Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/zXlFkmIDZ9I1itOVWjk_ACMwYiY.roa
File: zXlFkmIDZ9I1itOVWjk_ACMwYiY.roa (raw, json)
Hash identifier: R/94k6SchC62PxzH0A7LwdgwppbGO7RNczEJWUEw5b4=
Subject key identifier: CD:79:45:92:62:03:67:D2:35:8A:D3:95:5A:39:3F:00:23:30:62:26
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 018AD2AD9A1C0C73F06CC3C23347D5E73138
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/zXlFkmIDZ9I1itOVWjk_ACMwYiY.roa
Signing time: Tue 26 Sep 2023 18:08:27 +0000
ROA not before: Tue 26 Sep 2023 18:08:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 8849
IP address blocks: 185.230.245.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
89.36.162.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
2a06:f902:4000::/36 maxlen: 36
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
Validation: Failed, certificate revoked on Fri 06 Oct 2023 23:32:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:d2:ad:9a:1c:0c:73:f0:6c:c3:c2:33:47:d5:e7:31:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Sep 26 18:08:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd794592620367d2358ad3955a393f0023306226
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:69:3c:12:25:a6:64:ca:18:f2:e6:cc:01:
f0:04:1a:b5:d1:8b:23:59:f9:49:16:33:08:20:17:
2f:98:8f:e3:be:78:3b:0d:00:a2:51:55:74:b2:25:
3a:8e:0c:82:b9:bf:b8:07:7c:03:db:97:e8:5f:ae:
06:e1:d7:cd:6c:83:ad:e6:b5:dd:a6:87:91:9f:b3:
b9:cb:8e:94:a5:1f:24:16:ea:f9:69:3b:d4:d3:0c:
8c:06:98:12:8e:cc:43:50:96:8c:78:61:ad:a3:d5:
11:16:ee:8d:71:60:de:2b:78:3c:a4:7e:c0:21:7f:
37:06:05:91:dc:ef:bf:ed:82:67:24:57:ce:44:df:
35:64:58:ca:95:0f:a2:8c:9c:46:14:d9:d3:bf:bf:
76:cb:3e:84:26:a2:a3:d9:96:05:1f:8e:fc:7b:08:
50:23:0e:5c:ad:ce:07:e4:6a:6e:95:bb:fb:f5:d6:
be:a8:d6:eb:83:50:66:fe:f6:07:df:da:fc:5f:c0:
71:a8:ad:08:c2:81:22:93:9b:b0:d0:3d:e1:b8:9b:
62:a1:93:18:f8:f4:59:24:e3:e5:4f:59:f2:85:a4:
d1:ed:55:2c:29:1e:48:2e:3c:a4:c9:b5:f5:f2:f7:
7d:47:74:23:ed:7a:4f:b6:89:5b:25:ae:95:f8:c4:
3f:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:79:45:92:62:03:67:D2:35:8A:D3:95:5A:39:3F:00:23:30:62:26
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/zXlFkmIDZ9I1itOVWjk_ACMwYiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.249.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/24
89.40.226.0/24
91.192.81.0/24
95.174.68.0/22
185.140.210.0/23
185.147.53.0/24
185.230.245.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
Signature Algorithm: sha256WithRSAEncryption
97:30:d8:15:ae:cf:9f:7a:52:d7:93:58:f9:13:f8:c5:fa:da:
5d:e1:95:3c:7d:a1:f6:64:68:43:46:80:6f:f5:10:a5:5a:7f:
30:e3:20:98:18:c2:ba:c8:6e:4c:f5:3d:bf:03:12:ab:fd:e9:
c7:b2:90:95:00:d7:42:8f:eb:8f:ab:22:6a:15:9c:25:92:23:
91:08:fd:21:04:65:ca:d3:f3:db:0e:d6:46:ad:dd:9a:0f:59:
30:37:39:dc:39:c3:84:8d:9f:0a:25:cb:a3:20:fc:1d:b7:d2:
a9:4a:e0:48:57:13:32:15:07:f7:82:5a:e0:52:d8:34:3d:d3:
ee:cf:16:27:05:f4:d3:a6:c7:17:c6:17:e7:99:64:08:7c:e1:
d9:70:bb:81:c8:b5:a2:25:22:be:c2:89:52:5b:49:b4:9e:cc:
23:fd:b9:6c:0a:bb:0f:8c:eb:f2:21:fa:aa:c6:4b:79:33:b4:
1e:ae:12:6c:b1:8f:78:7c:80:e5:f9:53:a2:da:25:ed:10:22:
53:a2:65:bd:df:6f:7b:11:dc:10:6b:59:88:67:14:1b:e9:9b:
6d:9a:e9:a7:3b:60:fc:7c:96:05:04:e5:93:45:89:59:73:bb:
73:19:7e:2b:55:3d:2a:6a:66:ad:5c:26:74:16:86:49:22:93:
96:09:43:ac
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYrSrZocDHPwbMPCM0fV5zE4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjMwOTI2MTgwODI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDc5NDU5MjYyMDM2N2QyMzU4YWQzOTU1YTM5M2YwMDIzMzA2MjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumNpPBIlpmTKGPLmzAHwBBq10Ysj
WflJFjMIIBcvmI/jvng7DQCiUVV0siU6jgyCub+4B3wD25foX64G4dfNbIOt5rXd
poeRn7O5y46UpR8kFur5aTvU0wyMBpgSjsxDUJaMeGGto9URFu6NcWDeK3g8pH7A
IX83BgWR3O+/7YJnJFfORN81ZFjKlQ+ijJxGFNnTv792yz6EJqKj2ZYFH478ewhQ
Iw5crc4H5Gpulbv79da+qNbrg1Bm/vYH39r8X8BxqK0IwoEik5uw0D3huJtioZMY
+PRZJOPlT1nyhaTR7VUsKR5ILjykybX18vd9R3Qj7XpPtolbJa6V+MQ/SQIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFM15RZJiA2fSNYrTlVo5PwAjMGImMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvelhsRmttSURaOUkxaXRPVldqa19BQ013WWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBCBAIAATA8AwQABSz5AwQA
Pnq7AwQBWNIkAwQAWSSiAwQAWSjiAwQAW8BRAwQCX65EAwQBuYzSAwQAuZM1AwQA
ueb1MCYEAgACMCADBgQqBvkBQAMGBCoG+QGAAwYEKgb5AcADBgQqBvkCQDANBgkq
hkiG9w0BAQsFAAOCAQEAlzDYFa7Pn3pS15NY+RP4xfraXeGVPH2h9mRoQ0aAb/UQ
pVp/MOMgmBjCushuTPU9vwMSq/3px7KQlQDXQo/rj6siahWcJZIjkQj9IQRlytPz
2w7WRq3dmg9ZMDc53DnDhI2fCiXLoyD8HbfSqUrgSFcTMhUH94Ja4FLYND3T7s8W
JwX006bHF8YX55lkCHzh2XC7gci1oiUivsKJUltJtJ7MI/25bAq7D4zr8iH6qsZL
eTO0Hq4SbLGPeHyA5flTotol7RAiU6Jlvd9vexHcEGtZiGcUG+mbbZrppztg/HyW
BQTlk0WJWXO7cxl+K1U9KmpmrVwmdBaGSSKTlglDrA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:41:37 2024 by rpki-client on console-ams.rpki-client.org