Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/Ze6Sv-G_mlAeJwsHJ-5vY8fSxCY.roa
File: Ze6Sv-G_mlAeJwsHJ-5vY8fSxCY.roa (raw, json)
Hash identifier: buWArBGMEqUDuw/bejZgZrmnMJN7f4HFMWvswPF4A8g=
Subject key identifier: 65:EE:92:BF:E1:BF:9A:50:1E:27:0B:07:27:EE:6F:63:C7:D2:C4:26
Certificate issuer: /CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Certificate serial: 018CC424E1609B010958CAFE60ACDEEC36D5
Authority key identifier: 13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/Ze6Sv-G_mlAeJwsHJ-5vY8fSxCY.roa
Signing time: Mon 01 Jan 2024 08:30:00 +0000
ROA not before: Mon 01 Jan 2024 08:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50889
IP address blocks: 185.136.71.0/24 maxlen: 24
185.136.69.0/24 maxlen: 24
185.136.70.0/24 maxlen: 24
77.111.250.0/24 maxlen: 24
77.111.251.0/24 maxlen: 24
77.111.248.0/24 maxlen: 24
77.111.249.0/24 maxlen: 24
80.84.166.0/24 maxlen: 24
80.84.160.0/24 maxlen: 24
80.84.164.0/24 maxlen: 24
80.84.165.0/24 maxlen: 24
80.84.163.0/24 maxlen: 24
80.84.161.0/24 maxlen: 24
80.84.162.0/24 maxlen: 24
80.84.167.0/24 maxlen: 24
80.84.171.0/24 maxlen: 24
80.84.172.0/24 maxlen: 24
80.84.170.0/24 maxlen: 24
80.84.168.0/24 maxlen: 24
80.84.169.0/24 maxlen: 24
80.84.173.0/24 maxlen: 24
80.84.174.0/24 maxlen: 24
80.84.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 15:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:e1:60:9b:01:09:58:ca:fe:60:ac:de:ec:36:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13a0f7143ffa22113442dc8589ee1352ebe3daa3
Validity
Not Before: Jan 1 08:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ee92bfe1bf9a501e270b0727ee6f63c7d2c426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:0f:e7:a1:ac:b4:3a:22:cf:c2:83:6e:9b:68:
c3:d3:0b:50:8d:26:6f:28:2a:ee:7e:a0:a8:80:80:
f6:77:88:ce:8c:b9:37:f1:d7:7a:60:23:ea:b5:8a:
c9:66:e5:cf:20:59:8e:f5:ec:7a:59:70:f8:4b:c9:
94:c1:bd:69:71:ce:f9:cc:4b:71:50:a1:2d:93:55:
af:34:5e:b7:1a:78:48:63:64:e3:f1:a0:5b:28:73:
a2:a1:d0:a0:f1:c8:83:65:61:cb:34:a2:bf:05:16:
71:f3:7b:e5:b9:03:76:30:9c:01:6c:26:f1:58:5e:
97:90:90:41:f1:da:15:08:7e:7f:95:36:12:86:4d:
e3:15:e4:96:c7:f8:1e:41:7e:e2:c5:6b:8d:75:32:
5e:50:ea:54:cd:bf:58:18:73:d5:7b:c7:b8:9e:81:
b3:7e:e5:1e:a3:52:05:df:41:26:55:92:7a:a4:56:
f1:27:0e:72:15:8e:fa:c5:1d:03:6f:b9:20:36:b6:
33:08:04:b2:36:9f:52:f2:1d:53:3a:96:e4:bc:4b:
eb:2a:b3:c8:b2:88:00:f2:e8:61:92:19:96:7a:a2:
fc:10:f0:d6:5a:a7:46:80:f5:32:66:3c:dd:d9:25:
74:e9:15:d9:0e:61:f2:d9:b4:69:a6:4c:7a:84:71:
55:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EE:92:BF:E1:BF:9A:50:1E:27:0B:07:27:EE:6F:63:C7:D2:C4:26
X509v3 Authority Key Identifier:
keyid:13:A0:F7:14:3F:FA:22:11:34:42:DC:85:89:EE:13:52:EB:E3:DA:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E6D3FD_6IhE0QtyFie4TUuvj2qM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/Ze6Sv-G_mlAeJwsHJ-5vY8fSxCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/443f87-4ae0-4198-bcb8-104a33437665/1/E6D3FD_6IhE0QtyFie4TUuvj2qM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.111.248.0/22
80.84.160.0/20
185.136.69.0-185.136.71.255
Signature Algorithm: sha256WithRSAEncryption
01:71:b4:08:e1:96:02:bc:77:1c:c8:a0:b9:b0:25:5d:b1:44:
5e:da:60:10:14:7a:c8:ce:45:21:74:03:fb:32:84:c5:d7:58:
93:2f:83:55:07:e8:a6:12:75:54:ac:df:46:fc:f6:a5:99:26:
9f:dd:b9:95:b3:cb:b8:68:db:1e:f8:0b:89:e6:d3:4e:36:52:
60:db:c8:40:60:c8:97:2c:b3:d1:a3:fb:33:a6:c6:fc:0b:cc:
96:1a:2b:f5:16:6b:f7:1a:8e:fb:c6:6d:83:1a:bb:f1:7f:75:
19:c0:79:73:ab:fa:2d:8d:c0:30:26:3a:67:d5:7e:ea:e8:a8:
7f:4b:da:46:8e:9a:e8:17:eb:f9:57:73:ef:a3:7e:13:ba:4b:
25:e6:38:02:9c:c7:64:11:cc:33:40:2c:7e:7e:b7:ed:97:b7:
ee:a1:d0:d2:d2:ea:41:2e:a4:49:b9:03:51:bb:02:8e:f1:11:
fb:f0:b0:fd:98:32:92:f3:20:c4:e2:ac:02:f2:da:f7:30:fa:
ac:59:b4:67:3c:4e:b6:fc:8e:c8:95:e9:0e:11:e9:65:65:1f:
c6:7d:c9:81:c1:f8:8d:21:db:1e:ab:ba:77:13:37:1c:ab:d2:
41:bc:4b:e0:c3:c4:e2:af:91:db:f9:3a:c0:41:fb:b7:62:f5:
37:8c:73:04
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJOFgmwEJWMr+YKze7DbVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYTBmNzE0M2ZmYTIyMTEzNDQyZGM4NTg5ZWUxMzUyZWJl
M2RhYTMwHhcNMjQwMTAxMDgzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVlOTJiZmUxYmY5YTUwMWUyNzBiMDcyN2VlNmY2M2M3ZDJjNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQ/noay0OiLPwoNum2jD0wtQjSZv
KCrufqCogID2d4jOjLk38dd6YCPqtYrJZuXPIFmO9ex6WXD4S8mUwb1pcc75zEtx
UKEtk1WvNF63GnhIY2Tj8aBbKHOiodCg8ciDZWHLNKK/BRZx83vluQN2MJwBbCbx
WF6XkJBB8doVCH5/lTYShk3jFeSWx/geQX7ixWuNdTJeUOpUzb9YGHPVe8e4noGz
fuUeo1IF30EmVZJ6pFbxJw5yFY76xR0Db7kgNrYzCASyNp9S8h1TOpbkvEvrKrPI
sogA8uhhkhmWeqL8EPDWWqdGgPUyZjzd2SV06RXZDmHy2bRppkx6hHFVawIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGXukr/hv5pQHicLByfub2PH0sQmMB8GA1UdIwQY
MBaAFBOg9xQ/+iIRNELchYnuE1Lr49qjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgt
MTA0YTMzNDM3NjY1LzEvWmU2U3YtR19tbEFlSndzSEotNXZZOGZTeENZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi80NDNmODctNGFlMC00MTk4LWJjYjgtMTA0YTMzNDM3NjY1
LzEvRTZEM0ZEXzZJaEUwUXR5RmllNFRVdXZqMnFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTW/4AwQE
UFSgMAwDBAC5iEUDBAO5iEAwDQYJKoZIhvcNAQELBQADggEBAAFxtAjhlgK8dxzI
oLmwJV2xRF7aYBAUesjORSF0A/syhMXXWJMvg1UH6KYSdVSs30b89qWZJp/duZWz
y7ho2x74C4nm0042UmDbyEBgyJcss9Gj+zOmxvwLzJYaK/UWa/cajvvGbYMau/F/
dRnAeXOr+i2NwDAmOmfVfuroqH9L2kaOmugX6/lXc++jfhO6SyXmOAKcx2QRzDNA
LH5+t+2Xt+6h0NLS6kEupEm5A1G7Ao7xEfvwsP2YMpLzIMTirALy2vcw+qxZtGc8
Trb8jsiV6Q4R6WVlH8Z9yYHB+I0h2x6runcTNxyr0kG8S+DDxOKvkdv5OsBB+7di
9TeMcwQ=
-----END CERTIFICATE-----
Generated at Thu May 16 18:36:41 2024 by rpki-client on console-fra.rpki-client.org