Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/znNWdZZaPt301e9PyCwnXy7D3LU.roa
File: znNWdZZaPt301e9PyCwnXy7D3LU.roa (raw, json)
Hash identifier: IPu11VLO89Qq7wNc8MoU+ggQztc814SbQS72Xk98JSc=
Subject key identifier: CE:73:56:75:96:5A:3E:DD:F4:D5:EF:4F:C8:2C:27:5F:2E:C3:DC:B5
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018CC3B73DF031585A0A6B2A50D80F04DCA3
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/znNWdZZaPt301e9PyCwnXy7D3LU.roa
Signing time: Mon 01 Jan 2024 06:30:15 +0000
ROA not before: Mon 01 Jan 2024 06:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8286
IP address blocks: 212.14.32.0/20 maxlen: 20
109.69.88.0/21 maxlen: 21
82.145.64.0/19 maxlen: 19
212.14.0.0/19 maxlen: 19
31.193.96.0/21 maxlen: 21
2001:4c58::/30 maxlen: 30
Validation: Failed, certificate revoked on Tue 23 Apr 2024 07:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:3d:f0:31:58:5a:0a:6b:2a:50:d8:0f:04:dc:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: Jan 1 06:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce735675965a3eddf4d5ef4fc82c275f2ec3dcb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:19:bf:04:6e:e1:c3:b6:c1:1c:8c:d2:0c:4b:
e9:16:e4:cc:8f:e5:89:d3:af:32:6b:7d:ad:85:65:
66:f1:26:77:e3:59:57:9b:3c:fb:c6:ef:da:be:ac:
c0:ff:0c:4b:41:88:cd:6d:71:20:f2:1a:63:fa:a8:
a7:46:42:5d:9b:ab:76:b7:47:3f:65:d2:31:17:71:
06:18:d1:95:82:76:dc:25:a4:6c:53:c2:60:be:6e:
25:6b:0f:52:95:f2:0d:fb:1c:99:a3:af:c6:a8:02:
1a:c9:de:ac:64:b4:da:8f:e9:73:5e:0b:6d:49:29:
53:b0:ca:57:a8:2a:f6:7a:ae:0d:88:18:f4:13:21:
70:43:b8:f1:5e:e6:f8:ef:82:e7:01:07:c5:be:04:
cf:9a:05:44:77:04:4b:39:65:0b:47:2f:64:4a:90:
70:6c:94:d7:f2:25:5e:1a:99:4b:79:b0:7b:7b:20:
91:43:e3:1f:1c:cc:2b:37:76:1e:6b:b7:fb:c8:39:
d4:9e:7d:d2:65:25:c7:4b:ec:5f:6a:b4:dc:24:3d:
9f:7a:33:db:57:63:81:d2:8f:4d:c5:1e:e0:50:4f:
c4:b5:af:c0:92:b5:00:cd:23:0e:27:52:e5:cc:9c:
ab:93:f9:ce:59:e2:ca:8c:d4:5e:cd:88:7d:e7:6c:
59:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:73:56:75:96:5A:3E:DD:F4:D5:EF:4F:C8:2C:27:5F:2E:C3:DC:B5
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/znNWdZZaPt301e9PyCwnXy7D3LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.96.0/21
82.145.64.0/19
109.69.88.0/21
212.14.0.0-212.14.47.255
IPv6:
2001:4c58::/30
Signature Algorithm: sha256WithRSAEncryption
6b:89:71:1a:a5:91:8d:56:a5:26:56:40:3d:8b:31:dc:10:27:
45:0a:af:a7:21:01:9d:b4:f4:51:20:0c:fd:ec:83:b7:3b:28:
cd:c1:0d:b4:b8:a8:71:bf:0a:11:33:88:73:d9:13:86:6b:68:
2d:25:73:d4:60:78:86:cc:7b:ae:7a:31:9c:37:c1:75:82:9e:
e7:80:d9:2c:1d:5e:02:44:f2:5e:b8:52:d6:20:32:f9:41:c5:
ec:3c:74:c8:40:a6:09:5c:5f:5d:fb:e9:19:81:80:8a:c8:a0:
34:cf:bc:3b:e6:61:e7:95:32:82:e6:ed:1c:49:6d:eb:3b:3f:
bc:34:5c:f8:81:e2:d9:3b:35:c2:38:3c:4e:c5:85:14:48:30:
98:ef:be:90:91:28:18:fb:6a:38:80:b7:c6:f1:0c:e6:a6:48:
79:e5:cf:c7:f4:a2:66:a6:48:b7:c3:d8:90:ea:39:99:f0:4d:
cc:72:7a:64:d4:f3:b5:dd:df:74:f9:1e:5d:d0:43:d1:da:1a:
ca:3e:50:b8:0b:0e:63:a2:9c:db:ac:60:ae:9b:7d:37:82:8b:
52:8f:21:b0:55:6f:4e:0d:93:ef:76:2b:25:a7:42:60:a2:cc:
02:d7:73:63:f4:4f:45:d1:7c:85:22:73:1b:f8:aa:e5:1d:f6:
96:70:f9:41
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzDtz3wMVhaCmsqUNgPBNyjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwMTAxMDYzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTczNTY3NTk2NWEzZWRkZjRkNWVmNGZjODJjMjc1ZjJlYzNkY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjRm/BG7hw7bBHIzSDEvpFuTMj+WJ
068ya32thWVm8SZ341lXmzz7xu/avqzA/wxLQYjNbXEg8hpj+qinRkJdm6t2t0c/
ZdIxF3EGGNGVgnbcJaRsU8Jgvm4law9SlfIN+xyZo6/GqAIayd6sZLTaj+lzXgtt
SSlTsMpXqCr2eq4NiBj0EyFwQ7jxXub474LnAQfFvgTPmgVEdwRLOWULRy9kSpBw
bJTX8iVeGplLebB7eyCRQ+MfHMwrN3Yea7f7yDnUnn3SZSXHS+xfarTcJD2fejPb
V2OB0o9NxR7gUE/Eta/AkrUAzSMOJ1LlzJyrk/nOWeLKjNRezYh952xZRwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFM5zVnWWWj7d9NXvT8gsJ18uw9y1MB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvem5OV2RaWmFQdDMwMWU5UHlDd25YeTdEM0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAlBAIAATAfAwQDH8FgAwQF
UpFAAwQDbUVYMAsDAwHUDgMEBNQOIDANBAIAAjAHAwUCIAFMWDANBgkqhkiG9w0B
AQsFAAOCAQEAa4lxGqWRjValJlZAPYsx3BAnRQqvpyEBnbT0USAM/eyDtzsozcEN
tLiocb8KETOIc9kThmtoLSVz1GB4hsx7rnoxnDfBdYKe54DZLB1eAkTyXrhS1iAy
+UHF7Dx0yECmCVxfXfvpGYGAisigNM+8O+Zh55UygubtHElt6zs/vDRc+IHi2Ts1
wjg8TsWFFEgwmO++kJEoGPtqOIC3xvEM5qZIeeXPx/SiZqZIt8PYkOo5mfBNzHJ6
ZNTztd3fdPkeXdBD0doayj5QuAsOY6Kc26xgrpt9N4KLUo8hsFVvTg2T73YrJadC
YKLMAtdzY/RPRdF8hSJzG/iq5R32lnD5QQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:11 2024 by rpki-client on console-fra.rpki-client.org