Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1wZLnCT-M17EJCYPmZiVf4ONxyU.roa
File: 1wZLnCT-M17EJCYPmZiVf4ONxyU.roa (raw, json)
Hash identifier: 8S8pat7MONvm9PrUxTBSwMX9DJajMhBnJOunnfWV5Xg=
Subject key identifier: D7:06:4B:9C:24:FE:33:5E:C4:24:26:0F:99:98:95:7F:83:8D:C7:25
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019203F56C9B89DF4FD50F39297F95F912D9
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1wZLnCT-M17EJCYPmZiVf4ONxyU.roa
Signing time: Wed 18 Sep 2024 07:07:48 +0000
ROA not before: Wed 18 Sep 2024 07:07:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 195.216.160.0/24 maxlen: 24
195.216.161.0/24 maxlen: 24
213.182.201.0/24 maxlen: 24
213.182.213.0/24 maxlen: 24
213.182.215.0/24 maxlen: 24
213.182.221.0/24 maxlen: 24
213.182.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 06:05:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:03:f5:6c:9b:89:df:4f:d5:0f:39:29:7f:95:f9:12:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Sep 18 07:07:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7064b9c24fe335ec424260f9998957f838dc725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:70:a6:ac:0a:c2:9c:fe:17:9c:be:a3:1e:5f:
01:73:75:11:cd:fd:c4:3e:c6:c3:80:a7:a9:2d:c6:
90:2b:d3:c4:03:18:b1:3b:52:d4:bb:9b:51:1e:3a:
52:a4:54:72:cd:7d:0b:da:44:31:2c:f3:94:78:cf:
a7:a0:1b:8c:82:01:13:dd:9f:62:1b:9f:16:d8:cb:
bd:e4:d9:9b:52:bf:02:2d:61:a0:17:97:7f:5a:2d:
b1:bb:6a:04:46:c1:ff:53:21:3f:d2:37:c5:77:d6:
cd:81:0d:ee:56:56:16:5d:1c:0b:26:96:1b:f1:f2:
d4:dd:72:56:3e:dc:ea:03:5a:5c:18:18:5f:6f:d6:
7c:02:53:7b:02:a0:3e:41:36:f2:c3:7b:8a:9b:c9:
89:4c:a2:99:ab:0e:47:67:ad:96:28:77:c4:5f:e1:
ec:49:9a:a4:97:64:f3:de:af:2e:74:36:7f:dd:23:
17:6a:01:f8:fd:5f:0f:34:fe:a3:0e:01:03:c7:a1:
20:0b:ef:1d:17:a5:a2:83:12:6c:ea:f7:dc:dd:76:
80:26:1d:82:4e:df:0a:a4:2d:a2:88:d7:41:2b:7f:
05:14:5c:14:cb:d5:bc:f2:1a:b4:03:80:5a:9e:24:
f8:65:57:31:43:7c:c6:23:33:f3:10:49:d6:34:88:
21:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:06:4B:9C:24:FE:33:5E:C4:24:26:0F:99:98:95:7F:83:8D:C7:25
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1wZLnCT-M17EJCYPmZiVf4ONxyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.160.0/23
213.182.201.0/24
213.182.213.0/24
213.182.215.0/24
213.182.221.0-213.182.222.255
Signature Algorithm: sha256WithRSAEncryption
49:0e:64:ab:68:04:8b:ca:ac:a7:ef:6c:84:71:71:6b:0c:e5:
78:2a:ca:f0:3c:fe:9d:20:bf:26:36:37:02:cb:99:08:a6:c1:
74:92:92:02:db:31:7d:20:39:7b:0d:84:31:39:83:17:cf:db:
b9:db:88:89:6f:2f:da:85:f3:3a:86:dd:55:9e:c7:2d:21:9f:
d2:5b:5d:46:0e:73:ed:04:5f:30:c1:03:56:f9:47:76:54:47:
2e:84:86:ee:40:4f:05:58:04:cb:b1:7b:69:29:e6:8a:44:97:
64:31:ab:cd:be:87:25:27:58:19:3d:70:00:d2:75:cd:43:c3:
11:8a:71:1b:32:01:0b:7b:1f:fa:68:d1:8f:6f:2f:d4:92:85:
b8:5e:5c:b3:2b:9a:2f:21:ee:66:a1:f6:cb:df:58:7b:45:74:
8b:cf:e6:77:69:38:23:47:a6:f0:36:35:46:c3:a3:22:51:8f:
d9:02:fc:c2:8d:cb:e7:73:c7:08:64:77:37:27:e8:3d:a7:2c:
5d:ae:89:8c:19:d0:82:ed:a4:a5:a1:dc:9d:d3:1c:9d:4a:98:
26:f7:75:6c:9a:77:95:40:3d:c1:a5:6a:76:a1:68:8b:a6:94:
58:bc:43:e3:f4:aa:d0:9e:79:60:01:b6:90:0a:5d:6b:f1:8d:
6e:d9:f4:f8
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZID9Wybid9P1Q85KX+V+RLZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjQwOTE4MDcwNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzA2NGI5YzI0ZmUzMzVlYzQyNDI2MGY5OTk4OTU3ZjgzOGRjNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHCmrArCnP4XnL6jHl8Bc3URzf3E
PsbDgKepLcaQK9PEAxixO1LUu5tRHjpSpFRyzX0L2kQxLPOUeM+noBuMggET3Z9i
G58W2Mu95NmbUr8CLWGgF5d/Wi2xu2oERsH/UyE/0jfFd9bNgQ3uVlYWXRwLJpYb
8fLU3XJWPtzqA1pcGBhfb9Z8AlN7AqA+QTbyw3uKm8mJTKKZqw5HZ62WKHfEX+Hs
SZqkl2Tz3q8udDZ/3SMXagH4/V8PNP6jDgEDx6EgC+8dF6WigxJs6vfc3XaAJh2C
Tt8KpC2iiNdBK38FFFwUy9W88hq0A4BaniT4ZVcxQ3zGIzPzEEnWNIghnwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNcGS5wk/jNexCQmD5mYlX+DjcclMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMXdaTG5DVC1NMTdFSkNZUG1aaVZmNE9OeHlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBw9igAwQA
1bbJAwQA1bbVAwQA1bbXMAwDBADVtt0DBADVtt4wDQYJKoZIhvcNAQELBQADggEB
AEkOZKtoBIvKrKfvbIRxcWsM5XgqyvA8/p0gvyY2NwLLmQimwXSSkgLbMX0gOXsN
hDE5gxfP27nbiIlvL9qF8zqG3VWexy0hn9JbXUYOc+0EXzDBA1b5R3ZURy6Ehu5A
TwVYBMuxe2kp5opEl2Qxq82+hyUnWBk9cADSdc1DwxGKcRsyAQt7H/po0Y9vL9SS
hbheXLMrmi8h7mah9svfWHtFdIvP5ndpOCNHpvA2NUbDoyJRj9kC/MKNy+dzxwhk
dzcn6D2nLF2uiYwZ0ILtpKWh3J3THJ1KmCb3dWyad5VAPcGlanahaIumlFi8Q+P0
qtCeeWABtpAKXWvxjW7Z9Pg=
-----END CERTIFICATE-----
Generated at Mon Sep 23 08:45:51 2024 by rpki-client on console-ams.rpki-client.org