Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/ZhyH7eAbXOMbM8ZkGtefKk3EN8A.roa
File: ZhyH7eAbXOMbM8ZkGtefKk3EN8A.roa (raw, json)
Hash identifier: 5No84EiZ5msjqCGVuoAmEmP7HGTHkflBf+z9vr1KCOM=
Subject key identifier: 66:1C:87:ED:E0:1B:5C:E3:1B:33:C6:64:1A:D7:9F:2A:4D:C4:37:C0
Certificate issuer: /CN=8beb65a71af02959272acc00d5c4c1958385de94
Certificate serial: 01856F54C0E74D2D3852E34EEE43948D0430
Authority key identifier: 8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/ZhyH7eAbXOMbM8ZkGtefKk3EN8A.roa
Signing time: Sun 01 Jan 2023 21:55:03 +0000
ROA not before: Sun 01 Jan 2023 21:55:03 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41676
IP address blocks: 176.241.240.0/21 maxlen: 21
185.93.92.0/22 maxlen: 22
185.102.188.0/22 maxlen: 22
80.238.96.0/19 maxlen: 19
109.233.88.0/21 maxlen: 21
77.46.0.0/22 maxlen: 22
185.25.216.0/22 maxlen: 22
93.174.24.0/21 maxlen: 21
185.78.132.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:30:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:54:c0:e7:4d:2d:38:52:e3:4e:ee:43:94:8d:04:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8beb65a71af02959272acc00d5c4c1958385de94
Validity
Not Before: Jan 1 21:55:03 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=661c87ede01b5ce31b33c6641ad79f2a4dc437c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b7:26:70:7a:c1:53:23:18:45:2e:c0:6a:0d:
76:2a:43:3f:c1:56:61:67:76:2e:c8:8a:03:5e:51:
51:9b:13:6b:fc:6d:0f:b2:3c:15:e7:b2:bc:ad:3c:
67:18:49:82:22:2b:d0:35:5b:0c:7d:2e:17:5b:c2:
81:35:dd:75:87:d9:be:b9:d0:cb:ca:f8:89:36:1a:
26:a5:d3:cc:3d:b3:6c:3d:94:b3:6f:f2:e0:0d:41:
92:ae:a8:44:ed:1b:48:91:b5:57:a9:d7:9d:7c:bb:
9d:60:c4:2e:64:40:85:53:a1:bb:ff:69:52:99:64:
fc:10:57:bc:f5:62:77:3e:2c:11:87:24:25:3b:41:
87:7c:70:71:4d:0b:d1:50:e5:ab:2f:ac:38:71:b8:
15:4c:53:d7:c1:4d:76:76:2b:33:2e:cf:d2:da:b4:
0e:a1:3a:00:b1:c2:3d:03:3d:25:6b:c0:14:11:97:
12:fd:c4:94:e2:7e:19:1e:04:55:8b:63:09:bb:bc:
c9:f3:b8:74:b2:31:36:86:57:a7:1e:73:b1:d5:a8:
08:cb:1e:69:a0:d4:7b:8d:ab:7b:ff:03:e3:b9:26:
98:07:bb:f7:e8:88:28:11:b4:70:59:fe:cf:40:0c:
8f:de:35:68:df:2c:48:cc:fd:10:5f:02:7a:ff:84:
40:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1C:87:ED:E0:1B:5C:E3:1B:33:C6:64:1A:D7:9F:2A:4D:C4:37:C0
X509v3 Authority Key Identifier:
keyid:8B:EB:65:A7:1A:F0:29:59:27:2A:CC:00:D5:C4:C1:95:83:85:DE:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i-tlpxrwKVknKswA1cTBlYOF3pQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/ZhyH7eAbXOMbM8ZkGtefKk3EN8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/de9957-c7cc-4997-a22b-165a846d481d/1/i-tlpxrwKVknKswA1cTBlYOF3pQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.46.0.0/22
