Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zdGHUnZw4eOuFNAD6yLKR1JiMPI.roa
File: zdGHUnZw4eOuFNAD6yLKR1JiMPI.roa (raw, json)
Hash identifier: OPT74bhR2/XibYkWwXZVi20INAJYPA381ik9I/kYRf0=
Subject key identifier: CD:D1:87:52:76:70:E1:E3:AE:14:D0:03:EB:22:CA:47:52:62:30:F2
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 018B673A9C577142465E7D63D6B9FE7516C6
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zdGHUnZw4eOuFNAD6yLKR1JiMPI.roa
Signing time: Wed 25 Oct 2023 14:26:16 +0000
ROA not before: Wed 25 Oct 2023 14:26:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42910
IP address blocks: 212.68.36.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
77.92.144.0/24 maxlen: 24
212.68.49.0/24 maxlen: 24
188.132.170.0/24 maxlen: 24
31.210.51.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
31.210.49.0/24 maxlen: 24
31.210.53.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:67:3a:9c:57:71:42:46:5e:7d:63:d6:b9:fe:75:16:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Oct 25 14:26:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdd187527670e1e3ae14d003eb22ca47526230f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:e5:42:60:93:97:52:81:95:d9:94:ba:72:
b6:ef:7c:5a:7b:e7:f9:20:37:6e:0a:71:a0:a7:ba:
ca:69:e6:3a:96:1b:94:4a:dd:a7:12:d7:26:47:12:
16:d5:25:3e:90:08:84:eb:17:0e:9e:60:e4:bc:e0:
25:d2:81:07:18:f9:08:63:5e:fb:4e:b0:35:89:7a:
53:db:cc:e5:12:32:1d:d0:40:3d:d3:8c:a4:d0:9d:
01:9c:62:16:90:17:80:c3:d8:68:eb:c3:a9:9d:20:
cb:ee:df:4a:0a:a0:86:93:62:0c:97:52:cc:21:16:
52:68:69:d0:eb:44:e5:1d:51:3c:1c:44:b7:37:98:
9e:2b:33:96:30:c3:0d:64:60:71:4c:12:78:43:1a:
05:5b:64:fd:76:92:19:c1:fb:6b:63:47:b0:32:a2:
49:bf:c9:4e:66:5a:a7:ea:d1:cf:c7:7a:df:8c:80:
f7:23:f4:48:d3:d5:22:71:c4:f8:55:37:61:73:ae:
09:3c:fb:5c:7f:97:6f:1e:e0:3b:4f:54:3a:09:20:
eb:94:f4:e8:c7:38:f0:a1:8e:ab:0e:78:40:8a:e1:
0a:44:11:c7:0c:63:68:b4:e4:5a:b0:95:8c:0d:e6:
91:5e:9f:2b:b8:96:c9:46:de:aa:2e:3f:65:34:b1:
ba:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D1:87:52:76:70:E1:E3:AE:14:D0:03:EB:22:CA:47:52:62:30:F2
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zdGHUnZw4eOuFNAD6yLKR1JiMPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.49.0-31.210.51.255
31.210.53.0/24
77.92.144.0/24
188.132.170.0/24
212.68.36.0/24
212.68.38.0/24
212.68.49.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:1a:b1:a3:62:5b:65:62:96:c2:84:1a:1f:8e:4a:6b:ac:3d:
0a:94:df:df:8a:e3:5c:74:4b:88:32:4f:be:7f:66:af:cc:89:
fe:24:eb:32:ba:cb:51:97:30:6f:86:ef:29:45:95:42:49:d8:
79:84:13:90:19:4e:6e:0a:64:ba:49:2c:ee:14:10:42:ca:09:
d3:a0:d0:f2:2d:54:6d:1a:00:0c:52:41:9e:65:b6:5a:80:ab:
e8:ac:65:a4:45:c0:69:91:cb:d9:9f:94:dc:37:bc:d7:fc:2f:
04:57:30:9b:76:62:05:56:6b:12:e2:ca:53:56:f2:c3:3a:b9:
04:22:79:d8:92:a4:3a:de:6f:38:eb:ad:c3:7f:25:86:25:35:
6a:d4:b0:99:8f:83:22:7b:93:2a:5f:45:73:d2:d5:ae:25:06:
c2:86:41:02:5d:b0:e6:64:00:bd:54:35:15:0a:86:d4:a9:e1:
cb:20:40:4f:fa:d0:2f:3a:b9:92:0c:2d:3c:01:37:65:c8:13:
ed:fd:12:55:37:04:54:fd:9b:18:85:d4:fe:5a:47:fc:20:38:
27:4b:20:53:74:cf:a1:35:3a:51:ea:3d:a7:a9:2c:17:da:6f:
45:a8:fa:f8:01:df:8e:35:bb:b9:3f:93:c3:e2:a2:e3:fc:ef:
2b:53:f6:69
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYtnOpxXcUJGXn1j1rn+dRbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjMxMDI1MTQyNjE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQxODc1Mjc2NzBlMWUzYWUxNGQwMDNlYjIyY2E0NzUyNjIzMGYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr7lQmCTl1KBldmUunK273xae+f5
IDduCnGgp7rKaeY6lhuUSt2nEtcmRxIW1SU+kAiE6xcOnmDkvOAl0oEHGPkIY177
TrA1iXpT28zlEjId0EA904yk0J0BnGIWkBeAw9ho68OpnSDL7t9KCqCGk2IMl1LM
IRZSaGnQ60TlHVE8HES3N5ieKzOWMMMNZGBxTBJ4QxoFW2T9dpIZwftrY0ewMqJJ
v8lOZlqn6tHPx3rfjID3I/RI09UiccT4VTdhc64JPPtcf5dvHuA7T1Q6CSDrlPTo
xzjwoY6rDnhAiuEKRBHHDGNotORasJWMDeaRXp8ruJbJRt6qLj9lNLG6pQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFM3Rh1J2cOHjrhTQA+siykdSYjDyMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvemRHSFVuWnc0ZU91Rk5BRDZ5TEtSMUppTVBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAAf0jED
BAIf0jADBAAf0jUDBABNXJADBAC8hKoDBADURCQDBADURCYDBADURDEwDQYJKoZI
hvcNAQELBQADggEBACoasaNiW2VilsKEGh+OSmusPQqU39+K41x0S4gyT75/Zq/M
if4k6zK6y1GXMG+G7ylFlUJJ2HmEE5AZTm4KZLpJLO4UEELKCdOg0PItVG0aAAxS
QZ5ltlqAq+isZaRFwGmRy9mflNw3vNf8LwRXMJt2YgVWaxLiylNW8sM6uQQiediS
pDrebzjrrcN/JYYlNWrUsJmPgyJ7kypfRXPS1a4lBsKGQQJdsOZkAL1UNRUKhtSp
4csgQE/60C86uZIMLTwBN2XIE+39ElU3BFT9mxiF1P5aR/wgOCdLIFN0z6E1OlHq
PaepLBfab0Wo+vgB3441u7k/k8PiouP87ytT9mk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org