Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ZPUgfsW2h-gZU74FMne8YvCs4tU.roa
File: ZPUgfsW2h-gZU74FMne8YvCs4tU.roa (raw, json)
Hash identifier: 6fad33QYYK85Mw72IPPRfGokYouAnKjm2wEOZ7i9e1s=
Subject key identifier: 64:F5:20:7E:C5:B6:87:E8:19:53:BE:05:32:77:BC:62:F0:AC:E2:D5
Certificate issuer: /CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Certificate serial: 018571F0E44EFD42FDA8D00D592A77FAABFD
Authority key identifier: D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ZPUgfsW2h-gZU74FMne8YvCs4tU.roa
Signing time: Mon 02 Jan 2023 10:04:50 +0000
ROA not before: Mon 02 Jan 2023 10:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50736
IP address blocks: 193.124.116.0/24 maxlen: 24
185.25.152.0/22 maxlen: 22
193.124.134.0/24 maxlen: 24
193.124.48.0/24 maxlen: 24
193.124.54.0/24 maxlen: 24
194.58.78.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:f0:e4:4e:fd:42:fd:a8:d0:0d:59:2a:77:fa:ab:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3c8b10a38f81c64e201207bfc3544c2972af5f3
Validity
Not Before: Jan 2 10:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f5207ec5b687e81953be053277bc62f0ace2d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0a:9c:d3:cd:3d:36:6c:58:80:7e:7b:fe:2c:
02:a4:15:71:99:35:32:37:20:b8:bd:ee:20:52:f9:
d3:54:02:cb:85:32:f6:1d:b2:3a:17:f4:29:02:f7:
9e:5d:58:22:75:f4:7f:9f:ae:2f:23:ca:12:31:a9:
d9:14:57:78:06:a9:cf:52:d6:80:fe:a2:04:b9:21:
8e:46:67:61:89:c4:d7:03:b9:df:fd:41:51:cd:b8:
5e:82:30:82:ea:df:46:bc:ec:b8:1a:7f:38:29:d3:
43:4c:97:a5:b4:15:2f:6a:3a:88:8c:3c:05:a7:61:
45:62:61:19:bc:d0:34:ab:d6:86:c3:b6:42:b4:28:
96:65:0b:87:b7:f5:7d:31:d2:fe:3b:3a:97:58:78:
8b:06:20:76:ac:0e:75:b7:90:f0:21:14:ef:7f:61:
dc:b1:99:df:99:f2:91:5d:af:6f:34:6c:c7:bf:c7:
9b:ef:9d:cc:a8:53:62:6c:13:ea:88:fc:48:5f:78:
b9:82:ce:ef:1a:8e:0a:68:76:d4:01:fe:0c:5e:22:
d9:58:51:82:2e:cb:52:50:49:bf:8d:59:8d:f5:4f:
f3:14:05:42:e1:aa:13:dd:33:55:86:f2:29:5b:e2:
6b:6a:b3:63:4d:e8:7a:7c:50:c5:bd:1f:42:70:20:
11:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F5:20:7E:C5:B6:87:E8:19:53:BE:05:32:77:BC:62:F0:AC:E2:D5
X509v3 Authority Key Identifier:
keyid:D3:C8:B1:0A:38:F8:1C:64:E2:01:20:7B:FC:35:44:C2:97:2A:F5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08ixCjj4HGTiASB7_DVEwpcq9fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/ZPUgfsW2h-gZU74FMne8YvCs4tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/64d4d0-6c98-4eec-bba1-37aa35e69dc1/1/08ixCjj4HGTiASB7_DVEwpcq9fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.152.0/22
193.124.48.0/24
