Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/zZAVYEU030HX90Fw4sG34JXUa7w.roa
File: zZAVYEU030HX90Fw4sG34JXUa7w.roa (raw, json)
Hash identifier: uGzTbhC9vZHvhRU7xIN1ulWOa2HbhKr5WZtGICw0sw8=
Subject key identifier: CD:90:15:60:45:34:DF:41:D7:F7:41:70:E2:C1:B7:E0:95:D4:6B:BC
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 018CC492E7B2432FE5B23611F94A9DC0EB65
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/zZAVYEU030HX90Fw4sG34JXUa7w.roa
Signing time: Mon 01 Jan 2024 10:30:11 +0000
ROA not before: Mon 01 Jan 2024 10:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203217
IP address blocks: 144.86.230.0/23 maxlen: 23
144.86.228.0/23 maxlen: 23
144.86.228.0/22 maxlen: 22
144.86.228.0/24 maxlen: 24
144.86.229.0/24 maxlen: 24
144.86.230.0/24 maxlen: 24
144.86.231.0/24 maxlen: 24
185.254.13.0/24 maxlen: 24
185.254.15.0/24 maxlen: 24
185.138.121.0/24 maxlen: 24
185.138.122.0/24 maxlen: 24
185.138.120.0/23 maxlen: 23
185.138.123.0/24 maxlen: 24
185.138.122.0/23 maxlen: 23
185.138.120.0/24 maxlen: 24
93.180.219.0/24 maxlen: 24
199.74.191.0/24 maxlen: 24
199.74.190.0/23 maxlen: 23
93.180.218.0/24 maxlen: 24
93.180.218.0/23 maxlen: 23
199.74.188.0/23 maxlen: 23
199.74.188.0/24 maxlen: 24
93.180.216.0/24 maxlen: 24
93.180.217.0/24 maxlen: 24
199.74.189.0/24 maxlen: 24
199.74.190.0/24 maxlen: 24
93.180.220.0/24 maxlen: 24
93.180.221.0/24 maxlen: 24
93.180.222.0/24 maxlen: 24
93.180.223.0/24 maxlen: 24
195.133.220.0/24 maxlen: 24
195.133.221.0/24 maxlen: 24
195.133.222.0/24 maxlen: 24
195.133.223.0/24 maxlen: 24
195.133.220.0/23 maxlen: 23
185.20.198.0/23 maxlen: 23
185.20.196.0/24 maxlen: 24
185.20.197.0/24 maxlen: 24
185.20.196.0/23 maxlen: 23
185.20.198.0/24 maxlen: 24
185.20.199.0/24 maxlen: 24
2a0b:1880::/48 maxlen: 48
2a0b:1880:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 10 Jan 2024 18:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e7:b2:43:2f:e5:b2:36:11:f9:4a:9d:c0:eb:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Jan 1 10:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd9015604534df41d7f74170e2c1b7e095d46bbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:66:d7:a9:f7:50:de:dc:00:4b:cf:f0:42:bc:
14:84:d0:06:e9:ab:20:95:3a:3b:b0:4a:3d:93:b1:
b5:7e:17:89:b7:97:ff:2b:5b:eb:28:b2:61:71:f4:
09:16:85:0d:c1:a5:86:d3:7a:3f:10:a5:55:40:7a:
f5:4b:73:0f:11:1c:db:78:7f:c9:95:4b:3e:ba:af:
92:bf:81:60:2d:75:ac:c3:91:a2:93:26:8f:01:fa:
b1:5d:66:11:76:94:3c:57:2a:0d:a7:16:34:77:8a:
b3:ac:5b:13:8b:b5:da:42:04:64:8e:8d:3e:4a:44:
da:fa:4c:ff:2a:a3:a5:48:e3:6a:94:08:84:47:53:
3e:d2:14:54:1d:9b:01:8e:0e:ae:a6:ae:2d:d3:f9:
c3:d3:81:a6:75:3b:c5:09:62:83:13:60:bb:99:50:
20:91:0d:a2:8f:20:9b:ba:ea:22:4f:53:25:09:ad:
cf:4e:64:d7:09:72:dc:23:cc:ff:e7:1b:46:e9:c7:
