Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa
File: zL34cSLMZnobLfW1wop5mNibl74.roa (raw, json)
Hash identifier: t94JgOo9saapYoX2Ob1scrZ2dWktZKCwi8f6FYyNw7I=
Subject key identifier: CC:BD:F8:71:22:CC:66:7A:1B:2D:F5:B5:C2:8A:79:98:D8:9B:97:BE
Certificate issuer: /CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Certificate serial: 01892BF0B83D162EAB6383EBA4D191CD35CE
Authority key identifier: 04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa
Signing time: Thu 06 Jul 2023 16:02:23 +0000
ROA not before: Thu 06 Jul 2023 16:02:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39104
IP address blocks: 185.234.80.0/22 maxlen: 22
158.255.64.0/21 maxlen: 21
185.8.28.0/22 maxlen: 22
195.60.188.0/23 maxlen: 23
185.189.156.0/22 maxlen: 22
195.110.12.0/23 maxlen: 23
2a0d:700::/29 maxlen: 29
2a03:c580::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 00:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:2b:f0:b8:3d:16:2e:ab:63:83:eb:a4:d1:91:cd:35:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0424c1165818a432f797c8ddf4b5307b1e5aef74
Validity
Not Before: Jul 6 16:02:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccbdf87122cc667a1b2df5b5c28a7998d89b97be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:a7:a2:06:25:79:ad:3e:61:b3:1f:cc:50:fd:
10:91:5e:0d:72:04:03:f8:63:37:0f:dc:95:85:31:
e2:18:bb:ee:f3:87:e2:c6:2e:0e:af:12:23:b4:76:
9a:35:20:2d:d5:bd:d5:4a:a2:13:6e:05:d4:e3:71:
d9:d8:bd:6e:cb:cb:5a:4a:d3:ec:c8:48:c7:76:46:
99:96:57:3b:4d:44:d0:6e:53:8f:20:a7:34:20:d0:
1c:20:c0:f4:b6:75:e0:c4:9b:59:0b:9c:7a:c9:3d:
56:fb:5e:0f:e9:1c:ea:d2:05:2c:52:18:b5:a6:db:
3d:a5:1f:b1:e9:f3:a9:1e:64:c6:16:ed:f8:b9:82:
7d:1e:71:2b:70:80:a9:38:25:d2:ff:3a:90:eb:c1:
f9:38:53:22:0b:79:d6:3b:f0:f3:fb:ca:bb:79:2a:
db:35:57:ac:19:a3:78:1f:bd:9e:f3:c6:12:d1:35:
77:63:0a:db:49:03:f5:7d:a0:9d:51:44:bd:c1:e7:
c8:cb:ca:9f:65:c0:ba:1c:35:66:b6:6f:cf:29:9b:
04:87:85:4e:2c:e2:e8:c9:38:54:43:aa:2a:fa:36:
9c:cd:05:f1:e2:d2:77:a0:11:29:10:0b:9a:7d:66:
a0:2a:ad:9c:9c:d7:a7:30:a5:1d:75:99:61:13:00:
64:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:BD:F8:71:22:CC:66:7A:1B:2D:F5:B5:C2:8A:79:98:D8:9B:97:BE
X509v3 Authority Key Identifier:
keyid:04:24:C1:16:58:18:A4:32:F7:97:C8:DD:F4:B5:30:7B:1E:5A:EF:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BCTBFlgYpDL3l8jd9LUwex5a73Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/zL34cSLMZnobLfW1wop5mNibl74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/c75a39-afca-4fbd-ab99-c339ccaf3a1e/1/BCTBFlgYpDL3l8jd9LUwex5a73Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.255.64.0/21
185.8.28.0/22
185.189.156.0/22
