Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/ZpZwCmilM3Fker-oREZRN2-41Zo.roa
File: ZpZwCmilM3Fker-oREZRN2-41Zo.roa (raw, json)
Hash identifier: ukJKsB8IAGMh9Gd4HUm4m/lUVvdrJ8kwGqY5Aqgmkks=
Subject key identifier: 66:96:70:0A:68:A5:33:71:64:7A:BF:A8:44:46:51:37:6F:B8:D5:9A
Certificate issuer: /CN=b6e0fe0faf6844988af2f744d516edb9c5dfe71c
Certificate serial: 0185C849D359017C30359972D5AEC26F8F86
Authority key identifier: B6:E0:FE:0F:AF:68:44:98:8A:F2:F7:44:D5:16:ED:B9:C5:DF:E7:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tuD-D69oRJiK8vdE1RbtucXf5xw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/ZpZwCmilM3Fker-oREZRN2-41Zo.roa
Signing time: Thu 19 Jan 2023 04:29:19 +0000
ROA not before: Thu 19 Jan 2023 04:29:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41124
IP address blocks: 185.27.69.0/24 maxlen: 24
185.27.70.0/24 maxlen: 24
185.27.71.0/24 maxlen: 24
185.27.68.0/24 maxlen: 24
89.107.97.0/24 maxlen: 24
89.107.98.0/24 maxlen: 24
89.107.96.0/24 maxlen: 24
89.107.100.0/24 maxlen: 24
89.107.101.0/24 maxlen: 24
89.107.102.0/24 maxlen: 24
89.107.103.0/24 maxlen: 24
89.107.99.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:c8:49:d3:59:01:7c:30:35:99:72:d5:ae:c2:6f:8f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6e0fe0faf6844988af2f744d516edb9c5dfe71c
Validity
Not Before: Jan 19 04:29:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6696700a68a53371647abfa8444651376fb8d59a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:44:75:b1:7c:b0:26:e7:85:ec:b2:e0:87:53:
b7:be:a3:28:d2:3e:cf:6c:f8:da:f7:95:81:da:9e:
72:61:70:22:81:1a:03:f5:9d:fa:3f:27:24:78:68:
82:6b:7b:9a:43:2d:a2:57:69:03:11:4c:04:97:f2:
58:5e:92:92:f9:cb:16:6b:b8:ba:3c:f7:df:95:02:
8c:7e:24:c4:93:59:74:72:ad:f3:f3:e2:4d:b1:66:
ff:62:d7:a8:d1:75:39:9a:51:7d:2c:b1:db:f1:bb:
12:36:58:4c:a1:2a:bc:d1:9c:52:81:4b:7c:c5:9c:
5e:07:01:92:f6:29:c1:53:b7:72:90:87:84:b7:c8:
d4:66:c6:58:8e:59:4f:81:a8:99:a5:0f:9f:ba:28:
26:ac:0b:f2:ff:5d:13:83:70:3e:15:5b:c7:0f:69:
21:fc:81:e4:e3:86:d0:2c:e0:86:e6:97:5f:1a:64:
47:ce:fe:88:c7:bf:cb:27:08:96:f0:20:35:ae:2b:
11:a5:85:e3:f8:d3:22:3e:e3:3c:20:3a:a3:ca:62:
f2:42:f4:5a:60:2b:59:8b:f6:4d:78:aa:e0:e7:76:
65:83:d7:53:4c:a2:61:8b:8f:4a:c1:61:7b:b3:b5:
b8:59:72:0b:5a:99:bd:59:fa:96:c5:9b:33:26:f1:
be:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:96:70:0A:68:A5:33:71:64:7A:BF:A8:44:46:51:37:6F:B8:D5:9A
X509v3 Authority Key Identifier:
keyid:B6:E0:FE:0F:AF:68:44:98:8A:F2:F7:44:D5:16:ED:B9:C5:DF:E7:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tuD-D69oRJiK8vdE1RbtucXf5xw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/ZpZwCmilM3Fker-oREZRN2-41Zo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/d2a9bc-13b1-4b30-b563-209e1f84224e/1/tuD-D69oRJiK8vdE1RbtucXf5xw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.96.0/21
