Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ZPf-P1_Z1-eAF2-X_0PLR4Rj7PI.roa
File: ZPf-P1_Z1-eAF2-X_0PLR4Rj7PI.roa (raw, json)
Hash identifier: Db0TKF47U7eFUiivrAeUp8dWZxV2DCMaxGkY8q/Jh4Q=
Subject key identifier: 64:F7:FE:3F:5F:D9:D7:E7:80:17:6F:97:FF:43:CB:47:84:63:EC:F2
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018C7BA57187F78F69480C53B51FDF2F3D3A
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ZPf-P1_Z1-eAF2-X_0PLR4Rj7PI.roa
Signing time: Mon 18 Dec 2023 06:38:09 +0000
ROA not before: Mon 18 Dec 2023 06:38:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 146.19.56.0/24 maxlen: 24
91.200.221.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
109.122.40.0/24 maxlen: 24
89.251.18.0/24 maxlen: 24
89.251.23.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
89.251.20.0/24 maxlen: 24
89.251.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Dec 2023 07:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:7b:a5:71:87:f7:8f:69:48:0c:53:b5:1f:df:2f:3d:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 18 06:38:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f7fe3f5fd9d7e780176f97ff43cb478463ecf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:e9:f7:05:d3:cb:8a:a9:4c:28:a0:73:d1:13:
84:09:e4:4b:d4:ca:7a:c4:fe:d4:cd:29:c9:67:b3:
25:7d:c4:77:ea:9c:2f:2e:e3:f6:71:ff:82:c1:87:
6b:b9:aa:36:12:65:cb:f5:54:54:db:96:40:67:f6:
9d:77:9a:4c:4a:97:f8:09:20:59:95:72:62:6e:b8:
b6:a3:7e:77:f4:fe:4f:75:02:11:c8:c7:0b:90:9b:
1b:8d:60:d1:de:a6:d9:22:dc:10:53:21:74:c3:b4:
af:4c:4f:b3:f1:a0:55:cb:fd:90:4e:ba:d0:28:6c:
41:d7:cb:c1:8d:22:8d:be:d0:74:d5:c1:ea:5a:61:
ab:46:41:d4:5a:83:aa:89:c5:27:40:55:96:63:7c:
59:6c:45:5d:d6:f9:20:14:6b:61:a0:ed:15:2b:2b:
34:05:44:b2:53:1e:bc:fa:83:54:6d:3a:e5:42:9c:
cb:a0:d3:98:88:4c:9f:97:50:d1:68:92:ab:6c:94:
98:d3:a0:c0:b9:f2:74:ad:0b:fc:cb:f7:d5:a1:8d:
59:cd:59:e6:f1:c2:ec:af:f3:6e:d5:18:d1:c1:fe:
37:c6:7b:ba:72:69:e8:a4:62:fa:3a:ee:03:23:92:
eb:d5:3e:86:23:ce:43:d4:77:92:9c:6a:1b:55:9b:
cc:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F7:FE:3F:5F:D9:D7:E7:80:17:6F:97:FF:43:CB:47:84:63:EC:F2
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/ZPf-P1_Z1-eAF2-X_0PLR4Rj7PI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.18.0/24
89.251.20.0/24
89.251.22.0/23
89.251.31.0/24
91.200.221.0/24
109.122.40.0/24
109.122.44.0/24
146.19.56.0/24
Signature Algorithm: sha256WithRSAEncryption
08:80:ef:b6:87:c2:ef:9a:40:f8:09:a4:9d:f2:00:f9:45:5c:
a4:ee:b7:77:03:3f:93:1d:83:9f:86:9f:82:ae:73:e6:ba:af:
4c:d0:ef:77:37:7a:ed:3b:89:1d:b4:dc:2d:f6:3e:89:a1:68:
41:e4:24:b7:b3:ab:d3:d3:8a:5a:84:44:be:c6:cb:63:61:dd:
35:f0:b7:23:33:75:97:ed:3f:f0:9f:4c:b3:f2:78:03:d4:55:
62:a5:49:00:5a:0a:c6:75:2e:90:03:b1:4b:f4:1a:9e:7e:e0:
bd:ab:08:f1:e8:98:bc:ab:d9:56:5b:21:b1:90:d8:9d:0d:fb:
92:46:b0:4a:be:57:96:d5:43:0b:e0:88:fb:b6:f6:98:71:40:
54:4f:69:97:b6:a2:9d:6d:a2:37:2e:1c:66:95:89:50:de:88:
b0:e0:1e:6f:74:76:60:aa:20:ca:36:45:3b:94:12:3f:15:81:
12:6f:ec:63:4e:1e:b2:f0:eb:e5:36:fd:79:f6:2f:34:98:43:
a4:21:ab:81:1e:29:ad:e5:90:50:c4:8a:04:75:e6:78:6f:e6:
31:1e:27:29:7e:70:3c:cb:eb:49:1f:20:6a:ff:5a:af:5d:e8:
4e:17:02:dc:62:c2:dc:80:61:99:80:2e:8e:d7:ed:ce:76:cf:
09:c6:b6:1e
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYx7pXGH949pSAxTtR/fLz06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjMxMjE4MDYzODA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGY3ZmUzZjVmZDlkN2U3ODAxNzZmOTdmZjQzY2I0Nzg0NjNlY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuun3BdPLiqlMKKBz0ROECeRL1Mp6
xP7UzSnJZ7MlfcR36pwvLuP2cf+CwYdruao2EmXL9VRU25ZAZ/add5pMSpf4CSBZ
lXJibri2o3539P5PdQIRyMcLkJsbjWDR3qbZItwQUyF0w7SvTE+z8aBVy/2QTrrQ
KGxB18vBjSKNvtB01cHqWmGrRkHUWoOqicUnQFWWY3xZbEVd1vkgFGthoO0VKys0
BUSyUx68+oNUbTrlQpzLoNOYiEyfl1DRaJKrbJSY06DAufJ0rQv8y/fVoY1ZzVnm
8cLsr/Nu1RjRwf43xnu6cmnopGL6Ou4DI5Lr1T6GI85D1HeSnGobVZvMFQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGT3/j9f2dfngBdvl/9Dy0eEY+zyMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvWlBmLVAxX1oxLWVBRjItWF8wUExSNFJqN1BJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWfsSAwQA
WfsUAwQBWfsWAwQAWfsfAwQAW8jdAwQAbXooAwQAbXosAwQAkhM4MA0GCSqGSIb3
DQEBCwUAA4IBAQAIgO+2h8LvmkD4CaSd8gD5RVyk7rd3Az+THYOfhp+CrnPmuq9M
0O93N3rtO4kdtNwt9j6JoWhB5CS3s6vT04pahES+xstjYd018LcjM3WX7T/wn0yz
8ngD1FVipUkAWgrGdS6QA7FL9BqefuC9qwjx6Ji8q9lWWyGxkNidDfuSRrBKvleW
1UML4Ij7tvaYcUBUT2mXtqKdbaI3LhxmlYlQ3oiw4B5vdHZgqiDKNkU7lBI/FYES
b+xjTh6y8OvlNv159i80mEOkIauBHimt5ZBQxIoEdeZ4b+YxHicpfnA8y+tJHyBq
/1qvXehOFwLcYsLcgGGZgC6O1+3Ods8JxrYe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:36 2024 by rpki-client on console-fra.rpki-client.org