Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/ZhdhOWO1ha81vWtpNjZXDzdTQ2E.roa
File: ZhdhOWO1ha81vWtpNjZXDzdTQ2E.roa (raw, json)
Hash identifier: lRtTv18L/1Ld28/sGImgvsIMHiEhevp6SCJJu00zgAc=
Subject key identifier: 66:17:61:39:63:B5:85:AF:35:BD:6B:69:36:36:57:0F:37:53:43:61
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018CC7956B78B80958D6AE4B0E43BAB6F7E7
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/ZhdhOWO1ha81vWtpNjZXDzdTQ2E.roa
Signing time: Tue 02 Jan 2024 00:31:47 +0000
ROA not before: Tue 02 Jan 2024 00:31:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51032
IP address blocks: 62.122.88.0/21 maxlen: 24
178.216.176.0/21 maxlen: 21
91.123.80.0/20 maxlen: 20
89.23.146.0/24 maxlen: 24
89.23.147.0/24 maxlen: 24
89.23.160.0/19 maxlen: 19
89.23.168.0/21 maxlen: 21
178.212.80.0/21 maxlen: 24
89.23.176.0/21 maxlen: 21
91.202.204.0/22 maxlen: 22
89.23.128.0/21 maxlen: 24
89.23.128.0/19 maxlen: 19
89.23.144.0/20 maxlen: 24
31.128.128.0/19 maxlen: 24
2a13:2c80::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 07 Feb 2024 21:36:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:6b:78:b8:09:58:d6:ae:4b:0e:43:ba:b6:f7:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: Jan 2 00:31:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6617613963b585af35bd6b693636570f37534361
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ba:69:6b:74:df:23:13:0b:cf:15:06:14:a4:
14:9b:d7:95:27:8d:85:78:c9:ff:04:6a:3b:82:61:
0a:c7:72:83:3b:98:4e:b0:5e:52:1f:a3:64:34:28:
4d:99:a2:91:59:03:32:3a:ed:21:76:87:8d:ea:15:
b7:02:86:c6:c3:f5:54:3e:b8:49:66:2e:c3:ac:98:
4b:ac:bb:12:d8:22:72:06:68:36:ba:d8:ae:86:19:
b3:f7:0b:f2:4f:e2:11:c5:24:ed:7e:b7:62:26:3f:
51:d7:12:4f:41:29:4f:04:09:5e:5c:da:c4:7e:5d:
2d:9d:49:3a:ba:b6:65:93:15:4b:4e:a8:05:ae:57:
8d:2b:17:cb:74:47:5b:27:d8:9c:79:71:29:9e:7e:
49:68:77:58:39:c3:25:7b:84:6c:74:bf:41:65:e0:
b8:7f:b4:1e:2c:ee:ba:90:ba:bc:f1:75:3c:fb:63:
04:03:de:27:00:0e:74:08:2e:76:b4:9c:17:38:ff:
64:d0:22:5c:5f:7b:a9:33:3f:ab:b2:da:97:4f:40:
8d:f9:b4:39:2f:a6:31:30:0d:db:b0:b7:6c:b7:7c:
6b:57:c7:f0:53:b6:89:31:92:e2:29:24:ae:0f:06:
13:97:c0:f0:6e:cd:f8:a8:b2:9e:1d:a2:7d:8a:34:
ac:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:17:61:39:63:B5:85:AF:35:BD:6B:69:36:36:57:0F:37:53:43:61
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/ZhdhOWO1ha81vWtpNjZXDzdTQ2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.128.0/19
