Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZcMr4a1rMOzpuaTb28ONsWVp6AE.roa
File: ZcMr4a1rMOzpuaTb28ONsWVp6AE.roa (raw, json)
Hash identifier: RdxSawgmOYBb+1LltTjS9frbjiTe3C1xoVUOY2+L6sU=
Subject key identifier: 65:C3:2B:E1:AD:6B:30:EC:E9:B9:A4:DB:DB:C3:8D:B1:65:69:E8:01
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01856ED4E350DC2CE14DD71E2A7E18735095
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZcMr4a1rMOzpuaTb28ONsWVp6AE.roa
Signing time: Sun 01 Jan 2023 19:35:23 +0000
ROA not before: Sun 01 Jan 2023 19:35:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29648
IP address blocks: 31.173.119.0/24 maxlen: 24
77.233.160.0/19 maxlen: 19
77.233.161.0/24 maxlen: 24
77.233.164.0/24 maxlen: 24
77.233.160.0/24 maxlen: 24
77.233.162.0/24 maxlen: 24
77.233.166.0/24 maxlen: 24
77.233.167.0/24 maxlen: 24
77.233.170.0/24 maxlen: 24
31.173.104.0/24 maxlen: 24
31.173.105.0/24 maxlen: 24
31.173.112.0/24 maxlen: 24
31.173.108.0/24 maxlen: 24
31.173.109.0/24 maxlen: 24
31.173.110.0/24 maxlen: 24
31.173.106.0/24 maxlen: 24
31.173.111.0/24 maxlen: 24
31.173.107.0/24 maxlen: 24
31.173.116.0/24 maxlen: 24
31.173.113.0/24 maxlen: 24
31.173.117.0/24 maxlen: 24
31.173.114.0/24 maxlen: 24
31.173.118.0/24 maxlen: 24
31.173.115.0/24 maxlen: 24
77.233.173.0/24 maxlen: 24
77.233.178.0/24 maxlen: 24
77.233.185.0/24 maxlen: 24
77.233.181.0/24 maxlen: 24
77.233.180.0/24 maxlen: 24
77.233.186.0/24 maxlen: 24
77.233.182.0/24 maxlen: 24
77.233.188.0/24 maxlen: 24
77.233.191.0/24 maxlen: 24
77.233.190.0/24 maxlen: 24
188.170.98.0/24 maxlen: 24
86.109.192.0/19 maxlen: 19
86.109.192.0/20 maxlen: 20
188.170.96.0/24 maxlen: 24
188.170.97.0/24 maxlen: 24
188.170.102.0/24 maxlen: 24
86.109.193.0/24 maxlen: 24
188.170.103.0/24 maxlen: 24
188.170.99.0/24 maxlen: 24
188.170.100.0/24 maxlen: 24
188.170.104.0/24 maxlen: 24
86.109.195.0/24 maxlen: 24
188.170.101.0/24 maxlen: 24
188.170.105.0/24 maxlen: 24
188.170.110.0/24 maxlen: 24
188.170.106.0/24 maxlen: 24
188.170.111.0/24 maxlen: 24
188.170.107.0/24 maxlen: 24
86.109.200.0/23 maxlen: 23
188.170.108.0/24 maxlen: 24
188.170.109.0/24 maxlen: 24
188.170.112.0/24 maxlen: 24
188.170.114.0/24 maxlen: 24
86.109.213.0/24 maxlen: 24
188.170.115.0/24 maxlen: 24
188.170.116.0/24 maxlen: 24
86.109.212.0/24 maxlen: 24
86.109.208.0/24 maxlen: 24
188.170.118.0/24 maxlen: 24
188.170.117.0/24 maxlen: 24
188.170.113.0/24 maxlen: 24
86.109.210.0/24 maxlen: 24
188.170.119.0/24 maxlen: 24
188.170.123.0/24 maxlen: 24
86.109.216.0/24 maxlen: 24
188.170.122.0/24 maxlen: 24
86.109.215.0/24 maxlen: 24
86.109.218.0/23 maxlen: 23
188.170.125.0/24 maxlen: 24
188.170.121.0/24 maxlen: 24
