Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/f6ee9d-756f-437e-bc03-e703e94b7beb/1/Zzg-Zwoydlufyn9Z4FVOnRNOVzk.roa
File: Zzg-Zwoydlufyn9Z4FVOnRNOVzk.roa (raw, json)
Hash identifier: 03TTPV29VR0oxVCSBF/DkMGW647tPlRva+w5GNxJZek=
Subject key identifier: 67:38:3E:67:0A:32:76:5B:9F:CA:7F:59:E0:55:4E:9D:13:4E:57:39
Certificate issuer: /CN=74b33fb20dd557cd0b14edfe10880f0e0d21c529
Certificate serial: 01856C5C9DD6EDA2AC42AFA40C58BC381EEE
Authority key identifier: 74:B3:3F:B2:0D:D5:57:CD:0B:14:ED:FE:10:88:0F:0E:0D:21:C5:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dLM_sg3VV80LFO3-EIgPDg0hxSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/f6ee9d-756f-437e-bc03-e703e94b7beb/1/Zzg-Zwoydlufyn9Z4FVOnRNOVzk.roa
Signing time: Sun 01 Jan 2023 08:04:47 +0000
ROA not before: Sun 01 Jan 2023 08:04:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60232
IP address blocks: 185.28.0.0/22 maxlen: 24
185.28.0.0/24 maxlen: 24
185.28.1.0/24 maxlen: 24
185.28.3.0/24 maxlen: 24
185.28.2.0/24 maxlen: 24
37.75.9.0/24 maxlen: 24
37.75.8.0/21 maxlen: 21
37.75.8.0/24 maxlen: 24
37.75.11.0/24 maxlen: 24
37.75.10.0/24 maxlen: 24
195.142.104.0/24 maxlen: 24
37.75.12.0/24 maxlen: 24
37.75.14.0/24 maxlen: 24
37.75.13.0/24 maxlen: 24
37.75.15.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:5c:9d:d6:ed:a2:ac:42:af:a4:0c:58:bc:38:1e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74b33fb20dd557cd0b14edfe10880f0e0d21c529
Validity
Not Before: Jan 1 08:04:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67383e670a32765b9fca7f59e0554e9d134e5739
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fb:a5:01:94:45:83:9e:2a:ff:fd:67:f0:03:
b5:fd:16:1d:b5:eb:38:4c:be:d6:95:88:a5:8e:89:
82:70:78:8c:23:48:85:e4:a1:a3:59:c1:cd:82:55:
76:3f:42:25:aa:26:53:82:3b:90:b4:51:be:c6:4c:
bd:dc:99:a8:ab:61:01:0f:b9:da:7b:41:12:6d:e4:
fc:4f:07:11:e2:23:62:7e:5b:22:dd:7f:d1:ca:79:
a3:c6:70:ce:e0:03:ae:12:ce:fa:c4:bb:06:7d:33:
0a:e6:f2:27:32:00:40:d4:e5:a3:b4:2b:67:f6:38:
03:5c:12:28:29:6f:84:4a:fd:34:a6:37:45:7b:56:
12:73:10:ee:ef:c7:32:98:15:c6:b4:1d:db:a6:b3:
34:6c:da:45:fb:ed:e5:29:87:a4:28:f1:41:96:2f:
47:c6:36:46:df:8b:7a:69:94:6f:fa:e3:88:e5:67:
48:75:f6:ce:bb:d0:92:bd:cf:2c:8d:74:e7:00:09:
99:a7:8b:75:ab:18:22:60:d5:58:00:96:4e:bb:e2:
b5:75:e4:a6:88:ca:d1:48:ee:20:ec:5e:2e:06:ec:
b2:0b:ee:93:86:54:17:2a:b6:2a:ac:b3:b8:28:05:
da:39:ff:d5:dd:9e:f7:e2:ff:b6:95:fa:d3:f2:7e:
0a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:38:3E:67:0A:32:76:5B:9F:CA:7F:59:E0:55:4E:9D:13:4E:57:39
X509v3 Authority Key Identifier:
keyid:74:B3:3F:B2:0D:D5:57:CD:0B:14:ED:FE:10:88:0F:0E:0D:21:C5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dLM_sg3VV80LFO3-EIgPDg0hxSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6ee9d-756f-437e-bc03-e703e94b7beb/1/Zzg-Zwoydlufyn9Z4FVOnRNOVzk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/f6ee9d-756f-437e-bc03-e703e94b7beb/1/dLM_sg3VV80LFO3-EIgPDg0hxSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.8.0/21