62.122.88.0/21
89.23.128.0/18
91.123.80.0/20
91.202.204.0/22
178.212.80.0/21
178.216.176.0/21
IPv6:
2a13:2c80::/29
Signature Algorithm: sha256WithRSAEncryption
b3:98:eb:a3:12:91:0d:25:c3:35:9a:7a:e2:e4:e4:8e:59:57:
03:b2:78:f2:6c:81:f9:fd:f9:48:5c:ac:fd:4e:c0:43:05:24:
e4:1f:e1:00:76:1e:f1:69:a6:7d:57:57:03:e4:2e:0c:01:6e:
4a:a6:b0:41:84:52:bc:07:e5:24:b1:18:6d:39:85:07:16:06:
dd:18:32:30:99:4b:2c:c3:e2:25:ad:7d:54:82:9b:ff:7c:ff:
6b:a2:da:7f:3b:97:24:6b:91:c4:da:c0:6a:01:04:f8:dc:73:
e1:89:67:2c:01:7f:0d:0b:33:85:fb:87:1a:d1:df:08:ca:65:
c8:0f:1e:f8:54:08:0c:e8:d3:f4:b6:30:70:85:a0:64:12:01:
3f:58:ad:5f:e3:63:66:52:98:a8:56:4b:4f:5f:60:88:f1:9f:
53:f6:a1:6c:0f:d4:00:3b:4d:a1:f7:a6:76:ff:4d:25:3a:4d:
01:fe:99:34:4b:2a:fe:19:29:85:8e:93:85:3b:1f:70:c3:35:
a4:de:79:8a:b5:5d:f3:30:cc:79:c0:d3:ab:2f:71:82:8e:35:
a4:d8:b4:19:18:ef:26:02:43:6f:b0:85:9d:25:59:87:34:7d:
35:e9:7b:b8:2e:44:a6:8f:65:07:75:cf:87:c7:3a:a2:14:47:
f1:aa:0a:51
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzHlWt4uAlY1q5LDkO6tvfnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwMTAyMDAzMTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjE3NjEzOTYzYjU4NWFmMzViZDZiNjkzNjM2NTcwZjM3NTM0MzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7ppa3TfIxMLzxUGFKQUm9eVJ42F
eMn/BGo7gmEKx3KDO5hOsF5SH6NkNChNmaKRWQMyOu0hdoeN6hW3AobGw/VUPrhJ
Zi7DrJhLrLsS2CJyBmg2utiuhhmz9wvyT+IRxSTtfrdiJj9R1xJPQSlPBAleXNrE
fl0tnUk6urZlkxVLTqgFrleNKxfLdEdbJ9iceXEpnn5JaHdYOcMle4RsdL9BZeC4
f7QeLO66kLq88XU8+2MEA94nAA50CC52tJwXOP9k0CJcX3upMz+rstqXT0CN+bQ5
L6YxMA3bsLdst3xrV8fwU7aJMZLiKSSuDwYTl8Dwbs34qLKeHaJ9ijSsOQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGYXYTljtYWvNb1raTY2Vw83U0NhMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvWmhkaE9XTzFoYTgxdld0cE5qWlhEemRUUTJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFH4CAAwQD
PnpYAwQGWReAAwQEW3tQAwQCW8rMAwQDstRQAwQDstiwMA0EAgACMAcDBQMqEyyA
MA0GCSqGSIb3DQEBCwUAA4IBAQCzmOujEpENJcM1mnri5OSOWVcDsnjybIH5/flI
XKz9TsBDBSTkH+EAdh7xaaZ9V1cD5C4MAW5KprBBhFK8B+UksRhtOYUHFgbdGDIw
mUssw+IlrX1Ugpv/fP9rotp/O5cka5HE2sBqAQT43HPhiWcsAX8NCzOF+4ca0d8I
ymXIDx74VAgM6NP0tjBwhaBkEgE/WK1f42NmUpioVktPX2CI8Z9T9qFsD9QAO02h
96Z2/00lOk0B/pk0Syr+GSmFjpOFOx9wwzWk3nmKtV3zMMx5wNOrL3GCjjWk2LQZ
GO8mAkNvsIWdJVmHNH016Xu4LkSmj2UHdc+HxzqiFEfxqgpR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:50 2025 by rpki-client