Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zal8BTAKIvotQIyZxIDNuRSP24A.roa
File: zal8BTAKIvotQIyZxIDNuRSP24A.roa (raw, json)
Hash identifier: gGtnirbKb4EIsYtSkHzoytnMpAHOpFzNkqFtW/BBxnM=
Subject key identifier: CD:A9:7C:05:30:0A:22:FA:2D:40:8C:99:C4:80:CD:B9:14:8F:DB:80
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0191FF1FA2942C09B07843BA073367739230
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zal8BTAKIvotQIyZxIDNuRSP24A.roa
Signing time: Tue 17 Sep 2024 08:35:48 +0000
ROA not before: Tue 17 Sep 2024 08:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 188.190.0.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.2.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.190.4.0/24 maxlen: 24
188.190.5.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.190.7.0/24 maxlen: 24
188.190.8.0/24 maxlen: 24
188.190.9.0/24 maxlen: 24
188.190.11.0/24 maxlen: 24
188.190.12.0/24 maxlen: 24
188.190.13.0/24 maxlen: 24
188.190.14.0/24 maxlen: 24
188.190.15.0/24 maxlen: 24
188.190.16.0/24 maxlen: 24
188.190.17.0/24 maxlen: 24
188.190.18.0/24 maxlen: 24
188.190.19.0/24 maxlen: 24
188.190.20.0/24 maxlen: 24
188.190.21.0/24 maxlen: 24
188.190.22.0/24 maxlen: 24
188.190.23.0/24 maxlen: 24
188.190.24.0/24 maxlen: 24
188.190.25.0/24 maxlen: 24
188.190.26.0/24 maxlen: 24
188.190.27.0/24 maxlen: 24
188.190.28.0/24 maxlen: 24
188.190.29.0/24 maxlen: 24
188.190.30.0/24 maxlen: 24
188.190.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 07:06:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:1f:a2:94:2c:09:b0:78:43:ba:07:33:67:73:92:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Sep 17 08:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cda97c05300a22fa2d408c99c480cdb9148fdb80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:c2:fa:6f:85:5f:8e:da:cb:b1:77:60:08:9c:
a2:72:5e:34:48:01:29:88:d3:b6:32:e5:1e:a8:68:
99:59:ef:eb:ce:ea:10:de:71:be:ba:98:4c:de:a1:
09:1d:40:a6:33:99:0d:ea:13:90:9b:3e:b2:23:23:
9a:d0:85:38:39:b3:7c:a2:26:a3:56:2a:62:5c:eb:
8a:44:29:b3:eb:4e:c6:6a:b1:ed:94:4d:a3:d3:77:
a9:00:2c:d4:c9:b6:b6:b5:01:39:03:62:76:8a:2c:
02:04:5f:24:65:a1:39:f9:6d:c0:b1:a8:c8:d2:3d:
30:f5:9e:f1:6f:11:6b:27:8e:0a:59:71:b9:ee:8b:
aa:f6:5e:b8:e4:c9:14:db:52:54:b7:12:b4:0c:61:
de:d2:3a:fe:0b:fe:da:5a:96:11:74:05:68:32:0c:
53:3f:9c:f4:0a:fe:87:12:bb:2d:e5:e0:31:57:7e:
28:68:13:17:da:a7:b3:c1:d5:a7:f3:f7:d3:c6:aa:
2d:53:1c:dd:0a:f4:a1:a1:ea:2e:62:25:13:90:8c:
8f:33:75:0b:3a:90:92:ae:80:ca:25:d4:15:41:8f:
de:01:3e:f3:f9:85:0a:99:59:c8:fe:7e:e2:3f:e9:
