Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZfgLcQwtJ8nWq87vfWhObPd8Nao.roa
File: ZfgLcQwtJ8nWq87vfWhObPd8Nao.roa (raw, json)
Hash identifier: ah7QShS1DRyVjZxQEowVvOoh7mWk3kXBc3uknNmzofY=
Subject key identifier: 65:F8:0B:71:0C:2D:27:C9:D6:AB:CE:EF:7D:68:4E:6C:F7:7C:35:AA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0186597878EAF60C5BEE40D3EC2922FD5B32
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZfgLcQwtJ8nWq87vfWhObPd8Nao.roa
Signing time: Thu 16 Feb 2023 09:05:12 +0000
ROA not before: Thu 16 Feb 2023 09:05:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 82.153.250.0/24 maxlen: 24
81.168.35.0/24 maxlen: 24
82.153.221.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:35:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:59:78:78:ea:f6:0c:5b:ee:40:d3:ec:29:22:fd:5b:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 16 09:05:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f80b710c2d27c9d6abceef7d684e6cf77c35aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:04:ad:ad:a7:23:64:4e:75:14:72:f8:8d:1d:
fa:a0:c2:a2:47:e4:e0:31:04:8d:ef:a2:a4:e9:57:
a1:61:56:64:93:99:0e:66:f2:8a:20:0a:56:8d:7e:
55:25:0c:27:e3:ce:19:1c:51:bc:db:0f:59:89:88:
c5:ea:dc:fc:eb:e4:4a:2a:1a:3a:c1:27:f9:62:2c:
a0:26:81:1d:6c:34:d5:a6:9e:55:9b:8b:ee:59:19:
ec:b0:b3:ed:88:0a:e1:82:48:65:6c:d3:e6:8a:e1:
d7:0e:d5:09:fc:cf:18:60:18:2b:27:76:e3:3d:2a:
9b:68:30:8c:41:8c:e1:38:1c:18:68:7c:38:fc:2a:
10:88:f3:96:5c:15:18:9e:e2:bc:13:20:a9:af:73:
01:a4:9d:13:bb:9a:22:35:f1:f4:d2:42:a2:79:0a:
3d:34:62:27:b1:90:dd:ed:55:04:37:27:34:12:f1:
e8:67:ae:d0:1d:2a:2b:4b:e8:a5:22:40:08:2e:e0:
d6:0a:e3:ef:8c:17:1d:63:4c:2a:fe:13:a6:66:a7:
84:87:4b:1c:35:0f:70:3d:8d:62:c6:09:4e:f5:56:
1e:5b:74:06:e7:fb:58:91:bf:b5:03:38:79:c1:1f:
05:89:28:e7:f4:91:97:14:70:18:97:55:5f:a4:bd:
40:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F8:0B:71:0C:2D:27:C9:D6:AB:CE:EF:7D:68:4E:6C:F7:7C:35:AA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZfgLcQwtJ8nWq87vfWhObPd8Nao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.35.0/24
82.153.220.0/23
82.153.223.0/24
82.153.250.0/24
Signature Algorithm: sha256WithRSAEncryption
98:82:9a:c3:06:98:dd:86:11:f7:a9:9a:70:61:72:c2:23:2d:
2a:5b:7d:2b:18:38:7a:41:84:6a:73:b8:97:4e:cc:55:30:6e:
70:82:90:43:1d:a2:22:08:29:85:d3:d6:00:5c:5f:4e:04:96:
72:b9:7c:bf:12:22:8e:bb:95:9e:16:4c:90:ad:9b:66:04:d9:
25:32:06:f3:a2:cb:08:99:eb:04:c4:95:48:36:07:bd:95:80:
24:0d:d2:1f:43:dc:32:47:1b:12:a0:e7:b3:2a:15:4d:4b:03:
88:f3:86:53:a5:49:25:b5:30:2b:0a:3c:c6:c3:28:a4:2f:87:
a2:87:d0:3a:de:bf:c2:80:25:91:74:6d:ee:30:e2:e8:32:e6:
43:ee:3d:a5:0d:cb:7c:37:3c:c2:9f:aa:13:18:51:70:f4:90:
46:d7:4d:40:a4:1c:45:28:82:9d:59:f8:55:07:e5:3f:68:f3:
63:e3:82:1d:49:94:03:f0:88:2b:9f:59:fe:5c:4b:3d:07:03:
a2:d1:a6:95:6e:58:35:84:1e:0b:26:9d:f3:04:cf:34:24:50:
d2:53:63:21:f9:cb:7d:d7:75:80:38:c2:13:56:f1:11:55:16:
13:30:a5:24:67:34:bb:65:df:77:b3:8d:cd:16:26:25:4a:b5:
0c:5f:13:9a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYZZeHjq9gxb7kDT7Cki/VsyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMjE2MDkwNTEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWY4MGI3MTBjMmQyN2M5ZDZhYmNlZWY3ZDY4NGU2Y2Y3N2MzNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhAStracjZE51FHL4jR36oMKiR+Tg
MQSN76Kk6VehYVZkk5kOZvKKIApWjX5VJQwn484ZHFG82w9ZiYjF6tz86+RKKho6
wSf5YiygJoEdbDTVpp5Vm4vuWRnssLPtiArhgkhlbNPmiuHXDtUJ/M8YYBgrJ3bj
PSqbaDCMQYzhOBwYaHw4/CoQiPOWXBUYnuK8EyCpr3MBpJ0Tu5oiNfH00kKieQo9
NGInsZDd7VUENyc0EvHoZ67QHSorS+ilIkAILuDWCuPvjBcdY0wq/hOmZqeEh0sc
NQ9wPY1ixglO9VYeW3QG5/tYkb+1Azh5wR8FiSjn9JGXFHAYl1VfpL1AVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGX4C3EMLSfJ1qvO731oTmz3fDWqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWmZnTGNRd3RKOG5XcTg3dmZXaE9iUGQ4TmFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUagjAwQB
UpncAwQAUpnfAwQAUpn6MA0GCSqGSIb3DQEBCwUAA4IBAQCYgprDBpjdhhH3qZpw
YXLCIy0qW30rGDh6QYRqc7iXTsxVMG5wgpBDHaIiCCmF09YAXF9OBJZyuXy/EiKO
u5WeFkyQrZtmBNklMgbzossImesExJVINge9lYAkDdIfQ9wyRxsSoOezKhVNSwOI
84ZTpUkltTArCjzGwyikL4eih9A63r/CgCWRdG3uMOLoMuZD7j2lDct8NzzCn6oT
GFFw9JBG101ApBxFKIKdWfhVB+U/aPNj44IdSZQD8Igrn1n+XEs9BwOi0aaVblg1
hB4LJp3zBM80JFDSU2Mh+ct913WAOMITVvERVRYTMKUkZzS7Zd93s43NFiYlSrUM
XxOa
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:22:24 2024 by rpki-client on console-ams.rpki-client.org