Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/ZAiV6oTTREpatVzdsDuivOh6Nmg.roa
File: ZAiV6oTTREpatVzdsDuivOh6Nmg.roa (raw, json)
Hash identifier: S1GlBsvmNc6LBsfT8Mwf84L5OGnwlpU7aR5NjDbO25g=
Subject key identifier: 64:08:95:EA:84:D3:44:4A:5A:B5:5C:DD:B0:3B:A2:BC:E8:7A:36:68
Certificate issuer: /CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Certificate serial: 01856D0169F2A9AE078F439FCE16073FA9F5
Authority key identifier: 58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/ZAiV6oTTREpatVzdsDuivOh6Nmg.roa
Signing time: Sun 01 Jan 2023 11:04:47 +0000
ROA not before: Sun 01 Jan 2023 11:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25542
IP address blocks: 185.111.120.0/22 maxlen: 24
185.111.122.0/24 maxlen: 24
185.2.24.0/22 maxlen: 24
80.247.160.0/20 maxlen: 24
193.239.88.0/22 maxlen: 24
185.139.148.0/22 maxlen: 24
85.255.208.0/20 maxlen: 24
81.26.208.0/20 maxlen: 24
81.26.208.0/24 maxlen: 24
81.26.219.0/24 maxlen: 24
87.237.96.0/23 maxlen: 24
94.126.64.0/21 maxlen: 24
87.237.100.0/23 maxlen: 24
62.148.160.0/19 maxlen: 24
62.148.160.0/24 maxlen: 24
81.93.48.0/20 maxlen: 24
2a06:5dc0::/29 maxlen: 48
2a02:728::/32 maxlen: 48
2001:16e8::/32 maxlen: 48
2a00:f80::/32 maxlen: 48
2a02:4640::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 18 Aug 2023 13:38:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:01:69:f2:a9:ae:07:8f:43:9f:ce:16:07:3f:a9:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58667131d760b5db1de98ea20c0f82fc01c9f1d9
Validity
Not Before: Jan 1 11:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=640895ea84d3444a5ab55cddb03ba2bce87a3668
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:19:d8:eb:06:75:bc:48:38:bd:90:09:f9:8e:
58:6a:8b:52:6f:32:e6:88:cb:7f:50:c0:d9:19:35:
d9:71:78:b4:c7:6c:85:4f:3f:4a:eb:71:92:de:7d:
0f:1c:b7:79:e2:9c:3b:7a:9a:7b:65:2d:ec:57:c8:
98:b1:50:d3:8d:6b:76:b8:39:43:ad:e3:b1:4b:0b:
80:d8:bb:e9:52:9f:84:9f:97:e4:70:75:89:53:a7:
09:07:83:e0:f9:69:aa:a7:49:55:2b:d0:f3:f8:54:
90:f9:c9:75:ec:2a:56:f1:3d:10:be:69:9c:c4:43:
d5:54:4b:13:6a:82:0d:f2:98:f5:0e:02:b7:76:2f:
64:78:bf:f1:4d:11:18:45:c4:9a:ac:65:cb:08:ce:
40:2b:9c:5b:34:18:db:c5:c5:78:4c:f0:ae:51:0b:
ae:18:7d:d1:ad:e1:57:ff:89:03:27:ed:69:23:fd:
76:b0:ad:08:12:b8:62:05:b0:ae:e5:d7:13:b7:36:
39:aa:b0:5d:43:d9:0c:8d:3f:67:41:e6:da:a2:83:
b8:ab:ff:5e:54:ae:f4:b0:c0:30:ea:17:1b:e1:44:
cb:43:0b:42:fa:9a:fb:2a:87:9f:93:a1:32:52:93:
16:3e:2e:5e:d6:46:5d:a8:7e:df:04:9f:1b:83:9b:
81:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:08:95:EA:84:D3:44:4A:5A:B5:5C:DD:B0:3B:A2:BC:E8:7A:36:68
X509v3 Authority Key Identifier:
keyid:58:66:71:31:D7:60:B5:DB:1D:E9:8E:A2:0C:0F:82:FC:01:C9:F1:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/ZAiV6oTTREpatVzdsDuivOh6Nmg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4a80e6-1d04-4647-a8d4-2481106f8b25/1/WGZxMddgtdsd6Y6iDA-C_AHJ8dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.148.160.0/19
