Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zFN1Q32VXCDwcibaJWGpt8EYRTg.roa
File: zFN1Q32VXCDwcibaJWGpt8EYRTg.roa (raw, json)
Hash identifier: zAHqnZ1y12a/HyMUha0Kp7aVwVjKh8BhWb2h7G8My00=
Subject key identifier: CC:53:75:43:7D:95:5C:20:F0:72:26:DA:25:61:A9:B7:C1:18:45:38
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018889CD48B16BAA73668047E02CBA782A85
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zFN1Q32VXCDwcibaJWGpt8EYRTg.roa
Signing time: Mon 05 Jun 2023 04:25:12 +0000
ROA not before: Mon 05 Jun 2023 04:25:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60721
IP address blocks: 89.34.202.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.37.195.0/24 maxlen: 24
188.213.216.0/24 maxlen: 24
89.45.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Jun 2023 10:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:89:cd:48:b1:6b:aa:73:66:80:47:e0:2c:ba:78:2a:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 5 04:25:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc5375437d955c20f07226da2561a9b7c1184538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ef:a9:e9:39:7c:5b:7b:9e:8e:07:a6:f3:ee:
a6:33:2e:ee:22:80:95:c3:ae:9b:8b:e9:2e:01:7f:
01:e3:7d:81:77:19:15:fd:bd:74:18:e6:36:ae:c7:
d3:e0:0b:27:65:75:6a:98:a7:d8:b0:1c:66:dd:bc:
9e:d3:7a:9d:0d:da:a7:c3:71:43:b8:0f:4b:ea:b6:
f1:99:4e:5c:85:4b:9b:bf:7a:d7:27:d9:86:ee:5d:
e8:f1:d6:2c:99:2c:7f:02:5a:cf:5b:94:80:83:4d:
7f:3b:61:dd:c5:5b:f8:51:b2:d7:2b:71:70:b4:fc:
d4:3a:73:66:82:f3:80:ea:16:60:7c:df:5b:20:95:
a5:47:20:f3:86:44:fe:54:24:63:ae:e4:a4:10:43:
13:9a:9d:d9:0a:77:d2:26:71:26:12:a0:55:ea:c2:
30:ea:c9:32:d5:54:43:0d:1d:f0:47:7d:77:44:1a:
df:e9:05:bc:14:a2:6b:1d:01:44:f0:13:ac:93:72:
5e:8f:03:b1:19:7e:ad:25:35:8b:50:45:2d:53:ff:
09:bb:91:45:76:a0:74:3d:fd:11:9a:84:3d:c8:6a:
b0:b8:f5:37:bf:4c:55:18:3d:b5:ff:c3:db:0b:5b:
3d:19:01:c1:26:62:a5:d3:95:ae:e3:d1:f3:4d:b5:
98:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:53:75:43:7D:95:5C:20:F0:72:26:DA:25:61:A9:B7:C1:18:45:38
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zFN1Q32VXCDwcibaJWGpt8EYRTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.18.0/24
89.34.202.0/24
89.37.195.0/24
89.45.35.0/24
188.213.216.0/24
Signature Algorithm: sha256WithRSAEncryption
53:99:58:16:c4:e2:e5:75:ce:cd:36:e3:81:15:d2:fc:91:41:
92:49:58:a2:cb:33:80:eb:54:69:dd:cd:4a:62:a6:52:67:56:
1d:2c:8f:89:52:5c:ca:8a:11:3d:b2:08:ce:85:98:64:c1:dd:
e4:ac:e0:bd:73:98:64:18:ea:68:11:d5:d1:71:bc:c9:01:15:
39:91:82:5f:6d:08:bf:24:72:7e:05:3f:c5:b4:b4:b8:73:09:
b3:e2:b8:9e:a9:e8:51:74:15:ac:e1:01:6a:bb:0e:16:3e:8c:
fc:ab:80:d8:b7:dc:50:d6:0f:63:37:68:b4:ea:2e:fd:9b:3f:
38:ab:73:1c:7c:78:fc:4d:5b:82:dc:93:2b:af:a4:89:44:4f:
5b:0f:87:18:82:40:30:ed:93:db:b4:87:a8:f6:72:ad:82:9d:
b1:af:58:cd:2b:07:65:23:92:2e:c1:9a:56:5c:71:a9:bc:53:
32:1b:1e:c9:d5:a2:8a:c9:6a:d6:2f:86:00:d1:3f:37:a5:42:
02:e2:14:a7:f1:f4:fe:de:6e:8d:9a:9c:c9:64:7d:a0:42:f6:
9f:fa:46:8b:f3:91:04:72:a2:54:98:6c:2f:cd:69:0f:00:70:
43:a8:c4:0f:03:bd:11:9a:2d:22:e8:a1:8c:48:2d:14:26:91:
3b:88:21:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYiJzUixa6pzZoBH4Cy6eCqFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwNjA1MDQyNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzUzNzU0MzdkOTU1YzIwZjA3MjI2ZGEyNTYxYTliN2MxMTg0NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlu+p6Tl8W3uejgem8+6mMy7uIoCV
w66bi+kuAX8B432BdxkV/b10GOY2rsfT4AsnZXVqmKfYsBxm3bye03qdDdqnw3FD
uA9L6rbxmU5chUubv3rXJ9mG7l3o8dYsmSx/AlrPW5SAg01/O2HdxVv4UbLXK3Fw
tPzUOnNmgvOA6hZgfN9bIJWlRyDzhkT+VCRjruSkEEMTmp3ZCnfSJnEmEqBV6sIw
6sky1VRDDR3wR313RBrf6QW8FKJrHQFE8BOsk3JejwOxGX6tJTWLUEUtU/8Ju5FF
dqB0Pf0RmoQ9yGqwuPU3v0xVGD21/8PbC1s9GQHBJmKl05Wu49HzTbWYuQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMxTdUN9lVwg8HIm2iVhqbfBGEU4MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvekZOMVEzMlZYQ0R3Y2liYUpXR3B0OEVZUlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAVcwSAwQA
WSLKAwQAWSXDAwQAWS0jAwQAvNXYMA0GCSqGSIb3DQEBCwUAA4IBAQBTmVgWxOLl
dc7NNuOBFdL8kUGSSViiyzOA61Rp3c1KYqZSZ1YdLI+JUlzKihE9sgjOhZhkwd3k
rOC9c5hkGOpoEdXRcbzJARU5kYJfbQi/JHJ+BT/FtLS4cwmz4rieqehRdBWs4QFq
uw4WPoz8q4DYt9xQ1g9jN2i06i79mz84q3McfHj8TVuC3JMrr6SJRE9bD4cYgkAw
7ZPbtIeo9nKtgp2xr1jNKwdlI5IuwZpWXHGpvFMyGx7J1aKKyWrWL4YA0T83pUIC
4hSn8fT+3m6NmpzJZH2gQvaf+kaL85EEcqJUmGwvzWkPAHBDqMQPA70Rmi0i6KGM
SC0UJpE7iCHi
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org