Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/kz4CA6zS965RmwmPT-HuFGJkbAA.roa
File: kz4CA6zS965RmwmPT-HuFGJkbAA.roa (raw, json)
Hash identifier: 7a1bawTMA2rxbr6GSrTQafFPQUUm9TApJZHokYIG2mg=
Subject key identifier: 93:3E:02:03:AC:D2:F7:AE:51:9B:09:8F:4F:E1:EE:14:62:64:6C:00
Certificate issuer: /CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Certificate serial: 01888F8F47C2DC367D8AD0A6DCA533865254
Authority key identifier: 34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/kz4CA6zS965RmwmPT-HuFGJkbAA.roa
Signing time: Tue 06 Jun 2023 07:15:11 +0000
ROA not before: Tue 06 Jun 2023 07:15:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 6762
IP address blocks: 213.144.160.0/19 maxlen: 19
185.100.112.0/22 maxlen: 22
149.3.176.0/21 maxlen: 21
176.115.184.0/22 maxlen: 22
93.186.128.0/21 maxlen: 24
93.186.136.0/22 maxlen: 22
195.22.192.0/19 maxlen: 24
5.178.40.0/21 maxlen: 24
185.70.200.0/22 maxlen: 22
89.221.32.0/20 maxlen: 20
79.140.80.0/20 maxlen: 24
2001:41a8::/32 maxlen: 64
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:29:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:8f:8f:47:c2:dc:36:7d:8a:d0:a6:dc:a5:33:86:52:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=340bea3fcc3cbcedc82919cf57c74108baea369e
Validity
Not Before: Jun 6 07:15:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=933e0203acd2f7ae519b098f4fe1ee1462646c00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ce:90:76:8d:0b:81:b1:81:66:8b:90:fb:d6:
c5:6c:69:0c:3f:ee:28:ce:c0:bb:10:58:ee:b2:92:
53:27:c6:d2:07:1f:52:df:34:c5:bf:48:e0:f2:14:
8b:67:d9:6f:72:af:60:79:a3:c0:c2:84:36:b0:3c:
b1:28:e7:8f:ff:01:ff:28:6c:fb:e3:e5:5d:5c:07:
9b:6c:bf:f7:4e:5d:24:f3:f5:02:68:a0:9a:89:23:
90:1f:49:a4:d2:e5:0e:e8:eb:90:04:43:96:ef:a0:
64:a0:4a:30:a8:0d:7f:76:f0:bf:84:67:61:89:1c:
0e:67:e9:64:5d:27:32:8d:25:28:af:0b:1f:ad:7d:
31:19:c6:fb:84:65:74:93:87:ea:d2:b3:0b:a7:15:
2d:ab:9b:fa:6e:5b:e5:49:19:a7:2c:16:c9:ea:20:
9a:8f:78:bc:a0:33:f1:f7:1b:36:52:91:02:7a:9b:
bd:bb:80:6a:53:01:b7:b7:e3:7c:36:6e:86:a0:1f:
77:5a:77:ab:3c:a2:37:72:56:f6:e4:96:fb:7c:96:
f8:4b:da:ad:8f:2a:ed:17:54:4e:82:54:41:2c:7a:
c3:da:eb:c2:10:e1:20:e5:6f:88:da:e5:91:ed:d2:
d4:c8:29:56:e8:55:63:06:99:a1:15:29:73:71:aa:
37:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:3E:02:03:AC:D2:F7:AE:51:9B:09:8F:4F:E1:EE:14:62:64:6C:00
X509v3 Authority Key Identifier:
keyid:34:0B:EA:3F:CC:3C:BC:ED:C8:29:19:CF:57:C7:41:08:BA:EA:36:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAvqP8w8vO3IKRnPV8dBCLrqNp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/kz4CA6zS965RmwmPT-HuFGJkbAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ecda3d-a2db-4908-862f-111056369a23/1/NAvqP8w8vO3IKRnPV8dBCLrqNp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.40.0/21