80.247.160.0/20
81.26.208.0/20
81.93.48.0/20
85.255.208.0/20
87.237.96.0/23
87.237.100.0/23
94.126.64.0/21
185.2.24.0/22
185.111.120.0/22
185.139.148.0/22
193.239.88.0/22
IPv6:
2001:16e8::/32
2a00:f80::/32
2a02:728::/32
2a02:4640::/32
2a06:5dc0::/29
Signature Algorithm: sha256WithRSAEncryption
2d:57:37:f8:b5:0b:c4:4c:d7:52:cb:b4:f6:ee:03:b3:ed:2c:
a1:b1:69:ff:01:18:d8:0c:c0:79:ed:05:78:41:88:3a:a6:c7:
42:33:4e:aa:02:55:10:dd:f9:a1:1d:2d:54:97:0d:32:9e:61:
5d:09:eb:b0:fe:e1:2d:b4:90:92:c4:e4:54:a6:51:cf:3c:48:
dd:c0:69:13:4d:39:63:13:e4:cb:5f:a8:51:6d:76:a4:17:d8:
40:c5:0d:ff:6b:8b:05:6d:02:db:0d:0c:0b:fe:e5:45:56:0e:
01:18:f7:27:8c:b9:02:d3:af:e7:17:dd:c8:86:97:11:3c:35:
6c:8b:18:41:2d:09:6e:ff:84:67:9f:ab:a6:60:2f:da:bb:ab:
8f:aa:b4:8a:f8:af:e1:46:36:62:71:fc:79:5a:97:98:60:25:
4c:5f:e7:e1:2f:a4:6e:2d:13:d0:c0:c0:ae:2c:73:2d:db:b8:
ad:78:f6:bc:97:59:3a:b7:cc:44:15:3e:3b:4b:f4:3c:f1:18:
a7:0b:2f:62:76:8e:7c:44:6e:0c:9c:3f:ed:57:69:e0:f3:40:
13:2f:4a:74:59:76:0a:96:e9:b7:10:49:be:99:fb:16:b0:e7:
d3:45:fb:b0:81:ac:24:62:60:20:0f:21:d2:c2:63:06:b4:a3:
c7:d5:cc:64
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAYVtAWnyqa4Hj0OfzhYHP6n1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4NjY3MTMxZDc2MGI1ZGIxZGU5OGVhMjBjMGY4MmZjMDFj
OWYxZDkwHhcNMjMwMTAxMTEwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDA4OTVlYTg0ZDM0NDRhNWFiNTVjZGRiMDNiYTJiY2U4N2EzNjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRnY6wZ1vEg4vZAJ+Y5YaotSbzLm
iMt/UMDZGTXZcXi0x2yFTz9K63GS3n0PHLd54pw7epp7ZS3sV8iYsVDTjWt2uDlD
reOxSwuA2LvpUp+En5fkcHWJU6cJB4Pg+Wmqp0lVK9Dz+FSQ+cl17CpW8T0Qvmmc
xEPVVEsTaoIN8pj1DgK3di9keL/xTREYRcSarGXLCM5AK5xbNBjbxcV4TPCuUQuu
GH3RreFX/4kDJ+1pI/12sK0IErhiBbCu5dcTtzY5qrBdQ9kMjT9nQebaooO4q/9e
VK70sMAw6hcb4UTLQwtC+pr7Koefk6EyUpMWPi5e1kZdqH7fBJ8bg5uBIQIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFGQIleqE00RKWrVc3bA7orzoejZoMB8GA1UdIwQY
MBaAFFhmcTHXYLXbHemOogwPgvwByfHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQt
MjQ4MTEwNmY4YjI1LzEvWkFpVjZvVFRSRXBhdFZ6ZHNEdWl2T2g2Tm1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80YTgwZTYtMWQwNC00NjQ3LWE4ZDQtMjQ4MTEwNmY4YjI1
LzEvV0daeE1kZGd0ZHNkNlk2aURBLUNfQUhKOGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswTgQCAAEwSAMEBT6UoAME
BFD3oAMEBFEa0AMEBFFdMAMEBFX/0AMEAVftYAMEAVftZAMEA15+QAMEArkCGAME
ArlveAMEArmLlAMEAsHvWDApBAIAAjAjAwUAIAEW6AMFACoAD4ADBQAqAgcoAwUA
KgJGQAMFAyoGXcAwDQYJKoZIhvcNAQELBQADggEBAC1XN/i1C8RM11LLtPbuA7Pt
LKGxaf8BGNgMwHntBXhBiDqmx0IzTqoCVRDd+aEdLVSXDTKeYV0J67D+4S20kJLE
5FSmUc88SN3AaRNNOWMT5MtfqFFtdqQX2EDFDf9riwVtAtsNDAv+5UVWDgEY9yeM
uQLTr+cX3ciGlxE8NWyLGEEtCW7/hGefq6ZgL9q7q4+qtIr4r+FGNmJx/Hlal5hg
JUxf5+EvpG4tE9DAwK4scy3buK149ryXWTq3zEQVPjtL9DzxGKcLL2J2jnxEbgyc
P+1XaeDzQBMvSnRZdgqW6bcQSb6Z+xaw59NF+7CBrCRiYCAPIdLCYwa0o8fVzGQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:11 2024 by rpki-client on console-fra.rpki-client.org