Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZGalo5fxMHXyRdiGP6S6AHpfvaQ.roa
File: ZGalo5fxMHXyRdiGP6S6AHpfvaQ.roa (raw, json)
Hash identifier: XEKXTs3y5+Hqp6MkLsySJMci5tOVZcUiUAuGOF7Rqpc=
Subject key identifier: 64:66:A5:A3:97:F1:30:75:F2:45:D8:86:3F:A4:BA:00:7A:5F:BD:A4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0185CA55E0D44284B773F30E869B320CE859
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZGalo5fxMHXyRdiGP6S6AHpfvaQ.roa
Signing time: Thu 19 Jan 2023 14:01:43 +0000
ROA not before: Thu 19 Jan 2023 14:01:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197942
IP address blocks: 193.234.81.0/24 maxlen: 24
194.103.18.0/24 maxlen: 24
193.180.160.0/23 maxlen: 23
192.36.180.0/24 maxlen: 24
194.71.64.0/22 maxlen: 22
194.71.68.0/22 maxlen: 22
194.14.218.0/24 maxlen: 24
194.71.72.0/21 maxlen: 24
194.71.81.0/24 maxlen: 24
194.71.80.0/24 maxlen: 24
194.71.82.0/24 maxlen: 24
193.183.188.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:ca:55:e0:d4:42:84:b7:73:f3:0e:86:9b:32:0c:e8:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 19 14:01:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6466a5a397f13075f245d8863fa4ba007a5fbda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:89:d5:31:c0:dd:95:e1:44:b4:f4:a0:48:50:
ca:b4:06:d0:55:d9:2f:3f:dd:ab:5b:e8:8d:63:7d:
12:61:59:8c:f9:7f:1b:0e:6c:9f:15:0e:b5:82:a1:
ea:7a:e0:62:7b:90:17:be:2b:af:ff:87:c2:dd:07:
4f:bf:5e:0d:70:a3:f4:94:0b:5c:c3:be:70:f0:1d:
56:d2:a7:7c:23:c9:ad:95:ee:63:1c:4b:d4:3c:11:
88:ea:a9:a1:da:3a:e6:89:53:2b:af:9e:e5:f7:c4:
15:ca:8e:c1:b1:94:81:c4:0f:6b:51:b5:75:60:13:
dd:10:1e:21:ca:2a:f4:e2:a7:31:8b:1a:2a:e6:46:
10:b5:c2:68:a4:1a:c4:6f:58:e2:9b:e3:85:ee:0e:
57:ed:a9:a6:4c:f5:1d:23:c3:4e:8f:81:9f:75:b9:
42:fb:66:28:0d:12:8f:e7:6e:ab:28:9c:db:1f:68:
77:f6:13:0a:e7:a4:8b:f5:7d:68:b0:dc:9f:fd:e4:
8d:c3:23:51:f3:33:66:c9:ab:06:e2:48:8f:85:1a:
77:e9:70:70:a5:b9:f2:a2:17:d1:6e:b7:2d:d5:a1:
95:6d:7c:33:77:76:50:f2:4c:d5:27:e2:95:3e:67:
4b:2f:14:f8:47:63:b0:b2:02:43:ac:f6:b1:4a:7e:
96:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:66:A5:A3:97:F1:30:75:F2:45:D8:86:3F:A4:BA:00:7A:5F:BD:A4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ZGalo5fxMHXyRdiGP6S6AHpfvaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.180.0/24
193.180.160.0/23
193.183.188.0/24
193.234.81.0/24
194.14.218.0/24
194.71.64.0-194.71.82.255
194.103.18.0/24
Signature Algorithm: sha256WithRSAEncryption
85:af:c6:92:e8:f8:a8:c4:9a:82:79:22:46:06:97:e9:e8:b1:
01:11:ef:82:e3:6b:a0:66:a5:2e:be:bb:23:78:2e:aa:00:03:
17:1a:05:ca:d1:69:82:c4:0b:10:dc:58:2b:ef:95:b6:68:ba:
71:23:45:39:2c:cf:c0:ba:1e:2d:87:93:68:68:24:96:bf:6f:
99:c1:81:6e:6a:48:1b:c3:03:ab:16:da:c6:97:3b:dd:95:e8:
de:fc:72:a8:7b:e8:97:40:d5:9b:6b:4e:2c:18:2b:ae:e1:dd:
b4:31:d4:19:f8:a4:2e:89:1d:55:bb:26:63:6e:76:06:a4:84:
ad:1e:1f:e7:e3:01:8d:dc:76:27:89:69:9e:80:6c:6c:66:27:
f3:99:ca:92:bf:5b:5c:bc:21:8f:d5:ea:86:6d:0b:51:90:10:
b2:e3:3d:25:c9:c6:6c:30:74:3d:38:45:8f:94:4d:9e:37:06:
f0:11:25:b2:84:b5:d4:19:c2:83:74:86:4d:c9:e2:70:66:5c:
e6:b4:3a:62:e3:02:26:91:60:80:8e:06:6d:72:78:ac:b4:56:
2b:a3:1d:b9:8b:43:4b:f0:f9:3a:8e:10:e0:af:31:7b:5b:eb:
a2:9e:bb:20:22:03:f5:04:77:0a:2b:23:86:fa:c9:01:75:56:
4b:cf:4a:2f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYXKVeDUQoS3c/MOhpsyDOhZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTE5MTQwMTQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDY2YTVhMzk3ZjEzMDc1ZjI0NWQ4ODYzZmE0YmEwMDdhNWZiZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvYnVMcDdleFEtPSgSFDKtAbQVdkv
P92rW+iNY30SYVmM+X8bDmyfFQ61gqHqeuBie5AXviuv/4fC3QdPv14NcKP0lAtc
w75w8B1W0qd8I8mtle5jHEvUPBGI6qmh2jrmiVMrr57l98QVyo7BsZSBxA9rUbV1
YBPdEB4hyir04qcxixoq5kYQtcJopBrEb1jim+OF7g5X7ammTPUdI8NOj4GfdblC
+2YoDRKP526rKJzbH2h39hMK56SL9X1osNyf/eSNwyNR8zNmyasG4kiPhRp36XBw
pbnyohfRbrct1aGVbXwzd3ZQ8kzVJ+KVPmdLLxT4R2OwsgJDrPaxSn6WMwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGRmpaOX8TB18kXYhj+kugB6X72kMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWkdhbG81ZnhNSFh5UmRpR1A2UzZBSHBmdmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwCS0AwQB
wbSgAwQAwbe8AwQAwepRAwQAwg7aMAwDBAbCR0ADBADCR1IDBADCZxIwDQYJKoZI
hvcNAQELBQADggEBAIWvxpLo+KjEmoJ5IkYGl+nosQER74Lja6BmpS6+uyN4LqoA
AxcaBcrRaYLECxDcWCvvlbZounEjRTksz8C6Hi2Hk2hoJJa/b5nBgW5qSBvDA6sW
2saXO92V6N78cqh76JdA1ZtrTiwYK67h3bQx1Bn4pC6JHVW7JmNudgakhK0eH+fj
AY3cdieJaZ6AbGxmJ/OZypK/W1y8IY/V6oZtC1GQELLjPSXJxmwwdD04RY+UTZ43
BvARJbKEtdQZwoN0hk3J4nBmXOa0OmLjAiaRYICOBm1yeKy0ViujHbmLQ0vw+TqO
EOCvMXtb66KeuyAiA/UEdworI4b6yQF1VkvPSi8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:47 2023 by rpki-client on console-fra.rpki-client.org