Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/zmnGhTxmIwJp2q98lEhtRgzSezk.roa
File: zmnGhTxmIwJp2q98lEhtRgzSezk.roa (raw, json)
Hash identifier: 845mxhmV6BMUNYQQY/tPGlTa8nvgMtXUvPj5dPfPhUA=
Subject key identifier: CE:69:C6:85:3C:66:23:02:69:DA:AF:7C:94:48:6D:46:0C:D2:7B:39
Certificate issuer: /CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Certificate serial: 0190A092816D93364B80004CFB490EF533AB
Authority key identifier: 57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/zmnGhTxmIwJp2q98lEhtRgzSezk.roa
Signing time: Thu 11 Jul 2024 06:54:34 +0000
ROA not before: Thu 11 Jul 2024 06:54:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 93.177.114.0/23 maxlen: 24
185.251.80.0/24 maxlen: 24
185.251.81.0/24 maxlen: 24
194.4.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jul 2024 06:37:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a0:92:81:6d:93:36:4b:80:00:4c:fb:49:0e:f5:33:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=570fb0f1d8b8c198b0dc86158afbcbc529cf16be
Validity
Not Before: Jul 11 06:54:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce69c6853c66230269daaf7c94486d460cd27b39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:52:ee:8d:71:05:9f:1b:5c:30:35:41:4e:c9:
4d:bd:d8:14:23:d4:ad:8c:19:56:fe:e3:b5:f7:34:
c9:52:4c:d9:b6:ca:6f:d5:bd:a4:b8:40:8e:4f:c3:
ce:4d:5b:4c:3b:28:57:61:f7:9b:4f:3a:d4:58:cf:
0f:39:4e:3d:aa:23:f0:27:5c:f0:29:f7:25:08:83:
68:d8:f1:d7:6a:2c:2a:be:93:6f:0a:be:e7:41:53:
54:b5:41:f7:35:4f:89:cc:23:83:53:f7:52:6c:15:
b1:2a:34:ab:da:6b:68:44:e4:a5:ae:68:89:69:59:
b5:80:54:c3:c7:45:36:5c:d5:6c:f1:06:ef:2b:e0:
4d:4c:f1:9c:c8:be:db:c1:12:aa:67:58:5a:7a:f7:
c2:f7:cc:98:17:30:7e:95:f7:c0:79:50:90:f0:1d:
a3:7c:1d:47:ac:4b:92:95:ae:8b:35:c7:fb:e0:7d:
9f:7b:84:8b:fa:d5:a2:81:5e:b3:34:86:4f:40:92:
bb:05:e4:5e:3c:54:91:f1:8e:7f:c3:3e:c6:e5:7d:
a8:c0:d9:27:7d:94:49:0f:f2:c1:29:bc:85:38:a7:
87:cf:2a:e3:51:17:13:bf:cd:4a:7d:a5:69:49:25:
b4:1a:ba:79:f5:41:41:09:bc:17:4c:a5:99:22:13:
38:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:69:C6:85:3C:66:23:02:69:DA:AF:7C:94:48:6D:46:0C:D2:7B:39
X509v3 Authority Key Identifier:
keyid:57:0F:B0:F1:D8:B8:C1:98:B0:DC:86:15:8A:FB:CB:C5:29:CF:16:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vw-w8di4wZiw3IYVivvLxSnPFr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/zmnGhTxmIwJp2q98lEhtRgzSezk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/0949fc-accd-471f-a9cd-97243e316272/1/Vw-w8di4wZiw3IYVivvLxSnPFr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.177.114.0/23
