Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/ZfTt_aBxWO4VMUWsNwwIWtPPHdk.roa
File: ZfTt_aBxWO4VMUWsNwwIWtPPHdk.roa (raw, json)
Hash identifier: xAbCyvHCGhvXm8AuFykLDOi1tBke/E746sNEA6RWM64=
Subject key identifier: 65:F4:ED:FD:A0:71:58:EE:15:31:45:AC:37:0C:08:5A:D3:CF:1D:D9
Certificate issuer: /CN=95b85e5ac055a12188ae50cdb007fa488b6aa88b
Certificate serial: 018571D7BDD43B2A40D44D1B1278F64BD546
Authority key identifier: 95:B8:5E:5A:C0:55:A1:21:88:AE:50:CD:B0:07:FA:48:8B:6A:A8:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbheWsBVoSGIrlDNsAf6SItqqIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/ZfTt_aBxWO4VMUWsNwwIWtPPHdk.roa
Signing time: Mon 02 Jan 2023 09:37:22 +0000
ROA not before: Mon 02 Jan 2023 09:37:22 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39637
IP address blocks: 37.203.56.0/21 maxlen: 21
94.124.136.0/21 maxlen: 21
91.201.164.0/22 maxlen: 22
185.215.252.0/22 maxlen: 22
195.246.236.0/23 maxlen: 23
2a00:dc8::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 16:29:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:bd:d4:3b:2a:40:d4:4d:1b:12:78:f6:4b:d5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b85e5ac055a12188ae50cdb007fa488b6aa88b
Validity
Not Before: Jan 2 09:37:22 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65f4edfda07158ee153145ac370c085ad3cf1dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2c:0c:74:2c:66:9e:a6:4c:3d:04:24:44:d7:
4e:b9:05:02:67:33:94:b8:71:83:f1:f1:71:2d:99:
b6:e5:ab:e6:7f:6c:ad:79:88:29:2c:f5:9d:11:74:
e0:38:05:39:40:ed:8e:fa:34:7c:62:2a:d1:b4:12:
e1:96:e8:30:7f:fd:31:f1:a6:d7:01:89:61:e2:05:
78:8b:eb:29:69:d0:3b:e1:16:92:b7:c6:c0:20:8b:
9a:53:48:41:aa:d9:2c:39:b0:89:63:4f:f4:0c:60:
95:e9:b3:e7:b6:ab:d5:ff:35:5f:c7:53:b4:92:bb:
9a:4e:f4:0c:f7:d4:3b:8a:f7:eb:41:0f:82:83:77:
80:c2:f0:4f:fc:fb:f9:ff:6b:a8:82:e2:3c:3b:81:
e8:dd:ba:f4:99:34:ed:6f:79:87:11:d8:3e:ac:f8:
83:49:d8:59:d6:22:7b:2e:22:4e:41:ed:e9:6f:42:
5f:69:11:39:4c:a4:16:ef:59:7b:91:bf:b3:69:32:
15:02:d9:80:35:90:61:76:7e:2c:f8:0b:b3:8b:2d:
a1:04:17:e5:b5:58:08:8a:37:7f:5d:f6:e0:2b:91:
ec:a2:ca:46:2d:0b:5b:b2:10:c8:87:d9:b4:33:97:
91:f9:08:53:bb:44:fd:94:dd:18:c5:45:e6:8b:12:
2a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F4:ED:FD:A0:71:58:EE:15:31:45:AC:37:0C:08:5A:D3:CF:1D:D9
X509v3 Authority Key Identifier:
keyid:95:B8:5E:5A:C0:55:A1:21:88:AE:50:CD:B0:07:FA:48:8B:6A:A8:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbheWsBVoSGIrlDNsAf6SItqqIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/ZfTt_aBxWO4VMUWsNwwIWtPPHdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74aee8-41a8-4ee7-ae4c-2183bc3844d2/1/lbheWsBVoSGIrlDNsAf6SItqqIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.56.0/21
