Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/zRB3PNUliuc7uveH_WhcCfNaeVY.roa
File: zRB3PNUliuc7uveH_WhcCfNaeVY.roa (raw, json)
Hash identifier: Pzeu2eC7hC5llqCulgU9qTwg8wRg20Y7ndt2y6JsmAM=
Subject key identifier: CD:10:77:3C:D5:25:8A:E7:3B:BA:F7:87:FD:68:5C:09:F3:5A:79:56
Certificate issuer: /CN=0ab36668893a8244d553efca4688d0f1019e4e25
Certificate serial: 018CC87060F05661759EC2310693C98698A2
Authority key identifier: 0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/zRB3PNUliuc7uveH_WhcCfNaeVY.roa
Signing time: Tue 02 Jan 2024 04:30:57 +0000
ROA not before: Tue 02 Jan 2024 04:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24921
IP address blocks: 212.93.120.0/23 maxlen: 23
212.93.122.0/23 maxlen: 23
212.93.127.0/24 maxlen: 24
185.65.160.0/23 maxlen: 23
185.65.162.0/23 maxlen: 23
193.108.29.0/24 maxlen: 24
212.3.192.0/19 maxlen: 19
212.3.192.0/23 maxlen: 23
212.3.192.0/21 maxlen: 21
212.3.194.0/23 maxlen: 23
212.3.196.0/23 maxlen: 23
212.3.198.0/23 maxlen: 23
80.89.76.0/22 maxlen: 22
80.89.72.0/22 maxlen: 22
80.89.72.0/21 maxlen: 21
185.147.56.0/24 maxlen: 24
185.147.57.0/24 maxlen: 24
185.147.56.0/22 maxlen: 22
185.147.58.0/24 maxlen: 24
185.147.59.0/24 maxlen: 24
212.93.97.0/24 maxlen: 24
212.93.100.0/22 maxlen: 22
212.93.104.0/23 maxlen: 23
212.93.110.0/23 maxlen: 23
212.93.112.0/24 maxlen: 24
212.93.106.0/24 maxlen: 24
212.93.108.0/23 maxlen: 23
212.93.107.0/24 maxlen: 24
212.93.116.0/23 maxlen: 23
212.93.118.0/23 maxlen: 23
212.93.115.0/24 maxlen: 24
212.93.113.0/24 maxlen: 24
212.93.114.0/24 maxlen: 24
212.3.201.0/24 maxlen: 24
212.3.204.0/22 maxlen: 22
212.3.208.0/23 maxlen: 23
212.3.210.0/23 maxlen: 23
212.3.221.0/24 maxlen: 24
2a03:ec00:b008::/48 maxlen: 48
2a03:ec00:b180::/42 maxlen: 42
2a03:ec00:b140::/42 maxlen: 42
2a03:ec00:b100::/42 maxlen: 42
2a03:ec00:b100::/40 maxlen: 40
2a03:ec00:b300::/40 maxlen: 40
2a03:ec00:b900::/40 maxlen: 40
2a03:ec00:b400::/40 maxlen: 40
2a03:ec00:b000::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 20 Mar 2024 09:01:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:60:f0:56:61:75:9e:c2:31:06:93:c9:86:98:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ab36668893a8244d553efca4688d0f1019e4e25
Validity
Not Before: Jan 2 04:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd10773cd5258ae73bbaf787fd685c09f35a7956
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:0e:f9:ce:15:cd:ff:a3:58:62:55:3d:f6:ff:
5e:1b:49:56:a6:d3:92:bb:3e:91:a8:c3:9a:04:7a:
de:3a:2e:cc:17:3d:c4:c3:ab:15:3d:dc:ca:38:97:
11:da:5c:43:93:15:85:df:80:de:b8:01:7a:ae:92:
47:61:24:cb:a9:b4:1c:3e:81:d9:9d:19:27:7c:0c:
87:ef:e3:6d:7a:6e:00:5e:6d:0b:a0:db:cd:e5:0d:
98:9f:c6:9a:db:76:da:5a:2e:c4:88:88:27:e5:6b:
3c:1a:3d:9e:cf:ac:96:4f:c6:28:22:db:aa:38:00:
d6:48:59:c7:e7:b1:67:55:ad:00:4a:fa:2d:4e:65:
c0:6e:95:a0:36:8f:85:6b:47:eb:da:a4:f4:74:f6:
f9:e4:d2:8d:4f:bd:c5:ca:9c:1a:6a:58:c5:85:a4:
73:9b:52:d7:18:83:fa:75:57:bf:b5:ae:e7:59:e5:
fa:f6:ef:f4:9b:49:11:cb:4a:d9:e7:30:7c:66:8a:
e9:77:ff:01:8d:08:54:c4:89:c4:12:d8:d3:1c:b4:
b4:4e:ab:56:70:2a:64:db:cb:68:d9:30:71:32:87:
01:54:97:1d:b7:04:73:12:e8:cc:ec:bb:ff:de:a2:
48:00:de:47:b9:89:2a:6c:2a:dc:7b:41:7b:3a:70:
cb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:77:3C:D5:25:8A:E7:3B:BA:F7:87:FD:68:5C:09:F3:5A:79:56
X509v3 Authority Key Identifier:
