Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/ZIzrLBXaSR-PPp8eVGNIKob_JJ4.roa
File: ZIzrLBXaSR-PPp8eVGNIKob_JJ4.roa (raw, json)
Hash identifier: KFMv7nJbww3uJ824pzj/vpKqVqeGu6pManC6p+sWnUA=
Subject key identifier: 64:8C:EB:2C:15:DA:49:1F:8F:3E:9F:1E:54:63:48:2A:86:FF:24:9E
Certificate issuer: /CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Certificate serial: 018682D1D4A095D6AB4016113C4E335E927C
Authority key identifier: F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/ZIzrLBXaSR-PPp8eVGNIKob_JJ4.roa
Signing time: Fri 24 Feb 2023 09:47:14 +0000
ROA not before: Fri 24 Feb 2023 09:47:14 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206825
IP address blocks: 185.36.112.0/22 maxlen: 22
195.5.96.0/23 maxlen: 23
185.186.116.0/22 maxlen: 22
85.204.37.0/24 maxlen: 24
195.181.254.0/24 maxlen: 24
185.11.16.0/22 maxlen: 22
185.11.16.0/23 maxlen: 23
185.11.18.0/23 maxlen: 23
195.192.252.0/24 maxlen: 24
80.208.255.0/24 maxlen: 24
31.14.30.0/24 maxlen: 24
31.14.29.0/24 maxlen: 24
94.177.133.0/24 maxlen: 24
178.157.95.0/24 maxlen: 24
185.207.240.0/22 maxlen: 22
103.197.8.0/22 maxlen: 22
212.103.52.0/22 maxlen: 22
46.102.102.0/24 maxlen: 24
217.61.255.0/24 maxlen: 24
5.182.107.0/24 maxlen: 24
212.237.254.0/24 maxlen: 24
2a03:4f40::/32 maxlen: 32
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:82:d1:d4:a0:95:d6:ab:40:16:11:3c:4e:33:5e:92:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0f14ed124f9a2f3deab1006f184cf4fb80a3aec
Validity
Not Before: Feb 24 09:47:14 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=648ceb2c15da491f8f3e9f1e5463482a86ff249e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:eb:dd:71:97:2f:aa:23:3d:a2:6d:48:ef:d7:
d0:61:3f:2e:ac:69:9a:47:c6:aa:84:56:71:9b:62:
83:31:b9:ee:4e:8d:3f:00:79:43:c3:57:91:4d:48:
85:18:be:56:35:b7:92:0b:a9:dc:51:a5:bb:aa:cf:
96:63:c6:9f:d3:7f:fe:69:3e:8a:17:6d:62:c5:fc:
c0:c9:5b:30:6f:22:d1:95:88:70:43:37:16:4b:0f:
7d:ec:e2:58:ff:1b:43:9f:d3:b4:53:97:43:11:8e:
12:fd:8e:3c:f3:e3:62:9d:74:00:5d:85:59:c6:10:
9e:d1:6d:ee:5e:42:26:f4:35:5f:a6:6b:b2:2f:47:
77:d8:4f:1a:01:11:3d:ed:9d:1c:69:92:74:dd:31:
40:c3:85:a1:34:62:48:aa:d2:4d:36:a6:1d:57:34:
7a:9a:6a:d5:41:78:aa:e5:1d:44:dc:25:b7:77:78:
74:88:95:79:23:46:75:40:23:58:1e:be:0d:10:f7:
d7:bf:f9:83:db:e0:9a:52:bb:f7:af:8a:b3:43:b5:
d3:a2:8d:a5:af:bf:d8:da:99:6f:26:5a:09:92:7c:
94:2e:4c:16:fe:3b:59:e3:25:a6:2a:f5:56:53:09:
ed:34:72:34:eb:2b:97:86:9c:6c:6d:c1:99:fb:63:
f5:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8C:EB:2C:15:DA:49:1F:8F:3E:9F:1E:54:63:48:2A:86:FF:24:9E
X509v3 Authority Key Identifier:
keyid:F0:F1:4E:D1:24:F9:A2:F3:DE:AB:10:06:F1:84:CF:4F:B8:0A:3A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8PFO0ST5ovPeqxAG8YTPT7gKOuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/ZIzrLBXaSR-PPp8eVGNIKob_JJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/c79cf3-a070-4d5b-9ee4-43612e7d9cc1/1/8PFO0ST5ovPeqxAG8YTPT7gKOuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.107.0/24
