Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/ZDUFck9Xkw_pcxdtGjJQvH38Hi8.roa
File: ZDUFck9Xkw_pcxdtGjJQvH38Hi8.roa (raw, json)
Hash identifier: UVqoLvX8TIG9Z9vXXerfE63azWszDzKR/JhrrJ84j0A=
Subject key identifier: 64:35:05:72:4F:57:93:0F:E9:73:17:6D:1A:32:50:BC:7D:FC:1E:2F
Certificate issuer: /CN=0608ade86a1ccf7a483b4c2962045db8d0ef826d
Certificate serial: 018570FBD4DE131AF489C6EBEF59C7DE6ED5
Authority key identifier: 06:08:AD:E8:6A:1C:CF:7A:48:3B:4C:29:62:04:5D:B8:D0:EF:82:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bgit6Gocz3pIO0wpYgRduNDvgm0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/ZDUFck9Xkw_pcxdtGjJQvH38Hi8.roa
Signing time: Mon 02 Jan 2023 05:37:10 +0000
ROA not before: Mon 02 Jan 2023 05:37:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16082
IP address blocks: 37.77.176.0/21 maxlen: 21
185.15.104.0/22 maxlen: 22
87.117.72.0/21 maxlen: 21
109.238.64.0/20 maxlen: 20
62.133.0.0/19 maxlen: 19
83.218.128.0/19 maxlen: 19
87.117.112.0/21 maxlen: 21
31.24.0.0/21 maxlen: 21
87.224.0.0/17 maxlen: 17
217.13.128.0/19 maxlen: 19
212.237.64.0/19 maxlen: 19
2a02:b90::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:fb:d4:de:13:1a:f4:89:c6:eb:ef:59:c7:de:6e:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0608ade86a1ccf7a483b4c2962045db8d0ef826d
Validity
Not Before: Jan 2 05:37:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=643505724f57930fe973176d1a3250bc7dfc1e2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:a7:de:02:63:31:1e:69:41:0e:3f:3b:35:
8d:74:47:59:4f:e6:97:85:91:cd:c2:c8:98:ba:25:
0b:36:82:ad:12:a6:09:c0:95:82:3e:2f:df:11:be:
9d:3d:04:ce:5e:a1:63:35:62:c9:44:5a:7b:dc:8c:
8f:39:cf:14:2e:1f:62:59:8e:89:5b:b0:66:a7:f2:
48:3e:1d:f1:4b:5d:ca:d3:58:45:a3:4e:ea:d8:ae:
d2:58:1d:67:3e:ac:fe:88:e5:94:bd:5e:ba:96:f5:
0e:a8:c3:75:fb:a3:8d:6c:df:94:e4:16:05:75:c1:
ee:d5:f3:48:0b:2f:0c:f4:5e:01:cb:d6:1f:e4:1e:
50:ea:0b:74:09:2a:59:c3:7e:a3:1b:ac:f6:6b:5a:
12:07:c2:43:18:4c:d3:83:8d:6b:6d:7d:3c:3c:7d:
32:e7:9d:28:d9:2e:7b:91:a9:26:ec:8e:07:30:57:
b0:46:ed:d9:09:44:52:7d:f7:70:2f:ee:af:69:37:
bb:b0:60:53:29:da:cb:2b:43:30:88:1b:c2:67:3f:
c9:0d:ec:db:d3:dd:a4:ee:f2:eb:ae:76:15:3e:e0:
15:83:ed:11:7a:f6:78:08:60:72:0f:ab:5b:a3:c1:
42:52:78:94:9b:d2:57:db:4c:96:e6:34:f9:a0:ab:
7a:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:35:05:72:4F:57:93:0F:E9:73:17:6D:1A:32:50:BC:7D:FC:1E:2F
X509v3 Authority Key Identifier:
keyid:06:08:AD:E8:6A:1C:CF:7A:48:3B:4C:29:62:04:5D:B8:D0:EF:82:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bgit6Gocz3pIO0wpYgRduNDvgm0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/ZDUFck9Xkw_pcxdtGjJQvH38Hi8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a98fb-e670-4cf4-81a4-4219022350fa/1/Bgit6Gocz3pIO0wpYgRduNDvgm0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.0.0/21
37.77.176.0/21
