Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/ZFVYRf-PdpVIWRp-wYGw_uXhflk.roa
File: ZFVYRf-PdpVIWRp-wYGw_uXhflk.roa (raw, json)
Hash identifier: h4G/TIquqmlkSYnqn5si4CA1GQWed8GU2jSgsZS/QoA=
Subject key identifier: 64:55:58:45:FF:8F:76:95:48:59:1A:7E:C1:81:B0:FE:E5:E1:7E:59
Certificate issuer: /CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Certificate serial: 018731E8D2288B192AF1B6B59C9F72445408
Authority key identifier: A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/ZFVYRf-PdpVIWRp-wYGw_uXhflk.roa
Signing time: Thu 30 Mar 2023 09:45:54 +0000
ROA not before: Thu 30 Mar 2023 09:45:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 21245
IP address blocks: 185.235.10.0/24 maxlen: 24
185.230.17.0/24 maxlen: 24
185.230.16.0/24 maxlen: 24
185.230.19.0/24 maxlen: 24
185.21.183.0/24 maxlen: 24
185.21.182.0/24 maxlen: 24
185.21.181.0/24 maxlen: 24
185.21.180.0/24 maxlen: 24
31.3.3.0/24 maxlen: 24
31.3.2.0/24 maxlen: 24
31.3.1.0/24 maxlen: 24
31.3.0.0/24 maxlen: 24
31.3.4.0/24 maxlen: 24
31.3.6.0/24 maxlen: 24
31.3.5.0/24 maxlen: 24
31.3.7.0/24 maxlen: 24
185.87.172.0/24 maxlen: 24
185.87.175.0/24 maxlen: 24
185.87.174.0/24 maxlen: 24
185.87.173.0/24 maxlen: 24
185.22.160.0/24 maxlen: 24
185.22.163.0/24 maxlen: 24
185.22.162.0/24 maxlen: 24
185.22.161.0/24 maxlen: 24
2a03:3f00::/48 maxlen: 48
2a03:3f00:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 31 Mar 2023 18:32:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:31:e8:d2:28:8b:19:2a:f1:b6:b5:9c:9f:72:44:54:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4b18f96aaa03567f22fc02c42a6935708655aa9
Validity
Not Before: Mar 30 09:45:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64555845ff8f769548591a7ec181b0fee5e17e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:fd:7f:72:7e:fa:6a:47:70:68:fd:39:02:9c:
9c:07:7c:ab:ba:69:2a:30:4a:1c:fe:3a:b3:a6:60:
29:0e:fb:29:a7:65:00:71:55:b9:7f:51:9a:ce:be:
a4:06:e6:6a:86:ba:77:32:72:ee:c6:a4:6f:55:8d:
cc:a1:8d:cb:ef:bf:da:18:d7:20:ed:e2:3a:89:df:
ab:a4:9a:bb:88:c7:4f:43:3f:29:c3:e4:f7:f7:bc:
83:fb:7f:1e:d2:5f:40:98:26:7d:24:64:38:ac:1e:
34:2e:7e:d9:e0:a7:25:a7:85:3d:6e:f8:51:3e:af:
e4:f1:f8:33:35:8b:00:f4:00:34:30:2c:19:75:aa:
31:27:95:ac:ea:2e:97:c6:bd:5d:6c:10:3b:d0:7a:
85:2b:15:29:7a:90:ad:c8:74:09:b6:91:0e:54:8c:
d9:27:48:e3:86:3f:e6:dd:d0:8c:c9:b6:a0:ae:7a:
e9:a9:6f:fc:a8:89:e6:9d:f5:2f:2d:f9:f7:9e:10:
cf:fb:5a:4a:3c:92:01:16:8d:85:ce:e8:59:02:78:
78:22:f9:01:5f:30:8a:be:d2:42:b5:8f:77:d7:c0:
0d:1d:cf:63:27:80:07:b1:03:70:b1:c6:48:2a:c8:
d6:5e:7a:f9:cc:d5:36:12:c7:53:51:f9:43:ea:22:
ac:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:55:58:45:FF:8F:76:95:48:59:1A:7E:C1:81:B0:FE:E5:E1:7E:59
X509v3 Authority Key Identifier:
