Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zxZR6ZBDrVCFALDE4CPBu5_AoKk.roa
File: zxZR6ZBDrVCFALDE4CPBu5_AoKk.roa (raw, json)
Hash identifier: S7GZyTLQpKr5MYfk1KYe1118lgKiuBZTg3EeJhCfZk8=
Subject key identifier: CF:16:51:E9:90:43:AD:50:85:00:B0:C4:E0:23:C1:BB:9F:C0:A0:A9
Certificate issuer: /CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Certificate serial: 018571830541B7E7AB08308735ECDE987C0E
Authority key identifier: 81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zxZR6ZBDrVCFALDE4CPBu5_AoKk.roa
Signing time: Mon 02 Jan 2023 08:04:50 +0000
ROA not before: Mon 02 Jan 2023 08:04:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213176
IP address blocks: 212.59.64.0/24 maxlen: 24
212.59.67.0/24 maxlen: 24
212.59.70.0/24 maxlen: 24
212.59.66.0/24 maxlen: 24
212.59.69.0/24 maxlen: 24
212.59.65.0/24 maxlen: 24
212.59.68.0/24 maxlen: 24
209.35.224.0/24 maxlen: 24
209.35.226.0/24 maxlen: 24
209.35.225.0/24 maxlen: 24
209.35.227.0/24 maxlen: 24
209.35.228.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Aug 2023 04:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:83:05:41:b7:e7:ab:08:30:87:35:ec:de:98:7c:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81a2d0dcd50a682f975ea3d8c38e5e67bb0322f9
Validity
Not Before: Jan 2 08:04:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1651e99043ad508500b0c4e023c1bb9fc0a0a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b0:58:ce:d1:57:3b:1f:d7:15:18:d8:39:68:
00:d7:48:95:23:68:c4:32:4d:8c:18:79:b2:e8:57:
a7:bb:52:f5:f0:dc:91:cb:65:9a:ba:b3:dc:35:b4:
1c:36:ca:c7:04:3a:2d:b5:b2:ab:4e:ce:e9:3c:02:
d7:fa:e7:27:ff:e8:9c:5b:52:65:f4:dd:6d:0f:6b:
09:0a:ae:ff:c0:80:61:98:1d:28:0c:1b:68:e4:64:
74:f4:5d:65:ac:ef:99:43:67:d9:78:44:49:bb:1e:
c8:a7:8f:db:fb:25:4d:7e:95:76:99:45:8a:03:02:
66:36:49:67:72:af:3d:7d:f3:78:a5:61:5b:bd:08:
d0:fb:fa:62:02:1a:bd:88:0a:02:cf:18:2b:c4:9c:
8a:0a:bf:5b:22:5f:34:84:b5:4b:69:60:aa:7c:c4:
60:2a:ae:14:70:11:93:d5:ec:3d:68:e8:51:47:be:
51:7f:42:64:d9:a1:c3:ce:0a:6f:d9:68:2d:f1:2d:
59:d9:e4:b2:5f:66:56:8b:4e:0e:b1:ec:e4:32:22:
ca:8e:8f:df:42:a6:62:2b:e5:a3:75:cd:51:3d:95:
af:a8:5a:ca:9e:1e:6d:8e:c5:4c:e0:37:da:bd:1a:
b9:be:3e:1e:40:f5:ed:a3:7d:5f:e7:78:82:8c:77:
ae:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:16:51:E9:90:43:AD:50:85:00:B0:C4:E0:23:C1:BB:9F:C0:A0:A9
X509v3 Authority Key Identifier:
keyid:81:A2:D0:DC:D5:0A:68:2F:97:5E:A3:D8:C3:8E:5E:67:BB:03:22:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/zxZR6ZBDrVCFALDE4CPBu5_AoKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/d25a72-bbe3-4ab0-9564-fe45d5160c39/1/gaLQ3NUKaC-XXqPYw45eZ7sDIvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
