Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZUel-W5jDP0APadiL_hi6Ir8BV0.roa
File: ZUel-W5jDP0APadiL_hi6Ir8BV0.roa (raw, json)
Hash identifier: BQ+FAetOqlvquq71jTnE520E8ylfQn1iCheAciw3ri8=
Subject key identifier: 65:47:A5:F9:6E:63:0C:FD:00:3D:A7:62:2F:F8:62:E8:8A:FC:05:5D
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01861610903CA47375745C64D2447CDCEB1C
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZUel-W5jDP0APadiL_hi6Ir8BV0.roa
Signing time: Fri 03 Feb 2023 06:57:09 +0000
ROA not before: Fri 03 Feb 2023 06:57:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207710
IP address blocks: 185.95.102.0/23 maxlen: 24
185.95.101.0/24 maxlen: 24
185.96.80.0/24 maxlen: 24
185.81.174.0/24 maxlen: 24
185.81.184.0/24 maxlen: 24
185.81.187.0/24 maxlen: 24
185.96.38.0/24 maxlen: 24
185.89.104.0/23 maxlen: 24
185.89.108.0/22 maxlen: 24
185.97.1.0/24 maxlen: 24
185.97.3.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Apr 2023 13:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:16:10:90:3c:a4:73:75:74:5c:64:d2:44:7c:dc:eb:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Feb 3 06:57:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6547a5f96e630cfd003da7622ff862e88afc055d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:33:78:2d:71:24:8f:99:b9:d8:1d:db:76:2b:
dc:b6:b6:e2:71:e1:ae:48:cb:32:f7:39:5a:20:67:
27:a5:fd:4a:4d:31:24:24:5b:79:31:6d:a1:ca:d9:
75:7b:63:03:17:2c:d8:b6:68:8f:60:21:c8:8c:17:
a7:11:fa:c3:d2:ea:b8:a8:fd:83:9a:2b:a9:b0:9e:
36:18:2d:27:ea:b8:ec:ae:1c:6c:b3:8e:c0:2d:ad:
ad:49:8d:d4:7a:5b:45:5b:e9:9a:d9:37:91:30:84:
3f:e4:a9:83:3c:21:ec:45:e2:31:28:65:4a:67:42:
ad:f6:1b:0b:b1:53:b0:dd:4f:8b:37:d8:76:24:b2:
1f:2e:b2:af:ab:e7:6c:b1:0a:61:0e:7f:cc:96:c1:
81:9b:4b:47:0b:9d:c3:ce:3a:bb:fa:32:7a:24:4e:
d6:e6:7a:33:5d:86:24:7f:52:72:fc:6c:bf:10:f2:
0d:60:69:b0:a7:68:61:bf:24:06:a4:a9:f8:60:08:
1d:39:4c:4b:84:ae:f5:51:55:4a:49:f4:e0:6e:fe:
89:7e:33:6e:b0:39:d9:97:5e:b4:bc:20:93:d7:bb:
82:1a:2a:02:ba:9c:bc:4c:9c:db:b8:bf:15:50:6c:
8d:12:fb:de:80:b0:e8:1a:de:ae:42:4d:96:5d:d0:
e8:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:47:A5:F9:6E:63:0C:FD:00:3D:A7:62:2F:F8:62:E8:8A:FC:05:5D
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/ZUel-W5jDP0APadiL_hi6Ir8BV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.174.0/24
185.81.184.0/24
185.81.187.0/24
185.89.104.0/23
185.89.108.0/22
185.95.101.0-185.95.103.255
185.96.38.0/24
185.96.80.0/24
185.97.1.0/24
185.97.3.0/24
Signature Algorithm: sha256WithRSAEncryption
11:77:43:22:71:2e:61:1d:c9:ea:3c:49:b9:09:8b:fa:5f:f2:
d9:c7:13:ca:a2:86:2c:85:0d:6e:f9:57:c9:9c:d1:ef:c7:32:
d1:81:47:3b:6b:94:16:26:b6:98:0c:82:6f:be:1d:d2:50:06:
c4:f4:83:75:fb:8d:c5:60:a0:09:5e:f1:e9:9e:b7:73:c6:43:
8c:83:e4:e1:a8:e1:59:8e:62:1f:7d:98:08:6b:28:f5:2d:48:
c1:30:b6:31:2a:7a:e9:bb:5b:56:b6:ae:97:4c:f6:0d:9d:da:
e8:ab:91:a6:60:46:4c:2a:7d:35:1f:0d:32:27:49:98:d2:7c:
0c:ef:e5:06:6d:73:92:0d:ee:81:ea:4a:56:d1:63:99:72:28:
f4:22:0a:29:c2:88:0a:2a:75:ab:ef:40:7f:7c:ae:52:38:f1:
96:0d:f2:cf:84:bb:3b:62:83:c1:4f:31:48:78:c4:bb:07:43:
c3:f6:9d:ee:e8:b0:e3:2a:df:9f:9e:72:a6:32:bd:ea:3f:9b:
d6:e5:63:cc:09:cf:de:27:b4:a0:a6:94:c6:bc:b9:b5:12:2d:
9c:52:d3:fc:fd:0d:48:b5:0c:06:65:98:0a:78:59:f4:6a:d8:
af:3a:00:70:2b:73:5a:82:80:51:8b:15:50:4c:6f:0f:fa:12:
3f:fc:a6:b9
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYYWEJA8pHN1dFxk0kR83OscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjMwMjAzMDY1NzA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ3YTVmOTZlNjMwY2ZkMDAzZGE3NjIyZmY4NjJlODhhZmMwNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzN4LXEkj5m52B3bdivctrbiceGu
SMsy9zlaIGcnpf1KTTEkJFt5MW2hytl1e2MDFyzYtmiPYCHIjBenEfrD0uq4qP2D
miupsJ42GC0n6rjsrhxss47ALa2tSY3UeltFW+ma2TeRMIQ/5KmDPCHsReIxKGVK
Z0Kt9hsLsVOw3U+LN9h2JLIfLrKvq+dssQphDn/MlsGBm0tHC53Dzjq7+jJ6JE7W
5nozXYYkf1Jy/Gy/EPINYGmwp2hhvyQGpKn4YAgdOUxLhK71UVVKSfTgbv6JfjNu
sDnZl160vCCT17uCGioCupy8TJzbuL8VUGyNEvvegLDoGt6uQk2WXdDorwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGVHpfluYwz9AD2nYi/4YuiK/AVdMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvWlVlbC1XNWpEUDBBUGFkaUxfaGk2SXI4QlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQAuVGuAwQA
uVG4AwQAuVG7AwQBuVloAwQCuVlsMAwDBAC5X2UDBAO5X2ADBAC5YCYDBAC5YFAD
BAC5YQEDBAC5YQMwDQYJKoZIhvcNAQELBQADggEBABF3QyJxLmEdyeo8SbkJi/pf
8tnHE8qihiyFDW75V8mc0e/HMtGBRztrlBYmtpgMgm++HdJQBsT0g3X7jcVgoAle
8emet3PGQ4yD5OGo4VmOYh99mAhrKPUtSMEwtjEqeum7W1a2rpdM9g2d2uirkaZg
RkwqfTUfDTInSZjSfAzv5QZtc5IN7oHqSlbRY5lyKPQiCinCiAoqdavvQH98rlI4
8ZYN8s+Euztig8FPMUh4xLsHQ8P2ne7osOMq35+ecqYyveo/m9blY8wJz94ntKCm
lMa8ubUSLZxS0/z9DUi1DAZlmAp4WfRq2K86AHArc1qCgFGLFVBMbw/6Ej/8prk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org