Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZCqM-hg3WF5ADmi7FEQV3QY9ACI.roa
File: ZCqM-hg3WF5ADmi7FEQV3QY9ACI.roa (raw, json)
Hash identifier: sXdteQlQsM6fksAj+iTYpd8a8IJXiX8lVJINaKHNqrQ=
Subject key identifier: 64:2A:8C:FA:18:37:58:5E:40:0E:68:BB:14:44:15:DD:06:3D:00:22
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0188C5F53E929894FC749139020A953E714D
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZCqM-hg3WF5ADmi7FEQV3QY9ACI.roa
Signing time: Fri 16 Jun 2023 20:46:03 +0000
ROA not before: Fri 16 Jun 2023 20:46:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15731
IP address blocks: 86.107.51.0/24 maxlen: 24
37.153.158.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
89.35.130.0/23 maxlen: 23
89.35.131.0/24 maxlen: 24
46.102.237.0/24 maxlen: 24
188.241.137.0/24 maxlen: 24
94.198.171.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
77.81.88.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
176.223.188.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 Jun 2023 04:38:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:c5:f5:3e:92:98:94:fc:74:91:39:02:0a:95:3e:71:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 16 20:46:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=642a8cfa1837585e400e68bb144415dd063d0022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:00:a6:43:47:53:3e:b4:9f:df:4f:4c:e7:b4:
58:26:44:d1:01:ea:4a:d1:1e:58:0e:fe:73:23:fd:
97:93:ea:17:63:69:4d:51:b8:58:fe:63:78:8b:01:
dd:44:f7:18:4c:d9:d8:ad:37:f6:52:a8:10:9d:14:
d8:7a:9a:a1:79:42:26:f3:b1:22:40:2f:e4:22:6c:
57:e6:74:7f:96:fe:2b:87:31:74:87:5b:c7:d7:95:
9d:62:7f:96:1d:34:1a:93:e5:0e:5a:11:94:d3:e1:
cb:e3:dc:06:64:d6:f3:54:bc:cd:2f:d2:5a:84:26:
ae:2a:86:15:a7:33:95:f3:a5:f9:22:ea:ff:b3:0c:
9c:28:e0:10:c5:bb:82:b1:94:35:90:9d:cd:f4:de:
0e:1d:27:6b:de:9d:68:4d:f7:09:47:76:d2:89:02:
73:b3:82:58:bc:d2:d1:59:dc:60:3a:39:f6:60:d6:
0b:5a:c0:c4:86:2c:72:b9:6d:e0:1d:a8:f1:9f:3e:
cb:a6:b4:64:b3:43:76:de:b2:4d:ff:58:8f:14:94:
f7:db:21:41:29:1c:6c:7a:5f:82:2a:b7:09:d5:29:
b2:c7:b4:e9:b4:22:7f:11:35:fd:1e:f2:f0:af:3f:
35:48:6a:ef:50:4e:df:3b:cf:81:ef:27:6e:45:57:
9d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:2A:8C:FA:18:37:58:5E:40:0E:68:BB:14:44:15:DD:06:3D:00:22
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/ZCqM-hg3WF5ADmi7FEQV3QY9ACI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.158.0/24
46.102.237.0/24
77.81.88.0/24
86.105.4.0/24
86.107.51.0/24
89.35.130.0/23
89.36.140.0/24
89.45.35.0/24
92.114.32.0/24
94.198.171.0/24
176.223.188.0/24
188.214.107.0/24
188.241.137.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:d0:d9:66:c4:07:64:b6:32:74:57:be:26:52:98:df:b5:b0:
bd:7b:9d:8a:b1:1d:40:6d:eb:e1:85:91:ff:de:0f:a0:b9:16:
45:a3:89:2c:da:1d:0c:a7:31:2e:8d:2f:4c:33:82:79:c1:3b:
bb:24:52:47:de:1f:67:40:98:8d:7e:37:e9:95:b8:40:17:63:
13:58:f3:9a:58:78:63:87:b7:59:73:2b:27:b0:b6:a0:5f:eb:
c5:06:34:fb:e8:d7:89:ce:b9:1b:47:ec:d5:20:4a:16:1f:03:
2c:0c:d7:2e:ba:54:08:4a:f9:d2:90:04:99:4d:03:03:83:32:
fe:4c:0a:05:4b:cd:40:17:95:3f:6f:97:63:e2:9b:8d:39:3f:
09:bc:71:41:9d:d4:8b:7d:74:5a:96:fb:56:88:6e:c0:f7:b1:
b9:1b:e6:02:cf:40:1f:40:3c:7f:d1:7f:d1:e9:f5:cc:31:0f:
a9:64:67:35:ba:e8:6d:26:83:d9:ac:94:bf:fc:db:d0:8d:14:
e9:ec:9a:84:de:e8:bd:b2:9d:c3:d5:75:d3:22:81:20:4e:c7:
39:97:9b:f0:98:31:eb:0a:06:4a:24:d9:30:28:d0:ba:da:5f:
be:41:b6:7a:2c:43:9c:b6:f2:69:6e:d0:49:67:68:71:9f:87:
ca:b2:c5:dc
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYjF9T6SmJT8dJE5AgqVPnFNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjE2MjA0NjAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDJhOGNmYTE4Mzc1ODVlNDAwZTY4YmIxNDQ0MTVkZDA2M2QwMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApACmQ0dTPrSf309M57RYJkTRAepK
0R5YDv5zI/2Xk+oXY2lNUbhY/mN4iwHdRPcYTNnYrTf2UqgQnRTYepqheUIm87Ei
QC/kImxX5nR/lv4rhzF0h1vH15WdYn+WHTQak+UOWhGU0+HL49wGZNbzVLzNL9Ja
hCauKoYVpzOV86X5Iur/swycKOAQxbuCsZQ1kJ3N9N4OHSdr3p1oTfcJR3bSiQJz
s4JYvNLRWdxgOjn2YNYLWsDEhixyuW3gHajxnz7LprRks0N23rJN/1iPFJT32yFB
KRxsel+CKrcJ1Smyx7TptCJ/ETX9HvLwrz81SGrvUE7fO8+B7yduRVedQwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGQqjPoYN1heQA5ouxREFd0GPQAiMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvWkNxTS1oZzNXRjVBRG1pN0ZFUVYzUVk5QUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQAJZmeAwQA
LmbtAwQATVFYAwQAVmkEAwQAVmszAwQBWSOCAwQAWSSMAwQAWS0jAwQAXHIgAwQA
XsarAwQAsN+8AwQAvNZrAwQAvPGJMA0GCSqGSIb3DQEBCwUAA4IBAQAM0NlmxAdk
tjJ0V74mUpjftbC9e52KsR1AbevhhZH/3g+guRZFo4ks2h0MpzEujS9MM4J5wTu7
JFJH3h9nQJiNfjfplbhAF2MTWPOaWHhjh7dZcysnsLagX+vFBjT76NeJzrkbR+zV
IEoWHwMsDNcuulQISvnSkASZTQMDgzL+TAoFS81AF5U/b5dj4puNOT8JvHFBndSL
fXRalvtWiG7A97G5G+YCz0AfQDx/0X/R6fXMMQ+pZGc1uuhtJoPZrJS//NvQjRTp
7JqE3ui9sp3D1XXTIoEgTsc5l5vwmDHrCgZKJNkwKNC62l++QbZ6LEOctvJpbtBJ
Z2hxn4fKssXc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:13 2024 by rpki-client on console-ams.rpki-client.org