Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zGYtJb6ktd-sUU-KRvqYe2e2W3M.roa
File: zGYtJb6ktd-sUU-KRvqYe2e2W3M.roa (raw, json)
Hash identifier: v3y7e3VlmEv/9KY/5ZytkfV1n/UiitEYxsE2IVwDSYo=
Subject key identifier: CC:66:2D:25:BE:A4:B5:DF:AC:51:4F:8A:46:FA:98:7B:67:B6:5B:73
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018D6617DC11A91F8D4C2536486E40A35B11
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zGYtJb6ktd-sUU-KRvqYe2e2W3M.roa
Signing time: Thu 01 Feb 2024 19:14:16 +0000
ROA not before: Thu 01 Feb 2024 19:14:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 5.35.192.0/21 maxlen: 24
84.234.16.0/20 maxlen: 24
85.204.160.0/22 maxlen: 24
86.107.108.0/23 maxlen: 24
89.34.124.0/23 maxlen: 24
89.39.172.0/23 maxlen: 24
193.124.20.0/23 maxlen: 24
194.88.96.0/21 maxlen: 24
194.88.112.0/20 maxlen: 24
194.135.26.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Apr 2024 08:54:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:66:17:dc:11:a9:1f:8d:4c:25:36:48:6e:40:a3:5b:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Feb 1 19:14:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc662d25bea4b5dfac514f8a46fa987b67b65b73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e0:97:69:5e:49:7b:64:31:74:e8:12:c2:d6:
2d:6b:2b:8d:7f:c4:18:97:6b:3a:22:5c:cb:90:1a:
71:8b:57:ef:0f:7d:22:68:ac:df:5a:0f:80:7c:a8:
c1:0d:c3:4e:b4:8d:9e:26:ad:b8:24:8a:b2:f7:72:
37:50:61:dd:a6:9d:79:8d:c9:dd:a4:14:49:c1:49:
43:a4:f7:0e:69:80:08:a2:73:44:bb:53:c1:81:2d:
73:39:b2:51:05:bb:1f:e5:c2:ad:8d:29:13:b7:26:
7e:b7:a0:46:54:c3:1e:09:1e:9e:8f:60:a3:e8:8c:
71:13:85:cf:e9:0d:eb:25:61:82:8a:a8:88:7f:03:
a1:9f:75:77:f2:f2:b2:ab:ad:17:bd:8a:ae:a4:0d:
5a:13:4d:43:20:23:65:e2:9a:47:e6:c7:d1:7b:78:
08:79:5a:7c:8a:d2:e5:d0:94:ee:0f:61:08:df:c1:
58:27:96:34:25:8f:13:14:90:68:ca:54:86:ba:01:
8c:b0:90:84:17:e6:0e:cd:61:8a:49:6b:6d:c8:10:
9a:12:bc:c5:f1:3b:86:98:8e:ce:36:f8:bf:d9:d9:
3e:c7:63:50:95:8b:0c:65:10:97:e2:9c:6c:cf:bc:
f8:6e:43:59:06:74:cc:3d:0c:e8:5d:9b:df:42:b0:
7a:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:66:2D:25:BE:A4:B5:DF:AC:51:4F:8A:46:FA:98:7B:67:B6:5B:73
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zGYtJb6ktd-sUU-KRvqYe2e2W3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
86.107.108.0/23
89.34.124.0/23
89.39.172.0/23
193.124.20.0/23
194.88.96.0/21
194.88.112.0/20
194.135.26.0/23
Signature Algorithm: sha256WithRSAEncryption
05:e7:44:18:1f:b7:6b:d9:54:ca:0b:ef:d9:39:a9:80:f9:38:
21:b6:61:6c:ef:3f:c7:2d:51:84:b5:6c:27:3f:e0:7a:43:8e:
00:0b:b0:d3:d8:54:21:a2:3b:fa:23:70:b0:dd:42:7b:88:2c:
c2:a0:65:6b:fb:6a:79:fe:4c:6c:a2:5e:84:fd:4f:60:10:53:
44:df:ad:32:20:2c:6e:8b:61:97:0c:74:c8:4f:f4:0f:4b:80:
59:5d:3e:4a:45:5d:de:12:1c:3f:cf:0f:bd:74:16:e8:8b:ea:
e0:57:d7:cb:3d:0d:6b:4f:77:82:91:88:15:3e:a3:ca:73:15:
ee:6e:39:db:14:75:c2:2b:30:a0:06:5a:2a:b8:6a:ad:23:c8:
db:05:53:60:13:5f:22:98:c5:77:24:ca:46:f1:55:96:4d:ae:
a0:57:2b:55:1b:9c:3c:b0:bd:87:a5:76:ea:c5:4c:70:92:d6:
5c:c0:cf:52:f6:3c:04:58:d2:7e:e0:13:4e:44:0e:bc:75:65:
f4:5c:a3:37:3b:e8:79:b6:4f:35:3b:8d:ee:83:90:85:ea:01:
0f:54:3a:69:c7:25:95:dc:a4:ed:63:4e:92:f3:85:e7:44:c7:
b8:51:f2:e6:18:eb:95:72:f2:06:58:a7:bf:c3:ef:9e:87:17:
38:57:ba:13
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY1mF9wRqR+NTCU2SG5Ao1sRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjQwMjAxMTkxNDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzY2MmQyNWJlYTRiNWRmYWM1MTRmOGE0NmZhOTg3YjY3YjY1YjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOCXaV5Je2QxdOgSwtYtayuNf8QY
l2s6IlzLkBpxi1fvD30iaKzfWg+AfKjBDcNOtI2eJq24JIqy93I3UGHdpp15jcnd
pBRJwUlDpPcOaYAIonNEu1PBgS1zObJRBbsf5cKtjSkTtyZ+t6BGVMMeCR6ej2Cj
6IxxE4XP6Q3rJWGCiqiIfwOhn3V38vKyq60XvYqupA1aE01DICNl4ppH5sfRe3gI
eVp8itLl0JTuD2EI38FYJ5Y0JY8TFJBoylSGugGMsJCEF+YOzWGKSWttyBCaErzF
8TuGmI7ONvi/2dk+x2NQlYsMZRCX4pxsz7z4bkNZBnTMPQzoXZvfQrB6cwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFMxmLSW+pLXfrFFPikb6mHtntltzMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvekdZdEpiNmt0ZC1zVVUtS1J2cVllMmUyVzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQDBSPAAwQE
VOoQAwQCVcygAwQBVmtsAwQBWSJ8AwQBWSesAwQBwXwUAwQDwlhgAwQEwlhwAwQB
wocaMA0GCSqGSIb3DQEBCwUAA4IBAQAF50QYH7dr2VTKC+/ZOamA+TghtmFs7z/H
LVGEtWwnP+B6Q44AC7DT2FQhojv6I3Cw3UJ7iCzCoGVr+2p5/kxsol6E/U9gEFNE
360yICxui2GXDHTIT/QPS4BZXT5KRV3eEhw/zw+9dBboi+rgV9fLPQ1rT3eCkYgV
PqPKcxXubjnbFHXCKzCgBloquGqtI8jbBVNgE18imMV3JMpG8VWWTa6gVytVG5w8
sL2HpXbqxUxwktZcwM9S9jwEWNJ+4BNORA68dWX0XKM3O+h5tk81O43ug5CF6gEP
VDppxyWV3KTtY06S84XnRMe4UfLmGOuVcvIGWKe/w++ehxc4V7oT
Generated at Wed Apr 17 10:56:28 2024 by rpki-client on console-fra.rpki-client.org