29:03:09:91:52:af:65:4f:43:ba:55:83:e3:9e:3c:
48:ae:92:33:c9:63:f6:32:49:6d:d7:75:00:4e:eb:
37:13:cf:47:f2:79:1b:21:84:2f:5c:5b:fd:29:01:
76:e0:7f:bc:d2:f1:81:fc:2e:cd:c0:d0:3c:71:db:
34:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:90:15:60:45:34:DF:41:D7:F7:41:70:E2:C1:B7:E0:95:D4:6B:BC
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/zZAVYEU030HX90Fw4sG34JXUa7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.13.0/24
185.254.15.0/24
195.133.220.0/22
199.74.188.0/22
IPv6:
2a0b:1880::/47
Signature Algorithm: sha256WithRSAEncryption
b8:f0:45:13:2e:3e:45:a7:c8:39:a6:69:38:eb:c0:69:23:75:
3e:0c:65:4c:6d:4f:61:e9:16:99:e0:f4:aa:87:35:df:28:9e:
0e:5d:66:da:98:51:de:94:8d:87:b6:04:45:58:96:0f:32:6f:
d1:4b:e2:59:ad:17:23:bd:b5:88:6c:70:5d:c0:63:18:45:4a:
4a:a3:e4:75:b5:7e:67:db:57:44:ca:74:9c:42:9c:4b:e9:e7:
28:12:33:3e:76:da:40:a3:37:4e:42:4c:09:24:5d:d0:c9:c0:
6c:92:d8:80:d4:06:56:f5:58:8f:33:72:6a:cd:70:54:47:b9:
1f:af:fc:6d:05:bb:30:c1:d1:e0:7e:dc:9a:80:d9:48:26:2e:
75:0c:17:49:62:b8:7c:0b:19:d0:26:13:0d:b4:25:e6:7c:69:
e0:6d:c0:7e:7a:8c:da:80:c5:30:a3:1d:50:84:23:61:59:8b:
42:f2:54:fe:39:6a:86:a9:77:90:c9:ca:bb:6c:47:ad:22:ef:
a5:9d:09:6f:61:6f:ad:cb:f2:38:c2:c6:49:06:8e:b0:fc:ee:
47:d3:b6:ed:44:65:e2:78:8c:a7:82:de:1b:33:52:46:64:1c:
39:8d:c7:8a:97:7c:0e:58:ef:41:7e:5b:e2:47:fb:ab:a4:89:
2a:1c:28:5a
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYzEkueyQy/lsjYR+UqdwOtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjQwMTAxMTAzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDkwMTU2MDQ1MzRkZjQxZDdmNzQxNzBlMmMxYjdlMDk1ZDQ2YmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWbXqfdQ3twAS8/wQrwUhNAG6asg
lTo7sEo9k7G1fheJt5f/K1vrKLJhcfQJFoUNwaWG03o/EKVVQHr1S3MPERzbeH/J
lUs+uq+Sv4FgLXWsw5GikyaPAfqxXWYRdpQ8VyoNpxY0d4qzrFsTi7XaQgRkjo0+
SkTa+kz/KqOlSONqlAiER1M+0hRUHZsBjg6upq4t0/nD04GmdTvFCWKDE2C7mVAg
kQ2ijyCbuuoiT1MlCa3PTmTXCXLcI8z/5xtG6ccpAwmRUq9lT0O6VYPjnjxIrpIz
yWP2Mklt13UATus3E89H8nkbIYQvXFv9KQF24H+80vGB/C7NwNA8cds0+QIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFM2QFWBFNN9B1/dBcOLBt+CV1Gu8MB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvelpBVllFVTAzMEhYOTBGdzRzRzM0SlhVYTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDXbTYAwQC
kFbkAwQCuRTEAwQCuYp4AwQAuf4NAwQAuf4PAwQCw4XcAwQCx0q8MA8EAgACMAkD
BwEqCxiAAAAwDQYJKoZIhvcNAQELBQADggEBALjwRRMuPkWnyDmmaTjrwGkjdT4M
ZUxtT2HpFpng9KqHNd8ong5dZtqYUd6UjYe2BEVYlg8yb9FL4lmtFyO9tYhscF3A
YxhFSkqj5HW1fmfbV0TKdJxCnEvp5ygSMz522kCjN05CTAkkXdDJwGyS2IDUBlb1
WI8zcmrNcFRHuR+v/G0FuzDB0eB+3JqA2UgmLnUMF0liuHwLGdAmEw20JeZ8aeBt
wH56jNqAxTCjHVCEI2FZi0LyVP45aoapd5DJyrtsR60i76WdCW9hb63L8jjCxkkG
jrD87kfTtu1EZeJ4jKeC3hszUkZkHDmNx4qXfA5Y70F+W+JH+6ukiSocKFo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:50 2024 by rpki-client on console-fra.rpki-client.org