Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/iz3_NazMaJHN8h7g2Y9ypX3TPHc.roa
File: iz3_NazMaJHN8h7g2Y9ypX3TPHc.roa (raw, json)
Hash identifier: hVE13qFgQ/fhR91/s02BeQ3IPfleTdBpVTWDJlZcgCM=
Subject key identifier: 8B:3D:FF:35:AC:CC:68:91:CD:F2:1E:E0:D9:8F:72:A5:7D:D3:3C:77
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 018B2459F0A54EF842C1F8C845719036AE5F
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/iz3_NazMaJHN8h7g2Y9ypX3TPHc.roa
Signing time: Thu 12 Oct 2023 14:45:55 +0000
ROA not before: Thu 12 Oct 2023 14:45:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8359
IP address blocks: 212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
178.141.0.0/16 maxlen: 16
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
213.87.105.0/24 maxlen: 24
213.87.100.0/24 maxlen: 24
213.87.128.0/19 maxlen: 19
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
195.34.0.0/19 maxlen: 19
213.87.240.0/22 maxlen: 22
195.34.15.0/24 maxlen: 24
213.87.244.0/23 maxlen: 23
213.87.248.0/22 maxlen: 22
213.87.160.0/22 maxlen: 22
82.96.192.0/18 maxlen: 18
195.34.38.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a02:28:1::/48 maxlen: 48
2a00:1fa2::/33 maxlen: 33
2a02:28::/29 maxlen: 29
2a00:1fa3::/33 maxlen: 33
2a00:1fa0::/29 maxlen: 29
2a02:28::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 05 Dec 2023 15:56:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:24:59:f0:a5:4e:f8:42:c1:f8:c8:45:71:90:36:ae:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Oct 12 14:45:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8b3dff35accc6891cdf21ee0d98f72a57dd33c77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fb:28:62:cf:9c:0b:ff:3f:5c:3a:e3:34:44:
3a:9d:38:b8:ae:76:d7:9b:45:30:c2:70:00:65:5e:
1c:6f:8a:8c:a4:3c:61:36:4a:e3:40:d2:bc:1f:13:
b1:3c:a3:e8:8c:dc:2a:7c:c7:73:9a:33:1e:27:d3:
c6:2b:b5:48:af:e2:4a:3b:5d:eb:a3:65:e1:aa:79:
29:55:80:c1:63:64:e3:89:6f:ce:21:e3:ec:eb:71:
14:4b:7d:2e:0e:ba:58:fd:56:bf:ec:ec:5c:4f:fb:
33:4a:8c:a7:5f:ca:32:05:c6:ed:5a:84:71:ba:37:
e3:a7:bd:c1:64:4f:ca:dc:06:2a:d7:9b:e9:1e:da:
63:84:d5:ff:81:e9:9a:c8:34:4f:82:d3:27:5f:33:
55:cc:5b:d8:96:39:2b:e2:66:b1:21:62:c5:10:9e:
19:8b:12:1b:24:5d:9f:20:3d:52:a2:27:c0:dd:b9:
33:58:8a:86:e1:01:d6:19:d9:9a:6a:29:99:0e:3c:
86:ca:17:f8:69:d4:ea:3c:f0:49:e3:fe:a2:f5:3b:
8d:2a:91:22:be:34:26:d3:30:f4:9c:ba:55:cd:dd:
7d:a3:63:9b:a2:c6:96:1d:fc:80:13:e2:39:4b:a6:
bc:03:73:35:ad:56:5d:44:bc:2b:44:0f:69:d1:64:
f6:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:3D:FF:35:AC:CC:68:91:CD:F2:1E:E0:D9:8F:72:A5:7D:D3:3C:77
