Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/ZHQZf1Z88i6UsYatusfs6tlhJt0.roa
File: ZHQZf1Z88i6UsYatusfs6tlhJt0.roa (raw, json)
Hash identifier: 1mEge5LxGl9C/oID/7MM+qrogYdN/QfkqsUWpPVpAhk=
Subject key identifier: 64:74:19:7F:56:7C:F2:2E:94:B1:86:AD:BA:C7:EC:EA:D9:61:26:DD
Certificate issuer: /CN=e283c4ad2fd8724a8c7d5eaf431814cb3d15127e
Certificate serial: 0192AACB349C89166A0028F2ECAF58CD732D
Authority key identifier: E2:83:C4:AD:2F:D8:72:4A:8C:7D:5E:AF:43:18:14:CB:3D:15:12:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4oPErS_YckqMfV6vQxgUyz0VEn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/ZHQZf1Z88i6UsYatusfs6tlhJt0.roa
Signing time: Sun 20 Oct 2024 16:38:16 +0000
ROA not before: Sun 20 Oct 2024 16:38:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200849
IP address blocks: 185.92.200.0/24 maxlen: 24
185.92.201.0/24 maxlen: 24
185.92.202.0/24 maxlen: 24
185.92.203.0/24 maxlen: 24
2a03:8d20::/32 maxlen: 32
2a03:8d20:2282::/48 maxlen: 48
2a03:8d20:7286::/48 maxlen: 48
2a03:8d20:9000::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 20 Oct 2024 18:10:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:aa:cb:34:9c:89:16:6a:00:28:f2:ec:af:58:cd:73:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e283c4ad2fd8724a8c7d5eaf431814cb3d15127e
Validity
Not Before: Oct 20 16:38:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6474197f567cf22e94b186adbac7ecead96126dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:8e:fb:74:02:0f:44:43:12:33:10:03:fc:93:
06:1a:44:df:36:d2:1b:ce:43:b9:04:21:8b:3e:00:
a3:83:3c:0f:89:a3:0b:e3:c8:1e:69:4d:78:11:66:
0c:26:c8:6a:a5:ce:55:13:32:32:fa:68:0f:09:20:
1b:86:41:82:0d:9e:18:0c:7a:d1:8b:3d:0c:71:d8:
f9:2d:21:4a:07:6d:0c:0d:50:ff:30:f8:7d:99:f4:
c4:d1:16:77:0e:b4:7d:8b:94:ea:4a:4c:df:ff:e8:
2f:55:53:a3:22:c1:06:a1:57:8b:ad:40:ec:95:8b:
9e:1a:81:4e:94:d1:86:d6:00:b1:89:cd:38:ff:df:
b4:39:5b:6a:25:72:98:85:56:af:2b:9a:41:6b:ba:
1a:50:5b:b2:66:1f:ba:b6:57:42:4b:b5:ed:7b:f1:
d1:64:7f:93:ef:66:c7:5f:78:9d:23:52:63:55:9c:
37:18:d1:fb:48:96:2a:82:c4:20:67:0e:8e:d0:79:
f5:8d:51:63:62:5f:44:91:0c:d0:72:3e:bf:f4:8f:
ac:24:28:0b:9b:bc:a0:e8:60:59:3a:6e:18:30:2d:
95:56:4f:4d:b2:d2:c5:6f:35:da:b7:c6:fb:93:9a:
a5:12:da:3b:41:ec:13:75:3c:70:75:68:77:6e:6f:
d9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:74:19:7F:56:7C:F2:2E:94:B1:86:AD:BA:C7:EC:EA:D9:61:26:DD
X509v3 Authority Key Identifier:
keyid:E2:83:C4:AD:2F:D8:72:4A:8C:7D:5E:AF:43:18:14:CB:3D:15:12:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4oPErS_YckqMfV6vQxgUyz0VEn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/ZHQZf1Z88i6UsYatusfs6tlhJt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b8cc66-cc65-4dc2-ae86-61c1ecaab55f/1/4oPErS_YckqMfV6vQxgUyz0VEn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.200.0/22
