Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/ZHmcuMDk7W4ODBWBJ_6PUFj5xT8.roa
File: ZHmcuMDk7W4ODBWBJ_6PUFj5xT8.roa (raw, json)
Hash identifier: 6i5BAJAiUfFStD5SZLorL8muGoJE6zK7JRgb03k7EVM=
Subject key identifier: 64:79:9C:B8:C0:E4:ED:6E:0E:0C:15:81:27:FE:8F:50:58:F9:C5:3F
Certificate issuer: /CN=4d583b6f56cf092728de593ad952aea19ce31886
Certificate serial: 01856F8B74EB57F6A95AD81EEE12662145FE
Authority key identifier: 4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/ZHmcuMDk7W4ODBWBJ_6PUFj5xT8.roa
Signing time: Sun 01 Jan 2023 22:54:48 +0000
ROA not before: Sun 01 Jan 2023 22:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9063
IP address blocks: 95.156.214.0/23 maxlen: 23
185.119.32.0/22 maxlen: 22
37.9.184.0/21 maxlen: 21
109.230.202.0/24 maxlen: 24
109.230.201.0/24 maxlen: 24
95.156.197.0/24 maxlen: 24
95.156.200.0/23 maxlen: 23
95.156.202.0/24 maxlen: 24
2a02:2dc0::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:74:eb:57:f6:a9:5a:d8:1e:ee:12:66:21:45:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d583b6f56cf092728de593ad952aea19ce31886
Validity
Not Before: Jan 1 22:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64799cb8c0e4ed6e0e0c158127fe8f5058f9c53f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:7b:7a:03:43:f0:a7:78:01:ee:f4:a4:ca:88:
36:c9:00:8b:5d:fd:79:4d:ea:c9:e5:c8:e7:b9:5b:
c0:49:28:c6:27:71:d0:22:42:5c:78:c7:44:6a:61:
1a:98:b1:d2:d6:e2:65:c9:32:ac:65:c1:76:5b:3f:
c1:31:c7:e3:92:7a:61:04:b3:cc:db:3a:54:39:06:
74:4f:e7:49:55:3d:29:55:a7:c7:b8:4d:cb:1e:22:
21:8f:4e:18:8e:f0:f1:ad:3e:fa:18:21:23:59:9e:
3b:3e:8c:e0:8c:ec:3a:6d:e8:94:75:fd:b3:51:08:
fe:4f:e5:f3:36:da:e5:e3:14:1c:a0:1f:99:1d:0b:
ef:70:19:77:ef:1a:cf:cd:77:14:dc:e7:dc:a3:7d:
63:14:65:3d:8c:89:93:56:0d:d7:f2:09:3c:91:3e:
7f:b8:91:f8:21:bf:21:0c:4c:ad:78:f2:f6:a2:e6:
b8:0f:46:e1:49:90:65:2d:55:e7:b1:66:76:32:f9:
01:fa:9d:c4:5c:30:2e:85:89:77:4c:3e:c5:d3:e2:
57:f1:49:31:9d:25:b0:70:73:30:4c:f8:86:f3:5b:
25:69:a1:4b:10:7b:df:4b:47:af:76:d0:c9:30:0b:
c2:2e:dd:dd:c5:10:62:bf:c0:97:58:01:58:19:9d:
3a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:79:9C:B8:C0:E4:ED:6E:0E:0C:15:81:27:FE:8F:50:58:F9:C5:3F
X509v3 Authority Key Identifier:
keyid:4D:58:3B:6F:56:CF:09:27:28:DE:59:3A:D9:52:AE:A1:9C:E3:18:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TVg7b1bPCSco3lk62VKuoZzjGIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/ZHmcuMDk7W4ODBWBJ_6PUFj5xT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/7358bd-c72f-4d9b-bb0d-0b4f717aa363/1/TVg7b1bPCSco3lk62VKuoZzjGIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.9.184.0/21
95.156.197.0/24
95.156.200.0-95.156.202.255
