Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/rzRkvzoOhzELUP_S8SqFoQuNPCA.roa
File: rzRkvzoOhzELUP_S8SqFoQuNPCA.roa (raw, json)
Hash identifier: 4VZhPl0M8Vej3XZxw3l99nG4lzgB4HAULs+dV4+LB9U=
Subject key identifier: AF:34:64:BF:3A:0E:87:31:0B:50:FF:D2:F1:2A:85:A1:0B:8D:3C:20
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018A8F711F813999675240F3960ABAF8E9C4
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/rzRkvzoOhzELUP_S8SqFoQuNPCA.roa
Signing time: Wed 13 Sep 2023 16:47:50 +0000
ROA not before: Wed 13 Sep 2023 16:47:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47820
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.1.0/24 maxlen: 24
109.234.2.0/24 maxlen: 24
109.234.0.0/21 maxlen: 24
109.234.0.0/24 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 14 Sep 2023 09:16:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:8f:71:1f:81:39:99:67:52:40:f3:96:0a:ba:f8:e9:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Sep 13 16:47:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af3464bf3a0e87310b50ffd2f12a85a10b8d3c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:05:a5:22:c3:cf:db:0c:47:1b:2f:20:27:73:
85:d6:fa:ad:06:75:6f:7d:c4:f2:cb:c3:6c:06:89:
ec:57:5f:cc:02:94:fe:9b:8d:90:c3:5c:13:c8:ef:
cd:6e:f7:10:36:84:d3:58:32:3c:10:fa:35:bf:4d:
25:61:eb:31:76:07:3c:16:9e:15:fb:10:ba:5a:a3:
8f:9a:bb:95:fe:4a:19:50:28:52:35:20:32:5d:39:
20:a5:df:40:87:11:fe:e7:88:ba:e5:80:92:de:bc:
56:4c:f5:99:bb:c0:5a:38:24:9e:fe:76:b5:fe:76:
32:f9:bf:35:90:51:37:a3:a4:bb:24:7a:db:df:9f:
2f:3e:71:4c:94:2f:11:46:71:fc:b3:df:c5:64:6d:
3d:90:fd:3b:4d:fc:d8:4a:ce:fe:96:73:b5:f1:db:
a0:7b:71:9b:a4:b5:ab:a0:7c:72:f0:cf:4e:8c:61:
fb:1a:55:dd:d8:b7:8c:e9:83:e8:fd:54:1c:43:51:
7e:ff:b5:f3:69:db:32:0e:64:06:e5:e0:8a:eb:ab:
f3:74:39:be:db:ae:05:4a:88:76:1e:52:43:9b:ff:
d4:8f:41:e9:93:60:d2:12:f8:86:a9:38:35:d2:66:
c5:f8:68:da:cd:35:c0:55:8d:f3:cc:5c:0e:e1:e5:
48:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:34:64:BF:3A:0E:87:31:0B:50:FF:D2:F1:2A:85:A1:0B:8D:3C:20
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/rzRkvzoOhzELUP_S8SqFoQuNPCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200::/29
Signature Algorithm: sha256WithRSAEncryption
7a:58:fb:06:f9:50:a8:92:b5:5d:6e:50:5c:4e:cf:73:cc:89:
a2:01:ec:5e:5e:db:30:cf:ee:47:76:ed:5b:4f:e9:aa:c0:1d:
88:8e:64:11:5b:ea:31:07:5b:d5:7f:fe:1f:90:cd:b0:4a:71:
64:b9:4f:3d:ca:7f:d7:2a:d0:f0:09:d4:3d:80:7a:e1:52:ff:
c5:1d:ff:df:af:c5:52:ad:bb:cb:bc:da:fc:6c:3b:3a:2f:fc:
11:c2:15:35:84:70:51:36:40:d0:a0:b2:c3:37:6b:78:82:1c:
ef:d6:22:43:4f:39:9e:43:a7:23:a5:93:16:86:d9:ad:fd:2e:
3c:55:92:7b:43:49:f3:4a:38:89:c6:4c:5e:21:2f:8a:06:6e:
d7:2d:ad:ac:5e:3d:dd:f3:84:1e:a7:aa:f5:3b:ec:56:f3:6e:
0d:43:0f:72:b3:24:f9:5e:b6:5c:10:4a:5a:f8:02:df:66:ec:
1b:bf:da:28:63:9d:8a:95:b7:17:50:77:b5:06:92:b8:af:0c:
7c:5c:f7:80:c8:fc:86:a5:48:bc:39:3b:3e:c4:34:3a:8f:64:
42:30:c9:6d:72:00:70:73:cd:b7:84:17:88:4e:75:65:21:31:
54:55:ab:78:ee:49:45:cb:61:77:ea:68:18:6e:6a:28:96:62:
3c:c9:54:08
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqPcR+BOZlnUkDzlgq6+OnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjMwOTEzMTY0NzUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM0NjRiZjNhMGU4NzMxMGI1MGZmZDJmMTJhODVhMTBiOGQzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAWlIsPP2wxHGy8gJ3OF1vqtBnVv
fcTyy8NsBonsV1/MApT+m42Qw1wTyO/NbvcQNoTTWDI8EPo1v00lYesxdgc8Fp4V
+xC6WqOPmruV/koZUChSNSAyXTkgpd9AhxH+54i65YCS3rxWTPWZu8BaOCSe/na1
/nYy+b81kFE3o6S7JHrb358vPnFMlC8RRnH8s9/FZG09kP07TfzYSs7+lnO18dug
e3GbpLWroHxy8M9OjGH7GlXd2LeM6YPo/VQcQ1F+/7XzadsyDmQG5eCK66vzdDm+
264FSoh2HlJDm//Uj0Hpk2DSEviGqTg10mbF+GjazTXAVY3zzFwO4eVIVwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFK80ZL86DocxC1D/0vEqhaELjTwgMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvcnpSa3Z6b09oekVMVVBfUzhTcUZvUXVOUENBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA0EAgACMAcDBQMqB2IAMA0GCSqGSIb3DQEBCwUAA4IB
AQB6WPsG+VCokrVdblBcTs9zzImiAexeXtswz+5Hdu1bT+mqwB2IjmQRW+oxB1vV
f/4fkM2wSnFkuU89yn/XKtDwCdQ9gHrhUv/FHf/fr8VSrbvLvNr8bDs6L/wRwhU1
hHBRNkDQoLLDN2t4ghzv1iJDTzmeQ6cjpZMWhtmt/S48VZJ7Q0nzSjiJxkxeIS+K
Bm7XLa2sXj3d84Qep6r1O+xW824NQw9ysyT5XrZcEEpa+ALfZuwbv9ooY52KlbcX
UHe1BpK4rwx8XPeAyPyGpUi8OTs+xDQ6j2RCMMltcgBwc823hBeITnVlITFUVat4
7klFy2F36mgYbmoolmI8yVQI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:51 2024 by rpki-client on console-ams.rpki-client.org