Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/zOp3I8K8dUVaGuKpFO6H7Sbhx_g.roa
File: zOp3I8K8dUVaGuKpFO6H7Sbhx_g.roa (raw, json)
Hash identifier: z+6E89w4f8C+VyqNlQZb4wJ0GOI/1kHIbxXiZ6XGm7A=
Subject key identifier: CC:EA:77:23:C2:BC:75:45:5A:1A:E2:A9:14:EE:87:ED:26:E1:C7:F8
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 01856F2FE4DE56E32F74353DC53749B3BF82
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/zOp3I8K8dUVaGuKpFO6H7Sbhx_g.roa
Signing time: Sun 01 Jan 2023 21:14:47 +0000
ROA not before: Sun 01 Jan 2023 21:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211025
IP address blocks: 213.155.169.0/24 maxlen: 24
212.14.48.0/24 maxlen: 24
213.155.172.0/24 maxlen: 24
213.155.170.0/23 maxlen: 23
212.14.54.0/24 maxlen: 24
213.155.177.0/24 maxlen: 24
213.155.181.0/24 maxlen: 24
213.155.186.0/23 maxlen: 23
212.14.59.0/24 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:2f:e4:de:56:e3:2f:74:35:3d:c5:37:49:b3:bf:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 21:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ccea7723c2bc75455a1ae2a914ee87ed26e1c7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fc:a4:67:be:3c:75:e7:b1:a0:d1:de:49:30:
ee:a3:b6:0c:9e:ff:48:bf:a0:83:c4:b1:60:48:3d:
79:e1:ae:6c:a6:48:f5:1b:8e:47:2f:99:35:fd:73:
7a:44:17:8f:97:64:7e:68:51:97:7b:99:ce:9d:ca:
83:68:b4:25:9e:35:48:ec:ab:9b:47:29:8d:3b:28:
54:aa:32:6b:e7:fc:13:1b:24:7d:11:38:38:c1:60:
95:2a:8d:8d:c4:b9:21:a3:c6:e0:51:dc:8e:2b:06:
2e:e9:fb:8d:73:79:e9:65:33:1a:5f:af:75:f6:5d:
b6:d3:a6:6e:4a:f4:ed:54:55:42:20:57:bb:b4:c6:
76:91:bc:d2:30:ba:64:fe:b3:68:30:71:bb:6c:a0:
e0:9e:25:9f:40:86:13:38:ca:06:37:0e:bb:e0:b7:
7e:29:e7:f5:0f:57:5a:6d:28:0b:41:fe:be:3e:5a:
21:11:3d:d5:d3:ce:e1:44:a1:56:c7:74:f0:c4:af:
85:d8:06:00:a1:1f:81:23:07:66:9e:77:0b:e5:1b:
49:00:44:e8:b7:88:73:2b:18:a3:bf:82:e8:5b:f9:
4c:d0:52:ae:20:16:f2:55:54:ee:96:47:30:8e:9c:
a7:ad:08:92:7d:5d:b2:a2:7e:e2:9e:ec:f2:1c:b4:
3e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:EA:77:23:C2:BC:75:45:5A:1A:E2:A9:14:EE:87:ED:26:E1:C7:F8
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/zOp3I8K8dUVaGuKpFO6H7Sbhx_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.14.48.0/24
212.14.54.0/24
212.14.59.0/24
213.155.169.0-213.155.172.255
213.155.177.0/24
213.155.181.0/24
213.155.186.0/23
Signature Algorithm: sha256WithRSAEncryption
07:c4:1a:2a:74:23:3c:ea:7a:a3:b1:ee:71:bf:c2:11:f7:66:
82:3e:2d:8c:cc:c2:49:9b:1e:38:7a:35:00:99:b0:2e:af:83:
8e:1f:2a:8e:2a:a1:c7:b6:26:94:24:17:d0:f6:46:eb:32:57:
fe:c2:83:79:1f:7e:ad:a0:77:f5:2a:e2:0f:e8:5a:92:15:21:
37:90:d0:0d:b4:2c:ec:2c:a1:cb:2b:a0:9f:92:a6:b0:d8:e0:
89:18:a0:4d:ff:f4:ba:ab:1a:2b:e8:d4:8e:8a:d4:59:b1:2d:
06:2b:c4:f3:eb:9f:55:81:c7:46:a4:19:9f:d3:4b:ad:c6:c3:
21:7b:ef:5f:e7:ee:94:b1:fa:2c:ff:20:a1:c2:ad:7b:62:96:
1d:18:39:4f:45:a5:27:4c:ba:7d:d3:9d:0a:7e:44:ab:8c:c6:
a9:ff:9d:97:ec:cc:15:11:ac:a3:45:49:7c:dd:c6:01:23:7c:
c7:e7:58:34:e5:c9:58:28:a4:0f:5b:f7:40:3a:70:85:20:83:
65:f0:d2:3e:3f:13:e4:ef:09:82:eb:1c:bf:22:0c:8f:74:8c:
e2:87:70:13:84:61:56:0f:a0:c6:81:17:79:bf:da:56:e1:71:
c5:e8:9f:c5:ce:ea:e7:5f:c8:99:5e:5c:3b:1e:5b:fa:94:7a:
b5:78:bd:58
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVvL+TeVuMvdDU9xTdJs7+CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjMwMTAxMjExNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2VhNzcyM2MyYmM3NTQ1NWExYWUyYTkxNGVlODdlZDI2ZTFjN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAivykZ748deexoNHeSTDuo7YMnv9I
v6CDxLFgSD154a5spkj1G45HL5k1/XN6RBePl2R+aFGXe5nOncqDaLQlnjVI7Kub
RymNOyhUqjJr5/wTGyR9ETg4wWCVKo2NxLkho8bgUdyOKwYu6fuNc3npZTMaX691
9l2206ZuSvTtVFVCIFe7tMZ2kbzSMLpk/rNoMHG7bKDgniWfQIYTOMoGNw674Ld+
Kef1D1dabSgLQf6+PlohET3V087hRKFWx3TwxK+F2AYAoR+BIwdmnncL5RtJAETo
t4hzKxijv4LoW/lM0FKuIBbyVVTulkcwjpynrQiSfV2yon7inuzyHLQ+dQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFMzqdyPCvHVFWhriqRTuh+0m4cf4MB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvek9wM0k4SzhkVVZhR3VLcEZPNkg3U2JoeF9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQA1A4wAwQA
1A42AwQA1A47MAwDBADVm6kDBADVm6wDBADVm7EDBADVm7UDBAHVm7owDQYJKoZI
hvcNAQELBQADggEBAAfEGip0IzzqeqOx7nG/whH3ZoI+LYzMwkmbHjh6NQCZsC6v
g44fKo4qoce2JpQkF9D2RusyV/7Cg3kffq2gd/Uq4g/oWpIVITeQ0A20LOwsocsr
oJ+SprDY4IkYoE3/9LqrGivo1I6K1FmxLQYrxPPrn1WBx0akGZ/TS63GwyF771/n
7pSx+iz/IKHCrXtilh0YOU9FpSdMun3TnQp+RKuMxqn/nZfszBURrKNFSXzdxgEj
fMfnWDTlyVgopA9b90A6cIUgg2Xw0j4/E+TvCYLrHL8iDI90jOKHcBOEYVYPoMaB
F3m/2lbhccXon8XO6udfyJleXDseW/qUerV4vVg=
-----END CERTIFICATE-----
Generated at Mon Jan 1 08:10:25 2024 by rpki-client on console-fra.rpki-client.org