Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/ZD-s7RdJ2xt0qcZhWbZal43rKiY.roa
File: ZD-s7RdJ2xt0qcZhWbZal43rKiY.roa (raw, json)
Hash identifier: i/Eq6iKcP72sdJLdyxCsEN5LRbOokDAqeN4GGk0s11U=
Subject key identifier: 64:3F:AC:ED:17:49:DB:1B:74:A9:C6:61:59:B6:5A:97:8D:EB:2A:26
Certificate issuer: /CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Certificate serial: 01880B414EB274B53F02F4C78ABC1BAC4F03
Authority key identifier: 40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/ZD-s7RdJ2xt0qcZhWbZal43rKiY.roa
Signing time: Thu 11 May 2023 14:40:09 +0000
ROA not before: Thu 11 May 2023 14:40:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50613
IP address blocks: 193.107.84.0/22 maxlen: 22
82.221.129.0/24 maxlen: 24
82.221.128.0/24 maxlen: 24
82.221.131.0/24 maxlen: 24
82.221.130.0/24 maxlen: 24
82.221.128.0/19 maxlen: 19
82.221.136.0/24 maxlen: 24
82.221.139.0/24 maxlen: 24
82.221.141.0/24 maxlen: 24
82.221.143.0/24 maxlen: 24
82.221.146.0/24 maxlen: 24
82.221.96.0/19 maxlen: 19
82.221.100.0/23 maxlen: 23
82.221.105.0/24 maxlen: 24
82.221.104.0/24 maxlen: 24
82.221.111.0/24 maxlen: 24
82.221.113.0/24 maxlen: 24
2a02:f48:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:0b:41:4e:b2:74:b5:3f:02:f4:c7:8a:bc:1b:ac:4f:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=408025c7de0400e0f3c88d4a122a317e32c5e21c
Validity
Not Before: May 11 14:40:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643faced1749db1b74a9c66159b65a978deb2a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:41:f3:f3:2d:cb:c2:fa:1f:d2:71:40:28:1d:
01:b4:16:e6:59:b4:a1:bd:c2:67:01:e2:cf:62:1f:
98:3e:cf:be:64:91:2f:cc:1d:4e:31:ac:59:b7:91:
9e:b1:29:35:1e:ce:79:b1:50:fe:27:01:0d:33:03:
1b:34:fd:f4:61:91:98:84:32:b7:c8:df:84:4d:5b:
06:1c:65:38:b5:52:75:15:91:47:4e:3b:56:2e:8c:
26:40:d2:23:ae:50:5a:a4:0e:d6:32:96:21:49:86:
f9:33:6f:18:1b:f6:bf:86:67:4f:3b:8b:bc:89:39:
e2:10:78:25:f3:ea:ab:ea:78:85:f5:db:62:ad:ee:
5e:a1:c4:38:27:70:4b:61:cd:45:e8:03:52:20:8a:
e3:31:22:82:5f:80:f3:ad:63:76:02:ad:d1:8d:96:
a0:5e:00:3f:b0:4c:77:a0:a2:5b:35:28:c4:2b:92:
a0:62:a0:d8:da:7e:b2:1f:01:95:31:4b:e8:21:d7:
24:7a:2e:a9:f2:e9:ec:10:be:28:b0:34:ee:1b:60:
8d:4b:cc:50:bb:d8:12:d8:15:df:0c:99:7d:52:8d:
c9:a5:1b:30:54:78:40:fd:90:3e:06:be:c0:d4:fe:
da:d3:f0:f8:87:5d:ff:50:12:96:0f:73:44:90:c1:
d7:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:3F:AC:ED:17:49:DB:1B:74:A9:C6:61:59:B6:5A:97:8D:EB:2A:26
X509v3 Authority Key Identifier:
keyid:40:80:25:C7:DE:04:00:E0:F3:C8:8D:4A:12:2A:31:7E:32:C5:E2:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QIAlx94EAODzyI1KEioxfjLF4hw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/ZD-s7RdJ2xt0qcZhWbZal43rKiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/59303d-748a-4797-811e-fee2e8d4084f/1/QIAlx94EAODzyI1KEioxfjLF4hw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.221.96.0-82.221.159.255
