Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZhxwfeL27AIMKaeuyIjJ4WXuP3Y.roa
File: ZhxwfeL27AIMKaeuyIjJ4WXuP3Y.roa (raw, json)
Hash identifier: Jwgsb7RDvC9ZYiDFev8ob46flS9k2lCdskhM9VYx2cU=
Subject key identifier: 66:1C:70:7D:E2:F6:EC:02:0C:29:A7:AE:C8:88:C9:E1:65:EE:3F:76
Certificate issuer: /CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Certificate serial: 01864B409BB80E05BCDEBE321AE0C18989D6
Authority key identifier: 4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZhxwfeL27AIMKaeuyIjJ4WXuP3Y.roa
Signing time: Mon 13 Feb 2023 14:49:30 +0000
ROA not before: Mon 13 Feb 2023 14:49:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 2856
IP address blocks: 85.8.160.0/22 maxlen: 22
147.78.68.0/22 maxlen: 22
5.133.124.0/22 maxlen: 22
193.187.132.0/22 maxlen: 22
83.171.244.0/22 maxlen: 22
193.187.140.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 23 Mar 2023 13:42:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:4b:40:9b:b8:0e:05:bc:de:be:32:1a:e0:c1:89:89:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f9509b33da55f3e5d5283eb621d0d35d7aeed5c
Validity
Not Before: Feb 13 14:49:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=661c707de2f6ec020c29a7aec888c9e165ee3f76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:06:e9:2d:d7:e3:bc:d2:a1:23:49:9b:a7:b5:
15:5d:7e:4d:b8:91:19:7b:33:37:59:11:3b:84:40:
4e:a9:c5:59:9a:41:59:2c:4e:e6:2f:76:06:7d:02:
85:6b:ae:f1:b2:00:a2:61:02:ae:a9:fc:72:ea:f4:
e7:09:e0:e5:5c:00:0a:f9:71:a0:d5:42:92:49:9d:
23:aa:23:61:b6:1d:e4:5b:75:69:d5:77:8a:b2:ea:
d0:fb:0e:c8:dc:1a:39:33:db:87:e1:c3:ba:ec:44:
b4:cf:a1:83:37:af:89:02:c5:91:f9:e4:3a:6a:a7:
a7:37:cd:dd:bc:df:18:13:30:84:e2:31:38:7d:08:
ec:ae:46:ca:3d:dc:02:cd:e8:cf:50:dd:ab:fd:1f:
3e:e7:a7:ad:8f:55:fb:9e:8b:79:81:9c:bb:74:b2:
34:4a:18:60:ad:e5:c6:3b:03:11:ee:41:3e:c2:a5:
a8:c3:1e:b4:ea:55:85:f3:36:51:77:3c:f0:cf:a3:
18:41:f1:1b:85:72:81:e7:35:fc:7a:8a:b2:ca:f9:
64:c4:65:ee:93:6b:66:3f:1b:5f:39:78:f5:57:28:
e4:0f:f8:7d:a5:14:ee:d5:f4:79:7e:fb:9c:07:90:
33:e4:f4:25:1f:7a:ff:0f:ae:c3:08:8f:c6:e7:67:
11:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1C:70:7D:E2:F6:EC:02:0C:29:A7:AE:C8:88:C9:E1:65:EE:3F:76
X509v3 Authority Key Identifier:
keyid:4F:95:09:B3:3D:A5:5F:3E:5D:52:83:EB:62:1D:0D:35:D7:AE:ED:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/ZhxwfeL27AIMKaeuyIjJ4WXuP3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/6fc1bc-a5f8-42a8-95e4-60107e2b5109/1/T5UJsz2lXz5dUoPrYh0NNdeu7Vw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.124.0/22
83.171.244.0/22
