Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/zmAGACl4Cv0_p15_zYeUCQJ8rxQ.roa
File: zmAGACl4Cv0_p15_zYeUCQJ8rxQ.roa (raw, json)
Hash identifier: sOrvoOWY8q39ENfZ2KrtkO6U9w7g8Z5UpqXbzcKiLnc=
Subject key identifier: CE:60:06:00:29:78:0A:FD:3F:A7:5E:7F:CD:87:94:09:02:7C:AF:14
Certificate issuer: /CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Certificate serial: 018573CCF6852A1D93D21B6EB9C5167FCBE0
Authority key identifier: 95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/zmAGACl4Cv0_p15_zYeUCQJ8rxQ.roa
Signing time: Mon 02 Jan 2023 18:44:50 +0000
ROA not before: Mon 02 Jan 2023 18:44:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8613
IP address blocks: 185.8.204.0/22 maxlen: 24
212.102.192.0/19 maxlen: 24
195.200.128.0/19 maxlen: 24
2a00:b300::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 04 Jan 2023 09:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:cc:f6:85:2a:1d:93:d2:1b:6e:b9:c5:16:7f:cb:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95a5adf6af1fcc0570adf858fd5bfbe28791a186
Validity
Not Before: Jan 2 18:44:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce60060029780afd3fa75e7fcd879409027caf14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:f6:90:44:94:28:ed:08:d6:95:2b:6f:e5:73:
74:79:66:0a:28:ce:72:ef:c1:b5:77:65:50:a1:24:
8e:46:a6:fc:4d:c6:d2:90:4c:e9:72:7d:60:3d:e9:
62:c4:4a:0b:2a:b9:72:23:0a:f3:31:4b:aa:fd:ee:
6c:7a:44:c1:c2:3f:d3:0b:23:4e:f0:ed:24:32:d9:
59:31:51:f1:50:27:d3:0c:8d:7f:73:70:6e:3e:5d:
a5:24:82:89:b5:ec:67:be:e7:67:46:61:fd:ab:52:
18:2d:0f:7f:32:3a:5d:74:4d:c6:86:01:d7:8f:7b:
86:47:66:09:26:e2:34:45:f1:52:4a:21:e5:20:7b:
79:90:db:8f:1b:e8:b6:1c:eb:62:7f:a9:ae:83:5e:
d4:5c:94:27:ed:b2:13:5a:86:ae:1b:2a:d6:03:bc:
67:8a:45:46:42:a6:d5:84:28:68:b6:fa:4b:c5:1a:
f2:79:d1:54:7a:00:22:f5:e0:a5:6c:d4:28:be:76:
80:83:37:d4:d4:93:d0:e4:86:71:df:de:9c:34:df:
4d:82:99:c5:7a:c7:fe:65:0d:9f:df:45:2a:4f:da:
3d:f0:88:6f:a5:8d:08:6b:dc:64:29:a7:52:80:91:
f6:ce:85:28:ba:a2:93:72:6b:ca:1c:7d:56:c6:8f:
bf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:60:06:00:29:78:0A:FD:3F:A7:5E:7F:CD:87:94:09:02:7C:AF:14
X509v3 Authority Key Identifier:
keyid:95:A5:AD:F6:AF:1F:CC:05:70:AD:F8:58:FD:5B:FB:E2:87:91:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/laWt9q8fzAVwrfhY_Vv74oeRoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/zmAGACl4Cv0_p15_zYeUCQJ8rxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/d3f1ba-d9e5-45c5-bca2-1619d08c6965/1/laWt9q8fzAVwrfhY_Vv74oeRoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.204.0/22
