Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/zryvP2jJaDDqqW5c9LrVS_LIByU.roa
File: zryvP2jJaDDqqW5c9LrVS_LIByU.roa (raw, json)
Hash identifier: 5oxcOumkdwebEBRcdg3uLhbsvEEkqww5FEmmU2dFiKY=
Subject key identifier: CE:BC:AF:3F:68:C9:68:30:EA:A9:6E:5C:F4:BA:D5:4B:F2:C8:07:25
Certificate issuer: /CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Certificate serial: 01896CBC4BBCD90652DBE184165DACFAE42E
Authority key identifier: C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/zryvP2jJaDDqqW5c9LrVS_LIByU.roa
Signing time: Wed 19 Jul 2023 06:00:26 +0000
ROA not before: Wed 19 Jul 2023 06:00:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203724
IP address blocks: 185.212.107.0/24 maxlen: 24
185.212.106.0/24 maxlen: 24
185.125.226.0/24 maxlen: 24
185.125.225.0/24 maxlen: 24
185.125.224.0/24 maxlen: 24
185.212.105.0/24 maxlen: 24
185.125.227.0/24 maxlen: 24
2a06:bcc0:5::/48 maxlen: 48
2a06:bcc0:9::/48 maxlen: 48
2a06:bcc0:4::/48 maxlen: 48
2a06:bcc0:2::/48 maxlen: 48
2a06:bcc0:3::/48 maxlen: 48
2a06:bcc0:1::/48 maxlen: 48
2a06:bcc0:11::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 02 Jan 2024 06:31:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:6c:bc:4b:bc:d9:06:52:db:e1:84:16:5d:ac:fa:e4:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0fbd5876613edc56e0f5de468cce5eb2885ff29
Validity
Not Before: Jul 19 06:00:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cebcaf3f68c96830eaa96e5cf4bad54bf2c80725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:5b:e3:83:7c:67:c1:3e:0a:ce:2a:1b:7b:
b6:c1:5a:a8:49:8b:12:63:4b:53:e5:7e:2c:71:75:
ea:9c:fd:df:d1:75:37:ad:0a:b8:3b:f3:50:b9:ac:
be:2e:ff:79:6f:33:07:a9:bd:e9:fa:df:80:48:f2:
f6:73:8f:98:ed:5c:8e:ac:fc:c3:97:fb:9f:9d:f5:
44:ac:57:19:72:4a:04:24:49:15:2f:59:bd:d7:17:
8e:6b:71:da:af:c9:a8:f5:75:c7:e0:27:9e:9b:83:
b5:35:ee:9f:13:90:85:34:44:b4:92:fc:fb:e1:eb:
c2:0c:49:04:af:f8:2e:49:48:a8:08:0f:29:3d:ec:
ad:9d:18:46:f8:b9:1b:32:9e:92:15:6f:e7:7f:c0:
70:8a:cc:c7:0c:b0:20:ae:b6:81:cd:25:36:d7:00:
37:c0:02:83:d8:6f:ab:68:b8:c4:c8:f9:84:37:66:
ab:76:8d:1d:57:a2:dd:fc:09:86:ca:71:f9:be:18:
38:4a:59:31:66:c1:f8:19:c9:f0:39:5d:dd:2b:8f:
ef:9f:26:48:e1:03:ad:9f:cf:0b:04:c5:2f:39:b9:
07:1a:a3:40:b0:3c:bd:6e:89:4b:86:ea:b5:45:6b:
df:5e:77:ca:7c:2d:49:5b:8f:fe:7f:59:06:64:6c:
55:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:BC:AF:3F:68:C9:68:30:EA:A9:6E:5C:F4:BA:D5:4B:F2:C8:07:25
X509v3 Authority Key Identifier:
keyid:C0:FB:D5:87:66:13:ED:C5:6E:0F:5D:E4:68:CC:E5:EB:28:85:FF:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPvVh2YT7cVuD13kaMzl6yiF_yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/zryvP2jJaDDqqW5c9LrVS_LIByU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/01ebc2-84d0-4ae3-a2c2-a3b6be4a9e9b/1/wPvVh2YT7cVuD13kaMzl6yiF_yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.224.0/22