193.124.54.0/24
193.124.116.0/24
193.124.134.0/24
194.58.78.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:b0:e4:71:73:9f:3f:58:e7:56:05:fc:79:21:2a:19:d0:52:
7b:74:b3:2a:78:a3:47:75:fe:89:29:d7:5d:f4:82:e1:64:df:
d5:c2:16:b9:50:0d:4e:57:d4:b4:30:d0:26:6f:ba:36:d8:1a:
d9:0d:11:33:ba:26:1a:24:9c:e0:7d:e3:70:3d:61:77:fd:46:
df:4a:81:1e:00:5e:02:f4:e2:3a:c3:45:36:5d:72:ed:3d:f7:
82:5f:9c:3d:c9:10:f0:15:30:91:4b:8e:d1:6a:0a:da:32:15:
10:86:64:fe:81:b4:e7:af:6c:f9:96:c8:80:43:dc:e3:98:e9:
37:1a:7d:2d:32:08:06:41:c8:6f:65:75:04:f2:1b:57:74:2d:
56:f3:4a:c1:d4:36:37:53:86:04:14:60:f6:4e:85:1f:7b:9d:
5f:da:22:6e:64:53:03:d8:61:07:c6:7b:4d:dc:d4:f9:45:23:
67:09:1f:28:78:4e:7d:f7:87:de:95:a6:38:0d:ea:97:e6:11:
1f:ae:38:15:79:8b:92:c2:0e:f0:69:69:c6:0b:16:9d:7a:8e:
0c:1d:c4:1d:7b:7b:55:54:bf:dd:95:0e:3a:7a:d6:fe:0e:2a:
12:e1:89:7e:e0:2b:fe:3a:e1:7e:6f:be:d8:90:18:f1:2f:9b:
d0:e7:c8:bf
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYVx8ORO/UL9qNANWSp3+qv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzYzhiMTBhMzhmODFjNjRlMjAxMjA3YmZjMzU0NGMyOTcy
YWY1ZjMwHhcNMjMwMTAyMTAwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGY1MjA3ZWM1YjY4N2U4MTk1M2JlMDUzMjc3YmM2MmYwYWNlMmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Qqc0809NmxYgH57/iwCpBVxmTUy
NyC4ve4gUvnTVALLhTL2HbI6F/QpAveeXVgidfR/n64vI8oSManZFFd4BqnPUtaA
/qIEuSGORmdhicTXA7nf/UFRzbhegjCC6t9GvOy4Gn84KdNDTJeltBUvajqIjDwF
p2FFYmEZvNA0q9aGw7ZCtCiWZQuHt/V9MdL+OzqXWHiLBiB2rA51t5DwIRTvf2Hc
sZnfmfKRXa9vNGzHv8eb753MqFNibBPqiPxIX3i5gs7vGo4KaHbUAf4MXiLZWFGC
LstSUEm/jVmN9U/zFAVC4aoT3TNVhvIpW+JrarNjTeh6fFDFvR9CcCARjQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGT1IH7FtofoGVO+BTJ3vGLwrOLVMB8GA1UdIwQY
MBaAFNPIsQo4+Bxk4gEge/w1RMKXKvXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEt
MzdhYTM1ZTY5ZGMxLzEvWlBVZ2ZzVzJoLWdaVTc0Rk1uZThZdkNzNHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS82NGQ0ZDAtNmM5OC00ZWVjLWJiYTEtMzdhYTM1ZTY5ZGMx
LzEvMDhpeENqajRIR1RpQVNCN19EVkV3cGNxOWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCuRmYAwQA
wXwwAwQAwXw2AwQAwXx0AwQAwXyGAwQAwjpOMA0GCSqGSIb3DQEBCwUAA4IBAQDK
sORxc58/WOdWBfx5ISoZ0FJ7dLMqeKNHdf6JKddd9ILhZN/Vwha5UA1OV9S0MNAm
b7o22BrZDREzuiYaJJzgfeNwPWF3/UbfSoEeAF4C9OI6w0U2XXLtPfeCX5w9yRDw
FTCRS47RagraMhUQhmT+gbTnr2z5lsiAQ9zjmOk3Gn0tMggGQchvZXUE8htXdC1W
80rB1DY3U4YEFGD2ToUfe51f2iJuZFMD2GEHxntN3NT5RSNnCR8oeE5994felaY4
DeqX5hEfrjgVeYuSwg7waWnGCxadeo4MHcQde3tVVL/dlQ46etb+DioS4Yl+4Cv+
OuF+b77YkBjxL5vQ58i/
-----END CERTIFICATE-----
Generated at Tue Jan 2 04:22:13 2024 by rpki-client on console-fra.rpki-client.org