195.200.128.0/19
212.102.192.0/19
IPv6:
2a00:b300::/32
Signature Algorithm: sha256WithRSAEncryption
7d:db:5b:c5:a5:04:23:14:04:79:01:e4:c3:a4:9a:1f:b6:62:
14:12:7b:7e:f6:7d:30:30:d7:7c:01:0a:74:af:93:b3:d6:b1:
e2:bb:62:e9:57:14:39:2b:a9:cd:28:a8:bf:48:40:37:e9:98:
13:56:21:68:d5:c1:93:18:62:08:5a:68:f4:49:92:14:fb:d2:
a5:97:1a:6e:72:63:8b:b5:aa:9e:ed:8c:d7:87:9e:23:c0:e0:
ba:9a:3e:d7:9b:bd:16:15:f9:8e:25:59:a3:42:e1:d5:21:66:
e8:10:52:0a:15:16:3b:e4:80:3b:a0:cd:94:15:e5:25:00:85:
d1:aa:f3:03:75:90:73:08:93:44:77:f3:14:00:8e:b1:dd:9d:
f7:83:8b:ef:2a:38:5c:d6:f1:f1:0a:a7:a8:cf:f8:c1:fb:b9:
ec:ab:18:aa:ec:34:3d:58:f2:df:87:19:6c:70:ec:ed:32:7f:
8c:dc:01:c7:7a:0a:fd:c9:31:85:3d:1c:26:d0:84:c9:d3:61:
32:8a:16:c6:95:e0:a7:58:44:09:44:77:ae:2e:84:99:3a:5c:
e7:3a:ff:55:db:6d:55:1b:92:3b:5f:5f:2b:f4:b0:ab:35:9d:
ab:92:d2:99:31:c9:27:33:9d:c9:af:b2:10:5a:86:0d:0a:f9:
64:43:9a:3f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVzzPaFKh2T0htuucUWf8vgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1YTVhZGY2YWYxZmNjMDU3MGFkZjg1OGZkNWJmYmUyODc5
MWExODYwHhcNMjMwMTAyMTg0NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTYwMDYwMDI5NzgwYWZkM2ZhNzVlN2ZjZDg3OTQwOTAyN2NhZjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjPaQRJQo7QjWlStv5XN0eWYKKM5y
78G1d2VQoSSORqb8TcbSkEzpcn1gPelixEoLKrlyIwrzMUuq/e5sekTBwj/TCyNO
8O0kMtlZMVHxUCfTDI1/c3BuPl2lJIKJtexnvudnRmH9q1IYLQ9/MjpddE3GhgHX
j3uGR2YJJuI0RfFSSiHlIHt5kNuPG+i2HOtif6mug17UXJQn7bITWoauGyrWA7xn
ikVGQqbVhChotvpLxRryedFUegAi9eClbNQovnaAgzfU1JPQ5IZx396cNN9NgpnF
esf+ZQ2f30UqT9o98IhvpY0Ia9xkKadSgJH2zoUouqKTcmvKHH1Wxo+/AQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM5gBgApeAr9P6def82HlAkCfK8UMB8GA1UdIwQY
MBaAFJWlrfavH8wFcK34WP1b++KHkaGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTIt
MTYxOWQwOGM2OTY1LzEvem1BR0FDbDRDdjBfcDE1X3pZZVVDUUo4cnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9kM2YxYmEtZDllNS00NWM1LWJjYTItMTYxOWQwOGM2OTY1
LzEvbGFXdDlxOGZ6QVZ3cmZoWV9Wdjc0b2VSb1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuQjMAwQF
w8iAAwQF1GbAMA0EAgACMAcDBQAqALMAMA0GCSqGSIb3DQEBCwUAA4IBAQB921vF
pQQjFAR5AeTDpJoftmIUEnt+9n0wMNd8AQp0r5Oz1rHiu2LpVxQ5K6nNKKi/SEA3
6ZgTViFo1cGTGGIIWmj0SZIU+9KllxpucmOLtaqe7YzXh54jwOC6mj7Xm70WFfmO
JVmjQuHVIWboEFIKFRY75IA7oM2UFeUlAIXRqvMDdZBzCJNEd/MUAI6x3Z33g4vv
Kjhc1vHxCqeoz/jB+7nsqxiq7DQ9WPLfhxlscOztMn+M3AHHegr9yTGFPRwm0ITJ
02EyihbGleCnWEQJRHeuLoSZOlznOv9V221VG5I7X18r9LCrNZ2rktKZMcknM53J
r7IQWoYNCvlkQ5o/
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:22 2024 by rpki-client on console-fra.rpki-client.org