188.170.120.0/24 maxlen: 24
86.109.214.0/24 maxlen: 24
188.170.124.0/24 maxlen: 24
188.170.127.0/24 maxlen: 24
86.109.220.0/24 maxlen: 24
188.170.126.0/24 maxlen: 24
86.109.223.0/24 maxlen: 24
86.109.222.0/24 maxlen: 24
78.109.120.0/24 maxlen: 24
78.109.121.0/24 maxlen: 24
178.176.98.0/24 maxlen: 24
195.149.111.0/24 maxlen: 24
178.176.96.0/24 maxlen: 24
178.176.97.0/24 maxlen: 24
178.176.102.0/24 maxlen: 24
178.176.103.0/24 maxlen: 24
178.176.99.0/24 maxlen: 24
178.176.100.0/24 maxlen: 24
178.176.101.0/24 maxlen: 24
178.176.118.0/24 maxlen: 24
178.176.114.0/24 maxlen: 24
178.176.115.0/24 maxlen: 24
178.176.116.0/24 maxlen: 24
178.176.117.0/24 maxlen: 24
178.176.122.0/24 maxlen: 24
178.176.123.0/24 maxlen: 24
178.176.119.0/24 maxlen: 24
178.176.124.0/24 maxlen: 24
178.176.120.0/24 maxlen: 24
178.176.125.0/24 maxlen: 24
178.176.121.0/24 maxlen: 24
178.176.126.0/24 maxlen: 24
178.176.127.0/24 maxlen: 24
83.169.217.0/24 maxlen: 24
83.169.218.0/24 maxlen: 24
83.169.219.0/24 maxlen: 24
83.169.220.0/24 maxlen: 24
83.169.221.0/24 maxlen: 24
83.169.222.0/24 maxlen: 24
83.169.223.0/24 maxlen: 24
188.94.168.0/24 maxlen: 24
188.94.172.0/24 maxlen: 24
188.94.169.0/24 maxlen: 24
188.94.170.0/24 maxlen: 24
188.94.171.0/24 maxlen: 24
188.94.173.0/24 maxlen: 24
188.94.174.0/24 maxlen: 24
188.94.175.0/24 maxlen: 24
217.115.80.0/20 maxlen: 20
217.115.81.0/24 maxlen: 24
217.115.80.0/24 maxlen: 24
217.115.91.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 24 Jan 2023 13:57:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:e3:50:dc:2c:e1:4d:d7:1e:2a:7e:18:73:50:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Jan 1 19:35:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65c32be1ad6b30ece9b9a4dbdbc38db16569e801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fa:01:a1:45:1e:e6:e5:b7:5a:00:a3:01:c5:61:
bb:2d:26:12:29:4f:3a:97:88:d3:ab:b2:57:2e:0f:
60:f1:c5:ce:68:7b:30:b4:25:eb:3d:8c:ac:96:5d:
c9:45:a6:63:30:d8:44:a8:25:3e:36:52:92:40:37:
b3:30:aa:aa:4b:b8:0d:57:a8:21:9f:58:06:a6:e9:
4b:40:4b:2f:4c:6c:d6:3f:e9:fb:7d:b1:e5:5e:b1:
bf:13:ac:b2:4c:7e:21:5c:86:bf:23:62:d0:eb:76:
46:d6:4a:1e:df:a6:a0:b5:7c:0f:7f:1a:62:82:5f:
bb:59:6b:44:c8:46:00:1e:64:fd:4b:65:ab:a0:1f:
19:13:56:cf:17:23:6a:fc:c1:84:78:9a:23:7a:bc:
f8:61:ba:e0:a2:30:b7:0f:f6:79:46:1d:ce:68:ec:
6d:1e:97:70:a3:e4:eb:ba:35:b2:0d:09:a0:70:fe:
0b:50:d4:d6:84:81:c8:24:9e:74:6e:5c:f6:86:ac:
62:89:0b:0c:c2:cf:79:bd:74:5d:99:0b:0f:db:69:
b1:59:72:84:b5:9d:8b:02:d3:d0:c9:19:7d:1d:11:
99:19:0c:32:df:45:01:93:33:ad:b8:52:77:40:a8:
4b:1c:be:1e:54:52:d4:5f:8d:9b:b0:ad:b9:7f:c1:
46:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C3:2B:E1:AD:6B:30:EC:E9:B9:A4:DB:DB:C3:8D:B1:65:69:E8:01
