Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ZiqQQMdzF79JWcAwW5gzwP85k0M.roa
File: ZiqQQMdzF79JWcAwW5gzwP85k0M.roa (raw, json)
Hash identifier: eMT1tbrsEJQjaoZ/xC+mn8haSYvL3HOZZC+fJEvZsKY=
Subject key identifier: 66:2A:90:40:C7:73:17:BF:49:59:C0:30:5B:98:33:C0:FF:39:93:43
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01926CC8CD05DCDFD5F0118CD22E4EE29F4D
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ZiqQQMdzF79JWcAwW5gzwP85k0M.roa
Signing time: Tue 08 Oct 2024 15:39:11 +0000
ROA not before: Tue 08 Oct 2024 15:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
193.24.208.0/22 maxlen: 22
194.24.160.0/24 maxlen: 24
2a00:1910::/29 maxlen: 29
2a12:5e41::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 10 Oct 2024 12:22:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6c:c8:cd:05:dc:df:d5:f0:11:8c:d2:2e:4e:e2:9f:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Oct 8 15:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=662a9040c77317bf4959c0305b9833c0ff399343
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:fc:8c:8c:34:02:21:25:12:5c:da:45:27:53:
3f:b4:e0:96:11:2f:9d:e5:77:77:55:3c:c7:60:20:
60:71:9e:4b:95:4f:fc:de:86:7c:7c:8c:45:3d:e2:
7a:64:bc:35:db:e1:54:c9:53:42:14:44:15:b0:6b:
ae:cf:eb:1f:c7:a7:70:78:4d:75:71:89:ca:70:66:
c1:d7:03:54:80:ba:78:b0:67:d5:88:82:d4:77:b3:
0c:d8:e1:c2:ab:52:86:8c:e2:77:87:03:0a:ab:0d:
82:2e:ae:cf:be:70:9b:85:1b:9e:db:cd:aa:aa:c1:
38:47:52:ab:b9:07:0b:48:0d:2f:03:22:45:69:c8:
d0:ec:d4:cb:3e:3c:35:f1:1f:32:c1:63:da:60:35:
e8:e4:aa:fb:d9:ac:f8:d7:fd:75:7a:4c:5f:dd:a1:
0c:f0:25:13:6c:ec:5f:eb:12:b7:69:6f:6a:0a:ef:
4e:7b:37:0c:d9:7b:5f:91:89:a2:02:fc:17:be:05:
ac:39:25:32:db:4d:3a:45:2e:df:30:2f:02:a9:00:
00:4c:d3:26:ae:8b:18:be:a1:b2:eb:08:44:cf:d8:
68:d5:47:5a:7a:26:cc:b3:98:3e:56:0a:ac:6d:6a:
da:07:98:ff:42:87:03:1b:84:fa:48:65:43:bd:36:
d8:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2A:90:40:C7:73:17:BF:49:59:C0:30:5B:98:33:C0:FF:39:93:43
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/ZiqQQMdzF79JWcAwW5gzwP85k0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0/24
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/29
2a12:5e41::/32
Signature Algorithm: sha256WithRSAEncryption
54:e0:7e:e6:bf:fe:40:b8:dd:49:59:bc:cc:f4:51:3b:f0:84:
68:e5:57:65:5e:c9:92:bf:59:e7:66:92:99:73:1e:c7:00:2b:
ac:46:58:48:c6:91:90:fb:d1:9b:ef:cf:7c:fb:94:5d:7a:3d:
af:fa:1d:2e:93:c9:6b:bc:f9:11:b1:21:c0:7f:67:54:0a:07:
9e:cc:08:56:f9:68:91:84:22:08:a6:a9:dd:8c:12:82:84:7b:
05:19:b2:54:c3:de:37:b3:4f:56:28:a5:c7:cd:78:cb:e4:0b:
cd:41:74:ba:64:3a:a3:fb:f5:6e:bc:cf:f9:d0:11:ca:78:92:
5b:d1:b4:55:f1:3a:f3:46:a2:19:70:99:c8:62:a3:98:3f:55:
95:92:74:c6:4c:ff:b2:c9:6c:8a:d7:aa:98:3d:dd:b8:5a:a2:
1a:92:72:a9:89:9a:41:2f:13:de:3d:e8:47:f6:14:37:61:a8:
b2:de:73:45:57:29:39:fc:e8:8a:c2:9b:c4:7c:53:20:98:b9:
8a:53:f8:33:3d:39:06:40:59:9c:49:54:51:79:88:de:29:65:
bf:53:89:ac:2a:df:2f:3e:d0:74:86:1e:71:84:7c:6e:8d:1a:
12:a0:09:39:e2:46:67:b9:87:d5:b1:15:b8:4f:8f:53:99:50:
3f:ab:75:33
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZJsyM0F3N/V8BGM0i5O4p9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjQxMDA4MTUzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJhOTA0MGM3NzMxN2JmNDk1OWMwMzA1Yjk4MzNjMGZmMzk5MzQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/yMjDQCISUSXNpFJ1M/tOCWES+d
5Xd3VTzHYCBgcZ5LlU/83oZ8fIxFPeJ6ZLw12+FUyVNCFEQVsGuuz+sfx6dweE11
cYnKcGbB1wNUgLp4sGfViILUd7MM2OHCq1KGjOJ3hwMKqw2CLq7PvnCbhRue282q
qsE4R1KruQcLSA0vAyJFacjQ7NTLPjw18R8ywWPaYDXo5Kr72az41/11ekxf3aEM
8CUTbOxf6xK3aW9qCu9OezcM2XtfkYmiAvwXvgWsOSUy2006RS7fMC8CqQAATNMm
rosYvqGy6whEz9ho1UdaeibMs5g+VgqsbWraB5j/QocDG4T6SGVDvTbYGQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGYqkEDHcxe/SVnAMFuYM8D/OZNDMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvWmlxUVFNZHpGNzlKV2NBd1c1Z3p3UDg1azBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQAWNYZAwQA
W+RlAwQCuTfwAwQCwRjQAwQAwhigMBQEAgACMA4DBQMqABkQAwUAKhJeQTANBgkq
hkiG9w0BAQsFAAOCAQEAVOB+5r/+QLjdSVm8zPRRO/CEaOVXZV7Jkr9Z52aSmXMe
xwArrEZYSMaRkPvRm+/PfPuUXXo9r/odLpPJa7z5EbEhwH9nVAoHnswIVvlokYQi
CKap3YwSgoR7BRmyVMPeN7NPViilx814y+QLzUF0umQ6o/v1brzP+dARyniSW9G0
VfE680aiGXCZyGKjmD9VlZJ0xkz/sslsiteqmD3duFqiGpJyqYmaQS8T3j3oR/YU
N2Gost5zRVcpOfzoisKbxHxTIJi5ilP4Mz05BkBZnElUUXmI3illv1OJrCrfLz7Q
dIYecYR8bo0aEqAJOeJGZ7mH1bEVuE+PU5lQP6t1Mw==
-----END CERTIFICATE-----
Generated at Thu Oct 10 16:08:16 2024 by rpki-client on console-fra.rpki-client.org