Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/Z9cG_TAPXEViUdycbdINgGWbWPE.roa
File: Z9cG_TAPXEViUdycbdINgGWbWPE.roa (raw, json)
Hash identifier: YdtHzZd8pY2j1NZoXiZ/7ebcIUIN9fxd4OenXILT70o=
Subject key identifier: 67:D7:06:FD:30:0F:5C:45:62:51:DC:9C:6D:D2:0D:80:65:9B:58:F1
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 018AB30CD5245F4CB37E57EF61D4234E54B4
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/Z9cG_TAPXEViUdycbdINgGWbWPE.roa
Signing time: Wed 20 Sep 2023 14:44:37 +0000
ROA not before: Wed 20 Sep 2023 14:44:37 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.154.44.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: Failed, certificate revoked on Thu 16 Nov 2023 10:42:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b3:0c:d5:24:5f:4c:b3:7e:57:ef:61:d4:23:4e:54:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Sep 20 14:44:37 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=67d706fd300f5c456251dc9c6dd20d80659b58f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:69:91:cd:bf:df:b5:a2:17:62:d7:11:c7:9f:
c9:4a:09:43:ff:9d:03:05:27:0c:3f:49:c3:5c:e3:
7e:4b:de:d6:6b:5b:43:88:6b:0a:38:57:7c:0b:1e:
9a:81:60:d4:24:8e:93:b2:a0:d8:c1:0c:d5:34:2e:
4b:83:d2:5d:5e:12:2a:53:7e:96:2e:31:a2:05:1d:
9a:f9:e8:dd:aa:0f:f6:27:8e:d3:88:8b:9f:ba:69:
fe:d0:c2:c7:c5:89:7d:6c:b8:fa:1b:b9:2b:4f:b9:
03:93:23:6d:b2:74:f7:a5:96:b8:8f:1e:d7:98:bd:
3a:36:be:0b:e4:89:08:d2:7d:50:ca:d1:a5:68:82:
e2:63:66:e8:d5:53:32:3a:79:46:69:76:e2:d1:18:
12:e0:b0:9c:37:ec:35:d7:b7:c7:8f:d3:48:8f:06:
74:72:a1:10:d5:68:5e:7d:22:22:14:63:b8:07:63:
2d:f0:99:47:9d:2c:7b:d5:fb:fb:21:62:c1:75:3c:
f2:02:ea:f8:01:d7:36:0e:56:96:52:b7:04:c8:6a:
c0:d2:7b:34:3b:37:bc:a2:4d:40:2e:21:82:dc:ea:
78:7f:d3:4c:f2:07:ac:53:9c:8b:d2:ad:6f:05:ec:
d8:04:c0:17:70:c4:97:98:84:60:05:89:45:36:7f:
d9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:D7:06:FD:30:0F:5C:45:62:51:DC:9C:6D:D2:0D:80:65:9B:58:F1
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/Z9cG_TAPXEViUdycbdINgGWbWPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
24:26:76:b7:bc:80:f6:5a:15:fa:e8:75:16:a1:81:8a:8e:af:
d7:33:dd:aa:ba:78:50:cb:59:ab:30:b1:6c:a8:ab:92:70:a8:
f5:00:c9:57:5a:2f:67:96:92:26:18:ea:12:a2:0a:6b:c0:72:
b0:b5:d9:c3:83:6d:a8:d8:3f:94:68:b9:be:9c:12:11:04:53:
c9:aa:65:8b:fd:a3:63:92:e0:f8:bc:7a:62:57:ba:32:0c:64:
f6:9b:07:10:71:98:e0:4c:d2:87:3d:d5:db:5a:cc:82:b6:92:
5f:15:61:86:15:a4:bc:f3:a8:51:56:ac:e7:53:ef:ac:3f:b7:
64:ad:cb:26:f4:f4:5c:5b:ee:b6:6e:e5:08:db:9b:f2:d5:75:
45:00:63:f4:6b:d8:e1:86:14:2a:50:b4:ff:1f:00:c2:40:3b:
15:ae:4f:a0:a4:72:dc:2a:55:75:8d:8f:e8:3e:e4:ef:d5:6f:
28:5f:78:6d:2b:f2:f0:7d:5d:18:63:64:d6:46:8e:f2:3c:cb:
50:1a:0c:eb:64:a4:e8:d9:3d:cc:79:37:9c:bd:85:93:28:75:
77:5d:f7:55:35:16:5b:b7:ae:d1:bf:4e:bc:5b:bb:0b:88:5b:
a3:69:9e:19:0b:d0:07:43:51:62:a5:0b:c7:8f:37:b9:ef:db:
59:df:68:1e
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYqzDNUkX0yzflfvYdQjTlS0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjMwOTIwMTQ0NDM3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2Q3MDZmZDMwMGY1YzQ1NjI1MWRjOWM2ZGQyMGQ4MDY1OWI1OGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmmRzb/ftaIXYtcRx5/JSglD/50D
BScMP0nDXON+S97Wa1tDiGsKOFd8Cx6agWDUJI6TsqDYwQzVNC5Lg9JdXhIqU36W
LjGiBR2a+ejdqg/2J47TiIufumn+0MLHxYl9bLj6G7krT7kDkyNtsnT3pZa4jx7X
mL06Nr4L5IkI0n1QytGlaILiY2bo1VMyOnlGaXbi0RgS4LCcN+w117fHj9NIjwZ0
cqEQ1WhefSIiFGO4B2Mt8JlHnSx71fv7IWLBdTzyAur4Adc2DlaWUrcEyGrA0ns0
Oze8ok1ALiGC3Op4f9NM8gesU5yL0q1vBezYBMAXcMSXmIRgBYlFNn/ZjQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGfXBv0wD1xFYlHcnG3SDYBlm1jxMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvWjljR19UQVBYRVZpVWR5Y2JkSU5nR1diV1BFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJetQAwQC
LZosAwQCuRU0AwQCuSsUMA0EAgACMAcDBQMqBJOAMA0GCSqGSIb3DQEBCwUAA4IB
AQAkJna3vID2WhX66HUWoYGKjq/XM92qunhQy1mrMLFsqKuScKj1AMlXWi9nlpIm
GOoSogprwHKwtdnDg22o2D+UaLm+nBIRBFPJqmWL/aNjkuD4vHpiV7oyDGT2mwcQ
cZjgTNKHPdXbWsyCtpJfFWGGFaS886hRVqznU++sP7dkrcsm9PRcW+62buUI25vy
1XVFAGP0a9jhhhQqULT/HwDCQDsVrk+gpHLcKlV1jY/oPuTv1W8oX3htK/LwfV0Y
Y2TWRo7yPMtQGgzrZKTo2T3MeTecvYWTKHV3XfdVNRZbt67Rv068W7sLiFujaZ4Z
C9AHQ1FipQvHjze579tZ32ge
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:53 2024 by rpki-client on console-fra.rpki-client.org