85.8.160.0/22
147.78.68.0/22
193.187.132.0/22
193.187.140.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:3c:2d:9e:da:28:5c:1f:e2:a8:62:42:6f:24:16:84:27:2e:
a7:c6:d8:c1:1b:de:97:58:48:0b:0f:4b:e2:ee:0c:73:59:b1:
96:64:f9:b3:94:2b:d5:4f:7e:43:83:d6:fb:11:b3:ee:c2:2a:
9e:33:14:2c:41:7f:71:d0:a6:c7:ec:42:3e:40:da:8a:40:2e:
6d:5a:ce:9c:1a:05:07:9e:ea:5d:f0:b9:66:c7:c4:21:d2:d2:
b7:b0:81:4d:29:38:26:e1:f3:1c:70:65:a7:29:34:ae:ee:a0:
e5:13:df:fa:a2:0c:30:22:01:f4:58:03:f4:6a:38:1f:0a:45:
42:d0:9e:fc:57:20:65:72:20:9f:a3:77:80:99:2d:d1:a8:69:
14:3b:0f:a5:89:40:b1:69:ed:4a:5d:30:c8:9e:43:e6:2c:89:
b1:29:c1:ef:77:04:fb:42:4f:ba:04:f9:04:aa:74:68:72:d9:
6f:bc:dc:07:12:5f:a9:cf:9d:52:a4:27:73:13:dd:3a:5b:42:
30:c9:44:23:cb:77:d1:ef:42:22:82:ca:a2:34:85:71:b6:71:
92:4d:7c:d5:13:3e:63:ce:76:80:a6:de:9b:c9:f0:48:2b:a5:
be:b8:d9:24:45:59:a2:4e:f0:ff:7c:49:e8:58:31:e5:04:f1:
58:5a:1e:f8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYZLQJu4DgW83r4yGuDBiYnWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTUwOWIzM2RhNTVmM2U1ZDUyODNlYjYyMWQwZDM1ZDdh
ZWVkNWMwHhcNMjMwMjEzMTQ0OTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFjNzA3ZGUyZjZlYzAyMGMyOWE3YWVjODg4YzllMTY1ZWUzZjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwbpLdfjvNKhI0mbp7UVXX5NuJEZ
ezM3WRE7hEBOqcVZmkFZLE7mL3YGfQKFa67xsgCiYQKuqfxy6vTnCeDlXAAK+XGg
1UKSSZ0jqiNhth3kW3Vp1XeKsurQ+w7I3Bo5M9uH4cO67ES0z6GDN6+JAsWR+eQ6
aqenN83dvN8YEzCE4jE4fQjsrkbKPdwCzejPUN2r/R8+56etj1X7not5gZy7dLI0
ShhgreXGOwMR7kE+wqWowx606lWF8zZRdzzwz6MYQfEbhXKB5zX8eoqyyvlkxGXu
k2tmPxtfOXj1VyjkD/h9pRTu1fR5fvucB5Az5PQlH3r/D67DCI/G52cR4QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGYccH3i9uwCDCmnrsiIyeFl7j92MB8GA1UdIwQY
MBaAFE+VCbM9pV8+XVKD62IdDTXXru1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQt
NjAxMDdlMmI1MTA5LzEvWmh4d2ZlTDI3QUlNS2FldXlJako0V1h1UDNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi82ZmMxYmMtYTVmOC00MmE4LTk1ZTQtNjAxMDdlMmI1MTA5
LzEvVDVVSnN6MmxYejVkVW9QclloME5OZGV1N1Z3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCBYV8AwQC
U6v0AwQCVQigAwQCk05EAwQCwbuEAwQCwbuMMA0GCSqGSIb3DQEBCwUAA4IBAQBK
PC2e2ihcH+KoYkJvJBaEJy6nxtjBG96XWEgLD0vi7gxzWbGWZPmzlCvVT35Dg9b7
EbPuwiqeMxQsQX9x0KbH7EI+QNqKQC5tWs6cGgUHnupd8Llmx8Qh0tK3sIFNKTgm
4fMccGWnKTSu7qDlE9/6ogwwIgH0WAP0ajgfCkVC0J78VyBlciCfo3eAmS3RqGkU
Ow+liUCxae1KXTDInkPmLImxKcHvdwT7Qk+6BPkEqnRoctlvvNwHEl+pz51SpCdz
E906W0IwyUQjy3fR70IigsqiNIVxtnGSTXzVEz5jznaApt6byfBIK6W+uNkkRVmi
TvD/fEnoWDHlBPFYWh74
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:58:49 2024 by rpki-client on console-ams.rpki-client.org