91.201.164.0/22
94.124.136.0/21
185.215.252.0/22
195.246.236.0/23
IPv6:
2a00:dc8::/32
Signature Algorithm: sha256WithRSAEncryption
97:e7:f3:0e:76:75:6b:20:a1:07:63:0d:a4:dd:86:4b:ab:b4:
e0:8c:0a:95:3c:4c:20:f0:cf:4a:00:f4:d4:5d:ba:8b:68:a8:
79:57:72:35:39:8c:60:aa:0c:ba:fe:1b:9a:f8:de:1b:50:f8:
18:c6:b7:c2:75:47:1d:db:f8:a8:a1:bb:38:62:7f:96:5d:da:
ea:ea:72:1f:42:86:4d:19:ab:bb:66:96:91:21:5d:1b:4c:7a:
f6:62:85:99:29:47:15:a7:9b:77:bf:e9:a3:f7:1e:a5:4a:6f:
bb:fe:06:ba:1a:7c:7c:30:cb:df:33:39:88:db:91:a9:21:de:
41:ab:33:51:9d:55:86:7e:19:2d:f0:22:34:c6:aa:93:11:10:
21:4f:8b:71:07:5c:72:6b:1c:6f:b3:29:d5:25:4e:1e:85:34:
7a:91:35:a3:c6:dc:12:1a:a6:9c:01:4c:94:69:04:c5:f9:a7:
1b:1c:65:6a:b7:4f:58:dd:90:f5:89:49:49:f8:68:c8:54:a2:
db:56:f4:07:e5:6f:8c:76:68:83:35:e2:0e:98:7d:3a:ae:7e:
52:16:cc:67:2c:28:25:59:2c:a5:67:5c:6b:8c:6c:ee:f9:cf:
f6:37:fe:9a:db:38:e3:54:d3:8c:e6:0e:4b:1f:2d:16:5a:9f:
33:f2:de:87
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYVx173UOypA1E0bEnj2S9VGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1Yjg1ZTVhYzA1NWExMjE4OGFlNTBjZGIwMDdmYTQ4OGI2
YWE4OGIwHhcNMjMwMTAyMDkzNzIyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWY0ZWRmZGEwNzE1OGVlMTUzMTQ1YWMzNzBjMDg1YWQzY2YxZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSwMdCxmnqZMPQQkRNdOuQUCZzOU
uHGD8fFxLZm25avmf2yteYgpLPWdEXTgOAU5QO2O+jR8YirRtBLhlugwf/0x8abX
AYlh4gV4i+spadA74RaSt8bAIIuaU0hBqtksObCJY0/0DGCV6bPntqvV/zVfx1O0
kruaTvQM99Q7ivfrQQ+Cg3eAwvBP/Pv5/2uoguI8O4Ho3br0mTTtb3mHEdg+rPiD
SdhZ1iJ7LiJOQe3pb0JfaRE5TKQW71l7kb+zaTIVAtmANZBhdn4s+Auziy2hBBfl
tVgIijd/XfbgK5HsospGLQtbshDIh9m0M5eR+QhTu0T9lN0YxUXmixIqQwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGX07f2gcVjuFTFFrDcMCFrTzx3ZMB8GA1UdIwQY
MBaAFJW4XlrAVaEhiK5QzbAH+kiLaqiLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGJoZVdzQlZvU0dJcmxETnNBZjZTSXRxcUlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGFlZTgtNDFhOC00ZWU3LWFlNGMt
MjE4M2JjMzg0NGQyLzEvWmZUdF9hQnhXTzRWTVVXc053d0lXdFBQSGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGFlZTgtNDFhOC00ZWU3LWFlNGMtMjE4M2JjMzg0NGQy
LzEvbGJoZVdzQlZvU0dJcmxETnNBZjZTSXRxcUlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJcs4AwQC
W8mkAwQDXnyIAwQCudf8AwQBw/bsMA0EAgACMAcDBQAqAA3IMA0GCSqGSIb3DQEB
CwUAA4IBAQCX5/MOdnVrIKEHYw2k3YZLq7TgjAqVPEwg8M9KAPTUXbqLaKh5V3I1
OYxgqgy6/hua+N4bUPgYxrfCdUcd2/ioobs4Yn+WXdrq6nIfQoZNGau7ZpaRIV0b
THr2YoWZKUcVp5t3v+mj9x6lSm+7/ga6Gnx8MMvfMzmI25GpId5BqzNRnVWGfhkt
8CI0xqqTERAhT4txB1xyaxxvsynVJU4ehTR6kTWjxtwSGqacAUyUaQTF+acbHGVq
t09Y3ZD1iUlJ+GjIVKLbVvQH5W+MdmiDNeIOmH06rn5SFsxnLCglWSylZ1xrjGzu
+c/2N/6a2zjjVNOM5g5LHy0WWp8z8t6H
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:15 2024 by rpki-client on console-fra.rpki-client.org