Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zhZvkHGKclq0C13SxxGZGlSDRdQ.roa
File: zhZvkHGKclq0C13SxxGZGlSDRdQ.roa (raw, json)
Hash identifier: zYzaLUOV+AFT+eGGAEWZ5LQUewN6ONzPpz8DVuBKfes=
Subject key identifier: CE:16:6F:90:71:8A:72:5A:B4:0B:5D:D2:C7:11:99:1A:54:83:45:D4
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0192422B076DB98F165CD5C21CA7F60A5215
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zhZvkHGKclq0C13SxxGZGlSDRdQ.roa
Signing time: Mon 30 Sep 2024 09:02:49 +0000
ROA not before: Mon 30 Sep 2024 09:02:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 185.194.177.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.58.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Oct 2024 14:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:2b:07:6d:b9:8f:16:5c:d5:c2:1c:a7:f6:0a:52:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 30 09:02:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce166f90718a725ab40b5dd2c711991a548345d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:c7:ea:98:74:39:51:78:51:93:47:9e:86:2c:
e4:2a:08:23:0a:6c:a8:58:a2:bc:d9:80:9c:4e:c3:
47:cf:9d:37:16:7a:e7:61:37:41:35:5f:6c:6d:36:
18:0c:3c:28:6a:b7:2f:43:c0:ac:3f:c1:77:be:20:
2e:79:a8:62:8e:da:ab:b2:ed:db:af:bf:b1:e8:65:
ef:32:4a:6d:84:b8:09:4a:d5:97:1c:7d:56:02:ef:
38:f3:e5:5a:b5:00:31:90:2a:71:87:3c:e6:68:c3:
c1:13:99:30:8a:63:78:f6:ce:6a:2c:21:0d:4b:97:
72:c5:bb:c2:6d:14:74:d7:f9:b7:65:ae:05:fa:ba:
67:6e:95:0f:04:0d:19:25:85:64:d9:0d:22:b1:08:
4e:f3:7c:b0:ce:85:10:be:b3:63:a6:1c:f8:42:68:
b0:6c:80:1c:c6:d7:78:e8:b6:5b:84:8f:09:55:2f:
86:33:7f:fc:bf:5c:2a:77:cb:a5:6f:9b:52:ee:06:
60:b9:f5:fd:c4:36:50:ab:80:55:74:3a:66:2c:bc:
a6:24:85:53:e4:1a:e0:37:1a:25:59:d1:8b:eb:53:
17:a1:eb:2e:36:28:5c:a7:ea:07:27:5c:da:72:de:
46:85:23:14:b7:8c:8a:c3:0d:10:12:af:ac:f8:af:
0f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:16:6F:90:71:8A:72:5A:B4:0B:5D:D2:C7:11:99:1A:54:83:45:D4
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/zhZvkHGKclq0C13SxxGZGlSDRdQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.177.0/24
185.209.38.0/24
185.209.73.0/24
185.210.235.0/24
185.218.20.0/24
185.222.29.0/24
185.246.112.0/24
193.58.146.0/24
Signature Algorithm: sha256WithRSAEncryption
61:e9:97:53:20:22:3c:66:d5:22:a9:ce:44:28:6e:e3:89:b8:
14:ab:bb:37:6f:52:17:56:da:05:7f:a6:b7:97:7a:64:46:1d:
08:c8:55:b3:6e:bd:a1:e9:42:bf:69:33:c2:f5:c2:b5:fa:c3:
9a:36:0d:2b:3c:be:c7:72:c7:86:9c:a8:db:0e:d4:f4:63:dd:
d2:89:52:db:10:fa:1d:52:da:08:38:60:b8:b6:37:10:1e:d6:
b7:63:ae:a3:9f:8d:bc:21:1a:44:b2:10:1e:0d:96:16:df:cf:
e8:b5:bd:dc:61:75:85:a2:d5:0d:88:9b:27:19:0c:67:4b:a2:
ed:aa:7b:45:47:c8:9e:2a:ff:02:62:6b:95:bd:e4:03:c6:72:
28:17:c2:32:d2:9f:57:95:c9:64:30:80:d2:21:8b:91:af:40:
ae:68:c5:e9:1a:f3:e6:89:3b:db:fd:f4:f1:57:e0:cc:12:d5:
85:3d:a6:2f:53:6c:69:f7:71:b6:92:b8:e6:d6:ee:2b:bc:a2:
54:48:26:b9:8b:eb:0c:b3:85:a2:c0:c7:32:9f:67:7d:6d:46:
5b:ef:b2:28:a5:8d:f8:7b:1d:35:3b:06:db:b0:a5:6e:f5:e3:
8b:08:68:17:8a:85:bd:38:97:86:01:e3:06:e8:67:af:da:02:
a0:ac:4f:d7
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZJCKwdtuY8WXNXCHKf2ClIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwOTMwMDkwMjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE2NmY5MDcxOGE3MjVhYjQwYjVkZDJjNzExOTkxYTU0ODM0NWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyMfqmHQ5UXhRk0eehizkKggjCmyo
WKK82YCcTsNHz503FnrnYTdBNV9sbTYYDDwoarcvQ8CsP8F3viAueahijtqrsu3b
r7+x6GXvMkpthLgJStWXHH1WAu848+VatQAxkCpxhzzmaMPBE5kwimN49s5qLCEN
S5dyxbvCbRR01/m3Za4F+rpnbpUPBA0ZJYVk2Q0isQhO83ywzoUQvrNjphz4Qmiw
bIAcxtd46LZbhI8JVS+GM3/8v1wqd8ulb5tS7gZgufX9xDZQq4BVdDpmLLymJIVT
5BrgNxolWdGL61MXoesuNihcp+oHJ1zact5GhSMUt4yKww0QEq+s+K8PMwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFM4Wb5BxinJatAtd0scRmRpUg0XUMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvemhadmtIR0tjbHEwQzEzU3h4R1pHbFNEUmRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAucKxAwQA
udEmAwQAudFJAwQAudLrAwQAudoUAwQAud4dAwQAufZwAwQAwTqSMA0GCSqGSIb3
DQEBCwUAA4IBAQBh6ZdTICI8ZtUiqc5EKG7jibgUq7s3b1IXVtoFf6a3l3pkRh0I
yFWzbr2h6UK/aTPC9cK1+sOaNg0rPL7HcseGnKjbDtT0Y93SiVLbEPodUtoIOGC4
tjcQHta3Y66jn428IRpEshAeDZYW38/otb3cYXWFotUNiJsnGQxnS6LtqntFR8ie
Kv8CYmuVveQDxnIoF8Iy0p9XlclkMIDSIYuRr0CuaMXpGvPmiTvb/fTxV+DMEtWF
PaYvU2xp93G2krjm1u4rvKJUSCa5i+sMs4WiwMcyn2d9bUZb77IopY34ex01Owbb
sKVu9eOLCGgXioW9OJeGAeMG6Gev2gKgrE/X
-----END CERTIFICATE-----
Generated at Wed Oct 9 19:11:15 2024 by rpki-client on console-ams.rpki-client.org