80.238.96.0/19
93.174.24.0/21
109.233.88.0/21
176.241.240.0/21
185.25.216.0/22
185.78.132.0/22
185.93.92.0/22
185.102.188.0/22
Signature Algorithm: sha256WithRSAEncryption
84:2a:eb:3f:80:8a:91:a5:c2:96:6e:dc:30:f8:25:10:ef:71:
fc:05:41:26:d1:4c:21:b1:80:7a:b5:0f:8a:44:cc:40:1c:fd:
2c:fe:aa:cf:89:04:b2:21:46:29:3a:83:ec:76:20:6a:16:0b:
fe:de:ff:c3:da:e5:12:98:bf:df:69:0b:9b:d4:78:f3:98:d8:
e8:c9:60:74:64:7e:fd:5f:4e:4b:6b:c3:fc:e7:90:e6:86:14:
db:8c:3e:ca:14:08:39:a3:79:66:53:a3:98:d4:a1:b3:da:2c:
7d:f1:09:67:63:ae:7a:77:18:64:28:c9:c5:47:58:1f:9f:f4:
39:db:9a:b6:e0:7c:24:36:8e:fd:33:50:a1:88:43:59:de:f0:
a0:83:d2:77:9f:c2:d0:f0:af:c1:4f:7a:d5:ae:66:15:e5:72:
b5:81:35:d9:e6:5d:34:f0:a5:02:39:df:34:07:06:da:8b:53:
02:3b:df:b4:fd:07:85:59:2a:b4:d2:61:07:af:65:ca:5f:79:
78:fe:21:73:ad:86:24:b5:c9:8a:c5:39:9a:1a:88:bc:15:0b:
45:a2:60:21:a4:dd:d2:36:df:e6:89:f2:f0:d9:02:a6:aa:81:
f5:2a:10:ad:79:e7:16:6e:a0:f0:73:e8:a1:16:71:ca:0d:3e:
39:e3:7e:ca
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVvVMDnTS04UuNO7kOUjQQwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiZWI2NWE3MWFmMDI5NTkyNzJhY2MwMGQ1YzRjMTk1ODM4
NWRlOTQwHhcNMjMwMTAxMjE1NTAzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFjODdlZGUwMWI1Y2UzMWIzM2M2NjQxYWQ3OWYyYTRkYzQzN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7cmcHrBUyMYRS7Aag12KkM/wVZh
Z3YuyIoDXlFRmxNr/G0PsjwV57K8rTxnGEmCIivQNVsMfS4XW8KBNd11h9m+udDL
yviJNhompdPMPbNsPZSzb/LgDUGSrqhE7RtIkbVXqdedfLudYMQuZECFU6G7/2lS
mWT8EFe89WJ3PiwRhyQlO0GHfHBxTQvRUOWrL6w4cbgVTFPXwU12diszLs/S2rQO
oToAscI9Az0la8AUEZcS/cSU4n4ZHgRVi2MJu7zJ87h0sjE2hlenHnOx1agIyx5p
oNR7jat7/wPjuSaYB7v36IgoEbRwWf7PQAyP3jVo3yxIzP0QXwJ6/4RAJQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGYch+3gG1zjGzPGZBrXnypNxDfAMB8GA1UdIwQY
MBaAFIvrZaca8ClZJyrMANXEwZWDhd6UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmIt
MTY1YTg0NmQ0ODFkLzEvWmh5SDdlQWJYT01iTThaa0d0ZWZLazNFTjhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kZTk5NTctYzdjYy00OTk3LWEyMmItMTY1YTg0NmQ0ODFk
LzEvaS10bHB4cndLVmtuS3N3QTFjVEJsWU9GM3BRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQCTS4AAwQF
UO5gAwQDXa4YAwQDbelYAwQDsPHwAwQCuRnYAwQCuU6EAwQCuV1cAwQCuWa8MA0G
CSqGSIb3DQEBCwUAA4IBAQCEKus/gIqRpcKWbtww+CUQ73H8BUEm0UwhsYB6tQ+K
RMxAHP0s/qrPiQSyIUYpOoPsdiBqFgv+3v/D2uUSmL/faQub1HjzmNjoyWB0ZH79
X05La8P855DmhhTbjD7KFAg5o3lmU6OY1KGz2ix98QlnY656dxhkKMnFR1gfn/Q5
25q24HwkNo79M1ChiENZ3vCgg9J3n8LQ8K/BT3rVrmYV5XK1gTXZ5l008KUCOd80
Bwbai1MCO9+0/QeFWSq00mEHr2XKX3l4/iFzrYYktcmKxTmaGoi8FQtFomAhpN3S
Nt/mifLw2QKmqoH1KhCteecWbqDwc+ihFnHKDT45437K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:50 2024 by rpki-client on console-fra.rpki-client.org