Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zAWZfhmKxX1OwWx-T4-Z5IqmcOA.roa
File: zAWZfhmKxX1OwWx-T4-Z5IqmcOA.roa (raw, json)
Hash identifier: xVO+yp+Qt5FKaORve0rBwxaRZLZaXkbkSoTFQEtHQHo=
Subject key identifier: CC:05:99:7E:19:8A:C5:7D:4E:C1:6C:7E:4F:8F:99:E4:8A:A6:70:E0
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01856ECB80AB0CE6FEFA98832229BFFC7406
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zAWZfhmKxX1OwWx-T4-Z5IqmcOA.roa
Signing time: Sun 01 Jan 2023 19:25:08 +0000
ROA not before: Sun 01 Jan 2023 19:25:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203523
IP address blocks: 93.119.104.0/24 maxlen: 24
93.119.105.0/24 maxlen: 24
93.119.106.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
89.33.194.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Feb 2023 09:22:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:cb:80:ab:0c:e6:fe:fa:98:83:22:29:bf:fc:74:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 19:25:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc05997e198ac57d4ec16c7e4f8f99e48aa670e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5a:73:48:aa:03:c5:9d:2f:61:95:f5:e3:f3:
ad:09:be:66:1c:60:fd:c3:5e:76:43:52:f4:f4:16:
ed:92:ca:f3:1c:e0:23:1e:f4:e6:0a:ab:2f:30:a8:
d0:38:8b:67:5d:bf:b0:9a:ac:f3:85:f9:3c:f2:ab:
f3:4c:f8:05:3b:7d:55:d9:d4:7a:7d:c1:b2:76:11:
01:74:81:94:5f:d8:a2:f5:6b:03:05:86:91:b7:e4:
33:20:42:f3:3a:9f:9b:eb:ad:40:d0:37:22:c1:f1:
7d:be:f4:9e:a4:fb:7e:bc:c7:78:68:52:71:bc:56:
48:3b:83:67:0b:c1:43:50:30:a4:7f:d8:a9:2b:a1:
ae:9d:30:ee:0c:9f:d8:eb:51:64:56:09:fb:b9:b7:
0e:ee:cb:7c:cc:09:96:c2:05:92:b2:28:44:8c:ff:
a6:6e:a7:7f:ab:0b:ef:d9:20:d2:3c:01:c5:47:18:
cd:57:a5:87:51:f7:f2:95:97:44:33:ae:05:ff:0f:
63:d1:12:e5:12:8f:35:94:ef:c4:e8:6d:e5:b4:67:
57:1e:bd:06:6b:6a:54:0e:f5:ee:74:5a:7d:c9:3f:
5c:e3:bf:64:db:96:83:d9:1c:4f:14:3b:9a:c7:2c:
4a:55:bf:db:dc:59:73:17:46:79:1b:59:06:13:4c:
4d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:05:99:7E:19:8A:C5:7D:4E:C1:6C:7E:4F:8F:99:E4:8A:A6:70:E0
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/zAWZfhmKxX1OwWx-T4-Z5IqmcOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.194.0/23
93.119.104.0/22
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:a5:e7:85:59:ad:41:2d:88:fe:70:39:4a:ff:bb:79:9e:d9:
bc:0e:aa:50:53:6b:e3:92:17:a1:33:e8:b6:33:1a:b3:57:69:
9c:af:53:f6:35:f5:e5:9a:29:9d:bc:d4:c1:a3:d3:ad:34:69:
4a:2d:8c:e1:b7:77:96:6b:b8:74:91:b2:cb:d4:b8:31:2b:87:
31:58:92:c9:65:d0:8d:78:eb:66:49:b2:0c:cb:bd:99:f5:5f:
f0:f0:f8:2b:23:e3:9e:8c:d9:50:44:9c:8c:2e:91:cc:36:57:
d8:44:4d:dd:7a:e7:22:42:15:4e:00:78:2a:f8:07:9b:f5:6a:
ea:f7:c1:52:fd:45:fe:a0:38:2a:20:bc:32:be:aa:42:de:0f:
8a:4c:20:52:a5:0f:a3:96:59:b2:57:e9:1b:c8:06:3a:f6:e9:
82:71:89:36:7c:8c:ed:08:4f:ef:e2:9c:f6:0e:ee:be:e4:b5:
97:34:14:ea:88:34:21:8f:37:9e:22:44:76:3a:96:7c:6a:58:
a2:37:83:0a:85:9e:19:b8:21:3a:31:dd:c2:a0:42:bb:39:d2:
bb:df:a4:4b:e3:a7:6e:49:2e:ba:cd:18:28:4a:7c:da:d3:87:
32:7f:08:ca:fb:9a:f7:44:c8:7d:5e:2d:c4:d2:63:4f:5e:89:
05:a9:0b:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVuy4CrDOb++piDIim//HQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjMwMTAxMTkyNTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzA1OTk3ZTE5OGFjNTdkNGVjMTZjN2U0ZjhmOTllNDhhYTY3MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVpzSKoDxZ0vYZX14/OtCb5mHGD9
w152Q1L09BbtksrzHOAjHvTmCqsvMKjQOItnXb+wmqzzhfk88qvzTPgFO31V2dR6
fcGydhEBdIGUX9ii9WsDBYaRt+QzIELzOp+b661A0DciwfF9vvSepPt+vMd4aFJx
vFZIO4NnC8FDUDCkf9ipK6GunTDuDJ/Y61FkVgn7ubcO7st8zAmWwgWSsihEjP+m
bqd/qwvv2SDSPAHFRxjNV6WHUffylZdEM64F/w9j0RLlEo81lO/E6G3ltGdXHr0G
a2pUDvXudFp9yT9c479k25aD2RxPFDuaxyxKVb/b3FlzF0Z5G1kGE0xNvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMwFmX4ZisV9TsFsfk+PmeSKpnDgMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvekFXWmZobUt4WDFPd1d4LVQ0LVo1SXFtY09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBWSHCAwQC
XXdoAwQAvPDSAwQAvPDdMA0GCSqGSIb3DQEBCwUAA4IBAQA6peeFWa1BLYj+cDlK
/7t5ntm8DqpQU2vjkhehM+i2MxqzV2mcr1P2NfXlmimdvNTBo9OtNGlKLYzht3eW
a7h0kbLL1LgxK4cxWJLJZdCNeOtmSbIMy72Z9V/w8PgrI+OejNlQRJyMLpHMNlfY
RE3deuciQhVOAHgq+Aeb9Wrq98FS/UX+oDgqILwyvqpC3g+KTCBSpQ+jllmyV+kb
yAY69umCcYk2fIztCE/v4pz2Du6+5LWXNBTqiDQhjzeeIkR2OpZ8aliiN4MKhZ4Z
uCE6Md3CoEK7OdK736RL46duSS66zRgoSnza04cyfwjK+5r3RMh9Xi3E0mNPXokF
qQvz
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:19 2024 by rpki-client on console-fra.rpki-client.org