Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZPZgMUY6p0Fi5HRDvCc_RD8N2zE.roa
File: ZPZgMUY6p0Fi5HRDvCc_RD8N2zE.roa (raw, json)
Hash identifier: INwHxOQA8Fsmj3TBKGETvER3KNIOEOO2S3cpEfTljiw=
Subject key identifier: 64:F6:60:31:46:3A:A7:41:62:E4:74:43:BC:27:3F:44:3F:0D:DB:31
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018755C00E8A31907297EABD722C236C8040
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZPZgMUY6p0Fi5HRDvCc_RD8N2zE.roa
Signing time: Thu 06 Apr 2023 08:47:42 +0000
ROA not before: Thu 06 Apr 2023 08:47:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3507
IP address blocks: 93.114.192.0/24 maxlen: 24
193.23.130.0/24 maxlen: 24
45.156.158.0/24 maxlen: 24
89.34.127.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
93.115.109.0/24 maxlen: 24
188.240.232.0/24 maxlen: 24
188.241.110.0/24 maxlen: 24
188.241.214.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Apr 2023 08:33:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:55:c0:0e:8a:31:90:72:97:ea:bd:72:2c:23:6c:80:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 6 08:47:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f66031463aa74162e47443bc273f443f0ddb31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:1c:1d:5d:74:75:9a:30:62:28:ab:b2:aa:af:
e6:62:e4:ae:02:b9:7f:a8:b0:b8:0d:1a:cd:28:56:
65:cf:3c:55:da:e0:9c:7a:ab:4e:2f:27:af:d3:d9:
a1:bf:20:23:4e:bb:ec:11:89:f1:f4:12:1b:c4:9a:
9f:84:a3:c0:6e:64:9c:ba:6c:b6:b6:98:63:8c:b8:
09:44:07:e0:2f:3d:3b:34:b6:80:b5:7d:1e:7d:80:
6f:06:47:01:3a:ad:a2:54:7f:e4:83:0c:58:07:88:
4a:3b:2f:31:1f:bd:37:26:4f:3b:8b:ed:2c:95:c0:
2c:d8:cd:67:27:88:f1:02:29:63:11:f5:f7:58:bf:
43:d0:b9:30:e5:07:f7:b7:d0:ce:ff:96:83:62:fa:
75:7d:18:ea:46:f2:31:95:2a:a9:d3:7f:0e:c4:7a:
ea:b8:a6:d4:8d:63:7d:a3:9a:be:f4:54:8d:09:78:
37:2b:de:5f:a0:b2:af:2a:19:ff:f0:3e:b3:14:ca:
7f:10:7d:66:c2:84:82:45:fe:d3:9c:34:3c:9f:01:
bd:8e:28:83:06:72:0b:b0:f8:a0:82:bc:d0:2f:a5:
b9:41:ae:68:dc:30:1f:4c:35:9e:02:90:d2:1e:e7:
01:8f:8c:27:ae:34:1a:96:4f:4c:b5:ce:5a:f3:b4:
df:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F6:60:31:46:3A:A7:41:62:E4:74:43:BC:27:3F:44:3F:0D:DB:31
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ZPZgMUY6p0Fi5HRDvCc_RD8N2zE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.158.0/24
89.33.84.0/24
89.34.127.0/24
89.37.62.0/24
93.114.192.0/24
93.115.109.0/24
188.240.232.0/24
188.241.110.0/24
188.241.214.0/24
193.23.130.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:c9:2d:94:6c:ab:25:68:4b:f5:13:4b:2e:c7:1c:9a:76:aa:
1a:d5:25:ec:48:1b:7a:96:20:fe:7d:17:98:c0:c1:e9:c8:97:
e9:6d:aa:ef:07:2b:67:c7:97:ff:09:fd:c6:19:b4:0d:2e:4c:
17:88:fa:1d:6c:74:40:2b:c9:66:88:5c:4c:ad:ea:32:d0:e8:
3d:e4:fc:15:6b:9c:24:37:96:0b:d8:2d:e9:66:83:4f:ba:32:
4c:e9:18:a8:24:90:8b:c7:7e:48:8b:3d:bc:91:f1:62:c5:1a:
24:c8:b7:55:0c:62:08:9e:d1:bf:b5:76:5c:84:41:de:ae:66:
c4:88:cf:ad:c3:57:ca:fc:aa:5f:0f:60:59:52:9f:60:c8:e3:
21:69:15:94:1c:e4:26:d4:2a:30:bb:cc:e0:45:c4:27:2a:45:
c8:c0:91:f6:64:0c:38:6f:78:68:f4:56:e2:98:3b:1f:89:c1:
20:0b:3e:b5:46:67:95:72:ef:9b:13:52:08:c2:bc:8a:32:3d:
3a:90:9c:ea:bb:d0:f9:d2:3f:e0:85:d7:57:c7:5a:99:ce:c6:
c5:d8:37:6b:34:cf:73:c2:b0:f2:0e:bd:80:59:1a:ed:ec:2e:
0c:2d:8e:25:03:31:5e:ed:f6:f7:a8:3a:03:b1:2e:59:51:d2:
4f:4a:35:f8
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYdVwA6KMZByl+q9ciwjbIBAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjMwNDA2MDg0NzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGY2NjAzMTQ2M2FhNzQxNjJlNDc0NDNiYzI3M2Y0NDNmMGRkYjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBwdXXR1mjBiKKuyqq/mYuSuArl/
qLC4DRrNKFZlzzxV2uCceqtOLyev09mhvyAjTrvsEYnx9BIbxJqfhKPAbmScumy2
tphjjLgJRAfgLz07NLaAtX0efYBvBkcBOq2iVH/kgwxYB4hKOy8xH703Jk87i+0s
lcAs2M1nJ4jxAiljEfX3WL9D0Lkw5Qf3t9DO/5aDYvp1fRjqRvIxlSqp038OxHrq
uKbUjWN9o5q+9FSNCXg3K95foLKvKhn/8D6zFMp/EH1mwoSCRf7TnDQ8nwG9jiiD
BnILsPiggrzQL6W5Qa5o3DAfTDWeApDSHucBj4wnrjQalk9Mtc5a87TfwQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFGT2YDFGOqdBYuR0Q7wnP0Q/DdsxMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvWlBaZ01VWTZwMEZpNUhSRHZDY19SRDhOMnpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALZyeAwQA
WSFUAwQAWSJ/AwQAWSU+AwQAXXLAAwQAXXNtAwQAvPDoAwQAvPFuAwQAvPHWAwQA
wReCMA0GCSqGSIb3DQEBCwUAA4IBAQAayS2UbKslaEv1E0suxxyadqoa1SXsSBt6
liD+fReYwMHpyJfpbarvBytnx5f/Cf3GGbQNLkwXiPodbHRAK8lmiFxMreoy0Og9
5PwVa5wkN5YL2C3pZoNPujJM6RioJJCLx35Iiz28kfFixRokyLdVDGIIntG/tXZc
hEHermbEiM+tw1fK/KpfD2BZUp9gyOMhaRWUHOQm1Cowu8zgRcQnKkXIwJH2ZAw4
b3ho9FbimDsficEgCz61RmeVcu+bE1IIwryKMj06kJzqu9D50j/ghddXx1qZzsbF
2DdrNM9zwrDyDr2AWRrt7C4MLY4lAzFe7fb3qDoDsS5ZUdJPSjX4
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:11 2024 by rpki-client on console-ams.rpki-client.org