193.107.84.0/22
IPv6:
2a02:f48:2000::/40
Signature Algorithm: sha256WithRSAEncryption
70:ed:f4:d0:66:45:2e:18:6f:b4:41:ae:74:65:f9:f8:66:d6:
14:79:7d:e9:a5:84:1e:34:a9:14:88:3c:8d:66:bc:9f:e6:d9:
e0:d9:53:49:e0:2a:41:85:69:f1:b3:7b:ce:32:5d:b6:a9:dd:
f5:ae:b2:ce:d4:b6:82:a6:e1:72:89:e8:df:77:f6:f9:2e:d3:
17:d7:1f:e4:87:c9:00:52:f5:0b:1f:56:18:7f:ea:12:fe:ee:
d2:b1:9b:30:01:dc:22:e4:66:b6:05:94:c6:c7:11:80:e0:5d:
0a:ef:2d:16:c3:41:76:29:1d:b3:32:d6:cd:04:c4:6b:35:df:
71:79:41:b2:e9:ff:10:71:83:c7:e9:a3:c7:ce:dd:13:a5:64:
97:5f:c0:bf:c6:31:c7:ab:3d:d2:a6:f4:31:43:41:c7:1d:d3:
99:2d:23:7e:e4:3d:67:3f:76:35:22:60:84:f7:85:ba:2d:22:
71:22:41:b9:47:ce:bb:8c:9b:c8:db:d3:a1:a7:b9:49:fd:ee:
31:95:ba:76:4f:47:6d:fa:1a:f9:21:58:79:a7:9b:bd:ec:57:
1f:d0:62:ed:9f:a0:e9:de:dc:e5:e9:62:26:d1:ca:44:77:39:
4d:38:ea:e2:2b:ad:3a:cd:15:ea:46:35:89:61:2c:db:d1:33:
32:1c:a9:07
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYgLQU6ydLU/AvTHirwbrE8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwODAyNWM3ZGUwNDAwZTBmM2M4OGQ0YTEyMmEzMTdlMzJj
NWUyMWMwHhcNMjMwNTExMTQ0MDA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDNmYWNlZDE3NDlkYjFiNzRhOWM2NjE1OWI2NWE5NzhkZWIyYTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEHz8y3Lwvof0nFAKB0BtBbmWbSh
vcJnAeLPYh+YPs++ZJEvzB1OMaxZt5GesSk1Hs55sVD+JwENMwMbNP30YZGYhDK3
yN+ETVsGHGU4tVJ1FZFHTjtWLowmQNIjrlBapA7WMpYhSYb5M28YG/a/hmdPO4u8
iTniEHgl8+qr6niF9dtire5eocQ4J3BLYc1F6ANSIIrjMSKCX4DzrWN2Aq3RjZag
XgA/sEx3oKJbNSjEK5KgYqDY2n6yHwGVMUvoIdckei6p8unsEL4osDTuG2CNS8xQ
u9gS2BXfDJl9Uo3JpRswVHhA/ZA+Br7A1P7a0/D4h13/UBKWD3NEkMHX0QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGQ/rO0XSdsbdKnGYVm2WpeN6yomMB8GA1UdIwQY
MBaAFECAJcfeBADg88iNShIqMX4yxeIcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUt
ZmVlMmU4ZDQwODRmLzEvWkQtczdSZEoyeHQwcWNaaFdiWmFsNDNyS2lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy81OTMwM2QtNzQ4YS00Nzk3LTgxMWUtZmVlMmU4ZDQwODRm
LzEvUUlBbHg5NEVBT0R6eUkxS0Vpb3hmakxGNGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAaBAIAATAUMAwDBAVS3WAD
BAVS3YADBALBa1QwDgQCAAIwCAMGACoCD0ggMA0GCSqGSIb3DQEBCwUAA4IBAQBw
7fTQZkUuGG+0Qa50Zfn4ZtYUeX3ppYQeNKkUiDyNZryf5tng2VNJ4CpBhWnxs3vO
Ml22qd31rrLO1LaCpuFyiejfd/b5LtMX1x/kh8kAUvULH1YYf+oS/u7SsZswAdwi
5Ga2BZTGxxGA4F0K7y0Ww0F2KR2zMtbNBMRrNd9xeUGy6f8QcYPH6aPHzt0TpWSX
X8C/xjHHqz3SpvQxQ0HHHdOZLSN+5D1nP3Y1ImCE94W6LSJxIkG5R867jJvI29Oh
p7lJ/e4xlbp2T0dt+hr5IVh5p5u97Fcf0GLtn6Dp3tzl6WIm0cpEdzlNOOriK606
zRXqRjWJYSzb0TMyHKkH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:36 2024 by rpki-client on console-fra.rpki-client.org