185.28.0.0/22
195.142.104.0/24
Signature Algorithm: sha256WithRSAEncryption
04:4e:8f:19:5e:c5:a4:74:be:68:92:60:3d:82:dc:21:3d:f7:
ff:8d:5d:53:d7:61:04:dc:a8:40:74:f3:c2:15:96:ad:9a:8a:
e6:13:0d:cd:f8:a1:62:20:56:81:af:07:34:a6:a4:f3:38:f0:
c4:f1:34:8c:f2:9b:55:79:00:ef:9c:00:84:b3:2a:2e:69:8d:
ba:df:9a:90:24:2e:3f:2d:b4:7e:87:e2:1d:75:6e:a7:b4:02:
fb:bc:71:9c:cf:8d:aa:c9:7f:2c:a2:0e:ca:7d:ff:d9:c5:46:
19:96:3b:67:c4:9d:0a:e6:c5:be:6b:4a:80:36:48:79:7b:4d:
82:7f:e8:cf:15:99:38:5c:fd:87:ac:6c:5a:e4:32:2e:1c:f2:
6a:20:f2:d7:47:7b:72:da:26:64:bc:cc:83:cb:03:da:99:74:
89:4a:35:cf:a4:51:2b:09:9c:2f:c0:d7:4d:b6:2b:eb:94:33:
3e:2f:f2:12:0b:61:36:fe:c1:c6:af:07:12:16:ff:91:05:e7:
eb:ca:70:e8:41:1f:ac:df:c6:f3:a0:e6:46:76:35:9b:fc:52:
72:ee:b0:9d:04:7a:4e:aa:f2:95:6e:93:a9:2f:0b:27:d4:8b:
2d:0a:92:2c:38:5b:43:f2:2a:d2:0a:ab:45:ee:6c:35:e0:bc:
e0:bc:97:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVsXJ3W7aKsQq+kDFi8OB7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0YjMzZmIyMGRkNTU3Y2QwYjE0ZWRmZTEwODgwZjBlMGQy
MWM1MjkwHhcNMjMwMTAxMDgwNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzM4M2U2NzBhMzI3NjViOWZjYTdmNTllMDU1NGU5ZDEzNGU1NzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/ulAZRFg54q//1n8AO1/RYdtes4
TL7WlYiljomCcHiMI0iF5KGjWcHNglV2P0IlqiZTgjuQtFG+xky93Jmoq2EBD7na
e0ESbeT8TwcR4iNiflsi3X/RynmjxnDO4AOuEs76xLsGfTMK5vInMgBA1OWjtCtn
9jgDXBIoKW+ESv00pjdFe1YScxDu78cymBXGtB3bprM0bNpF++3lKYekKPFBli9H
xjZG34t6aZRv+uOI5WdIdfbOu9CSvc8sjXTnAAmZp4t1qxgiYNVYAJZOu+K1deSm
iMrRSO4g7F4uBuyyC+6ThlQXKrYqrLO4KAXaOf/V3Z734v+2lfrT8n4KOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGc4PmcKMnZbn8p/WeBVTp0TTlc5MB8GA1UdIwQY
MBaAFHSzP7IN1VfNCxTt/hCIDw4NIcUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZExNX3NnM1ZWODBMRk8zLUVJZ1BEZzBoeFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mNmVlOWQtNzU2Zi00MzdlLWJjMDMt
ZTcwM2U5NGI3YmViLzEvWnpnLVp3b3lkbHVmeW45WjRGVk9uUk5PVnprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mNmVlOWQtNzU2Zi00MzdlLWJjMDMtZTcwM2U5NGI3YmVi
LzEvZExNX3NnM1ZWODBMRk8zLUVJZ1BEZzBoeFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJUsIAwQC
uRwAAwQAw45oMA0GCSqGSIb3DQEBCwUAA4IBAQAETo8ZXsWkdL5okmA9gtwhPff/
jV1T12EE3KhAdPPCFZatmormEw3N+KFiIFaBrwc0pqTzOPDE8TSM8ptVeQDvnACE
syouaY2635qQJC4/LbR+h+IddW6ntAL7vHGcz42qyX8sog7Kff/ZxUYZljtnxJ0K
5sW+a0qANkh5e02Cf+jPFZk4XP2HrGxa5DIuHPJqIPLXR3ty2iZkvMyDywPamXSJ
SjXPpFErCZwvwNdNtivrlDM+L/ISC2E2/sHGrwcSFv+RBefrynDoQR+s38bzoOZG
djWb/FJy7rCdBHpOqvKVbpOpLwsn1IstCpIsOFtD8irSCqtF7mw14LzgvJdB
-----END CERTIFICATE-----
Generated at Tue Jan 2 09:01:20 2024 by rpki-client on console-ams.rpki-client.org