31.14.29.0-31.14.30.255
46.102.102.0/24
80.208.255.0/24
85.204.37.0/24
94.177.133.0/24
103.197.8.0/22
178.157.95.0/24
185.11.16.0/22
185.36.112.0/22
185.186.116.0/22
185.207.240.0/22
195.5.96.0/23
195.181.254.0/24
195.192.252.0/24
212.103.52.0/22
212.237.254.0/24
217.61.255.0/24
IPv6:
2a03:4f40::/32
Signature Algorithm: sha256WithRSAEncryption
75:37:6f:1f:88:fd:26:04:65:4c:ff:16:a9:b1:ff:c1:5c:fb:
99:89:63:47:c0:89:5c:6b:a0:f0:04:58:5d:b1:83:9d:99:79:
b5:fb:a8:62:b0:3e:83:2e:e2:10:1a:1a:47:a5:33:5f:13:3d:
74:ac:8a:85:de:a5:cf:bc:ac:2f:b0:cf:51:fc:0a:b0:23:b1:
15:a9:3d:0a:70:44:cc:16:90:74:f7:34:46:ea:ad:d9:55:71:
9e:64:06:1a:d0:d0:1c:4d:dd:0e:fd:0c:81:ef:54:8e:dc:24:
2c:73:f3:14:f0:e6:c0:37:cc:74:c8:ab:05:45:ed:c4:86:af:
60:f6:74:79:df:fa:27:2b:92:2d:4e:80:8a:90:1c:5a:9f:26:
12:56:25:63:8b:70:59:47:ea:f2:84:4e:f2:95:f6:ee:2d:f0:
7f:80:66:51:67:ea:f0:80:c5:33:0b:d4:9f:31:38:f2:a0:1b:
9a:b0:40:a4:09:df:73:65:72:d2:0f:25:23:04:9c:03:ed:89:
0a:1e:38:7a:c1:48:03:75:ed:77:42:91:2b:7a:40:54:93:40:
ee:41:60:62:d8:4c:27:e5:7a:da:c7:78:07:b2:f0:32:b0:7e:
6f:e1:5f:d9:f7:aa:01:f3:ba:cb:a3:9a:ae:1a:c4:04:81:cc:
5c:71:0f:a6
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYaC0dSgldarQBYRPE4zXpJ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZjE0ZWQxMjRmOWEyZjNkZWFiMTAwNmYxODRjZjRmYjgw
YTNhZWMwHhcNMjMwMjI0MDk0NzE0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDhjZWIyYzE1ZGE0OTFmOGYzZTlmMWU1NDYzNDgyYTg2ZmYyNDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhuvdcZcvqiM9om1I79fQYT8urGma
R8aqhFZxm2KDMbnuTo0/AHlDw1eRTUiFGL5WNbeSC6ncUaW7qs+WY8af03/+aT6K
F21ixfzAyVswbyLRlYhwQzcWSw997OJY/xtDn9O0U5dDEY4S/Y488+NinXQAXYVZ
xhCe0W3uXkIm9DVfpmuyL0d32E8aARE97Z0caZJ03TFAw4WhNGJIqtJNNqYdVzR6
mmrVQXiq5R1E3CW3d3h0iJV5I0Z1QCNYHr4NEPfXv/mD2+CaUrv3r4qzQ7XToo2l
r7/Y2plvJloJknyULkwW/jtZ4yWmKvVWUwntNHI06yuXhpxsbcGZ+2P12QIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFGSM6ywV2kkfjz6fHlRjSCqG/ySeMB8GA1UdIwQY
MBaAFPDxTtEk+aLz3qsQBvGEz0+4CjrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQt
NDM2MTJlN2Q5Y2MxLzEvWkl6ckxCWGFTUi1QUHA4ZVZHTklLb2JfSko0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9jNzljZjMtYTA3MC00ZDViLTllZTQtNDM2MTJlN2Q5Y2Mx
LzEvOFBGTzBTVDVvdlBlcXhBRzhZVFBUN2dLT3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQABbZr
MAwDBAAfDh0DBAAfDh4DBAAuZmYDBABQ0P8DBABVzCUDBABesYUDBAJnxQgDBACy
nV8DBAK5CxADBAK5JHADBAK5unQDBAK5z/ADBAHDBWADBADDtf4DBADDwPwDBALU
ZzQDBADU7f4DBADZPf8wDQQCAAIwBwMFACoDT0AwDQYJKoZIhvcNAQELBQADggEB
AHU3bx+I/SYEZUz/Fqmx/8Fc+5mJY0fAiVxroPAEWF2xg52ZebX7qGKwPoMu4hAa
GkelM18TPXSsioXepc+8rC+wz1H8CrAjsRWpPQpwRMwWkHT3NEbqrdlVcZ5kBhrQ
0BxN3Q79DIHvVI7cJCxz8xTw5sA3zHTIqwVF7cSGr2D2dHnf+icrki1OgIqQHFqf
JhJWJWOLcFlH6vKETvKV9u4t8H+AZlFn6vCAxTML1J8xOPKgG5qwQKQJ33NlctIP
JSMEnAPtiQoeOHrBSAN17XdCkSt6QFSTQO5BYGLYTCfletrHeAey8DKwfm/hX9n3
qgHzusujmq4axASBzFxxD6Y=
-----END CERTIFICATE-----
Generated at Tue Jan 2 01:41:46 2024 by rpki-client on console-ams.rpki-client.org