Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZEyHCZ_NAnVJY4ntD-8_ldcVkAA.roa
File: ZEyHCZ_NAnVJY4ntD-8_ldcVkAA.roa (raw, json)
Hash identifier: NJXnBT+NlkDi71/N3TBUcz0ebaI75vGCL9IWJOXC06k=
Subject key identifier: 64:4C:87:09:9F:CD:02:75:49:63:89:ED:0F:EF:3F:95:D7:15:90:00
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018A552381E602C1E3ECC816FDE18CD10F52
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZEyHCZ_NAnVJY4ntD-8_ldcVkAA.roa
Signing time: Sat 02 Sep 2023 09:05:04 +0000
ROA not before: Sat 02 Sep 2023 09:05:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59432
IP address blocks: 185.218.103.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.214.100.0/24 maxlen: 24
185.223.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Sep 2023 19:52:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:55:23:81:e6:02:c1:e3:ec:c8:16:fd:e1:8c:d1:0f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 2 09:05:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=644c87099fcd0275496389ed0fef3f95d7159000
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:b1:c2:f6:25:7a:45:1b:40:9b:84:5d:cc:86:
a0:b5:05:10:04:b3:96:18:ec:c7:94:b7:46:ac:7f:
7d:91:aa:78:9d:96:b0:43:bd:86:df:63:df:81:34:
7a:a4:8e:45:45:fe:71:4d:cc:60:2f:92:83:6d:f3:
46:d7:b4:36:c2:d1:a5:94:21:11:ec:e2:a3:bf:70:
92:0e:b5:8a:18:03:a3:6f:ea:ad:2b:de:7f:37:ba:
12:34:21:83:3a:ec:c3:66:61:50:54:6b:79:da:74:
11:83:fc:5d:f1:28:56:c4:6d:e8:5b:63:33:38:6f:
25:54:e2:2a:48:7c:15:04:06:fa:b6:45:e1:ce:bf:
b9:73:26:12:a0:5c:a5:db:31:3e:ac:a5:86:fc:86:
28:3d:53:26:0d:cb:7f:0c:df:5c:c6:a9:cc:89:7f:
de:2e:17:d1:43:d5:ff:26:41:d0:81:1e:d6:73:8b:
44:38:97:ba:2e:43:99:99:8b:a6:42:db:bb:55:a5:
dd:a8:e6:3f:2d:f5:c0:d0:e0:d5:4a:5a:7e:42:2a:
8b:93:b6:0c:53:51:5b:30:0e:6b:1f:21:43:b5:12:
06:2c:8f:63:49:8d:82:ef:b3:e9:30:e9:13:e2:e8:
dd:71:9a:ff:b7:66:9b:d6:81:dc:a0:15:f4:43:34:
d6:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:4C:87:09:9F:CD:02:75:49:63:89:ED:0F:EF:3F:95:D7:15:90:00
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/ZEyHCZ_NAnVJY4ntD-8_ldcVkAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.100.0/24
185.218.101.0/24
185.218.103.0/24
185.220.248.0/24
185.223.81.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:60:53:31:97:1f:5a:ad:88:bd:f1:f9:a9:3d:0b:4e:1f:60:
c4:e3:7f:74:bf:e3:6e:37:70:01:08:10:d6:59:94:c6:eb:49:
15:e1:47:87:ae:38:a7:5e:15:eb:3b:65:a7:da:29:ba:9e:04:
08:0e:3e:ba:6c:9f:e5:44:45:51:0c:a0:1f:1d:72:03:f6:83:
f2:d5:37:b6:dd:d8:2f:ad:5d:eb:2f:d8:81:a1:89:e8:25:56:
99:a1:cd:92:6e:87:25:f1:49:71:0f:79:a0:03:0b:75:f0:4d:
48:86:e3:fd:23:ac:ce:61:fe:c7:d7:bf:d3:54:f6:49:28:bb:
7f:06:11:2c:1e:6c:99:f5:1e:4d:d8:b3:d2:86:80:14:0a:51:
6b:f5:3a:de:65:0e:13:57:b2:6d:68:f3:ef:cc:2e:d9:73:b1:
d3:2c:a0:e1:eb:39:21:7e:35:9f:d7:16:4e:3a:15:7a:e2:78:
37:72:53:c0:2d:9a:4f:d0:1c:a6:ec:5b:2d:04:b0:5a:87:d7:
eb:e9:f2:bf:aa:81:3a:cb:86:51:d9:d5:6d:fb:ff:3b:01:7b:
29:d5:c6:c3:ec:dc:06:04:11:76:e6:e7:c3:a3:7b:84:bb:7d:
0a:ee:cc:55:82:df:03:44:17:ba:a6:76:fc:f4:dc:70:ff:ff:
31:69:4b:d9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYpVI4HmAsHj7MgW/eGM0Q9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjMwOTAyMDkwNTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDRjODcwOTlmY2QwMjc1NDk2Mzg5ZWQwZmVmM2Y5NWQ3MTU5MDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7HC9iV6RRtAm4RdzIagtQUQBLOW
GOzHlLdGrH99kap4nZawQ72G32PfgTR6pI5FRf5xTcxgL5KDbfNG17Q2wtGllCER
7OKjv3CSDrWKGAOjb+qtK95/N7oSNCGDOuzDZmFQVGt52nQRg/xd8ShWxG3oW2Mz
OG8lVOIqSHwVBAb6tkXhzr+5cyYSoFyl2zE+rKWG/IYoPVMmDct/DN9cxqnMiX/e
LhfRQ9X/JkHQgR7Wc4tEOJe6LkOZmYumQtu7VaXdqOY/LfXA0ODVSlp+QiqLk7YM
U1FbMA5rHyFDtRIGLI9jSY2C77PpMOkT4ujdcZr/t2ab1oHcoBX0QzTWmwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGRMhwmfzQJ1SWOJ7Q/vP5XXFZAAMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvWkV5SENaX05BblZKWTRudEQtOF9sZGNWa0FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAudZkAwQA
udplAwQAudpnAwQAudz4AwQAud9RMA0GCSqGSIb3DQEBCwUAA4IBAQAdYFMxlx9a
rYi98fmpPQtOH2DE4390v+NuN3ABCBDWWZTG60kV4UeHrjinXhXrO2Wn2im6ngQI
Dj66bJ/lREVRDKAfHXID9oPy1Te23dgvrV3rL9iBoYnoJVaZoc2Sbocl8UlxD3mg
Awt18E1IhuP9I6zOYf7H17/TVPZJKLt/BhEsHmyZ9R5N2LPShoAUClFr9TreZQ4T
V7JtaPPvzC7Zc7HTLKDh6zkhfjWf1xZOOhV64ng3clPALZpP0Bym7FstBLBah9fr
6fK/qoE6y4ZR2dVt+/87AXsp1cbD7NwGBBF25ufDo3uEu30K7sxVgt8DRBe6pnb8
9Nxw//8xaUvZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:42 2024 by rpki-client on console-fra.rpki-client.org