0b:72:b6:ce:ca:00:1f:74:e4:37:6a:22:19:e4:0b:
a7:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A9:7C:05:30:0A:22:FA:2D:40:8C:99:C4:80:CD:B9:14:8F:DB:80
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zal8BTAKIvotQIyZxIDNuRSP24A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.0.0-188.190.9.255
188.190.11.0-188.190.31.255
Signature Algorithm: sha256WithRSAEncryption
3c:9b:e5:fd:59:09:25:ab:87:de:2b:24:6a:ff:71:99:51:bf:
7e:37:76:3e:cd:cf:3a:c2:43:66:04:32:c4:31:01:0b:09:e7:
0d:62:ac:3a:3f:96:14:0d:aa:cb:9d:ff:f9:50:ea:3d:c2:86:
bd:6c:11:34:d6:2a:90:6c:33:74:20:f7:70:93:2b:67:d2:14:
ba:7c:5e:9a:82:8d:11:46:a8:e9:e0:fe:7b:78:ab:8a:80:d3:
67:d0:f9:41:84:6e:9c:dd:da:8e:d5:90:59:4d:2f:20:fa:8f:
ac:42:af:7c:32:f1:eb:50:32:55:3d:8b:0e:f7:eb:20:d3:d8:
3c:4c:2f:99:7f:cd:7a:96:f0:a8:2d:e7:bb:4a:b3:3e:09:2a:
15:ef:35:a7:1a:ae:b3:01:22:44:96:1c:70:96:29:b0:b3:15:
cc:45:52:22:bf:f4:dc:4e:82:ea:b8:d0:67:d8:8d:74:69:3b:
be:75:3b:11:7d:0d:ab:25:01:4a:9f:58:54:d8:b7:4c:f8:22:
c6:dc:19:93:8d:36:04:5b:cd:58:59:b9:ef:66:0a:c7:7c:7c:
1d:e3:15:8d:38:e3:35:32:ba:16:c1:a0:d6:62:35:55:5a:bb:
d3:9b:a1:9a:77:24:a7:9f:b9:64:4e:88:c6:78:6d:37:f2:4d:
2f:e3:e0:2d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZH/H6KULAmweEO6BzNnc5IwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQwOTE3MDgzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE5N2MwNTMwMGEyMmZhMmQ0MDhjOTljNDgwY2RiOTE0OGZkYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAosL6b4VfjtrLsXdgCJyicl40SAEp
iNO2MuUeqGiZWe/rzuoQ3nG+uphM3qEJHUCmM5kN6hOQmz6yIyOa0IU4ObN8oiaj
VipiXOuKRCmz607GarHtlE2j03epACzUyba2tQE5A2J2iiwCBF8kZaE5+W3AsajI
0j0w9Z7xbxFrJ44KWXG57ouq9l645MkU21JUtxK0DGHe0jr+C/7aWpYRdAVoMgxT
P5z0Cv6HErst5eAxV34oaBMX2qezwdWn8/fTxqotUxzdCvShoeouYiUTkIyPM3UL
OpCSroDKJdQVQY/eAT7z+YUKmVnI/n7iP+kLcrbOygAfdOQ3aiIZ5AunFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM2pfAUwCiL6LUCMmcSAzbkUj9uAMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvemFsOEJUQUtJdm90UUl5WnhJRE51UlNQMjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbMAsDAwG8vgME
Aby+CDAMAwQAvL4LAwQFvL4AMA0GCSqGSIb3DQEBCwUAA4IBAQA8m+X9WQklq4fe
KyRq/3GZUb9+N3Y+zc86wkNmBDLEMQELCecNYqw6P5YUDarLnf/5UOo9woa9bBE0
1iqQbDN0IPdwkytn0hS6fF6ago0RRqjp4P57eKuKgNNn0PlBhG6c3dqO1ZBZTS8g
+o+sQq98MvHrUDJVPYsO9+sg09g8TC+Zf816lvCoLee7SrM+CSoV7zWnGq6zASJE
lhxwlimwsxXMRVIiv/TcToLquNBn2I10aTu+dTsRfQ2rJQFKn1hU2LdM+CLG3BmT
jTYEW81YWbnvZgrHfHwd4xWNOOM1MroWwaDWYjVVWrvTm6GadySnn7lkTojGeG03
8k0v4+At
-----END CERTIFICATE-----
Generated at Tue Oct 22 08:44:36 2024 by rpki-client on console-ams.rpki-client.org