Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/ZzG1TAI4BejPfXc5YZV5eoBI0QU.roa
File: ZzG1TAI4BejPfXc5YZV5eoBI0QU.roa (raw, json)
Hash identifier: nWJ5r8nxPUjIRGjfKMC3cLNwL2ZLriYDjFzNA6wmnxA=
Subject key identifier: 67:31:B5:4C:02:38:05:E8:CF:7D:77:39:61:95:79:7A:80:48:D1:05
Certificate issuer: /CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Certificate serial: 018571A785D57C7D02D48EF4E3D21449BCF7
Authority key identifier: 5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/ZzG1TAI4BejPfXc5YZV5eoBI0QU.roa
Signing time: Mon 02 Jan 2023 08:44:42 +0000
ROA not before: Mon 02 Jan 2023 08:44:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29588
IP address blocks: 91.247.248.0/22 maxlen: 22
91.247.248.0/24 maxlen: 24
91.247.249.0/24 maxlen: 24
91.247.250.0/24 maxlen: 24
91.247.251.0/24 maxlen: 24
213.108.136.0/24 maxlen: 24
213.108.137.0/24 maxlen: 24
213.108.136.0/21 maxlen: 21
213.108.138.0/24 maxlen: 24
213.108.139.0/24 maxlen: 24
213.108.142.0/24 maxlen: 24
213.108.143.0/24 maxlen: 24
213.108.140.0/24 maxlen: 24
213.108.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:a7:85:d5:7c:7d:02:d4:8e:f4:e3:d2:14:49:bc:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Validity
Not Before: Jan 2 08:44:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6731b54c023805e8cf7d77396195797a8048d105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:42:0f:75:bb:a8:6a:e4:c7:a1:2d:b8:06:3b:
58:2c:15:c0:cc:54:55:2c:29:dc:1b:4f:46:af:77:
59:2f:ac:d0:1b:e5:b5:f5:76:c6:66:4f:b8:02:3f:
2d:c6:e6:b0:58:3b:02:67:24:6e:cb:79:9a:0c:14:
ea:43:fb:92:64:c8:8c:d9:3c:9c:bb:22:67:fe:d3:
a8:44:eb:6d:a9:63:00:f2:75:32:66:70:af:2e:e6:
a5:86:1e:98:6b:22:64:5e:4d:61:a8:db:ea:24:d7:
1b:17:13:30:65:e3:0d:ab:db:9d:ce:a3:34:ee:cd:
9c:a0:c2:dc:5a:65:c9:8b:12:75:07:1d:7d:ba:52:
99:90:1e:60:68:ca:3e:53:60:a2:a4:a2:20:ee:85:
e1:c7:1a:95:60:9e:19:81:40:99:f2:b1:59:32:ea:
49:a2:04:84:2d:f3:c1:91:ae:b4:f3:45:05:a9:76:
12:60:13:a2:43:17:61:c6:b0:9d:5b:ef:36:07:00:
f3:18:b2:e6:05:06:27:a9:c6:79:ab:2f:e4:00:9b:
21:b0:22:67:35:91:25:e6:12:bd:ce:21:79:19:27:
01:37:f6:22:0c:d9:d8:1d:f1:e1:81:9b:16:e8:89:
12:5c:71:71:fc:ca:f7:86:f9:98:2b:ff:da:ee:a0:
9d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:31:B5:4C:02:38:05:E8:CF:7D:77:39:61:95:79:7A:80:48:D1:05
X509v3 Authority Key Identifier:
keyid:5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/ZzG1TAI4BejPfXc5YZV5eoBI0QU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/XL6eQwJOzGksM1OYuy2WcRaqwtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.248.0/22