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/iz3_NazMaJHN8h7g2Y9ypX3TPHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.192.0/18
178.141.0.0/16
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
29:ae:c3:36:cc:c2:a0:ba:7a:bc:3b:bd:22:d8:2f:4c:83:4d:
a9:af:59:06:0d:25:4f:b7:f7:fd:a3:56:14:b1:2e:02:1c:29:
f0:72:5d:df:a7:20:0c:e9:dd:b8:33:12:d2:e0:f4:cf:3c:37:
5b:c7:ff:93:45:98:ef:e9:ad:a2:0f:12:27:16:6c:14:07:d7:
56:73:b0:5f:73:bf:3d:53:62:22:60:5c:5c:bb:bc:58:d0:68:
79:30:39:4e:84:ef:7f:2a:1d:f7:e4:3b:85:ca:19:fd:40:55:
62:3f:10:55:c7:21:5c:ae:a5:e0:28:8e:3d:6e:81:5d:e6:2d:
9e:85:47:05:5b:60:ec:37:7b:61:e0:8f:50:eb:aa:64:c0:63:
fc:e2:14:20:db:80:a5:63:64:36:e1:7a:32:00:7d:7a:5a:04:
1d:e9:43:ea:23:ea:70:34:a0:ac:31:cd:c3:b1:fc:80:82:44:
13:9b:8b:98:66:17:63:ba:3a:da:5c:0c:b1:e2:0b:a8:71:72:
52:77:2a:bd:89:c7:13:40:19:87:ba:6e:62:ac:89:12:e6:59:
2d:7a:84:d4:de:1c:49:c8:90:a4:6b:7a:7a:63:08:ed:95:fd:
2d:92:30:df:d1:cc:92:9c:c3:e1:07:4b:c9:0b:46:4e:1d:cf:
da:96:c0:1e
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYskWfClTvhCwfjIRXGQNq5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjMxMDEyMTQ0NTU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjNkZmYzNWFjY2M2ODkxY2RmMjFlZTBkOThmNzJhNTdkZDMzYzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmPsoYs+cC/8/XDrjNEQ6nTi4rnbX
m0UwwnAAZV4cb4qMpDxhNkrjQNK8HxOxPKPojNwqfMdzmjMeJ9PGK7VIr+JKO13r
o2XhqnkpVYDBY2TjiW/OIePs63EUS30uDrpY/Va/7OxcT/szSoynX8oyBcbtWoRx
ujfjp73BZE/K3AYq15vpHtpjhNX/gemayDRPgtMnXzNVzFvYljkr4maxIWLFEJ4Z
ixIbJF2fID1SoifA3bkzWIqG4QHWGdmaaimZDjyGyhf4adTqPPBJ4/6i9TuNKpEi
vjQm0zD0nLpVzd19o2ObosaWHfyAE+I5S6a8A3M1rVZdRLwrRA9p0WT2twIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFIs9/zWszGiRzfIe4NmPcqV90zx3MB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvaXozX05hek1hSkhOOGg3ZzJZOXlwWDNUUEhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQGUmDAAwMA
so0DBAbDIgADBAfUvAADAwDVVzALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6AD
BQMqAgAoMA0GCSqGSIb3DQEBCwUAA4IBAQAprsM2zMKgunq8O70i2C9Mg02pr1kG
DSVPt/f9o1YUsS4CHCnwcl3fpyAM6d24MxLS4PTPPDdbx/+TRZjv6a2iDxInFmwU
B9dWc7Bfc789U2IiYFxcu7xY0Gh5MDlOhO9/Kh335DuFyhn9QFViPxBVxyFcrqXg
KI49boFd5i2ehUcFW2DsN3th4I9Q66pkwGP84hQg24ClY2Q24XoyAH16WgQd6UPq
I+pwNKCsMc3DsfyAgkQTm4uYZhdjujraXAyx4guocXJSdyq9iccTQBmHum5irIkS
5lkteoTU3hxJyJCka3p6Ywjtlf0tkjDf0cySnMPhB0vJC0ZOHc/alsAe
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:30 2024 by rpki-client on console-ams.rpki-client.org