Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zkCgtj8T8RcqOgcpRYmmoWzSzsE.roa
File: zkCgtj8T8RcqOgcpRYmmoWzSzsE.roa (raw, json)
Hash identifier: fldsSQjhAZ1HcLj/C8FSbcViFf8nvs9Al2EKyCXdiiw=
Subject key identifier: CE:40:A0:B6:3F:13:F1:17:2A:3A:07:29:45:89:A6:A1:6C:D2:CE:C1
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC79469848AEA1BC109D33CED5ED99038
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zkCgtj8T8RcqOgcpRYmmoWzSzsE.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 168.199.212.0/22 maxlen: 24
147.136.68.0/22 maxlen: 24
147.136.76.0/22 maxlen: 24
147.136.84.0/22 maxlen: 24
168.199.128.0/22 maxlen: 24
185.101.244.0/23 maxlen: 24
185.101.246.0/23 maxlen: 24
168.199.160.0/22 maxlen: 24
168.199.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 08 Jan 2024 00:22:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:69:84:8a:ea:1b:c1:09:d3:3c:ed:5e:d9:90:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce40a0b63f13f1172a3a07294589a6a16cd2cec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:16:7c:72:2e:61:8b:12:dd:af:3f:cd:69:27:
cc:d6:92:c2:68:52:47:61:02:c3:35:87:ca:6e:99:
8b:50:dd:34:86:70:9b:b2:3e:04:5e:86:0e:2f:11:
04:86:6d:3a:77:55:7e:b6:e8:6d:51:3f:10:50:2d:
56:ec:cf:65:61:ee:4f:d6:cf:64:a7:dc:fe:f9:b1:
91:86:d3:22:42:1a:b2:ab:6a:59:f8:64:f8:dc:5d:
17:63:79:16:2d:63:24:76:3a:45:2c:9b:a0:91:74:
e3:4b:a0:c7:41:73:d5:b7:c7:a8:c4:1e:5e:a0:1a:
6d:d1:c8:b4:21:f8:5e:a3:5b:ab:e5:b8:2d:bd:37:
65:a6:4b:a5:7a:a5:70:00:6d:07:e9:c3:be:13:ff:
61:d2:21:ea:58:ec:d4:6b:28:73:c4:5d:a7:9a:ba:
e0:4b:ac:25:05:17:b8:8d:3b:06:37:0a:9c:58:58:
6d:46:da:d8:e0:5f:63:3e:de:ae:75:09:03:68:eb:
a3:31:9c:49:bf:5b:02:11:81:ce:67:2c:cd:fb:a3:
26:98:fd:dc:42:3c:15:f1:f4:04:3c:54:f4:b9:8f:
ed:0b:5b:c4:4d:7c:cc:cc:21:1c:5f:03:67:3b:71:
29:fa:5a:e8:b4:d7:16:03:f4:9f:57:93:e8:c6:f7:
9f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:40:A0:B6:3F:13:F1:17:2A:3A:07:29:45:89:A6:A1:6C:D2:CE:C1
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/zkCgtj8T8RcqOgcpRYmmoWzSzsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.68.0/22
147.136.76.0/22
147.136.84.0/22
168.199.128.0/22
168.199.160.0/22
168.199.192.0/22
168.199.212.0/22
185.101.244.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:b3:66:8f:b4:80:7c:9f:16:2f:55:56:88:22:64:8d:01:90:
ab:f5:24:60:54:98:d6:b2:8a:45:cd:94:ba:0b:27:fe:78:38:
9d:15:a3:5f:c7:34:84:cc:ad:73:84:8b:b3:a0:7b:bf:09:c4:
5a:c4:83:ed:2c:cd:72:4a:c1:c3:ab:99:37:54:e8:e4:91:b2:
2a:2f:6d:e0:e7:6a:0b:ab:38:9a:3d:a9:4c:e6:d4:bb:e9:cf:
88:07:00:c8:f9:af:47:f4:58:e2:44:cc:a5:29:d2:14:b2:5c:
9c:49:4d:1e:bc:13:6c:1c:a6:be:6f:e6:d0:10:86:25:26:0e:
9f:a1:a9:e7:cd:3a:96:ef:ec:c3:62:63:e6:46:ae:2e:22:92:
3d:0f:f8:4c:73:bf:5e:7e:17:4d:9b:6b:21:f4:bd:78:9b:02:
90:7a:b1:61:00:b2:ae:d9:40:11:dd:1a:97:64:c4:c5:cd:ca:
82:27:14:8e:5b:d0:7a:69:04:b4:13:7d:e5:9e:b2:ca:11:cb:
bd:51:4e:62:0a:10:02:ac:90:76:8f:43:8e:a8:bc:96:9c:9d:
42:dc:92:10:05:db:1f:79:ad:4f:ee:07:cb:96:f5:f5:65:e7:
bd:76:cd:0d:2f:68:68:ad:53:32:fd:84:ea:bd:22:99:04:ae:
48:80:b5:c3
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzHlGmEiuobwQnTPO1e2ZA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQwYTBiNjNmMTNmMTE3MmEzYTA3Mjk0NTg5YTZhMTZjZDJjZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBZ8ci5hixLdrz/NaSfM1pLCaFJH
YQLDNYfKbpmLUN00hnCbsj4EXoYOLxEEhm06d1V+tuhtUT8QUC1W7M9lYe5P1s9k
p9z++bGRhtMiQhqyq2pZ+GT43F0XY3kWLWMkdjpFLJugkXTjS6DHQXPVt8eoxB5e
oBpt0ci0Ifheo1ur5bgtvTdlpkuleqVwAG0H6cO+E/9h0iHqWOzUayhzxF2nmrrg
S6wlBRe4jTsGNwqcWFhtRtrY4F9jPt6udQkDaOujMZxJv1sCEYHOZyzN+6MmmP3c
QjwV8fQEPFT0uY/tC1vETXzMzCEcXwNnO3Ep+lrotNcWA/SfV5PoxvefswIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFM5AoLY/E/EXKjoHKUWJpqFs0s7BMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvemtDZ3RqOFQ4UmNxT2djcFJZbW1vV3pTenNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCk4hEAwQC
k4hMAwQCk4hUAwQCqMeAAwQCqMegAwQCqMfAAwQCqMfUAwQCuWX0MA0GCSqGSIb3
DQEBCwUAA4IBAQBvs2aPtIB8nxYvVVaIImSNAZCr9SRgVJjWsopFzZS6Cyf+eDid
FaNfxzSEzK1zhIuzoHu/CcRaxIPtLM1ySsHDq5k3VOjkkbIqL23g52oLqziaPalM
5tS76c+IBwDI+a9H9FjiRMylKdIUslycSU0evBNsHKa+b+bQEIYlJg6foannzTqW
7+zDYmPmRq4uIpI9D/hMc79efhdNm2sh9L14mwKQerFhALKu2UAR3RqXZMTFzcqC
JxSOW9B6aQS0E33lnrLKEcu9UU5iChACrJB2j0OOqLyWnJ1C3JIQBdsfea1P7gfL
lvX1Zee9ds0NL2horVMy/YTqvSKZBK5IgLXD
-----END CERTIFICATE-----
Generated at Mon Jan 8 03:39:50 2024 by rpki-client on console-fra.rpki-client.org