Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/1ZGaK4SUvZk6A6nebfuNrQo8Q2M.roa
File: 1ZGaK4SUvZk6A6nebfuNrQo8Q2M.roa (raw, json)
Hash identifier: WEOFtL8sNYgf0YTKO0XJi+CQ6zzAZWqPc4RGqhqkPlg=
Subject key identifier: D5:91:9A:2B:84:94:BD:99:3A:03:A9:DE:6D:FB:8D:AD:0A:3C:43:63
Certificate issuer: /CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Certificate serial: 018571D7C389FBCD30E0FCBA1E48706FBFE0
Authority key identifier: 4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/1ZGaK4SUvZk6A6nebfuNrQo8Q2M.roa
Signing time: Mon 02 Jan 2023 09:37:23 +0000
ROA not before: Mon 02 Jan 2023 09:37:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198102
IP address blocks: 195.28.8.0/23 maxlen: 23
213.225.240.0/20 maxlen: 20
89.35.168.0/22 maxlen: 22
195.225.40.0/23 maxlen: 23
89.45.212.0/22 maxlen: 22
195.238.80.0/23 maxlen: 23
128.65.204.0/23 maxlen: 24
128.65.200.0/23 maxlen: 24
86.105.236.0/22 maxlen: 22
185.85.192.0/23 maxlen: 23
185.85.194.0/24 maxlen: 24
78.111.224.0/20 maxlen: 24
195.210.40.0/23 maxlen: 23
134.255.168.0/22 maxlen: 22
91.231.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Apr 2023 12:55:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:d7:c3:89:fb:cd:30:e0:fc:ba:1e:48:70:6f:bf:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5146bb4e219744f58c268e9ec621c18dd229c3
Validity
Not Before: Jan 2 09:37:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d5919a2b8494bd993a03a9de6dfb8dad0a3c4363
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:71:e9:e3:14:fe:06:8f:4a:3c:80:8a:42:20:
2f:28:f0:ae:cf:ef:d7:4b:39:15:01:72:74:95:e6:
f4:97:20:8d:18:97:75:0c:b4:3a:c3:da:66:a1:25:
e5:41:62:10:99:d9:69:c3:e0:d8:17:aa:76:13:50:
c5:4d:c1:02:db:13:24:d1:7d:8d:4e:4e:88:09:3c:
12:c6:af:19:93:d1:9c:91:f1:84:3f:52:41:7c:92:
7c:50:42:b7:d8:3d:17:b2:cb:94:fb:c0:37:78:f5:
4d:18:be:85:92:33:2f:ae:d6:7d:c5:57:05:32:01:
be:25:5b:34:6e:37:b3:96:91:69:32:b1:ca:07:8e:
88:fe:b6:56:91:f6:94:eb:3d:96:9e:2f:7b:25:b7:
dd:34:f1:01:7d:05:66:94:21:40:6f:97:c9:62:c8:
12:5e:17:d3:28:bd:c1:f1:34:bf:ba:38:c5:da:e1:
2c:f8:4c:40:01:d4:32:68:b5:13:79:59:57:52:1a:
c8:93:86:67:06:c3:5b:01:b2:d9:a1:9e:e6:84:9b:
47:a5:73:a5:e3:59:09:13:ac:fb:96:d8:42:a5:00:
bb:cf:f6:a1:19:a6:c4:d6:e9:5c:c5:09:e6:be:66:
31:5d:62:b4:67:de:37:9d:5f:38:5c:53:dd:db:5e:
d0:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:91:9A:2B:84:94:BD:99:3A:03:A9:DE:6D:FB:8D:AD:0A:3C:43:63
X509v3 Authority Key Identifier:
keyid:4E:51:46:BB:4E:21:97:44:F5:8C:26:8E:9E:C6:21:C1:8D:D2:29:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TlFGu04hl0T1jCaOnsYhwY3SKcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/1ZGaK4SUvZk6A6nebfuNrQo8Q2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/25b54a-e770-44ab-a004-c920c517d600/1/TlFGu04hl0T1jCaOnsYhwY3SKcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.224.0/20
