Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZdcLSdRoYVpv3oP28TuZLZnvamo.roa
File: ZdcLSdRoYVpv3oP28TuZLZnvamo.roa (raw, json)
Hash identifier: G8tZPh6h/lXjekd51LyhH2AjR5nn9yPWJSJdgdNATlo=
Subject key identifier: 65:D7:0B:49:D4:68:61:5A:6F:DE:83:F6:F1:3B:99:2D:99:EF:6A:6A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018B614816FB84C8A7629B7CAABD4A237A48
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZdcLSdRoYVpv3oP28TuZLZnvamo.roa
Signing time: Tue 24 Oct 2023 10:43:16 +0000
ROA not before: Tue 24 Oct 2023 10:43:16 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25198
IP address blocks: 93.114.194.0/24 maxlen: 24
86.107.179.0/24 maxlen: 24
86.107.178.0/24 maxlen: 24
185.101.107.0/24 maxlen: 24
89.34.27.0/24 maxlen: 24
89.41.181.0/24 maxlen: 24
89.41.180.0/24 maxlen: 24
188.241.219.0/24 maxlen: 24
89.36.95.0/24 maxlen: 24
89.36.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Oct 2023 12:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:61:48:16:fb:84:c8:a7:62:9b:7c:aa:bd:4a:23:7a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 24 10:43:16 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65d70b49d468615a6fde83f6f13b992d99ef6a6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:f6:f1:ee:97:91:5a:4c:97:d1:32:1a:f9:de:
63:54:71:f9:60:c3:80:af:c1:f8:64:4c:d1:5c:3b:
aa:d5:79:f6:3d:d8:ab:28:e8:69:68:d4:fc:58:79:
77:8b:50:82:74:00:3d:98:f6:7f:2a:71:79:c8:93:
04:cd:5f:1d:b6:9c:30:be:f2:43:b8:45:60:c7:cc:
20:18:18:c8:a7:29:5d:07:3c:f4:ee:b3:14:df:57:
f5:f0:95:a5:6c:ed:df:2d:84:99:89:75:f3:8a:b6:
db:73:67:b5:38:1c:53:96:ea:77:8c:c4:91:21:92:
3a:22:a9:38:36:f6:2e:8f:46:91:81:7c:a9:9d:1e:
9d:7b:17:07:f7:df:6c:c7:1c:60:9c:80:0c:ce:48:
bc:34:2f:7a:17:d7:19:f5:e1:7d:d0:24:f9:5e:4c:
23:74:63:12:65:47:14:1e:6c:e5:58:22:09:42:01:
95:57:b6:75:ff:ca:ec:52:4e:28:58:b7:ba:8d:aa:
a5:b4:65:1d:86:d5:53:e2:ef:bf:c4:62:71:db:33:
69:d0:8e:1e:4f:95:b4:a1:be:f7:d3:a4:2a:53:4d:
85:0d:58:9e:69:5d:0b:04:17:a5:c1:65:00:29:e7:
1f:13:72:b6:83:11:5f:4a:ea:e6:db:57:cc:83:00:
05:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D7:0B:49:D4:68:61:5A:6F:DE:83:F6:F1:3B:99:2D:99:EF:6A:6A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ZdcLSdRoYVpv3oP28TuZLZnvamo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.178.0/23
89.34.27.0/24
89.36.94.0/23
89.41.180.0/23
93.114.194.0/24
185.101.107.0/24
188.241.219.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0d:aa:54:08:00:0c:27:6a:8e:50:9f:62:2d:85:3a:b0:66:
dd:76:b4:75:e2:ed:15:0c:d4:4f:c5:a3:73:73:54:89:52:1d:
d4:02:bc:9c:89:f5:47:9c:62:e0:73:fe:78:35:ba:76:40:0f:
bd:6a:10:e8:a0:cf:c7:13:0d:0c:7f:18:59:86:08:4c:0c:54:
ed:02:37:5a:66:e1:13:2e:21:b3:87:c4:2b:27:90:be:13:4d:
bc:02:41:08:51:eb:70:ff:55:f4:fd:f7:62:cd:7d:f1:d3:67:
12:04:e2:4d:47:5d:18:ee:87:aa:60:4c:3b:f7:2c:47:19:ca:
46:8a:8a:30:8b:ca:33:83:83:ae:f7:ee:ae:e5:25:bf:99:5b:
e7:03:98:ff:fd:ba:c9:27:ec:d4:3f:16:21:5d:1a:a5:d0:d7:
41:5f:58:a1:02:b7:4f:0f:6f:2f:06:a3:7e:3b:a6:ad:5b:ce:
51:3e:28:d7:84:51:d0:b3:4d:95:6b:17:7b:e5:7a:8e:54:19:
98:11:2e:8a:62:20:e2:b5:b2:b0:30:34:ab:70:b0:aa:2c:7e:
da:ed:73:3f:b8:96:a1:b8:7c:26:e1:5f:7b:4f:58:62:ce:58:
31:69:8b:bf:a5:e2:f9:fa:c8:89:c1:cb:9d:05:e9:01:b1:ce:
10:52:ab:6a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYthSBb7hMinYpt8qr1KI3pIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMxMDI0MTA0MzE2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ3MGI0OWQ0Njg2MTVhNmZkZTgzZjZmMTNiOTkyZDk5ZWY2YTZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm/bx7peRWkyX0TIa+d5jVHH5YMOA
r8H4ZEzRXDuq1Xn2PdirKOhpaNT8WHl3i1CCdAA9mPZ/KnF5yJMEzV8dtpwwvvJD
uEVgx8wgGBjIpyldBzz07rMU31f18JWlbO3fLYSZiXXzirbbc2e1OBxTlup3jMSR
IZI6Iqk4NvYuj0aRgXypnR6dexcH999sxxxgnIAMzki8NC96F9cZ9eF90CT5Xkwj
dGMSZUcUHmzlWCIJQgGVV7Z1/8rsUk4oWLe6jaqltGUdhtVT4u+/xGJx2zNp0I4e
T5W0ob7306QqU02FDVieaV0LBBelwWUAKecfE3K2gxFfSurm21fMgwAFPwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGXXC0nUaGFab96D9vE7mS2Z72pqMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvWmRjTFNkUm9ZVnB2M29QMjhUdVpMWm52YW1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBVmuyAwQA
WSIbAwQBWSReAwQBWSm0AwQAXXLCAwQAuWVrAwQAvPHbMA0GCSqGSIb3DQEBCwUA
A4IBAQB8DapUCAAMJ2qOUJ9iLYU6sGbddrR14u0VDNRPxaNzc1SJUh3UArycifVH
nGLgc/54Nbp2QA+9ahDooM/HEw0MfxhZhghMDFTtAjdaZuETLiGzh8QrJ5C+E028
AkEIUetw/1X0/fdizX3x02cSBOJNR10Y7oeqYEw79yxHGcpGioowi8ozg4Ou9+6u
5SW/mVvnA5j//brJJ+zUPxYhXRql0NdBX1ihArdPD28vBqN+O6atW85RPijXhFHQ
s02Vaxd75XqOVBmYES6KYiDitbKwMDSrcLCqLH7a7XM/uJahuHwm4V97T1hizlgx
aYu/peL5+siJwcudBekBsc4QUqtq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org