185.234.80.0/22
195.60.188.0/23
195.110.12.0/23
IPv6:
2a03:c580::/32
2a0d:700::/29
Signature Algorithm: sha256WithRSAEncryption
28:61:50:03:1e:26:48:66:85:6a:e3:81:d9:e8:89:06:7c:95:
8b:a6:2e:c9:50:06:70:14:32:4a:eb:63:86:9b:fd:d9:6a:01:
a1:dc:12:6d:99:d4:da:b7:44:b7:c7:47:ae:a4:ae:bf:5f:e1:
f0:47:b6:a0:e4:2f:99:0d:81:f8:17:74:a2:7b:9d:35:b2:57:
dd:a1:3b:d5:2c:d4:fe:61:de:81:77:40:4e:68:64:02:b8:55:
6b:38:11:7b:f5:7b:37:da:31:6d:ad:78:17:09:1e:28:d9:20:
8c:d4:54:8b:f1:45:2d:0d:c9:e8:d4:cd:8a:1d:48:9e:47:63:
05:08:83:07:6f:dc:18:7a:a0:ff:99:51:40:78:3a:31:dc:1e:
a3:e0:78:80:20:f9:cc:36:d6:21:8e:d6:e4:08:6e:95:8f:11:
36:2d:ea:37:e3:09:6e:f7:4a:ed:0c:c8:92:62:da:1d:30:ca:
bc:06:02:aa:1d:1a:04:de:da:d7:02:df:77:95:c2:27:63:d2:
4f:00:b5:b0:12:8e:3c:fd:11:59:d0:77:16:d5:b0:d3:2d:c1:
80:e0:2c:46:ed:4f:63:40:67:1c:4f:74:b6:33:16:6e:d5:1d:
58:75:98:25:3f:60:45:5a:a6:9a:14:a7:0a:bb:16:52:af:6c:
83:7a:7c:5d
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYkr8Lg9Fi6rY4PrpNGRzTXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MjRjMTE2NTgxOGE0MzJmNzk3YzhkZGY0YjUzMDdiMWU1
YWVmNzQwHhcNMjMwNzA2MTYwMjIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2JkZjg3MTIyY2M2NjdhMWIyZGY1YjVjMjhhNzk5OGQ4OWI5N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn6eiBiV5rT5hsx/MUP0QkV4NcgQD
+GM3D9yVhTHiGLvu84fixi4OrxIjtHaaNSAt1b3VSqITbgXU43HZ2L1uy8taStPs
yEjHdkaZllc7TUTQblOPIKc0INAcIMD0tnXgxJtZC5x6yT1W+14P6Rzq0gUsUhi1
pts9pR+x6fOpHmTGFu34uYJ9HnErcICpOCXS/zqQ68H5OFMiC3nWO/Dz+8q7eSrb
NVesGaN4H72e88YS0TV3YwrbSQP1faCdUUS9wefIy8qfZcC6HDVmtm/PKZsEh4VO
LOLoyThUQ6oq+jaczQXx4tJ3oBEpEAuafWagKq2cnNenMKUddZlhEwBkpQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMy9+HEizGZ6Gy31tcKKeZjYm5e+MB8GA1UdIwQY
MBaAFAQkwRZYGKQy95fI3fS1MHseWu90MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTkt
YzMzOWNjYWYzYTFlLzEvekwzNGNTTE1abm9iTGZXMXdvcDVtTmlibDc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9jNzVhMzktYWZjYS00ZmJkLWFiOTktYzMzOWNjYWYzYTFl
LzEvQkNUQkZsZ1lwREwzbDhqZDlMVXdleDVhNzNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDnv9AAwQC
uQgcAwQCub2cAwQCuepQAwQBwzy8AwQBw24MMBQEAgACMA4DBQAqA8WAAwUDKg0H
ADANBgkqhkiG9w0BAQsFAAOCAQEAKGFQAx4mSGaFauOB2eiJBnyVi6YuyVAGcBQy
Sutjhpv92WoBodwSbZnU2rdEt8dHrqSuv1/h8Ee2oOQvmQ2B+Bd0onudNbJX3aE7
1SzU/mHegXdATmhkArhVazgRe/V7N9oxba14FwkeKNkgjNRUi/FFLQ3J6NTNih1I
nkdjBQiDB2/cGHqg/5lRQHg6Mdweo+B4gCD5zDbWIY7W5AhulY8RNi3qN+MJbvdK
7QzIkmLaHTDKvAYCqh0aBN7a1wLfd5XCJ2PSTwC1sBKOPP0RWdB3FtWw0y3BgOAs
Ru1PY0BnHE90tjMWbtUdWHWYJT9gRVqmmhSnCrsWUq9sg3p8XQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:11 2024 by rpki-client on console-ams.rpki-client.org