209.35.224.0-209.35.228.255
212.59.64.0-212.59.70.255
Signature Algorithm: sha256WithRSAEncryption
26:24:34:27:a3:e0:fd:3d:9d:56:ae:54:6d:d0:93:40:f5:a4:
1c:a5:b8:74:b5:a3:b5:42:3c:f7:55:1f:4d:96:95:95:05:de:
fb:31:d5:8a:e8:08:94:c7:ef:3b:a6:91:c6:93:b3:a3:ba:e4:
65:da:0b:4e:24:27:0e:7d:20:37:17:8f:95:2a:79:88:12:a4:
bd:fd:ce:0b:db:75:13:88:25:5c:75:13:0f:b2:5c:dc:14:80:
f4:3a:fb:4f:6b:a7:dc:e2:e7:34:d6:cb:8b:b2:b6:ee:33:d0:
ee:4d:a8:4d:b4:42:aa:20:ae:a9:91:96:3e:57:87:ab:01:7b:
ae:aa:ce:f8:9b:f8:e7:8e:4a:1e:53:78:b6:0e:e4:04:c0:93:
13:3c:e5:28:92:cb:1a:94:8e:b6:6b:ab:76:cb:fe:6f:84:b1:
36:6b:b4:a7:4d:fd:31:02:6f:d7:f2:a4:d2:67:62:e2:4b:92:
1b:1f:88:fe:c7:19:29:48:64:4c:eb:04:a6:1c:f0:6c:e8:dd:
9f:34:9d:36:e6:3d:ff:42:e6:3b:66:de:06:41:5f:4c:24:3d:
d3:30:72:61:bc:36:39:d5:29:8d:06:8e:73:50:53:98:af:79:
22:57:c9:a8:3c:69:89:fd:01:ff:f1:a3:0a:d3:f8:16:de:11:
08:97:59:c9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYVxgwVBt+erCDCHNezemHwOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxYTJkMGRjZDUwYTY4MmY5NzVlYTNkOGMzOGU1ZTY3YmIw
MzIyZjkwHhcNMjMwMTAyMDgwNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE2NTFlOTkwNDNhZDUwODUwMGIwYzRlMDIzYzFiYjlmYzBhMGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrBYztFXOx/XFRjYOWgA10iVI2jE
Mk2MGHmy6Fenu1L18NyRy2WaurPcNbQcNsrHBDottbKrTs7pPALX+ucn/+icW1Jl
9N1tD2sJCq7/wIBhmB0oDBto5GR09F1lrO+ZQ2fZeERJux7Ip4/b+yVNfpV2mUWK
AwJmNklncq89ffN4pWFbvQjQ+/piAhq9iAoCzxgrxJyKCr9bIl80hLVLaWCqfMRg
Kq4UcBGT1ew9aOhRR75Rf0Jk2aHDzgpv2Wgt8S1Z2eSyX2ZWi04OsezkMiLKjo/f
QqZiK+Wjdc1RPZWvqFrKnh5tjsVM4DfavRq5vj4eQPXto31f53iCjHeuKwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFM8WUemQQ61QhQCwxOAjwbufwKCpMB8GA1UdIwQY
MBaAFIGi0NzVCmgvl16j2MOOXme7AyL5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQt
ZmU0NWQ1MTYwYzM5LzEvenhaUjZaQkRyVkNGQUxERTRDUEJ1NV9Bb0trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9kMjVhNzItYmJlMy00YWIwLTk1NjQtZmU0NWQ1MTYwYzM5
LzEvZ2FMUTNOVUthQy1YWHFQWXc0NWVaN3NESXZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAXRI+AD
BADRI+QwDAMEBtQ7QAMEANQ7RjANBgkqhkiG9w0BAQsFAAOCAQEAJiQ0J6Pg/T2d
Vq5UbdCTQPWkHKW4dLWjtUI891UfTZaVlQXe+zHViugIlMfvO6aRxpOzo7rkZdoL
TiQnDn0gNxePlSp5iBKkvf3OC9t1E4glXHUTD7Jc3BSA9Dr7T2un3OLnNNbLi7K2
7jPQ7k2oTbRCqiCuqZGWPleHqwF7rqrO+Jv4545KHlN4tg7kBMCTEzzlKJLLGpSO
tmurdsv+b4SxNmu0p039MQJv1/Kk0mdi4kuSGx+I/scZKUhkTOsEphzwbOjdnzSd
NuY9/0LmO2beBkFfTCQ90zByYbw2OdUpjQaOc1BTmK95IlfJqDxpif0B//GjCtP4
Ft4RCJdZyQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:57:13 2024 by rpki-client on console-fra.rpki-client.org