Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ZsWaIeZA0aPqVl5d5DpnyAOwPNg.roa
File: ZsWaIeZA0aPqVl5d5DpnyAOwPNg.roa (raw, json)
Hash identifier: N6KZY+7mEoD235t9/20+yg+ewYfX6BlcjlqHyVYUnns=
Subject key identifier: 66:C5:9A:21:E6:40:D1:A3:EA:56:5E:5D:E4:3A:67:C8:03:B0:3C:D8
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018EE3A9EA5C4A20D38D13D91E33D9B31B99
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ZsWaIeZA0aPqVl5d5DpnyAOwPNg.roa
Signing time: Mon 15 Apr 2024 21:29:07 +0000
ROA not before: Mon 15 Apr 2024 21:29:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39249
IP address blocks: 95.164.12.0/22 maxlen: 22
95.164.15.0/24 maxlen: 24
95.164.71.0/24 maxlen: 24
195.149.96.0/24 maxlen: 24
195.214.212.0/24 maxlen: 24
2a01:d0:7fff::/48 maxlen: 48
2a01:d0:8000::/33 maxlen: 33
2a01:d0:ffff::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 16 Apr 2024 10:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e3:a9:ea:5c:4a:20:d3:8d:13:d9:1e:33:d9:b3:1b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Apr 15 21:29:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c59a21e640d1a3ea565e5de43a67c803b03cd8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:fa:96:3c:98:b5:84:1e:45:34:77:0f:cb:78:
ec:5f:93:53:a1:cd:41:8d:4a:a8:f2:fb:b3:ae:5f:
78:0f:29:a5:86:22:0d:2f:da:11:29:3e:69:a9:fd:
e2:4d:46:44:12:35:45:82:e0:68:47:d4:05:88:6c:
dc:a6:32:53:4c:62:c4:53:29:0c:65:13:71:f9:9f:
b9:5f:3a:79:ce:a0:b6:71:ab:3c:da:55:98:e7:44:
5c:21:d7:f4:be:0d:70:bd:a3:89:57:bb:8a:8e:32:
c7:b4:32:b3:7f:7c:c8:fc:de:49:88:97:cb:b8:35:
e0:cc:8d:17:58:ab:92:1f:8c:f7:b4:07:76:ea:bf:
7f:b5:80:19:9f:e2:d2:0c:4e:2b:53:7a:09:19:17:
0e:c7:fa:1f:e0:8c:7b:89:2c:06:91:5a:98:13:bf:
c7:7c:62:e7:5e:ea:d6:ba:f4:cd:ab:93:0d:51:c6:
31:39:ae:a0:e7:84:2d:44:bf:c9:cf:b1:a8:de:a6:
6e:38:6f:0b:95:34:f0:94:e6:63:60:fc:14:23:a1:
81:41:70:5a:7b:c3:7b:7c:cc:cb:ff:96:dc:d8:d7:
0c:90:c0:57:2f:0e:73:b7:d4:4c:36:99:c4:bd:f1:
52:63:ca:2b:7c:a0:d3:a2:b1:48:68:45:b1:b8:b6:
f9:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C5:9A:21:E6:40:D1:A3:EA:56:5E:5D:E4:3A:67:C8:03:B0:3C:D8
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/ZsWaIeZA0aPqVl5d5DpnyAOwPNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.12.0/22
95.164.71.0/24
195.149.96.0/24
195.214.212.0/24
IPv6:
2a01:d0:7fff::-2a01:d0:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
41:4b:0d:35:8c:c1:2b:d7:5a:22:87:c0:ce:98:dd:db:a5:39:
e0:3a:00:ec:ca:f6:a3:11:29:23:d6:2f:88:80:8c:2a:fa:b2:
d6:46:79:af:9d:67:ed:ff:0a:94:a0:85:29:28:f3:b9:41:45:
31:f2:7c:89:ba:8d:60:b6:60:c9:1d:d1:c4:c9:29:2d:9b:78:
3a:30:9f:7e:e8:9a:64:b7:4b:42:04:51:ad:5b:4e:79:5a:05:
1d:c0:72:59:d6:a7:7f:14:00:5a:54:68:14:b6:69:90:80:77:
58:a1:da:21:e0:db:7c:ec:7f:0e:57:35:d4:23:04:a6:b2:97:
85:41:81:50:bc:03:20:0a:ac:01:03:d9:c9:bf:83:32:6a:6e:
e2:15:97:2e:4d:75:c7:23:f7:03:b7:11:e9:2b:f2:50:17:4e:
6e:f2:e8:a5:5a:57:02:9b:56:9b:20:4e:b6:41:9a:c3:23:48:
f8:d8:86:0a:1a:cc:dc:69:fa:38:b7:6f:a2:bb:c8:14:59:57:
84:cb:23:f0:9c:d2:c5:27:e1:85:43:63:1f:02:fe:fc:ec:cb:
22:09:cf:31:ff:c4:5a:40:a6:f5:be:ac:43:9d:56:90:8b:39:
29:fb:35:9c:99:49:1d:9a:5e:f7:4e:1f:6d:1d:bc:7f:c5:44:
29:1a:52:2d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAY7jqepcSiDTjRPZHjPZsxuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwNDE1MjEyOTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmM1OWEyMWU2NDBkMWEzZWE1NjVlNWRlNDNhNjdjODAzYjAzY2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofqWPJi1hB5FNHcPy3jsX5NToc1B
jUqo8vuzrl94DymlhiINL9oRKT5pqf3iTUZEEjVFguBoR9QFiGzcpjJTTGLEUykM
ZRNx+Z+5Xzp5zqC2cas82lWY50RcIdf0vg1wvaOJV7uKjjLHtDKzf3zI/N5JiJfL
uDXgzI0XWKuSH4z3tAd26r9/tYAZn+LSDE4rU3oJGRcOx/of4Ix7iSwGkVqYE7/H
fGLnXurWuvTNq5MNUcYxOa6g54QtRL/Jz7Go3qZuOG8LlTTwlOZjYPwUI6GBQXBa
e8N7fMzL/5bc2NcMkMBXLw5zt9RMNpnEvfFSY8orfKDTorFIaEWxuLb5uwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGbFmiHmQNGj6lZeXeQ6Z8gDsDzYMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvWnNXYUllWkEwYVBxVmw1ZDVEcG55QU93UE5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQCX6QMAwQA
X6RHAwQAw5VgAwQAw9bUMBgEAgACMBIwEAMHACoBANB//wMFACoBANAwDQYJKoZI
hvcNAQELBQADggEBAEFLDTWMwSvXWiKHwM6Y3dulOeA6AOzK9qMRKSPWL4iAjCr6
stZGea+dZ+3/CpSghSko87lBRTHyfIm6jWC2YMkd0cTJKS2beDown37ommS3S0IE
Ua1bTnlaBR3AclnWp38UAFpUaBS2aZCAd1ih2iHg23zsfw5XNdQjBKayl4VBgVC8
AyAKrAED2cm/gzJqbuIVly5Ndccj9wO3Eekr8lAXTm7y6KVaVwKbVpsgTrZBmsMj
SPjYhgoazNxp+ji3b6K7yBRZV4TLI/Cc0sUn4YVDYx8C/vzsyyIJzzH/xFpApvW+
rEOdVpCLOSn7NZyZSR2aXvdOH20dvH/FRCkaUi0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:49 2024 by rpki-client on console-ams.rpki-client.org