62.133.0.0/19
83.218.128.0/19
87.117.72.0/21
87.117.112.0/21
87.224.0.0/17
109.238.64.0/20
185.15.104.0/22
212.237.64.0/19
217.13.128.0/19
IPv6:
2a02:b90::/32
Signature Algorithm: sha256WithRSAEncryption
3c:a7:29:a4:44:ad:3f:2b:8e:ef:48:d6:3a:ad:ad:2f:ab:c9:
ef:35:5b:89:e7:d5:df:12:3a:9b:0a:ec:8e:e8:39:ca:79:e9:
d6:7a:c9:f8:40:50:ef:b9:3e:a2:12:34:f1:dd:45:1a:49:8a:
39:e8:48:0e:82:b9:9d:b8:05:3a:f9:12:04:a0:47:31:c0:d3:
aa:b0:01:50:5b:53:91:c3:af:85:ff:66:49:ca:af:42:4e:d8:
86:5e:8d:cc:6b:d6:62:ec:17:bd:33:47:25:e6:4f:7c:e8:30:
88:ae:82:c2:58:47:62:d5:d4:d9:a4:fc:e4:a9:1d:8d:97:45:
fb:58:3a:a1:8e:bd:a7:e9:97:45:a9:d4:2f:7b:2f:dc:5c:98:
65:4a:b8:11:f7:c5:a6:06:a5:3b:dd:5f:79:89:5b:37:0a:e9:
96:7d:98:a2:a1:a5:0f:6f:bb:15:8b:58:33:6c:10:6a:a5:bd:
b3:e9:6d:53:fc:f0:fc:9c:74:36:fb:c9:4a:ab:2a:16:05:13:
39:49:fe:ae:96:95:e7:44:be:ad:cf:1a:52:ce:91:fe:7d:c5:
78:11:ca:86:9f:79:b4:36:2d:8a:05:e3:f3:63:a6:b7:18:e7:
ad:d9:ca:3d:ae:4c:7f:44:8d:03:56:53:b7:21:af:c6:86:b5:
1e:6f:db:b7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYVw+9TeExr0icbr71nH3m7VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2MDhhZGU4NmExY2NmN2E0ODNiNGMyOTYyMDQ1ZGI4ZDBl
ZjgyNmQwHhcNMjMwMTAyMDUzNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM1MDU3MjRmNTc5MzBmZTk3MzE3NmQxYTMyNTBiYzdkZmMxZTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuGn3gJjMR5pQQ4/OzWNdEdZT+aX
hZHNwsiYuiULNoKtEqYJwJWCPi/fEb6dPQTOXqFjNWLJRFp73IyPOc8ULh9iWY6J
W7Bmp/JIPh3xS13K01hFo07q2K7SWB1nPqz+iOWUvV66lvUOqMN1+6ONbN+U5BYF
dcHu1fNICy8M9F4By9Yf5B5Q6gt0CSpZw36jG6z2a1oSB8JDGEzTg41rbX08PH0y
550o2S57kakm7I4HMFewRu3ZCURSffdwL+6vaTe7sGBTKdrLK0MwiBvCZz/JDezb
092k7vLrrnYVPuAVg+0RevZ4CGByD6tbo8FCUniUm9JX20yW5jT5oKt6gwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFGQ1BXJPV5MP6XMXbRoyULx9/B4vMB8GA1UdIwQY
MBaAFAYIrehqHM96SDtMKWIEXbjQ74JtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmdpdDZHb2N6M3BJTzB3cFlnUmR1TkR2Z20wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTk4ZmItZTY3MC00Y2Y0LTgxYTQt
NDIxOTAyMjM1MGZhLzEvWkRVRmNrOVhrd19wY3hkdEdqSlF2SDM4SGk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTk4ZmItZTY3MC00Y2Y0LTgxYTQtNDIxOTAyMjM1MGZh
LzEvQmdpdDZHb2N6M3BJTzB3cFlnUmR1TkR2Z20wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDHxgAAwQD
JU2wAwQFPoUAAwQFU9qAAwQDV3VIAwQDV3VwAwQHV+AAAwQEbe5AAwQCuQ9oAwQF
1O1AAwQF2Q2AMA0EAgACMAcDBQAqAguQMA0GCSqGSIb3DQEBCwUAA4IBAQA8pymk
RK0/K47vSNY6ra0vq8nvNVuJ59XfEjqbCuyO6DnKeenWesn4QFDvuT6iEjTx3UUa
SYo56EgOgrmduAU6+RIEoEcxwNOqsAFQW1ORw6+F/2ZJyq9CTtiGXo3Ma9Zi7Be9
M0cl5k986DCIroLCWEdi1dTZpPzkqR2Nl0X7WDqhjr2n6ZdFqdQvey/cXJhlSrgR
98WmBqU73V95iVs3CumWfZiioaUPb7sVi1gzbBBqpb2z6W1T/PD8nHQ2+8lKqyoW
BRM5Sf6ulpXnRL6tzxpSzpH+fcV4EcqGn3m0Ni2KBePzY6a3GOet2co9rkx/RI0D
VlO3Ia/GhrUeb9u3
-----END CERTIFICATE-----
Generated at Mon Jan 1 11:16:25 2024 by rpki-client on console-ams.rpki-client.org