185.212.105.0-185.212.107.255
IPv6:
2a06:bcc0:1::-2a06:bcc0:5:ffff:ffff:ffff:ffff:ffff
2a06:bcc0:9::/48
2a06:bcc0:11::/48
Signature Algorithm: sha256WithRSAEncryption
b4:da:f4:4a:7c:51:cc:92:98:7a:2b:5b:ec:00:95:0b:3e:ac:
8b:8b:3e:4f:33:65:b7:65:26:c3:df:0a:c8:e8:e0:11:9d:26:
ab:18:9a:c8:6b:6b:b9:18:44:36:5f:10:a4:55:9f:56:22:60:
bf:a9:10:84:5a:64:83:c4:e0:e3:ef:d4:5a:66:63:76:62:07:
d0:0b:b2:41:d6:59:5b:a0:7a:bb:4e:a3:bc:c8:fe:68:62:b0:
16:85:2b:43:fb:30:cf:74:77:c7:85:e0:71:6c:bf:da:98:bc:
2a:4d:c7:41:df:47:7b:31:09:bd:8a:53:0c:92:ac:27:59:8b:
c3:96:ec:ae:95:3d:bf:b0:ca:cf:7f:9c:ad:b6:84:36:24:1a:
ed:20:f5:02:bc:57:59:e0:fa:f7:4d:f0:3d:4b:e7:e4:a5:4c:
53:d0:d5:c3:dc:76:f3:17:bb:0f:04:82:1c:25:a6:cd:b6:23:
1a:d8:22:9c:05:59:39:4e:b9:fd:e6:e2:a9:2f:52:49:4b:c1:
59:a1:60:3f:90:57:eb:8b:fe:39:76:c8:b4:34:49:76:c3:3a:
57:66:32:56:df:8f:3a:db:1d:a6:d5:c0:bb:ae:12:e5:9d:02:
94:b3:0d:a6:6d:c8:c2:47:fc:ac:37:65:ad:b1:fd:e1:2a:e2:
80:8b:09:59
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYlsvEu82QZS2+GEFl2s+uQuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZmJkNTg3NjYxM2VkYzU2ZTBmNWRlNDY4Y2NlNWViMjg4
NWZmMjkwHhcNMjMwNzE5MDYwMDI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWJjYWYzZjY4Yzk2ODMwZWFhOTZlNWNmNGJhZDU0YmYyYzgwNzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NRb44N8Z8E+Cs4qG3u2wVqoSYsS
Y0tT5X4scXXqnP3f0XU3rQq4O/NQuay+Lv95bzMHqb3p+t+ASPL2c4+Y7VyOrPzD
l/ufnfVErFcZckoEJEkVL1m91xeOa3Har8mo9XXH4Ceem4O1Ne6fE5CFNES0kvz7
4evCDEkEr/guSUioCA8pPeytnRhG+LkbMp6SFW/nf8BwiszHDLAgrraBzSU21wA3
wAKD2G+raLjEyPmEN2ardo0dV6Ld/AmGynH5vhg4SlkxZsH4GcnwOV3dK4/vnyZI
4QOtn88LBMUvObkHGqNAsDy9bolLhuq1RWvfXnfKfC1JW4/+f1kGZGxV0wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFM68rz9oyWgw6qluXPS61UvyyAclMB8GA1UdIwQY
MBaAFMD71YdmE+3Fbg9d5GjM5esohf8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzIt
YTNiNmJlNGE5ZTliLzEvenJ5dlAyakphRERxcVc1YzlMclZTX0xJQnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8wMWViYzItODRkMC00YWUzLWEyYzItYTNiNmJlNGE5ZTli
LzEvd1B2VmgyWVQ3Y1Z1RDEza2FNemw2eWlGX3lrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjAaBAIAATAUAwQCuX3gMAwD
BAC51GkDBAK51GgwLAQCAAIwJjASAwcAKga8wAABAwcBKga8wAAEAwcAKga8wAAJ
AwcAKga8wAARMA0GCSqGSIb3DQEBCwUAA4IBAQC02vRKfFHMkph6K1vsAJULPqyL
iz5PM2W3ZSbD3wrI6OARnSarGJrIa2u5GEQ2XxCkVZ9WImC/qRCEWmSDxODj79Ra
ZmN2YgfQC7JB1llboHq7TqO8yP5oYrAWhStD+zDPdHfHheBxbL/amLwqTcdB30d7
MQm9ilMMkqwnWYvDluyulT2/sMrPf5yttoQ2JBrtIPUCvFdZ4Pr3TfA9S+fkpUxT
0NXD3HbzF7sPBIIcJabNtiMa2CKcBVk5Trn95uKpL1JJS8FZoWA/kFfri/45dsi0
NEl2wzpXZjJW34862x2m1cC7rhLlnQKUsw2mbcjCR/ysN2Wtsf3hKuKAiwlZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:44 2024 by rpki-client on console-ams.rpki-client.org