Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/ZXG_GkK5Bn8Q5bfgeawsURbAI1g.roa
File: ZXG_GkK5Bn8Q5bfgeawsURbAI1g.roa (raw, json)
Hash identifier: DnYGXQDS09dvSGsb/pL3ObMqLrNsmDZMaBJLTLPQImo=
Subject key identifier: 65:71:BF:1A:42:B9:06:7F:10:E5:B7:E0:79:AC:2C:51:16:C0:23:58
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 018B27EC8C89821F597F52FACFC2A22784E9
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/ZXG_GkK5Bn8Q5bfgeawsURbAI1g.roa
Signing time: Fri 13 Oct 2023 07:24:55 +0000
ROA not before: Fri 13 Oct 2023 07:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41421
IP address blocks: 91.132.112.0/23 maxlen: 23
185.194.212.0/22 maxlen: 24
188.65.40.0/21 maxlen: 21
37.157.200.0/21 maxlen: 21
193.91.4.0/24 maxlen: 24
193.91.12.0/23 maxlen: 23
185.170.65.0/24 maxlen: 24
31.214.137.0/24 maxlen: 24
93.115.39.0/24 maxlen: 24
89.250.192.0/20 maxlen: 20
31.214.138.0/24 maxlen: 24
31.214.145.0/24 maxlen: 24
194.5.180.0/24 maxlen: 24
31.214.140.0/24 maxlen: 24
89.35.60.0/23 maxlen: 23
86.106.22.0/24 maxlen: 24
185.53.132.0/22 maxlen: 24
159.253.240.0/21 maxlen: 21
103.248.24.0/24 maxlen: 24
185.128.156.0/22 maxlen: 22
2a02:4c80::/32 maxlen: 32
2a01:b8e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:27:ec:8c:89:82:1f:59:7f:52:fa:cf:c2:a2:27:84:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Oct 13 07:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6571bf1a42b9067f10e5b7e079ac2c5116c02358
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:ac:1d:7d:64:61:ac:cf:64:e7:28:c0:70:cb:
ef:0d:68:0d:35:f2:d4:b5:9e:ad:5c:81:46:6d:7f:
dd:89:34:b5:a3:e4:c7:6e:c6:3f:3f:53:84:a1:4a:
c1:25:70:2d:0d:d8:4a:1e:1d:3c:75:ee:01:a3:91:
5a:22:95:f9:e2:78:8f:b7:e7:9e:fe:36:1c:98:3b:
30:fb:65:7c:37:42:5f:b5:0f:7d:21:84:6a:b4:83:
70:90:42:9e:bc:19:8c:dc:ab:64:17:51:f7:56:bb:
f5:f7:38:bc:ec:a4:a1:b2:d0:64:45:c6:b7:f9:c7:
20:b9:61:e7:56:85:4c:8d:87:07:e3:81:e5:77:0c:
04:1b:b1:3a:48:2f:d9:35:a1:06:85:30:91:89:03:
08:86:19:b5:96:1b:a2:0d:12:b5:39:25:a6:99:a0:
25:18:cf:2b:da:15:ae:5b:38:00:78:8f:10:87:fc:
a9:9f:eb:6c:32:26:64:63:1f:14:6b:30:69:15:8f:
2d:46:11:cf:c8:23:04:87:b9:5f:86:23:9b:89:e0:
d7:05:7a:61:29:63:d8:15:bf:13:2f:00:f1:3e:be:
cc:0f:e5:27:59:e9:1b:79:21:90:c3:48:1f:57:87:
17:57:6d:1d:ac:7f:18:c0:a9:79:92:72:8a:3d:f8:
6e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:71:BF:1A:42:B9:06:7F:10:E5:B7:E0:79:AC:2C:51:16:C0:23:58
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/ZXG_GkK5Bn8Q5bfgeawsURbAI1g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.137.0-31.214.138.255
31.214.140.0/24
31.214.145.0/24
37.157.200.0/21
86.106.22.0/24
89.35.60.0/23
