Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/rkzgOUO6gYeusnBNPejtw53bpCw.roa
File: rkzgOUO6gYeusnBNPejtw53bpCw.roa (raw, json)
Hash identifier: 061n0jZHn6/vK5PJFZIPlGo8Ay4LZ2kUQBrHik63A3g=
Subject key identifier: AE:4C:E0:39:43:BA:81:87:AE:B2:70:4D:3D:E8:ED:C3:9D:DB:A4:2C
Certificate issuer: /CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Certificate serial: 01877ACBFCC67C75275E9558524502334239
Authority key identifier: 2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/rkzgOUO6gYeusnBNPejtw53bpCw.roa
Signing time: Thu 13 Apr 2023 13:26:41 +0000
ROA not before: Thu 13 Apr 2023 13:26:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49720
IP address blocks: 91.236.224.0/24 maxlen: 24
91.236.226.0/24 maxlen: 24
91.236.225.0/24 maxlen: 24
91.236.227.0/24 maxlen: 24
195.182.195.0/24 maxlen: 24
195.182.194.0/24 maxlen: 24
185.168.129.0/24 maxlen: 24
185.168.128.0/24 maxlen: 24
185.168.128.0/22 maxlen: 22
185.168.130.0/23 maxlen: 23
185.250.20.0/22 maxlen: 22
185.250.20.0/24 maxlen: 24
185.250.22.0/24 maxlen: 24
185.250.21.0/24 maxlen: 24
185.250.23.0/24 maxlen: 24
193.107.136.0/24 maxlen: 24
2a0a:701::/32 maxlen: 32
2a0a:704::/32 maxlen: 32
2a0a:700::/32 maxlen: 32
2a0a:702::/32 maxlen: 32
2a0a:705::/32 maxlen: 32
2a0a:706::/32 maxlen: 32
2a0a:703::/32 maxlen: 32
2a0a:707::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:29:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:7a:cb:fc:c6:7c:75:27:5e:95:58:52:45:02:33:42:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ad2fe6466d07094a4256da2cc847083c5006b1a
Validity
Not Before: Apr 13 13:26:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ae4ce03943ba8187aeb2704d3de8edc39ddba42c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:05:19:60:a8:ee:62:d1:bf:10:ef:40:73:5d:
e8:b9:6a:4d:dc:53:41:a4:6e:c0:69:da:4f:78:dd:
89:82:f4:2b:00:06:17:1e:66:0b:b5:ca:4a:b0:17:
17:3e:58:16:04:e5:1d:77:cd:89:d9:bd:3f:89:19:
5c:f4:e7:be:ac:66:09:06:dc:0d:43:4f:21:08:1c:
b8:e5:6e:83:e5:b7:68:a5:3f:db:27:df:ba:4e:87:
85:5e:3f:a6:1b:e3:b3:f4:59:cd:ca:9f:62:c7:ad:
ca:59:a3:d5:41:f8:dd:e1:38:1f:e3:df:ee:d9:2f:
e0:df:14:df:ae:f9:e5:b1:6b:78:45:df:66:22:cc:
38:26:f9:ef:de:85:d0:91:fb:d2:8b:41:ec:04:38:
c1:2b:9e:c7:d1:d7:a3:49:7b:6e:5b:16:e4:5f:19:
08:10:fc:95:17:8e:b6:c5:fe:95:2e:e6:6a:a1:7e:
af:b4:0d:af:7e:0c:74:1b:17:83:3c:ca:94:be:20:
94:4b:55:3e:3b:34:ca:4f:be:6f:67:01:14:24:f1:
05:8a:9f:23:5d:09:1c:92:4f:7e:bb:a4:de:8f:9c:
50:7d:42:d3:a6:d4:21:a7:d0:eb:ef:04:59:f6:0d:
ff:a6:f0:ef:4a:67:73:25:66:ae:fd:ab:0d:13:d3:
6c:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4C:E0:39:43:BA:81:87:AE:B2:70:4D:3D:E8:ED:C3:9D:DB:A4:2C
X509v3 Authority Key Identifier:
keyid:2A:D2:FE:64:66:D0:70:94:A4:25:6D:A2:CC:84:70:83:C5:00:6B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KtL-ZGbQcJSkJW2izIRwg8UAaxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/rkzgOUO6gYeusnBNPejtw53bpCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/8a31f3-7acf-47b4-b97b-fa31e2dc6abb/1/KtL-ZGbQcJSkJW2izIRwg8UAaxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.224.0/22
185.168.128.0/22
185.250.20.0/22
193.107.136.0/24
195.182.194.0/23
IPv6:
2a0a:700::/29
Signature Algorithm: sha256WithRSAEncryption
0f:f0:58:05:1e:d3:8b:56:d1:1e:b1:61:db:14:67:d4:cd:fd:
c5:13:b2:1d:e8:eb:4e:d5:ec:cb:c3:60:ac:29:c9:86:4e:f4:
02:7c:d8:c9:8e:c4:67:2a:93:1d:29:b1:cd:03:ba:e7:6a:83:
9a:86:39:b4:9a:9a:ae:5d:cc:db:1f:10:d8:89:aa:71:b1:3e:
af:8c:a7:7b:7a:92:fc:ca:50:29:84:e5:dd:bf:f6:01:ee:2f:
a9:28:aa:25:65:39:52:d8:c7:02:11:31:4e:60:01:0d:6b:0d:
52:fd:f9:ef:8e:28:0d:47:d8:aa:df:66:ae:9c:78:c2:56:f1:
11:1d:38:28:3d:74:4c:ba:2e:94:17:d7:4c:6c:6f:a2:7c:e1:
54:30:e6:7b:4b:92:7c:bb:a7:13:89:27:b6:f6:08:4f:40:7b:
ee:f0:fc:35:45:34:ea:bb:c7:ee:ae:38:f2:4a:87:c0:47:e9:
7c:a4:67:40:54:63:57:84:03:20:41:15:c7:ed:24:43:31:79:
e7:e5:b2:0a:40:dd:41:55:49:81:6d:49:67:f6:75:85:f3:bb:
82:14:6c:1f:f3:a1:cf:dd:9e:6a:c7:4c:49:a7:6e:bc:c2:2c:
bc:3e:2a:92:a7:76:d4:b4:9e:33:4e:c2:71:6e:b1:e6:84:dc:
4e:39:98:c9
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYd6y/zGfHUnXpVYUkUCM0I5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZDJmZTY0NjZkMDcwOTRhNDI1NmRhMmNjODQ3MDgzYzUw
MDZiMWEwHhcNMjMwNDEzMTMyNjQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTRjZTAzOTQzYmE4MTg3YWViMjcwNGQzZGU4ZWRjMzlkZGJhNDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnAUZYKjuYtG/EO9Ac13ouWpN3FNB
pG7AadpPeN2JgvQrAAYXHmYLtcpKsBcXPlgWBOUdd82J2b0/iRlc9Oe+rGYJBtwN
Q08hCBy45W6D5bdopT/bJ9+6ToeFXj+mG+Oz9FnNyp9ix63KWaPVQfjd4Tgf49/u
2S/g3xTfrvnlsWt4Rd9mIsw4Jvnv3oXQkfvSi0HsBDjBK57H0dejSXtuWxbkXxkI
EPyVF462xf6VLuZqoX6vtA2vfgx0GxeDPMqUviCUS1U+OzTKT75vZwEUJPEFip8j
XQkckk9+u6Tej5xQfULTptQhp9Dr7wRZ9g3/pvDvSmdzJWau/asNE9NsjQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFK5M4DlDuoGHrrJwTT3o7cOd26QsMB8GA1UdIwQY
MBaAFCrS/mRm0HCUpCVtosyEcIPFAGsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2It
ZmEzMWUyZGM2YWJiLzEvcmt6Z09VTzZnWWV1c25CTlBlanR3NTNicEN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC84YTMxZjMtN2FjZi00N2I0LWI5N2ItZmEzMWUyZGM2YWJi
LzEvS3RMLVpHYlFjSlNrSlcyaXpJUndnOFVBYXhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCW+zgAwQC
uaiAAwQCufoUAwQAwWuIAwQBw7bCMA0EAgACMAcDBQMqCgcAMA0GCSqGSIb3DQEB
CwUAA4IBAQAP8FgFHtOLVtEesWHbFGfUzf3FE7Id6OtO1ezLw2CsKcmGTvQCfNjJ
jsRnKpMdKbHNA7rnaoOahjm0mpquXczbHxDYiapxsT6vjKd7epL8ylAphOXdv/YB
7i+pKKolZTlS2McCETFOYAENaw1S/fnvjigNR9iq32aunHjCVvERHTgoPXRMui6U
F9dMbG+ifOFUMOZ7S5J8u6cTiSe29ghPQHvu8Pw1RTTqu8furjjySofAR+l8pGdA
VGNXhAMgQRXH7SRDMXnn5bIKQN1BVUmBbUln9nWF87uCFGwf86HP3Z5qx0xJp268
wiy8PiqSp3bUtJ4zTsJxbrHmhNxOOZjJ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:41 2024 by rpki-client on console-fra.rpki-client.org