Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/ZlvL69Ls-FMMBXFfsbgztCEK0V0.roa
File: ZlvL69Ls-FMMBXFfsbgztCEK0V0.roa (raw, json)
Hash identifier: UOqYnFerBRYe9ThE5LUpxGACvrr+AjW6tbwbmMOGCh8=
Subject key identifier: 66:5B:CB:EB:D2:EC:F8:53:0C:05:71:5F:B1:B8:33:B4:21:0A:D1:5D
Certificate issuer: /CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Certificate serial: 0185729EEA59500A89216BF14CD319801743
Authority key identifier: E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/ZlvL69Ls-FMMBXFfsbgztCEK0V0.roa
Signing time: Mon 02 Jan 2023 13:14:55 +0000
ROA not before: Mon 02 Jan 2023 13:14:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42514
IP address blocks: 46.22.240.0/20 maxlen: 20
95.141.176.0/20 maxlen: 20
178.17.128.0/20 maxlen: 20
89.232.180.0/22 maxlen: 22
128.204.160.0/19 maxlen: 19
185.12.84.0/22 maxlen: 22
94.102.16.0/20 maxlen: 20
2a02:2648::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 14 Jul 2023 12:21:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:9e:ea:59:50:0a:89:21:6b:f1:4c:d3:19:80:17:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e096c43364003ec3f7f7c6ea8157b8a50f440ecc
Validity
Not Before: Jan 2 13:14:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=665bcbebd2ecf8530c05715fb1b833b4210ad15d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:0b:7c:fd:24:e6:eb:97:78:95:16:6f:ad:41:
df:3f:ab:49:8f:b5:56:a5:9d:d9:7b:16:80:5c:11:
42:d3:f2:bd:3d:88:a1:5a:04:53:58:ae:b4:8e:80:
fa:1d:4b:44:b6:ec:df:cd:9f:b4:59:35:25:4a:15:
39:f4:78:16:bb:4a:e1:fe:79:0d:b4:6d:3f:fc:a1:
b0:d2:da:cf:ff:c2:1c:ea:e9:e2:0a:12:6e:49:e9:
8c:d2:a7:60:c0:57:08:a8:22:58:64:c0:b1:ab:60:
c3:03:ba:f9:c0:ff:89:f6:a7:46:9b:69:9b:4a:18:
18:16:fd:6b:f0:01:71:6d:92:f6:17:c1:3f:69:db:
ed:02:db:6b:12:82:72:4a:18:05:3f:98:0e:33:9f:
f1:74:a2:cf:64:a9:59:97:b5:8c:f4:df:e3:c3:38:
a8:36:47:8b:16:89:66:fe:50:dd:e4:38:cd:bf:07:
c6:f5:b8:27:41:cc:b3:9d:c0:42:69:90:99:75:19:
dc:8f:9c:3b:a8:a2:86:4a:92:66:6d:57:7e:ab:69:
cf:03:99:84:28:5c:99:6e:59:2b:a6:de:83:77:de:
2f:34:c9:2d:10:83:49:5e:c4:b7:86:16:2a:da:0e:
ea:1b:b2:48:b4:b7:45:e7:49:7f:ae:43:af:03:de:
2d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:5B:CB:EB:D2:EC:F8:53:0C:05:71:5F:B1:B8:33:B4:21:0A:D1:5D
X509v3 Authority Key Identifier:
keyid:E0:96:C4:33:64:00:3E:C3:F7:F7:C6:EA:81:57:B8:A5:0F:44:0E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4JbEM2QAPsP398bqgVe4pQ9EDsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/ZlvL69Ls-FMMBXFfsbgztCEK0V0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/c3bce6-58fb-4874-8b3e-3a85ee4c89bc/1/4JbEM2QAPsP398bqgVe4pQ9EDsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.22.240.0/20