79.140.80.0/20
89.221.32.0/20
93.186.128.0-93.186.139.255
149.3.176.0/21
176.115.184.0/22
185.70.200.0/22
185.100.112.0/22
195.22.192.0/19
213.144.160.0/19
IPv6:
2001:41a8::/32
Signature Algorithm: sha256WithRSAEncryption
64:59:51:63:1b:57:81:7a:12:6a:81:48:7f:ee:ab:cc:55:31:
27:7b:c9:8e:45:8e:72:30:47:99:75:f9:89:f2:54:c7:c7:64:
cb:0c:be:a3:fa:43:a3:db:e5:ae:39:b9:41:ea:13:80:59:32:
60:6e:22:9a:7f:11:b2:99:79:8e:fa:37:b4:92:c0:36:7b:96:
73:79:db:4e:28:41:b5:65:b9:4c:6d:73:bf:ab:68:14:5d:e7:
a6:d1:52:ed:89:ae:73:5e:80:f4:ee:cf:19:c7:e9:a6:d4:14:
8c:7a:77:85:95:e8:e6:4f:74:ef:bd:da:f7:5c:cb:2a:a3:16:
1a:44:e3:bf:11:02:f0:01:28:c2:31:73:1a:80:c6:d5:9c:03:
43:14:64:0b:2c:5a:7f:d9:9d:30:79:2b:9f:fc:23:73:4d:36:
93:ee:52:b5:1d:96:02:f3:26:be:2d:84:b2:a2:23:b0:a2:f3:
ea:9e:4f:67:ca:02:49:2b:e7:7c:57:d4:12:8e:66:40:e4:19:
96:2a:9d:07:70:36:c0:88:e5:d0:73:24:6d:ac:b0:09:e8:23:
0d:be:52:c3:32:ca:74:a5:e2:0b:9b:0c:89:35:0b:bb:f9:37:
f9:b4:86:4d:5d:25:cf:74:1d:76:a6:1a:78:0a:9a:a1:c2:54:
50:e4:1a:3a
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYiPj0fC3DZ9itCm3KUzhlJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0MGJlYTNmY2MzY2JjZWRjODI5MTljZjU3Yzc0MTA4YmFl
YTM2OWUwHhcNMjMwNjA2MDcxNTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzNlMDIwM2FjZDJmN2FlNTE5YjA5OGY0ZmUxZWUxNDYyNjQ2YzAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2M6Qdo0LgbGBZouQ+9bFbGkMP+4o
zsC7EFjuspJTJ8bSBx9S3zTFv0jg8hSLZ9lvcq9geaPAwoQ2sDyxKOeP/wH/KGz7
4+VdXAebbL/3Tl0k8/UCaKCaiSOQH0mk0uUO6OuQBEOW76BkoEowqA1/dvC/hGdh
iRwOZ+lkXScyjSUorwsfrX0xGcb7hGV0k4fq0rMLpxUtq5v6blvlSRmnLBbJ6iCa
j3i8oDPx9xs2UpECepu9u4BqUwG3t+N8Nm6GoB93WnerPKI3clb25Jb7fJb4S9qt
jyrtF1ROglRBLHrD2uvCEOEg5W+I2uWR7dLUyClW6FVjBpmhFSlzcao3+QIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFJM+AgOs0veuUZsJj0/h7hRiZGwAMB8GA1UdIwQY
MBaAFDQL6j/MPLztyCkZz1fHQQi66jaeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYt
MTExMDU2MzY5YTIzLzEva3o0Q0E2elM5NjVSbXdtUFQtSHVGR0prYkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9lY2RhM2QtYTJkYi00OTA4LTg2MmYtMTExMDU2MzY5YTIz
LzEvTkF2cVA4dzh2TzNJS1JuUFY4ZEJDTHJxTnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQDBbIoAwQE
T4xQAwQEWd0gMAwDBAdduoADBAJduogDBAOVA7ADBAKwc7gDBAK5RsgDBAK5ZHAD
BAXDFsADBAXVkKAwDQQCAAIwBwMFACABQagwDQYJKoZIhvcNAQELBQADggEBAGRZ
UWMbV4F6EmqBSH/uq8xVMSd7yY5FjnIwR5l1+YnyVMfHZMsMvqP6Q6Pb5a45uUHq
E4BZMmBuIpp/EbKZeY76N7SSwDZ7lnN5204oQbVluUxtc7+raBRd56bRUu2JrnNe
gPTuzxnH6abUFIx6d4WV6OZPdO+92vdcyyqjFhpE478RAvABKMIxcxqAxtWcA0MU
ZAssWn/ZnTB5K5/8I3NNNpPuUrUdlgLzJr4thLKiI7Ci8+qeT2fKAkkr53xX1BKO
ZkDkGZYqnQdwNsCI5dBzJG2ssAnoIw2+UsMyynSl4gubDIk1C7v5N/m0hk1dJc90
HXamGngKmqHCVFDkGjo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:53 2024 by rpki-client on console-fra.rpki-client.org