keyid:0A:B3:66:68:89:3A:82:44:D5:53:EF:CA:46:88:D0:F1:01:9E:4E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CrNmaIk6gkTVU-_KRojQ8QGeTiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/zRB3PNUliuc7uveH_WhcCfNaeVY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e57503-f658-43e2-93a9-2af067a130aa/1/CrNmaIk6gkTVU-_KRojQ8QGeTiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.72.0/21
185.65.160.0/22
185.147.56.0/22
193.108.29.0/24
212.3.192.0/19
212.93.97.0/24
212.93.100.0-212.93.123.255
212.93.127.0/24
IPv6:
2a03:ec00:b000::/48
2a03:ec00:b008::/48
2a03:ec00:b100::/40
2a03:ec00:b300::-2a03:ec00:b4ff:ffff:ffff:ffff:ffff:ffff
2a03:ec00:b900::/40
Signature Algorithm: sha256WithRSAEncryption
40:30:6c:cb:30:4a:6a:35:dd:ee:d9:cd:b0:3d:61:e8:0c:dd:
98:7a:d7:91:25:25:af:98:84:bc:74:45:8c:c1:f1:68:aa:c8:
83:b4:0d:ea:f1:a3:b5:12:e2:92:75:76:70:96:c4:0e:bc:f7:
c5:89:3c:d6:80:e0:9d:8c:ea:8b:d5:60:d0:54:85:44:59:79:
3e:a0:9d:c9:24:17:ec:24:fe:72:d7:59:10:5c:1f:6a:64:3a:
b5:b4:f2:02:7e:36:5c:00:62:1c:f6:2a:a9:7c:75:53:5b:5a:
30:3c:3a:30:2c:b2:dd:da:de:3f:e8:b4:68:3e:89:9e:61:6f:
03:11:d8:dc:62:94:d2:d0:81:61:fb:ff:f9:83:a0:8e:de:c8:
19:59:97:bd:38:ba:9d:f6:44:54:78:8e:e2:d2:ac:8f:bb:8e:
69:55:08:c7:2c:c3:5b:2b:38:be:c0:0a:b6:ac:bc:8f:94:a9:
ad:63:da:3a:b6:8e:bb:04:d6:bd:4d:17:9a:f3:ed:b5:e9:d7:
85:62:62:68:02:7b:dc:d6:44:26:6f:eb:3d:3c:a9:48:3c:37:
4d:a6:49:62:12:da:e9:0c:87:21:47:4a:4b:db:92:46:8f:a8:
da:42:ba:99:1c:7d:99:df:80:b1:60:e8:e6:17:5c:50:e2:88:
fa:18:56:52
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYzIcGDwVmF1nsIxBpPJhpiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhYjM2NjY4ODkzYTgyNDRkNTUzZWZjYTQ2ODhkMGYxMDE5
ZTRlMjUwHhcNMjQwMTAyMDQzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEwNzczY2Q1MjU4YWU3M2JiYWY3ODdmZDY4NWMwOWYzNWE3OTU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQ75zhXN/6NYYlU99v9eG0lWptOS
uz6RqMOaBHreOi7MFz3Ew6sVPdzKOJcR2lxDkxWF34DeuAF6rpJHYSTLqbQcPoHZ
nRknfAyH7+Ntem4AXm0LoNvN5Q2Yn8aa23baWi7EiIgn5Ws8Gj2ez6yWT8YoItuq
OADWSFnH57FnVa0ASvotTmXAbpWgNo+Fa0fr2qT0dPb55NKNT73FypwaaljFhaRz
m1LXGIP6dVe/ta7nWeX69u/0m0kRy0rZ5zB8Zorpd/8BjQhUxInEEtjTHLS0TqtW
cCpk28to2TBxMocBVJcdtwRzEujM7Lv/3qJIAN5HuYkqbCrce0F7OnDLfQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFM0QdzzVJYrnO7r3h/1oXAnzWnlWMB8GA1UdIwQY
MBaAFAqzZmiJOoJE1VPvykaI0PEBnk4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTkt
MmFmMDY3YTEzMGFhLzEvelJCM1BOVWxpdWM3dXZlSF9XaGNDZk5hZVZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lNTc1MDMtZjY1OC00M2UyLTkzYTktMmFmMDY3YTEzMGFh
LzEvQ3JObWFJazZna1RWVS1fS1JvalE4UUdlVGlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwPgQCAAEwOAMEA1BZSAME
ArlBoAMEArmTOAMEAMFsHQMEBdQDwAMEANRdYTAMAwQC1F1kAwQC1F14AwQA1F1/
MDoEAgACMDQDBwAqA+wAsAADBwAqA+wAsAgDBgAqA+wAsTAQAwYAKgPsALMDBgAq
A+wAtAMGACoD7AC5MA0GCSqGSIb3DQEBCwUAA4IBAQBAMGzLMEpqNd3u2c2wPWHo
DN2YeteRJSWvmIS8dEWMwfFoqsiDtA3q8aO1EuKSdXZwlsQOvPfFiTzWgOCdjOqL
1WDQVIVEWXk+oJ3JJBfsJP5y11kQXB9qZDq1tPICfjZcAGIc9iqpfHVTW1owPDow
LLLd2t4/6LRoPomeYW8DEdjcYpTS0IFh+//5g6CO3sgZWZe9OLqd9kRUeI7i0qyP
u45pVQjHLMNbKzi+wAq2rLyPlKmtY9o6to67BNa9TRea8+216deFYmJoAnvc1kQm
b+s9PKlIPDdNpkliEtrpDIchR0pL25JGj6jaQrqZHH2Z34CxYOjmF1xQ4oj6GFZS
-----END CERTIFICATE-----
Generated at Wed Mar 20 11:52:49 2024 by rpki-client on console-fra.rpki-client.org