Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZS8wXiR8Jd8pX8ZQLkGCZ4Ed7XM.roa
File: ZS8wXiR8Jd8pX8ZQLkGCZ4Ed7XM.roa (raw, json)
Hash identifier: 3rwxXzGe4M2zx8FXAp9mRp/4dWhFIkh+OFeq1gNrY3A=
Subject key identifier: 65:2F:30:5E:24:7C:25:DF:29:5F:C6:50:2E:41:82:67:81:1D:ED:73
Certificate issuer: /CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Certificate serial: 0192B3FFC698EEC81B3ADEF3FEAA14EBC22D
Authority key identifier: 64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZS8wXiR8Jd8pX8ZQLkGCZ4Ed7XM.roa
Signing time: Tue 22 Oct 2024 11:32:17 +0000
ROA not before: Tue 22 Oct 2024 11:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208666
IP address blocks: 31.193.185.0/24 maxlen: 24
83.229.2.0/24 maxlen: 24
147.236.164.0/24 maxlen: 24
147.236.165.0/24 maxlen: 24
213.255.192.0/24 maxlen: 24
2a09:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:ff:c6:98:ee:c8:1b:3a:de:f3:fe:aa:14:eb:c2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6401adedbc9c8f1c6cf2389fc7f741edf4f19f2c
Validity
Not Before: Oct 22 11:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=652f305e247c25df295fc6502e418267811ded73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:70:c7:77:56:f6:63:62:dc:2f:83:04:af:dd:
f1:11:e8:ff:40:c5:89:a7:4d:a5:c3:b3:dd:33:18:
db:33:ab:7a:6f:21:63:ba:a7:fb:aa:76:cf:ba:73:
41:e4:a3:bd:b0:f9:ec:72:07:c3:fd:e7:55:3f:60:
fb:04:7d:5b:76:eb:2c:0e:cf:0b:34:8b:cc:58:dd:
97:03:29:be:83:5a:b6:16:c4:02:63:da:93:4d:fc:
bd:98:97:33:00:55:63:f6:d1:e9:6e:0e:c7:5d:c1:
36:4f:83:5f:56:75:d1:d1:70:c9:ec:71:fc:42:49:
ff:77:be:2c:6e:5d:94:c6:8f:4e:70:c6:30:49:43:
9e:ea:c6:59:0b:9f:42:05:2a:1d:c2:42:66:6c:e3:
b4:ee:54:17:da:34:86:60:8b:5e:b4:2b:77:9f:be:
06:98:1d:2f:39:8a:ee:db:df:eb:75:22:6b:0e:8e:
20:28:a3:af:44:33:73:d4:15:6f:69:e1:09:45:70:
2c:7a:29:94:70:13:67:55:63:af:01:60:2c:91:6c:
08:78:18:80:4c:68:1c:7f:76:fd:b5:63:e4:4b:2d:
45:ac:f7:4b:fe:70:7d:4a:9a:70:64:db:92:d1:cb:
36:de:1a:e7:d5:99:60:c3:2a:23:5a:e7:e8:c6:95:
49:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2F:30:5E:24:7C:25:DF:29:5F:C6:50:2E:41:82:67:81:1D:ED:73
X509v3 Authority Key Identifier:
keyid:64:01:AD:ED:BC:9C:8F:1C:6C:F2:38:9F:C7:F7:41:ED:F4:F1:9F:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZAGt7bycjxxs8jifx_dB7fTxnyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZS8wXiR8Jd8pX8ZQLkGCZ4Ed7XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/98c860-5298-4846-beaa-356c096bc6f9/1/ZAGt7bycjxxs8jifx_dB7fTxnyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.185.0/24