89.250.192.0/20
91.132.112.0/23
93.115.39.0/24
103.248.24.0/24
159.253.240.0/21
185.53.132.0/22
185.128.156.0/22
185.170.65.0/24
185.194.212.0/22
188.65.40.0/21
193.91.4.0/24
193.91.12.0/23
194.5.180.0/24
IPv6:
2a01:b8e0::/32
2a02:4c80::/32
Signature Algorithm: sha256WithRSAEncryption
72:0d:7d:8a:7b:8b:fe:3f:40:d7:79:07:cb:13:99:33:95:c4:
1b:85:52:ea:e9:c4:a3:8c:5c:af:7d:fb:9f:b0:01:8e:95:e7:
5c:0d:ad:1e:c9:db:16:95:23:0f:f0:35:fb:0c:68:a6:45:6f:
6a:b8:ed:5a:8d:f3:cc:bc:77:a8:a4:54:a1:aa:1c:2f:e2:88:
ab:53:31:64:f9:ef:50:f0:9d:8c:65:48:3b:23:90:59:b8:e4:
4e:a2:36:ea:a2:24:85:89:17:ac:dc:41:48:9e:3d:a2:61:77:
97:a9:6b:15:ed:0a:63:ec:1a:96:6a:9c:f2:68:47:c3:db:c8:
5b:4b:f9:aa:d4:28:6c:b8:3a:7a:e5:24:55:4c:35:4d:44:40:
51:f0:32:3a:15:be:8f:6b:8f:d2:56:89:84:f1:06:c4:32:af:
e6:bb:21:04:43:c0:20:35:92:ef:9c:3d:ff:64:f3:46:b6:6b:
e9:65:27:5c:50:7b:d1:5f:11:15:60:43:d8:7e:b8:83:36:23:
b2:e3:eb:ce:1f:6a:db:ba:23:17:e4:aa:ff:72:0f:67:6d:68:
ed:e1:c3:3b:0a:1e:be:dc:66:3f:38:75:78:f3:53:82:80:f1:
ac:46:be:1f:d9:57:ec:ae:47:34:4b:64:e5:2f:67:7a:8e:59:
c9:d3:71:5e
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAYsn7IyJgh9Zf1L6z8KiJ4TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjMxMDEzMDcyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTcxYmYxYTQyYjkwNjdmMTBlNWI3ZTA3OWFjMmM1MTE2YzAyMzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6wdfWRhrM9k5yjAcMvvDWgNNfLU
tZ6tXIFGbX/diTS1o+THbsY/P1OEoUrBJXAtDdhKHh08de4Bo5FaIpX54niPt+ee
/jYcmDsw+2V8N0JftQ99IYRqtINwkEKevBmM3KtkF1H3Vrv19zi87KShstBkRca3
+ccguWHnVoVMjYcH44HldwwEG7E6SC/ZNaEGhTCRiQMIhhm1lhuiDRK1OSWmmaAl
GM8r2hWuWzgAeI8Qh/ypn+tsMiZkYx8UazBpFY8tRhHPyCMEh7lfhiObieDXBXph
KWPYFb8TLwDxPr7MD+UnWekbeSGQw0gfV4cXV20drH8YwKl5knKKPfhuLQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFGVxvxpCuQZ/EOW34HmsLFEWwCNYMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvWlhHX0drSzVCbjhRNWJmZ2Vhd3NVUmJBSTFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBgAQCAAEwejAMAwQA
H9aJAwQAH9aKAwQAH9aMAwQAH9aRAwQDJZ3IAwQAVmoWAwQBWSM8AwQEWfrAAwQB
W4RwAwQAXXMnAwQAZ/gYAwQDn/3wAwQCuTWEAwQCuYCcAwQAuapBAwQCucLUAwQD
vEEoAwQAwVsEAwQBwVsMAwQAwgW0MBQEAgACMA4DBQAqAbjgAwUAKgJMgDANBgkq
hkiG9w0BAQsFAAOCAQEAcg19inuL/j9A13kHyxOZM5XEG4VS6unEo4xcr337n7AB
jpXnXA2tHsnbFpUjD/A1+wxopkVvarjtWo3zzLx3qKRUoaocL+KIq1MxZPnvUPCd
jGVIOyOQWbjkTqI26qIkhYkXrNxBSJ49omF3l6lrFe0KY+walmqc8mhHw9vIW0v5
qtQobLg6euUkVUw1TURAUfAyOhW+j2uP0laJhPEGxDKv5rshBEPAIDWS75w9/2Tz
RrZr6WUnXFB70V8RFWBD2H64gzYjsuPrzh9q27ojF+Sq/3IPZ21o7eHDOwoevtxm
Pzh1ePNTgoDxrEa+H9lX7K5HNEtk5S9neo5ZydNxXg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:14 2024 by rpki-client on console-fra.rpki-client.org