86.105.236.0/22
89.35.168.0/22
89.45.212.0/22
91.231.62.0/24
128.65.200.0/23
128.65.204.0/23
134.255.168.0/22
185.85.192.0-185.85.194.255
195.28.8.0/23
195.210.40.0/23
195.225.40.0/23
195.238.80.0/23
213.225.240.0/20
Signature Algorithm: sha256WithRSAEncryption
4d:7e:a9:1a:1c:5e:72:c6:99:52:1e:18:e4:d7:55:99:ce:8e:
e7:ab:ff:15:3a:e8:e6:59:24:76:56:dd:a7:20:8d:e8:be:9c:
3b:a8:a8:d3:f8:11:90:2f:b6:ce:70:57:63:4d:5a:f6:b0:03:
93:55:da:bf:91:33:47:ce:e9:e8:4d:b8:bb:77:f7:9f:bd:74:
76:97:2b:52:e0:49:e4:dd:6e:bc:59:01:22:d7:0b:b4:4c:74:
26:2b:99:11:80:fd:e8:a4:c5:57:d8:6f:d4:c2:48:7c:43:c2:
a1:a7:fc:2f:c5:95:0c:e4:4e:0d:52:f1:f3:f5:b2:2a:db:b8:
20:9a:5a:a7:43:bf:78:1e:7a:90:59:bb:0e:ec:bc:37:81:98:
a0:5d:63:de:57:d6:ad:2d:72:a4:d4:9c:eb:2d:9d:a0:a0:1e:
16:e6:bf:82:53:44:91:5f:83:90:0b:a2:b5:23:43:34:93:7f:
94:3c:ee:fb:b7:90:eb:3c:e0:35:85:16:2a:92:d8:0c:81:91:
64:fa:5f:a2:69:30:62:dc:33:bc:2e:08:39:08:b9:42:90:32:
e2:d7:22:8e:c6:29:55:40:31:c8:4d:d0:66:13:36:86:fb:27:
b1:ff:8b:4b:69:e7:4d:4a:64:1d:fa:36:0e:9f:c5:db:c0:e8:
7c:4a:11:c5
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAYVx18OJ+80w4Py6Hkhwb7/gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNTE0NmJiNGUyMTk3NDRmNThjMjY4ZTllYzYyMWMxOGRk
MjI5YzMwHhcNMjMwMTAyMDkzNzIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTkxOWEyYjg0OTRiZDk5M2EwM2E5ZGU2ZGZiOGRhZDBhM2M0MzYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHHp4xT+Bo9KPICKQiAvKPCuz+/X
SzkVAXJ0leb0lyCNGJd1DLQ6w9pmoSXlQWIQmdlpw+DYF6p2E1DFTcEC2xMk0X2N
Tk6ICTwSxq8Zk9GckfGEP1JBfJJ8UEK32D0XssuU+8A3ePVNGL6FkjMvrtZ9xVcF
MgG+JVs0bjezlpFpMrHKB46I/rZWkfaU6z2Wni97JbfdNPEBfQVmlCFAb5fJYsgS
XhfTKL3B8TS/ujjF2uEs+ExAAdQyaLUTeVlXUhrIk4ZnBsNbAbLZoZ7mhJtHpXOl
41kJE6z7lthCpQC7z/ahGabE1ulcxQnmvmYxXWK0Z943nV84XFPd217QNwIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFNWRmiuElL2ZOgOp3m37ja0KPENjMB8GA1UdIwQY
MBaAFE5RRrtOIZdE9Ywmjp7GIcGN0inDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQt
YzkyMGM1MTdkNjAwLzEvMVpHYUs0U1V2Wms2QTZuZWJmdU5yUW84UTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yNWI1NGEtZTc3MC00NGFiLWEwMDQtYzkyMGM1MTdkNjAw
LzEvVGxGR3UwNGhsMFQxakNhT25zWWh3WTNTS2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQETm/gAwQC
VmnsAwQCWSOoAwQCWS3UAwQAW+c+AwQBgEHIAwQBgEHMAwQChv+oMAwDBAa5VcAD
BAC5VcIDBAHDHAgDBAHD0igDBAHD4SgDBAHD7lADBATV4fAwDQYJKoZIhvcNAQEL
BQADggEBAE1+qRocXnLGmVIeGOTXVZnOjuer/xU66OZZJHZW3acgjei+nDuoqNP4
EZAvts5wV2NNWvawA5NV2r+RM0fO6ehNuLt395+9dHaXK1LgSeTdbrxZASLXC7RM
dCYrmRGA/eikxVfYb9TCSHxDwqGn/C/FlQzkTg1S8fP1sirbuCCaWqdDv3geepBZ
uw7svDeBmKBdY95X1q0tcqTUnOstnaCgHhbmv4JTRJFfg5ALorUjQzSTf5Q87vu3
kOs84DWFFiqS2AyBkWT6X6JpMGLcM7wuCDkIuUKQMuLXIo7GKVVAMchN0GYTNob7
J7H/i0tp501KZB36Ng6fxdvA6HxKEcU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:01 2024 by rpki-client on console-fra.rpki-client.org