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ZcMr4a1rMOzpuaTb28ONsWVp6AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.104.0-31.173.119.255
77.233.160.0/19
78.109.120.0/23
83.169.217.0-83.169.223.255
86.109.192.0/19
178.176.96.0/21
178.176.114.0-178.176.127.255
188.94.168.0/21
188.170.96.0/19
195.149.111.0/24
217.115.80.0/20
Signature Algorithm: sha256WithRSAEncryption
14:5c:bd:08:da:8c:e8:29:32:32:55:4d:42:de:b0:0a:5c:45:
96:5a:4b:36:b7:df:f3:94:8c:bf:92:d6:c7:4c:58:56:20:a4:
b3:82:3b:80:95:66:c2:04:cf:34:49:6f:f2:52:80:a1:72:12:
65:a7:49:40:4a:67:fe:52:fb:9c:93:10:f3:35:4b:00:ba:1d:
f2:28:96:0d:18:c0:ff:9c:21:50:0a:79:d5:0d:75:64:1e:e2:
b6:ca:05:8d:3e:0f:ab:39:24:3b:23:c2:b9:0b:e6:c5:73:a6:
c7:d2:53:26:08:61:d8:e5:5c:bb:37:a8:79:c1:08:28:5d:63:
63:ba:61:f7:b1:bd:b6:f3:45:e2:9b:98:bf:eb:3a:05:e7:cb:
fb:db:08:dc:2c:19:ed:72:88:b8:b9:42:6b:8a:51:3a:3c:a5:
11:c1:9e:c9:59:7d:74:3d:9f:e0:8d:a4:4e:56:1d:54:d2:ef:
40:8e:74:28:68:af:28:57:29:09:37:cf:cf:a4:e4:97:ad:fa:
86:a9:7e:ba:27:e1:78:8e:fd:72:84:f3:3f:68:a4:4c:b2:a3:
05:26:c6:1c:cf:4e:d6:fc:22:27:b5:1a:ac:6f:2c:a9:00:a8:
eb:f2:44:cf:46:db:e8:7b:22:ca:c3:b4:04:4f:0f:73:2a:bd:
35:bb:03:61
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYVu1ONQ3CzhTdceKn4Yc1CVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjMwMTAxMTkzNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWMzMmJlMWFkNmIzMGVjZTliOWE0ZGJkYmMzOGRiMTY1NjllODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+gGhRR7m5bdaAKMBxWG7LSYSKU86
l4jTq7JXLg9g8cXOaHswtCXrPYysll3JRaZjMNhEqCU+NlKSQDezMKqqS7gNV6gh
n1gGpulLQEsvTGzWP+n7fbHlXrG/E6yyTH4hXIa/I2LQ63ZG1koe36agtXwPfxpi
gl+7WWtEyEYAHmT9S2WroB8ZE1bPFyNq/MGEeJojerz4YbrgojC3D/Z5Rh3OaOxt
Hpdwo+TrujWyDQmgcP4LUNTWhIHIJJ50blz2hqxiiQsMws95vXRdmQsP22mxWXKE
tZ2LAtPQyRl9HRGZGQwy30UBkzOtuFJ3QKhLHL4eVFLUX42bsK25f8FGDQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFGXDK+GtazDs6bmk29vDjbFlaegBMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWmNNcjRhMXJNT3pwdWFUYjI4T05zV1ZwNkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaMAwDBAMfrWgD
BAMfrXADBAVN6aADBAFObXgwDAMEAFOp2QMEBVOpwAMEBVZtwAMEA7KwYDAMAwQB
srByAwQHsrAAAwQDvF6oAwQFvKpgAwQAw5VvAwQE2XNQMA0GCSqGSIb3DQEBCwUA
A4IBAQAUXL0I2ozoKTIyVU1C3rAKXEWWWks2t9/zlIy/ktbHTFhWIKSzgjuAlWbC
BM80SW/yUoChchJlp0lASmf+UvuckxDzNUsAuh3yKJYNGMD/nCFQCnnVDXVkHuK2
ygWNPg+rOSQ7I8K5C+bFc6bH0lMmCGHY5Vy7N6h5wQgoXWNjumH3sb2280Xim5i/
6zoF58v72wjcLBntcoi4uUJrilE6PKURwZ7JWX10PZ/gjaROVh1U0u9AjnQoaK8o
VykJN8/PpOSXrfqGqX66J+F4jv1yhPM/aKRMsqMFJsYcz07W/CIntRqsbyypAKjr
8kTPRtvoeyLKw7QETw9zKr01uwNh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:35 2024 by rpki-client on console-ams.rpki-client.org