE-----
Generated at Thu Jan 25 14:57:31 2024 by rpki-client on console-fra.rpki-client.org