Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zLaAMt2BX-dzLgNdEJ6sAN1zHnc.roa
File: zLaAMt2BX-dzLgNdEJ6sAN1zHnc.roa (raw, json)
Hash identifier: e0YDzpS+9h9ymfuOAKRu4Gakj1s609bm25y4snj8FiI=
Subject key identifier: CC:B6:80:32:DD:81:5F:E7:73:2E:03:5D:10:9E:AC:00:DD:73:1E:77
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018A65BD207C73FA2131987870C213647E59
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zLaAMt2BX-dzLgNdEJ6sAN1zHnc.roa
Signing time: Tue 05 Sep 2023 14:26:48 +0000
ROA not before: Tue 05 Sep 2023 14:26:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 398343
IP address blocks: 91.216.185.0/24 maxlen: 24
89.36.140.0/24 maxlen: 24
93.115.203.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
45.88.12.0/24 maxlen: 24
89.40.36.0/24 maxlen: 24
94.177.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Sep 2023 10:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:65:bd:20:7c:73:fa:21:31:98:78:70:c2:13:64:7e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 5 14:26:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccb68032dd815fe7732e035d109eac00dd731e77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:60:de:27:62:7a:75:ac:2b:84:fb:1f:1b:
76:dc:ab:ba:ab:ab:bc:56:db:9c:cb:01:20:27:9a:
34:02:2f:e8:fc:53:90:41:9d:e0:92:cb:60:46:f2:
2e:40:b6:cf:74:55:97:75:ed:5d:de:cf:87:e0:82:
0b:7a:52:7c:60:aa:ec:b9:fa:43:34:a4:a3:8b:8b:
22:fc:03:7c:c1:99:e1:b1:e3:f1:bc:7a:14:53:77:
09:4f:82:3d:49:f3:81:d0:93:e7:77:d1:d8:c7:21:
23:0a:a7:e6:fe:d0:72:d2:64:51:6b:50:ed:64:68:
41:e9:29:5c:a1:03:a7:ab:c8:97:7d:db:4a:d0:26:
be:c1:73:f4:48:3d:dd:52:48:ed:27:33:27:e7:58:
d0:6c:cb:96:ff:f4:e2:be:75:67:77:cb:31:5b:9b:
22:ca:09:0d:ac:a9:dc:a0:90:27:9c:c2:34:09:e5:
f8:37:97:e0:80:11:a0:51:40:67:b1:51:8d:ff:b2:
96:0d:f8:36:40:1b:23:40:aa:54:b6:60:ef:ef:fb:
3f:e0:58:03:ca:ab:1d:16:34:b5:9e:55:e5:cf:a7:
7a:f2:d6:a9:94:24:02:b6:cd:65:42:8e:7b:db:c1:
dd:8b:38:a8:e7:9e:43:6d:13:f0:7c:a0:3e:cc:c6:
e6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B6:80:32:DD:81:5F:E7:73:2E:03:5D:10:9E:AC:00:DD:73:1E:77
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/zLaAMt2BX-dzLgNdEJ6sAN1zHnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.12.0/24
86.107.100.0/24
89.36.140.0/24
89.40.36.0/24
91.216.185.0/24
93.115.203.0/24
94.177.106.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:75:a5:d8:d3:af:32:82:cf:b2:ba:bb:b8:07:7b:e8:2f:64:
fe:8a:6b:49:d3:b0:ff:2f:e6:8a:d4:b0:10:9d:9b:b6:a2:42:
1e:8e:a9:8c:7e:ae:c5:69:34:28:c7:f7:ce:fd:7d:59:9a:b7:
07:50:4b:e5:91:00:93:49:83:ac:c9:4f:2c:e1:8e:ec:c9:04:
cb:e6:81:9a:83:38:76:28:22:a8:d3:ba:75:60:58:0b:07:19:
bb:b5:48:64:9a:4e:fa:53:fa:b8:be:fc:6e:1b:8d:43:d4:d9:
52:34:86:0e:4f:49:da:ec:53:f2:72:32:cc:c2:e4:b1:38:26:
94:27:de:fc:e3:b4:50:ce:9e:e0:39:64:3a:2a:f1:e0:17:91:
b1:f5:53:e7:fe:d3:08:62:4b:d5:70:fc:b0:71:49:2a:31:3f:
9a:9c:78:0a:4c:11:ce:5e:01:f0:5d:c2:51:67:9e:2a:c1:5a:
eb:d3:8d:8d:e0:cb:41:02:3a:f8:5e:93:a8:5f:fb:62:a0:8b:
14:44:6a:bc:6c:84:cb:22:01:d1:a8:54:aa:db:44:69:8f:17:
e4:35:11:fd:18:40:65:6d:5e:90:cf:74:8b:26:26:d2:56:de:
6c:df:9c:a8:5f:fb:2e:6f:2f:62:2a:ff:2c:c8:7b:23:da:03:
f3:fb:3e:4e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYplvSB8c/ohMZh4cMITZH5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjMwOTA1MTQyNjQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2I2ODAzMmRkODE1ZmU3NzMyZTAzNWQxMDllYWMwMGRkNzMxZTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqRg3idienWsK4T7Hxt23Ku6q6u8
VtucywEgJ5o0Ai/o/FOQQZ3gkstgRvIuQLbPdFWXde1d3s+H4IILelJ8YKrsufpD
NKSji4si/AN8wZnhsePxvHoUU3cJT4I9SfOB0JPnd9HYxyEjCqfm/tBy0mRRa1Dt
ZGhB6SlcoQOnq8iXfdtK0Ca+wXP0SD3dUkjtJzMn51jQbMuW//TivnVnd8sxW5si
ygkNrKncoJAnnMI0CeX4N5fggBGgUUBnsVGN/7KWDfg2QBsjQKpUtmDv7/s/4FgD
yqsdFjS1nlXlz6d68taplCQCts1lQo5728Hdizio555DbRPwfKA+zMbm+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMy2gDLdgV/ncy4DXRCerADdcx53MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvekxhQU10MkJYLWR6TGdOZEVKNnNBTjF6SG5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVgMAwQA
VmtkAwQAWSSMAwQAWSgkAwQAW9i5AwQAXXPLAwQAXrFqMA0GCSqGSIb3DQEBCwUA
A4IBAQBedaXY068ygs+yuru4B3voL2T+imtJ07D/L+aK1LAQnZu2okIejqmMfq7F
aTQox/fO/X1ZmrcHUEvlkQCTSYOsyU8s4Y7syQTL5oGagzh2KCKo07p1YFgLBxm7
tUhkmk76U/q4vvxuG41D1NlSNIYOT0na7FPycjLMwuSxOCaUJ97847RQzp7gOWQ6
KvHgF5Gx9VPn/tMIYkvVcPywcUkqMT+anHgKTBHOXgHwXcJRZ54qwVrr042N4MtB
Ajr4XpOoX/tioIsURGq8bITLIgHRqFSq20RpjxfkNRH9GEBlbV6Qz3SLJibSVt5s
35yoX/suby9iKv8syHsj2gPz+z5O
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:15 2024 by rpki-client on console-ams.rpki-client.org