keyid:A4:B1:8F:96:AA:A0:35:67:F2:2F:C0:2C:42:A6:93:57:08:65:5A:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pLGPlqqgNWfyL8AsQqaTVwhlWqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/ZFVYRf-PdpVIWRp-wYGw_uXhflk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6820f9-4459-4858-98ce-c694f0eacba6/1/pLGPlqqgNWfyL8AsQqaTVwhlWqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.3.0.0/21
185.21.180.0/22
185.22.160.0/22
185.87.172.0/22
185.230.16.0/23
185.230.19.0/24
185.235.10.0/24
IPv6:
2a03:3f00::/47
Signature Algorithm: sha256WithRSAEncryption
08:3b:8b:e8:42:42:02:64:f6:1a:65:6f:62:26:77:e9:b2:eb:
28:20:75:80:49:87:54:82:a6:31:7f:87:27:0d:f9:d0:4c:26:
64:35:08:a8:64:c8:76:a6:42:bf:22:2e:9f:71:8a:9a:a6:38:
22:35:1a:89:c4:2e:3a:d2:88:bb:cb:0a:8a:7f:32:9b:2e:af:
81:c1:0e:85:5d:0b:5b:f4:82:bb:a6:60:41:6c:44:62:1e:96:
ec:9f:7f:a4:91:5b:0b:e8:b7:a0:cb:32:ff:bf:57:40:3a:9b:
3a:a2:81:6b:f5:48:f3:d3:c9:4a:70:e7:fe:85:16:af:2c:57:
3c:bf:db:1f:af:74:3a:0c:a1:39:60:a9:bc:87:27:f7:a1:0a:
17:48:a9:c9:1b:cb:a8:4d:d3:a8:8c:ff:71:c4:5e:8a:8c:75:
bc:43:47:9a:07:38:74:9d:e1:68:41:20:1f:b0:fd:53:32:78:
c8:cc:70:af:e9:60:5b:c5:d1:a9:bf:e4:de:1f:5f:95:4a:0d:
77:76:b4:e1:4b:b0:bf:0f:d7:50:bc:5a:76:dd:b6:7a:27:62:
28:22:06:7f:c9:fe:31:1b:61:75:b1:4f:01:86:9d:26:a2:1c:
2a:ae:8d:45:6f:ea:2f:40:a0:ba:a6:53:1a:47:2f:88:2a:54:
0a:af:75:03
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYcx6NIoixkq8ba1nJ9yRFQIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YjE4Zjk2YWFhMDM1NjdmMjJmYzAyYzQyYTY5MzU3MDg2
NTVhYTkwHhcNMjMwMzMwMDk0NTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU1NTg0NWZmOGY3Njk1NDg1OTFhN2VjMTgxYjBmZWU1ZTE3ZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnf1/cn76akdwaP05ApycB3yrumkq
MEoc/jqzpmApDvspp2UAcVW5f1Gazr6kBuZqhrp3MnLuxqRvVY3MoY3L77/aGNcg
7eI6id+rpJq7iMdPQz8pw+T397yD+38e0l9AmCZ9JGQ4rB40Ln7Z4Kclp4U9bvhR
Pq/k8fgzNYsA9AA0MCwZdaoxJ5Ws6i6Xxr1dbBA70HqFKxUpepCtyHQJtpEOVIzZ
J0jjhj/m3dCMybagrnrpqW/8qInmnfUvLfn3nhDP+1pKPJIBFo2FzuhZAnh4IvkB
XzCKvtJCtY9318ANHc9jJ4AHsQNwscZIKsjWXnr5zNU2EsdTUflD6iKsawIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFGRVWEX/j3aVSFkafsGBsP7l4X5ZMB8GA1UdIwQY
MBaAFKSxj5aqoDVn8i/ALEKmk1cIZVqpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2Ut
YzY5NGYwZWFjYmE2LzEvWkZWWVJmLVBkcFZJV1JwLXdZR3dfdVhoZmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC82ODIwZjktNDQ1OS00ODU4LTk4Y2UtYzY5NGYwZWFjYmE2
LzEvcExHUGxxcWdOV2Z5TDhBc1FxYVRWd2hsV3FrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDHwMAAwQC
uRW0AwQCuRagAwQCuVesAwQBueYQAwQAueYTAwQAuesKMA8EAgACMAkDBwEqAz8A
AAAwDQYJKoZIhvcNAQELBQADggEBAAg7i+hCQgJk9hplb2Imd+my6yggdYBJh1SC
pjF/hycN+dBMJmQ1CKhkyHamQr8iLp9xipqmOCI1GonELjrSiLvLCop/Mpsur4HB
DoVdC1v0grumYEFsRGIeluyff6SRWwvot6DLMv+/V0A6mzqigWv1SPPTyUpw5/6F
Fq8sVzy/2x+vdDoMoTlgqbyHJ/ehChdIqckby6hN06iM/3HEXoqMdbxDR5oHOHSd
4WhBIB+w/VMyeMjMcK/pYFvF0am/5N4fX5VKDXd2tOFLsL8P11C8WnbdtnonYigi
Bn/J/jEbYXWxTwGGnSaiHCqujUVv6i9AoLqmUxpHL4gqVAqvdQM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:38 2024 by rpki-client on console-ams.rpki-client.org