213.108.136.0/21
Signature Algorithm: sha256WithRSAEncryption
64:77:07:e1:0a:1a:69:cf:74:a2:4c:ac:50:39:d9:ee:31:b6:
c6:6d:73:34:f9:63:95:eb:b1:27:eb:e7:eb:87:eb:f0:d5:a1:
60:40:5c:f6:6e:02:3d:bd:e3:81:c2:23:13:3b:d0:fb:b2:fc:
2b:e5:e9:7c:02:4d:8c:56:a6:a5:25:6c:f5:1f:bc:72:22:f8:
39:49:64:dd:97:96:b9:d2:b4:7f:a1:61:7f:d4:87:79:db:9b:
df:db:03:5c:34:96:33:6f:f7:5a:e3:40:8d:8f:d3:72:52:09:
ac:19:5f:82:3e:ad:0b:6c:27:ac:70:a4:df:38:40:1d:df:c8:
09:ff:cf:d5:35:30:5a:07:15:68:85:46:09:7b:f0:cd:6e:73:
03:b9:7e:9d:37:fa:01:f9:7f:6c:99:25:86:16:49:ee:21:81:
63:82:44:91:5d:16:c7:2a:d2:fe:27:2f:8e:2f:a6:f4:19:e6:
74:11:2d:b3:71:03:ed:8c:59:f1:53:49:dd:c2:0a:66:76:00:
77:40:f0:38:8d:50:45:7a:8e:dd:18:06:95:d4:70:d1:62:dd:
b9:4c:15:5e:d0:24:6e:c3:bf:0b:08:3f:06:1c:15:db:ff:5c:
6d:ce:12:af:86:c8:79:51:c7:18:43:3e:b8:ab:f7:db:4f:f7:
57:03:8c:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVxp4XVfH0C1I7049IUSbz3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmU5ZTQzMDI0ZWNjNjkyYzMzNTM5OGJiMmQ5NjcxMTZh
YWMyZDkwHhcNMjMwMTAyMDg0NDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzMxYjU0YzAyMzgwNWU4Y2Y3ZDc3Mzk2MTk1Nzk3YTgwNDhkMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiEIPdbuoauTHoS24BjtYLBXAzFRV
LCncG09Gr3dZL6zQG+W19XbGZk+4Aj8txuawWDsCZyRuy3maDBTqQ/uSZMiM2Tyc
uyJn/tOoROttqWMA8nUyZnCvLualhh6YayJkXk1hqNvqJNcbFxMwZeMNq9udzqM0
7s2coMLcWmXJixJ1Bx19ulKZkB5gaMo+U2CipKIg7oXhxxqVYJ4ZgUCZ8rFZMupJ
ogSELfPBka6080UFqXYSYBOiQxdhxrCdW+82BwDzGLLmBQYnqcZ5qy/kAJshsCJn
NZEl5hK9ziF5GScBN/YiDNnYHfHhgZsW6IkSXHFx/Mr3hvmYK//a7qCd2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGcxtUwCOAXoz313OWGVeXqASNEFMB8GA1UdIwQY
MBaAFFy+nkMCTsxpLDNTmLstlnEWqsLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5Zjct
MjhhNTZlYTVjZjBiLzEvWnpHMVRBSTRCZWpQZlhjNVlaVjVlb0JJMFFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5ZjctMjhhNTZlYTVjZjBi
LzEvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/f4AwQD
1WyIMA0GCSqGSIb3DQEBCwUAA4IBAQBkdwfhChppz3SiTKxQOdnuMbbGbXM0+WOV
67En6+frh+vw1aFgQFz2bgI9veOBwiMTO9D7svwr5el8Ak2MVqalJWz1H7xyIvg5
SWTdl5a50rR/oWF/1Id525vf2wNcNJYzb/da40CNj9NyUgmsGV+CPq0LbCescKTf
OEAd38gJ/8/VNTBaBxVohUYJe/DNbnMDuX6dN/oB+X9smSWGFknuIYFjgkSRXRbH
KtL+Jy+OL6b0GeZ0ES2zcQPtjFnxU0ndwgpmdgB3QPA4jVBFeo7dGAaV1HDRYt25
TBVe0CRuw78LCD8GHBXb/1xtzhKvhsh5UccYQz64q/fbT/dXA4wC
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:55 2024 by rpki-client on console-ams.rpki-client.org