185.27.68.0/22
Signature Algorithm: sha256WithRSAEncryption
7d:7b:57:c5:32:d5:92:a2:9b:cc:a4:cf:06:0f:4e:84:40:ad:
b3:80:45:a5:a9:0c:49:9f:f4:99:0d:6f:42:b7:01:a7:4f:b4:
3c:2e:2b:0d:2f:60:bb:b2:51:12:d8:dd:e4:df:3f:96:b5:c1:
de:4d:26:dc:b5:7d:32:31:e7:3c:3b:11:e1:84:f8:7c:7b:c4:
5f:0e:a7:f5:c7:88:76:dc:b7:68:ef:77:60:a6:d6:dd:ab:b3:
6e:73:79:16:e9:fe:f3:7f:7e:cc:86:3f:7a:2a:96:a5:3f:eb:
25:c5:2d:bc:b3:07:08:ef:a7:17:3a:21:80:74:cb:14:c4:74:
95:b6:f7:09:a9:05:6a:99:06:4e:5b:e4:cd:5f:ae:e1:11:a2:
09:6a:47:b7:3d:1f:4d:aa:44:d9:5b:f2:fc:43:ad:f5:24:64:
60:84:fd:8b:9a:09:77:7d:0e:40:4e:87:95:ce:6b:92:0b:17:
ee:7d:d0:f8:29:03:1e:10:21:1a:a7:e7:26:0b:9a:9c:75:ad:
b4:66:5f:da:3c:68:e0:5b:94:62:48:46:c2:1c:d3:82:ce:0f:
18:63:a7:de:db:66:54:ed:5d:25:65:ec:a8:d5:91:40:b6:9e:
a0:83:08:12:03:48:b1:97:64:0c:9b:fc:49:ff:b0:b7:19:f5:
6f:8a:6c:1c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYXISdNZAXwwNZly1a7Cb4+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZTBmZTBmYWY2ODQ0OTg4YWYyZjc0NGQ1MTZlZGI5YzVk
ZmU3MWMwHhcNMjMwMTE5MDQyOTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njk2NzAwYTY4YTUzMzcxNjQ3YWJmYTg0NDQ2NTEzNzZmYjhkNTlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnER1sXywJueF7LLgh1O3vqMo0j7P
bPja95WB2p5yYXAigRoD9Z36PyckeGiCa3uaQy2iV2kDEUwEl/JYXpKS+csWa7i6
PPfflQKMfiTEk1l0cq3z8+JNsWb/Yteo0XU5mlF9LLHb8bsSNlhMoSq80ZxSgUt8
xZxeBwGS9inBU7dykIeEt8jUZsZYjllPgaiZpQ+fuigmrAvy/10Tg3A+FVvHD2kh
/IHk44bQLOCG5pdfGmRHzv6Ix7/LJwiW8CA1risRpYXj+NMiPuM8IDqjymLyQvRa
YCtZi/ZNeKrg53Zlg9dTTKJhi49KwWF7s7W4WXILWpm9WfqWxZszJvG+TQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGaWcApopTNxZHq/qERGUTdvuNWaMB8GA1UdIwQY
MBaAFLbg/g+vaESYivL3RNUW7bnF3+ccMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHVELUQ2OW9SSmlLOHZkRTFSYnR1Y1hmNXh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9kMmE5YmMtMTNiMS00YjMwLWI1NjMt
MjA5ZTFmODQyMjRlLzEvWnBad0NtaWxNM0ZrZXItb1JFWlJOMi00MVpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9kMmE5YmMtMTNiMS00YjMwLWI1NjMtMjA5ZTFmODQyMjRl
LzEvdHVELUQ2OW9SSmlLOHZkRTFSYnR1Y1hmNXh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWtgAwQC
uRtEMA0GCSqGSIb3DQEBCwUAA4IBAQB9e1fFMtWSopvMpM8GD06EQK2zgEWlqQxJ
n/SZDW9CtwGnT7Q8LisNL2C7slES2N3k3z+WtcHeTSbctX0yMec8OxHhhPh8e8Rf
Dqf1x4h23Ldo73dgptbdq7Nuc3kW6f7zf37Mhj96KpalP+slxS28swcI76cXOiGA
dMsUxHSVtvcJqQVqmQZOW+TNX67hEaIJake3PR9NqkTZW/L8Q631JGRghP2Lmgl3
fQ5AToeVzmuSCxfufdD4KQMeECEap+cmC5qcda20Zl/aPGjgW5RiSEbCHNOCzg8Y
Y6fe22ZU7V0lZeyo1ZFAtp6ggwgSA0ixl2QMm/xJ/7C3GfVvimwc
-----END CERTIFICATE-----
Generated at Mon Jan 1 06:31:24 2024 by rpki-client on console-fra.rpki-client.org