IPv6:
2a03:8d20::/32
Signature Algorithm: sha256WithRSAEncryption
af:87:eb:d7:5b:a1:25:e4:06:85:06:b4:a8:22:0d:13:ee:4e:
99:8f:fa:27:3f:37:46:d9:08:b1:1e:95:28:44:3a:bc:67:e1:
bc:d6:b0:40:dd:98:db:4d:d4:14:23:0a:e9:c0:c1:d9:2e:13:
2a:38:d7:e2:29:63:51:68:17:ec:a7:e1:2f:64:2c:b7:54:23:
df:cd:3b:3d:bb:72:4b:51:93:da:af:e8:c7:99:01:25:73:11:
47:be:3c:5d:eb:b2:a0:50:7f:4f:23:4f:1c:77:e9:55:b9:06:
3b:d7:71:ac:15:08:b7:70:18:18:b8:8e:e9:13:c0:1d:76:bc:
23:3b:01:21:21:04:04:d2:31:7d:e5:21:2d:75:2e:2f:22:e7:
0d:a9:eb:98:b3:72:f9:7a:77:d4:80:1b:ee:95:dc:e4:a4:1a:
d3:00:72:be:e7:b1:04:32:91:4c:41:71:d3:ca:49:95:a1:36:
af:12:9d:82:b4:e7:11:dd:c6:02:95:8e:58:ef:41:36:18:9b:
bf:bb:c8:88:61:a8:cf:8b:5d:e8:18:c7:01:f5:ed:13:e0:01:
db:78:a3:90:d4:06:95:50:16:88:3f:a5:19:27:ba:18:36:99:
95:87:1e:49:f9:bc:37:7f:ac:7a:22:f5:f6:27:09:08:7d:9a:
ef:1a:6e:e1
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZKqyzSciRZqACjy7K9YzXMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyODNjNGFkMmZkODcyNGE4YzdkNWVhZjQzMTgxNGNiM2Qx
NTEyN2UwHhcNMjQxMDIwMTYzODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDc0MTk3ZjU2N2NmMjJlOTRiMTg2YWRiYWM3ZWNlYWQ5NjEyNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqo77dAIPREMSMxAD/JMGGkTfNtIb
zkO5BCGLPgCjgzwPiaML48geaU14EWYMJshqpc5VEzIy+mgPCSAbhkGCDZ4YDHrR
iz0Mcdj5LSFKB20MDVD/MPh9mfTE0RZ3DrR9i5TqSkzf/+gvVVOjIsEGoVeLrUDs
lYueGoFOlNGG1gCxic04/9+0OVtqJXKYhVavK5pBa7oaUFuyZh+6tldCS7Xte/HR
ZH+T72bHX3idI1JjVZw3GNH7SJYqgsQgZw6O0Hn1jVFjYl9EkQzQcj6/9I+sJCgL
m7yg6GBZOm4YMC2VVk9NstLFbzXat8b7k5qlEto7QewTdTxwdWh3bm/Z6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGR0GX9WfPIulLGGrbrH7OrZYSbdMB8GA1UdIwQY
MBaAFOKDxK0v2HJKjH1er0MYFMs9FRJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG9QRXJTX1lja3FNZlY2dlF4Z1V5ejBWRW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOGNjNjYtY2M2NS00ZGMyLWFlODYt
NjFjMWVjYWFiNTVmLzEvWkhRWmYxWjg4aTZVc1lhdHVzZnM2dGxoSnQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOGNjNjYtY2M2NS00ZGMyLWFlODYtNjFjMWVjYWFiNTVm
LzEvNG9QRXJTX1lja3FNZlY2dlF4Z1V5ejBWRW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVzIMA0E
AgACMAcDBQAqA40gMA0GCSqGSIb3DQEBCwUAA4IBAQCvh+vXW6El5AaFBrSoIg0T
7k6Zj/onPzdG2QixHpUoRDq8Z+G81rBA3ZjbTdQUIwrpwMHZLhMqONfiKWNRaBfs
p+EvZCy3VCPfzTs9u3JLUZPar+jHmQElcxFHvjxd67KgUH9PI08cd+lVuQY713Gs
FQi3cBgYuI7pE8AddrwjOwEhIQQE0jF95SEtdS4vIucNqeuYs3L5enfUgBvuldzk
pBrTAHK+57EEMpFMQXHTykmVoTavEp2CtOcR3cYClY5Y70E2GJu/u8iIYajPi13o
GMcB9e0T4AHbeKOQ1AaVUBaIP6UZJ7oYNpmVhx5J+bw3f6x6IvX2JwkIfZrvGm7h
-----END CERTIFICATE-----
Generated at Sun Oct 20 18:56:41 2024 by rpki-client on console-fra.rpki-client.org