Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ZBI1jkxdHqgImv-R-HOpYccj6-0.roa
File: ZBI1jkxdHqgImv-R-HOpYccj6-0.roa (raw, json)
Hash identifier: ifsoRBiugTDu27ggBRS55a9Xai2tb6+N4n0usQ9EHTA=
Subject key identifier: 64:12:35:8E:4C:5D:1E:A8:08:9A:FF:91:F8:73:A9:61:C7:23:EB:ED
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 018C2519DECEBBB38F23FE14CEA8ED85EA4F
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ZBI1jkxdHqgImv-R-HOpYccj6-0.roa
Signing time: Fri 01 Dec 2023 11:18:21 +0000
ROA not before: Fri 01 Dec 2023 11:18:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
87.254.31.0/24 maxlen: 24
87.254.10.0/24 maxlen: 24
185.210.168.0/23 maxlen: 24
185.210.170.0/23 maxlen: 24
87.254.17.0/24 maxlen: 24
217.25.3.0/24 maxlen: 24
87.254.22.0/24 maxlen: 24
87.254.23.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:25:19:de:ce:bb:b3:8f:23:fe:14:ce:a8:ed:85:ea:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Dec 1 11:18:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6412358e4c5d1ea8089aff91f873a961c723ebed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:8b:fb:9e:04:03:2b:f3:ce:86:05:13:e4:5f:
a4:75:f2:9a:e6:b3:69:7c:d5:63:76:17:03:87:6c:
17:bf:f6:b9:c6:b5:d1:7e:0d:2a:eb:54:48:40:04:
aa:3e:4d:cb:18:94:28:71:36:74:c2:ee:34:a8:00:
48:7e:94:ee:05:85:29:ff:43:fb:24:de:0c:39:56:
f1:36:28:24:ab:4a:86:42:24:40:f8:aa:ff:a1:27:
66:4a:0a:ca:79:26:e0:fb:2d:e4:fa:e3:a4:97:da:
83:4c:87:5d:86:74:6c:5c:56:7c:8c:5e:ec:18:35:
a4:39:e9:8a:7b:be:ff:1f:f0:87:03:fd:f5:0c:c1:
24:17:f6:b7:a9:57:9c:76:a5:98:35:f6:d9:9a:ce:
1f:70:19:f9:d7:2e:2b:50:0a:5e:2a:16:1f:6f:66:
be:19:2d:46:23:3c:ce:89:3c:49:fe:fb:56:ff:d7:
ed:51:36:15:dc:48:23:10:0b:13:d8:72:2a:da:64:
db:30:02:f8:02:c4:4e:22:1c:38:60:96:35:27:3b:
ec:41:eb:0c:0d:1e:6e:6c:db:c6:c5:c5:da:00:63:
fa:6c:bf:60:9b:60:e6:8d:89:9a:ab:20:be:f8:9d:
8c:5f:6a:4f:03:d7:4a:b9:86:4d:19:3c:40:ea:bf:
5d:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:12:35:8E:4C:5D:1E:A8:08:9A:FF:91:F8:73:A9:61:C7:23:EB:ED
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/ZBI1jkxdHqgImv-R-HOpYccj6-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.10.0/24
87.254.17.0/24
87.254.22.0/23
87.254.31.0/24
185.210.168.0/22
217.25.3.0/24
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
70:71:20:a5:c4:d3:bf:c2:4b:bc:a7:5d:5f:ea:8e:14:67:1f:
d1:14:d6:00:a4:d5:be:91:52:75:dc:9e:5c:77:42:5a:c9:23:
fd:6e:68:59:b1:e2:c6:17:62:a7:37:94:a1:66:1a:e7:f4:04:
78:5e:f8:4e:17:7d:3a:c7:2f:22:69:27:99:cd:b8:1e:07:d9:
c1:9a:23:ac:d3:31:5e:57:52:35:6d:0f:c0:5f:db:3c:3c:fa:
fe:f2:49:d8:9d:e2:e4:01:e5:23:f8:fb:61:b1:6d:38:39:fd:
36:a1:2a:49:08:23:a9:dc:09:ae:8a:47:de:5a:ad:9b:6c:99:
61:2e:04:cf:61:c8:00:af:5e:69:43:18:36:78:fc:fb:1d:22:
2d:7d:28:49:fd:56:49:f1:58:2a:7c:4d:0e:44:d8:9d:3d:3a:
57:72:22:b4:ef:f0:43:80:0b:dd:4d:8d:c9:f1:2b:96:97:da:
65:67:43:37:20:0a:93:78:90:7f:ca:32:3a:c2:be:57:a0:e8:
34:60:25:14:05:7b:6f:b1:2f:a1:50:ae:8d:7f:e6:1f:34:26:
ea:9f:1c:9b:6d:44:d1:28:b8:0f:26:42:47:1e:27:39:fb:73:
ec:dd:b0:15:6f:23:15:4c:51:8d:27:0c:1c:a9:e3:ea:ae:0e:
cd:57:27:ad
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYwlGd7Ou7OPI/4UzqjthepPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjMxMjAxMTExODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDEyMzU4ZTRjNWQxZWE4MDg5YWZmOTFmODczYTk2MWM3MjNlYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIv7ngQDK/POhgUT5F+kdfKa5rNp
fNVjdhcDh2wXv/a5xrXRfg0q61RIQASqPk3LGJQocTZ0wu40qABIfpTuBYUp/0P7
JN4MOVbxNigkq0qGQiRA+Kr/oSdmSgrKeSbg+y3k+uOkl9qDTIddhnRsXFZ8jF7s
GDWkOemKe77/H/CHA/31DMEkF/a3qVecdqWYNfbZms4fcBn51y4rUApeKhYfb2a+
GS1GIzzOiTxJ/vtW/9ftUTYV3EgjEAsT2HIq2mTbMAL4AsROIhw4YJY1JzvsQesM
DR5ubNvGxcXaAGP6bL9gm2DmjYmaqyC++J2MX2pPA9dKuYZNGTxA6r9dEwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGQSNY5MXR6oCJr/kfhzqWHHI+vtMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWkJJMWpreGRIcWdJbXYtUi1IT3BZY2NqNi0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAV/4KAwQA
V/4RAwQBV/4WAwQAV/4fAwQCudKoAwQA2RkDAwQA2RkMMA0GCSqGSIb3DQEBCwUA
A4IBAQBwcSClxNO/wku8p11f6o4UZx/RFNYApNW+kVJ13J5cd0JaySP9bmhZseLG
F2KnN5ShZhrn9AR4XvhOF306xy8iaSeZzbgeB9nBmiOs0zFeV1I1bQ/AX9s8PPr+
8knYneLkAeUj+PthsW04Of02oSpJCCOp3AmuikfeWq2bbJlhLgTPYcgAr15pQxg2
ePz7HSItfShJ/VZJ8VgqfE0ORNidPTpXciK07/BDgAvdTY3J8SuWl9plZ0M3IAqT
eJB/yjI6wr5XoOg0YCUUBXtvsS+hUK6Nf+YfNCbqnxybbUTRKLgPJkJHHic5+3Ps
3bAVbyMVTFGNJwwcqePqrg7NVyet
Generated at Tue Dec 5 14:01:36 2023 by rpki-client on console-fra.rpki-client.org