185.251.80.0/23
194.4.55.0/24
Signature Algorithm: sha256WithRSAEncryption
19:53:4a:50:2c:a2:98:29:7e:4d:d9:10:fb:93:d1:59:d5:67:
a3:f7:c7:0b:b7:91:32:c1:86:b4:91:ac:c8:11:c3:f4:5e:6e:
07:d8:b0:08:f0:ab:f0:4c:87:22:1f:c7:53:01:8c:77:8c:01:
f7:be:8d:bd:60:91:cd:72:28:65:7f:6a:27:2c:11:a2:75:33:
47:6f:5c:56:f2:70:42:a5:1c:48:c4:75:b3:88:8c:bf:6f:20:
6b:c6:ee:c4:02:bc:6a:53:1a:ff:3f:04:a7:42:24:be:fa:b2:
3c:76:1f:6f:da:f3:71:fc:f2:aa:81:e7:01:ac:52:4d:c0:6d:
cb:62:be:df:e7:92:93:25:bb:8f:4d:17:87:72:aa:d0:29:fd:
a9:7a:7e:f7:d0:61:b5:1f:c5:d0:a7:c5:73:94:50:ab:14:11:
46:6c:57:f8:a3:e5:88:58:a2:ff:fe:3d:e2:75:e3:1e:c4:44:
d2:28:92:41:33:53:97:5e:72:f9:18:2d:2f:34:56:99:52:c7:
11:9a:b0:99:66:39:98:4f:76:53:5c:8c:cc:ce:4e:02:59:5b:
1d:73:99:dd:af:b0:36:0d:ca:bd:54:3a:bb:f7:9f:8f:c1:1d:
54:66:6a:b3:2c:7c:7b:e2:c5:aa:1c:fb:3f:ac:47:68:a5:81:
e8:e9:97:5e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZCgkoFtkzZLgABM+0kO9TOrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MGZiMGYxZDhiOGMxOThiMGRjODYxNThhZmJjYmM1Mjlj
ZjE2YmUwHhcNMjQwNzExMDY1NDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY5YzY4NTNjNjYyMzAyNjlkYWFmN2M5NDQ4NmQ0NjBjZDI3YjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1lLujXEFnxtcMDVBTslNvdgUI9St
jBlW/uO19zTJUkzZtspv1b2kuECOT8POTVtMOyhXYfebTzrUWM8POU49qiPwJ1zw
KfclCINo2PHXaiwqvpNvCr7nQVNUtUH3NU+JzCODU/dSbBWxKjSr2mtoROSlrmiJ
aVm1gFTDx0U2XNVs8QbvK+BNTPGcyL7bwRKqZ1haevfC98yYFzB+lffAeVCQ8B2j
fB1HrEuSla6LNcf74H2fe4SL+tWigV6zNIZPQJK7BeRePFSR8Y5/wz7G5X2owNkn
fZRJD/LBKbyFOKeHzyrjURcTv81KfaVpSSW0Grp59UFBCbwXTKWZIhM40QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM5pxoU8ZiMCadqvfJRIbUYM0ns5MB8GA1UdIwQY
MBaAFFcPsPHYuMGYsNyGFYr7y8Upzxa+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2Qt
OTcyNDNlMzE2MjcyLzEvem1uR2hUeG1Jd0pwMnE5OGxFaHRSZ3pTZXprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8wOTQ5ZmMtYWNjZC00NzFmLWE5Y2QtOTcyNDNlMzE2Mjcy
LzEvVnctdzhkaTR3Wml3M0lZVml2dkx4U25QRnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXbFyAwQB
uftQAwQAwgQ3MA0GCSqGSIb3DQEBCwUAA4IBAQAZU0pQLKKYKX5N2RD7k9FZ1Wej
98cLt5EywYa0kazIEcP0Xm4H2LAI8KvwTIciH8dTAYx3jAH3vo29YJHNcihlf2on
LBGidTNHb1xW8nBCpRxIxHWziIy/byBrxu7EArxqUxr/PwSnQiS++rI8dh9v2vNx
/PKqgecBrFJNwG3LYr7f55KTJbuPTReHcqrQKf2pen730GG1H8XQp8VzlFCrFBFG
bFf4o+WIWKL//j3ideMexETSKJJBM1OXXnL5GC0vNFaZUscRmrCZZjmYT3ZTXIzM
zk4CWVsdc5ndr7A2Dcq9VDq795+PwR1UZmqzLHx74sWqHPs/rEdopYHo6Zde
-----END CERTIFICATE-----
Generated at Tue Jul 23 08:01:28 2024 by rpki-client on console-fra.rpki-client.org