Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ZClr2AlOLnXM6LtqYirf0rXBEcw.roa
File: ZClr2AlOLnXM6LtqYirf0rXBEcw.roa (raw, json)
Hash identifier: x9PndtWg9r5iw2R/wI6XeT4OoSEoGx/48CfWVesppd8=
Subject key identifier: 64:29:6B:D8:09:4E:2E:75:CC:E8:BB:6A:62:2A:DF:D2:B5:C1:11:CC
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 018D0E01E274FDE9E4A43F3A4601CB81C8E2
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ZClr2AlOLnXM6LtqYirf0rXBEcw.roa
Signing time: Mon 15 Jan 2024 16:43:40 +0000
ROA not before: Mon 15 Jan 2024 16:43:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 188.191.98.0/24 maxlen: 24
91.225.227.0/24 maxlen: 24
188.191.103.0/24 maxlen: 24
188.191.101.0/24 maxlen: 24
188.191.100.0/24 maxlen: 24
188.191.110.0/24 maxlen: 24
188.191.109.0/24 maxlen: 24
188.191.106.0/24 maxlen: 24
91.225.226.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 08:17:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0e:01:e2:74:fd:e9:e4:a4:3f:3a:46:01:cb:81:c8:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Jan 15 16:43:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=64296bd8094e2e75cce8bb6a622adfd2b5c111cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:38:1f:e2:f3:b6:b8:69:34:19:32:7f:7d:c2:
54:78:ef:49:56:7b:77:16:66:f9:fb:23:24:81:6d:
14:4f:92:99:b4:01:73:23:50:5b:57:ad:a9:27:0e:
8e:ef:1a:95:0e:47:30:ce:dd:eb:44:f2:76:ac:bb:
6f:df:fe:eb:2b:b5:ca:e5:5d:2d:bf:cc:68:5d:4b:
af:5f:df:89:7a:b9:46:b3:3f:07:b2:15:bd:af:f9:
b1:f1:f3:94:db:9e:66:f5:10:25:34:29:d4:fa:f9:
05:29:0d:b0:39:46:bc:0a:80:49:44:33:19:8b:4f:
a8:78:f0:46:d3:f7:84:37:23:be:e8:26:d6:9e:f3:
56:59:31:79:6e:ae:e5:b7:d5:ce:7a:e2:0b:e7:6e:
4e:1f:14:9b:bd:9c:e9:81:47:b0:f3:b5:fe:3b:d3:
94:b6:dc:93:d1:ca:e3:e2:f1:07:b8:84:b8:81:2b:
88:bb:dc:02:cb:73:e4:9a:e3:ae:4a:25:80:af:67:
da:31:79:46:13:d3:9b:0e:b3:24:b6:47:a9:85:c9:
ba:92:14:07:ec:fd:dd:54:b1:32:ce:95:d0:3b:ac:
98:1c:8e:16:39:9d:53:e5:48:01:69:53:b1:41:5f:
ba:a6:82:39:7c:d5:7b:ce:e4:12:53:87:5f:62:8b:
8f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:29:6B:D8:09:4E:2E:75:CC:E8:BB:6A:62:2A:DF:D2:B5:C1:11:CC
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/ZClr2AlOLnXM6LtqYirf0rXBEcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.226.0/23
188.191.98.0/24
188.191.100.0/23
188.191.103.0/24
188.191.106.0/24
188.191.109.0-188.191.110.255
Signature Algorithm: sha256WithRSAEncryption
3c:a5:8d:4b:f9:16:f5:14:c4:27:19:b6:58:f5:b3:26:d6:b6:
e4:b0:37:a3:30:13:36:49:cf:31:23:b5:0d:d3:12:6c:29:c4:
49:40:79:6d:b1:65:88:c1:a7:e4:f2:f7:c4:3e:ce:01:d6:0b:
55:35:49:9f:86:c5:57:50:0d:d9:bb:86:34:d1:e2:46:d1:6b:
b2:7b:71:a9:45:82:17:d2:25:9a:a8:64:c5:d5:18:4f:b1:e1:
3d:8f:53:86:93:10:5b:a7:d4:ef:d7:e1:13:05:8f:79:b1:f5:
1a:6e:49:a7:57:1c:39:43:63:6a:1a:9e:19:6e:a6:1a:f6:ee:
5d:fc:d0:a3:2c:9d:ac:94:45:02:ae:57:4d:ae:c6:aa:8a:df:
e6:89:7e:49:36:5a:14:ad:d7:3b:ed:cf:45:bd:88:60:22:e0:
98:66:cb:88:8f:10:d2:38:52:d0:a0:91:ce:ff:4d:f0:0c:fb:
1e:a9:96:fc:e4:fb:f2:be:51:4e:ad:59:47:2b:46:80:05:5e:
1f:4c:a1:2a:51:45:0a:1f:9d:6f:05:b7:ce:f7:43:2d:a4:86:
22:90:21:a4:51:75:ea:f4:00:b2:35:9d:af:a8:12:7f:d4:c0:
ec:49:2f:28:60:87:78:d5:68:1a:a6:ee:aa:a9:00:52:5f:b6:
f7:50:b7:7e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY0OAeJ0/enkpD86RgHLgcjiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjQwMTE1MTY0MzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDI5NmJkODA5NGUyZTc1Y2NlOGJiNmE2MjJhZGZkMmI1YzExMWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojgf4vO2uGk0GTJ/fcJUeO9JVnt3
Fmb5+yMkgW0UT5KZtAFzI1BbV62pJw6O7xqVDkcwzt3rRPJ2rLtv3/7rK7XK5V0t
v8xoXUuvX9+JerlGsz8HshW9r/mx8fOU255m9RAlNCnU+vkFKQ2wOUa8CoBJRDMZ
i0+oePBG0/eENyO+6CbWnvNWWTF5bq7lt9XOeuIL525OHxSbvZzpgUew87X+O9OU
ttyT0crj4vEHuIS4gSuIu9wCy3PkmuOuSiWAr2faMXlGE9ObDrMktkephcm6khQH
7P3dVLEyzpXQO6yYHI4WOZ1T5UgBaVOxQV+6poI5fNV7zuQSU4dfYouPmQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGQpa9gJTi51zOi7amIq39K1wRHMMB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvWkNscjJBbE9MblhNNkx0cVlpcmYwclhCRWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQBW+HiAwQA
vL9iAwQBvL9kAwQAvL9nAwQAvL9qMAwDBAC8v20DBAC8v24wDQYJKoZIhvcNAQEL
BQADggEBADyljUv5FvUUxCcZtlj1sybWtuSwN6MwEzZJzzEjtQ3TEmwpxElAeW2x
ZYjBp+Ty98Q+zgHWC1U1SZ+GxVdQDdm7hjTR4kbRa7J7calFghfSJZqoZMXVGE+x
4T2PU4aTEFun1O/X4RMFj3mx9RpuSadXHDlDY2oanhluphr27l380KMsnayURQKu
V02uxqqK3+aJfkk2WhSt1zvtz0W9iGAi4Jhmy4iPENI4UtCgkc7/TfAM+x6plvzk
+/K+UU6tWUcrRoAFXh9MoSpRRQofnW8Ft873Qy2khiKQIaRRder0ALI1na+oEn/U
wOxJLyhgh3jVaBqm7qqpAFJftvdQt34=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:11:49 2024 by rpki-client on console-ams.rpki-client.org