89.232.180.0/22
94.102.16.0/20
95.141.176.0/20
128.204.160.0/19
178.17.128.0/20
185.12.84.0/22
IPv6:
2a02:2648::/29
Signature Algorithm: sha256WithRSAEncryption
28:73:5e:ac:90:b1:66:46:f0:de:f4:42:df:eb:a4:e9:f2:be:
de:fa:ba:a4:25:b1:d3:a3:64:73:85:a3:2f:33:65:2e:2f:b0:
27:8b:01:db:48:45:90:f9:66:d2:ac:bc:8f:37:07:85:b0:72:
f4:2b:b3:89:f1:82:a5:df:fc:7d:85:9f:0d:48:4f:d2:2d:2e:
89:f5:d5:1b:15:49:08:dc:2e:11:60:73:ac:ae:e9:b2:4f:10:
87:7c:a5:6a:6c:23:92:ab:fa:98:d5:fc:25:14:de:e6:7a:02:
b0:9b:c5:6e:77:42:57:83:b0:fa:89:bd:77:0b:a3:91:62:a1:
a0:d3:6a:17:a9:c9:a8:35:ab:65:c4:a7:49:d5:e2:b1:b6:7a:
05:d0:7a:c6:60:17:99:d2:e0:7c:73:3a:44:e6:7f:06:63:8e:
91:75:c9:2c:5d:84:b0:65:06:6f:cb:1c:8f:04:e5:5b:8b:d7:
ef:25:7d:a8:8b:88:4b:08:ea:94:5d:bc:68:55:fb:ab:07:3b:
21:6c:cb:fc:40:d7:fe:8d:18:f1:06:20:26:45:50:f6:03:d5:
4f:28:d1:02:6c:9b:c9:5b:4f:b5:88:3b:11:d6:97:8b:c2:ae:
08:98:15:a6:81:0a:36:9b:8a:9f:03:bd:8b:f4:e4:57:c6:51:
8a:9a:fa:a6
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYVynupZUAqJIWvxTNMZgBdDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwOTZjNDMzNjQwMDNlYzNmN2Y3YzZlYTgxNTdiOGE1MGY0
NDBlY2MwHhcNMjMwMTAyMTMxNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjViY2JlYmQyZWNmODUzMGMwNTcxNWZiMWI4MzNiNDIxMGFkMTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnQt8/STm65d4lRZvrUHfP6tJj7VW
pZ3ZexaAXBFC0/K9PYihWgRTWK60joD6HUtEtuzfzZ+0WTUlShU59HgWu0rh/nkN
tG0//KGw0trP/8Ic6uniChJuSemM0qdgwFcIqCJYZMCxq2DDA7r5wP+J9qdGm2mb
ShgYFv1r8AFxbZL2F8E/advtAttrEoJyShgFP5gOM5/xdKLPZKlZl7WM9N/jwzio
NkeLFolm/lDd5DjNvwfG9bgnQcyzncBCaZCZdRncj5w7qKKGSpJmbVd+q2nPA5mE
KFyZblkrpt6Dd94vNMktEINJXsS3hhYq2g7qG7JItLdF50l/rkOvA94tBwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFGZby+vS7PhTDAVxX7G4M7QhCtFdMB8GA1UdIwQY
MBaAFOCWxDNkAD7D9/fG6oFXuKUPRA7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2Ut
M2E4NWVlNGM4OWJjLzEvWmx2TDY5THMtRk1NQlhGZnNiZ3p0Q0VLMFYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9jM2JjZTYtNThmYi00ODc0LThiM2UtM2E4NWVlNGM4OWJj
LzEvNEpiRU0yUUFQc1AzOThicWdWZTRwUTlFRHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELhbwAwQC
Wei0AwQEXmYQAwQEX42wAwQFgMygAwQEshGAAwQCuQxUMA0EAgACMAcDBQMqAiZI
MA0GCSqGSIb3DQEBCwUAA4IBAQAoc16skLFmRvDe9ELf66Tp8r7e+rqkJbHTo2Rz
haMvM2UuL7AniwHbSEWQ+WbSrLyPNweFsHL0K7OJ8YKl3/x9hZ8NSE/SLS6J9dUb
FUkI3C4RYHOsrumyTxCHfKVqbCOSq/qY1fwlFN7megKwm8Vud0JXg7D6ib13C6OR
YqGg02oXqcmoNatlxKdJ1eKxtnoF0HrGYBeZ0uB8czpE5n8GY46RdcksXYSwZQZv
yxyPBOVbi9fvJX2oi4hLCOqUXbxoVfurBzshbMv8QNf+jRjxBiAmRVD2A9VPKNEC
bJvJW0+1iDsR1peLwq4ImBWmgQo2m4qfA72L9ORXxlGKmvqm
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:23 2024 by rpki-client on console-fra.rpki-client.org