83.229.2.0/24
147.236.164.0/23
213.255.192.0/24
IPv6:
2a09:b300::/29
Signature Algorithm: sha256WithRSAEncryption
a5:ca:e0:12:e9:74:5e:2b:5d:e4:e3:99:c3:33:5a:ce:ea:c8:
28:6f:f8:84:bc:03:90:80:dd:6b:6d:0f:6e:8f:bd:d2:2b:85:
cc:f2:67:25:39:74:8c:37:0d:b4:fe:36:e1:07:30:32:fa:67:
4e:7d:2d:0a:14:29:05:2f:32:cc:42:42:ef:69:9e:0e:55:3f:
32:74:0c:2a:78:39:dd:a3:fb:3e:bc:70:8e:81:cd:c5:d7:90:
eb:83:7e:89:b1:c8:1a:97:7e:d4:53:13:db:11:e8:33:d8:03:
7a:1b:96:41:71:60:e4:75:97:f2:d0:70:c0:43:7a:85:e0:57:
d1:63:40:a1:c4:7f:fa:88:6f:e0:61:32:8d:4b:55:ca:c7:87:
15:63:f4:02:2c:71:0b:d2:d6:13:43:1e:37:1f:b2:b1:a2:3b:
87:ed:c3:ce:39:37:4b:32:b9:01:9a:bb:11:19:3e:52:74:6a:
62:26:b5:f3:3c:ad:b3:ac:8d:73:68:2c:20:93:c6:c7:de:ad:
be:e4:10:f5:4c:f5:ab:95:85:90:79:7f:67:a3:c9:fe:a0:fe:
0c:79:12:15:d9:5f:97:a6:49:a0:d7:2e:bd:e8:f0:e5:e1:99:
0f:1c:a2:ad:93:8b:76:87:1d:4e:87:fe:72:8d:a0:e5:ff:fc:
7d:c7:17:ee
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZKz/8aY7sgbOt7z/qoU68ItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MDFhZGVkYmM5YzhmMWM2Y2YyMzg5ZmM3Zjc0MWVkZjRm
MTlmMmMwHhcNMjQxMDIyMTEzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJmMzA1ZTI0N2MyNWRmMjk1ZmM2NTAyZTQxODI2NzgxMWRlZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhnDHd1b2Y2LcL4MEr93xEej/QMWJ
p02lw7PdMxjbM6t6byFjuqf7qnbPunNB5KO9sPnscgfD/edVP2D7BH1bdussDs8L
NIvMWN2XAym+g1q2FsQCY9qTTfy9mJczAFVj9tHpbg7HXcE2T4NfVnXR0XDJ7HH8
Qkn/d74sbl2Uxo9OcMYwSUOe6sZZC59CBSodwkJmbOO07lQX2jSGYItetCt3n74G
mB0vOYru29/rdSJrDo4gKKOvRDNz1BVvaeEJRXAseimUcBNnVWOvAWAskWwIeBiA
TGgcf3b9tWPkSy1FrPdL/nB9SppwZNuS0cs23hrn1ZlgwyojWufoxpVJ4wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGUvMF4kfCXfKV/GUC5BgmeBHe1zMB8GA1UdIwQY
MBaAFGQBre28nI8cbPI4n8f3Qe308Z8sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEt
MzU2YzA5NmJjNmY5LzEvWlM4d1hpUjhKZDhwWDhaUUxrR0NaNEVkN1hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS85OGM4NjAtNTI5OC00ODQ2LWJlYWEtMzU2YzA5NmJjNmY5
LzEvWkFHdDdieWNqeHhzOGppZnhfZEI3ZlR4bnl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH8G5AwQA
U+UCAwQBk+ykAwQA1f/AMA0EAgACMAcDBQMqCbMAMA0GCSqGSIb3DQEBCwUAA4IB
AQClyuAS6XReK13k45nDM1rO6sgob/iEvAOQgN1rbQ9uj73SK4XM8mclOXSMNw20
/jbhBzAy+mdOfS0KFCkFLzLMQkLvaZ4OVT8ydAwqeDndo/s+vHCOgc3F15Drg36J
scgal37UUxPbEegz2AN6G5ZBcWDkdZfy0HDAQ3qF4FfRY0ChxH/6iG/gYTKNS1XK
x4cVY/QCLHEL0tYTQx43H7KxojuH7cPOOTdLMrkBmrsRGT5SdGpiJrXzPK2zrI1z
aCwgk8bH3q2+5BD1TPWrlYWQeX9no8n+oP4MeRIV2V+Xpkmg1y696PDl4ZkPHKKt
k4t2hx1Oh/5yjaDl//x9xxfu
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:38 2025 by rpki-client