95.156.214.0/23
109.230.201.0-109.230.202.255
185.119.32.0/22
IPv6:
2a02:2dc0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:aa:13:a8:8f:f1:f2:f8:e4:47:3e:77:00:f3:f0:af:74:96:
39:89:48:ec:ec:7f:51:5f:53:29:29:ee:31:1c:a0:e6:4a:5c:
ad:99:a1:c6:32:3a:a0:19:d8:9e:13:01:7a:54:a6:f2:ac:c3:
4e:10:bd:cc:2f:3b:76:df:d2:b6:d3:a0:3e:8d:01:a5:50:01:
db:dd:a9:56:1c:62:81:11:7d:6d:78:bf:94:db:f7:51:8a:92:
8b:52:e2:02:2c:7b:fd:c5:83:15:08:32:3f:2f:c6:29:da:28:
ef:c9:d6:ff:b0:e6:ad:97:c4:87:93:5d:54:c9:a0:1b:f4:47:
ff:24:b0:73:12:cf:4e:d9:e1:cc:fc:74:cb:be:0e:7d:be:91:
57:d2:a3:04:00:dc:4d:0c:46:59:fb:65:83:c7:6b:44:b2:76:
b2:0a:f5:4a:10:50:34:72:5d:d9:b7:d5:59:0a:bb:02:c0:00:
5a:41:51:e5:83:32:fe:4e:26:24:95:f9:d7:ba:48:62:08:62:
8c:41:a8:f3:10:83:42:3d:a3:96:5e:8f:fd:7e:e9:90:b4:08:
e5:a9:f8:14:90:91:46:61:67:a5:e7:b9:bc:b4:4a:d4:72:36:
a8:76:3d:94:54:ff:e4:c5:7a:2c:2d:c0:42:a7:a9:6c:08:d9:
53:f7:a8:5c
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAYVvi3TrV/apWtge7hJmIUX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNTgzYjZmNTZjZjA5MjcyOGRlNTkzYWQ5NTJhZWExOWNl
MzE4ODYwHhcNMjMwMTAxMjI1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc5OWNiOGMwZTRlZDZlMGUwYzE1ODEyN2ZlOGY1MDU4ZjljNTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAint6A0Pwp3gB7vSkyog2yQCLXf15
TerJ5cjnuVvASSjGJ3HQIkJceMdEamEamLHS1uJlyTKsZcF2Wz/BMcfjknphBLPM
2zpUOQZ0T+dJVT0pVafHuE3LHiIhj04YjvDxrT76GCEjWZ47PozgjOw6beiUdf2z
UQj+T+XzNtrl4xQcoB+ZHQvvcBl37xrPzXcU3Ofco31jFGU9jImTVg3X8gk8kT5/
uJH4Ib8hDEytePL2oua4D0bhSZBlLVXnsWZ2MvkB+p3EXDAuhYl3TD7F0+JX8Ukx
nSWwcHMwTPiG81slaaFLEHvfS0evdtDJMAvCLt3dxRBiv8CXWAFYGZ06QQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFGR5nLjA5O1uDgwVgSf+j1BY+cU/MB8GA1UdIwQY
MBaAFE1YO29WzwknKN5ZOtlSrqGc4xiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQt
MGI0ZjcxN2FhMzYzLzEvWkhtY3VNRGs3VzRPREJXQkpfNlBVRmo1eFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy83MzU4YmQtYzcyZi00ZDliLWJiMGQtMGI0ZjcxN2FhMzYz
LzEvVFZnN2IxYlBDU2NvM2xrNjJWS3VvWnpqR0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzA6BAIAATA0AwQDJQm4AwQA
X5zFMAwDBANfnMgDBABfnMoDBAFfnNYwDAMEAG3myQMEAG3mygMEArl3IDANBAIA
AjAHAwUAKgItwDANBgkqhkiG9w0BAQsFAAOCAQEAi6oTqI/x8vjkRz53APPwr3SW
OYlI7Ox/UV9TKSnuMRyg5kpcrZmhxjI6oBnYnhMBelSm8qzDThC9zC87dt/SttOg
Po0BpVAB292pVhxigRF9bXi/lNv3UYqSi1LiAix7/cWDFQgyPy/GKdoo78nW/7Dm
rZfEh5NdVMmgG/RH/ySwcxLPTtnhzPx0y74Ofb6RV9KjBADcTQxGWftlg8drRLJ2
sgr1ShBQNHJd2bfVWQq7AsAAWkFR5YMy/k4mJJX517pIYghijEGo8xCDQj2jll6P
/X7pkLQI5an4FJCRRmFnpee5vLRK1HI2qHY9lFT/5MV6LC3AQqepbAjZU/eoXA==
-----END CERTIFICATE-----
Generated at Mon Jan 1 23:29:54 2024 by rpki-client on console-ams.rpki-client.org