Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zW5GTzU_6cKOcwNh04AW618Ocs0.roa
File: zW5GTzU_6cKOcwNh04AW618Ocs0.roa (raw, json)
Hash identifier: fNUGPrSiHNx/auwtJaDu39S2KN+dM2x8ERGkYjL3ndI=
Subject key identifier: CD:6E:46:4F:35:3F:E9:C2:8E:73:03:61:D3:80:16:EB:5F:0E:72:CD
Certificate issuer: /CN=da00e981953061972c896bd6d27738d083aadb0e
Certificate serial: 018C249BA61DB30218366C5BF7FAEE615973
Authority key identifier: DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zW5GTzU_6cKOcwNh04AW618Ocs0.roa
Signing time: Fri 01 Dec 2023 09:00:29 +0000
ROA not before: Fri 01 Dec 2023 09:00:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 393427
IP address blocks: 84.234.16.0/20 maxlen: 24
194.88.96.0/21 maxlen: 24
5.35.192.0/21 maxlen: 24
85.204.160.0/22 maxlen: 24
194.88.112.0/20 maxlen: 24
91.232.136.0/22 maxlen: 24
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:24:9b:a6:1d:b3:02:18:36:6c:5b:f7:fa:ee:61:59:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da00e981953061972c896bd6d27738d083aadb0e
Validity
Not Before: Dec 1 09:00:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd6e464f353fe9c28e730361d38016eb5f0e72cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:64:69:f8:6c:9e:1b:04:15:15:53:82:1c:8c:
9a:fb:b8:78:d7:13:5a:7b:50:36:18:30:c9:21:be:
61:13:a1:54:e1:16:15:b5:fb:f8:07:3d:a5:4f:0b:
cc:79:b3:a8:f5:98:a2:71:70:80:18:dc:68:09:56:
be:4a:2e:36:57:a7:84:3e:66:44:16:62:13:1b:fb:
63:5b:49:0a:ca:ef:53:6e:7f:e5:e9:20:5c:b2:45:
36:4a:4a:e9:e7:3f:32:cb:76:d2:2c:76:83:c1:dd:
a4:3d:78:1a:12:f8:6c:d4:c9:3d:de:19:ad:e6:8c:
86:09:90:17:73:58:2a:c5:49:cf:5a:a9:37:cc:9f:
4c:c4:16:b3:78:ec:21:80:e1:a5:64:ae:c1:e6:07:
a8:bf:39:e9:9a:82:8f:a0:38:3b:5e:8d:c6:df:c8:
b3:32:c8:41:f9:c5:ab:68:95:8c:de:29:25:73:30:
e5:ea:36:65:66:1d:93:1a:82:0f:6f:5e:47:6c:0f:
f8:09:f0:ff:41:14:57:bf:73:45:be:b3:c0:80:64:
0f:79:73:d0:91:26:2c:40:3f:44:5a:29:f4:5a:93:
f5:d8:8b:46:d5:a8:38:40:dc:e9:48:4d:55:d2:57:
67:75:57:b8:f2:e3:67:40:31:02:4e:c4:95:2c:53:
88:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6E:46:4F:35:3F:E9:C2:8E:73:03:61:D3:80:16:EB:5F:0E:72:CD
X509v3 Authority Key Identifier:
keyid:DA:00:E9:81:95:30:61:97:2C:89:6B:D6:D2:77:38:D0:83:AA:DB:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gDpgZUwYZcsiWvW0nc40IOq2w4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/zW5GTzU_6cKOcwNh04AW618Ocs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/82a7d6-92a9-4204-9ae0-9a48ecf9e15e/1/2gDpgZUwYZcsiWvW0nc40IOq2w4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.192.0/21
84.234.16.0/20
85.204.160.0/22
91.232.136.0/22
194.88.96.0/21
194.88.112.0/20
Signature Algorithm: sha256WithRSAEncryption
8f:68:21:24:32:de:6a:fd:48:c2:6d:5f:0c:9f:83:14:a2:96:
c1:5e:25:12:29:e4:0d:c9:ee:a5:ac:8f:d1:fa:a2:4e:95:df:
70:35:6f:d2:be:e4:4d:02:01:73:ea:40:72:b3:2f:a0:84:c4:
4f:77:0c:26:63:fc:3e:32:7b:6e:db:02:23:15:63:ea:19:a9:
4f:8f:0c:c2:e8:03:95:0b:b4:da:6b:54:9a:29:42:24:ca:4c:
5f:49:1c:7c:c0:03:2a:1d:45:b0:bf:f4:31:57:a0:41:2a:df:
7a:39:11:4a:33:dd:ff:56:4f:04:7b:18:cc:62:8a:d7:0a:1e:
18:45:68:6e:ab:d1:e6:df:37:3b:9d:53:bc:d0:61:0b:d5:a3:
39:5a:cb:46:e0:60:ed:29:34:fa:12:16:6c:5d:b3:2c:e1:72:
8f:2b:ea:4f:ef:ae:fe:14:a9:02:ff:ec:0c:4e:cb:1c:78:ba:
72:02:5c:3b:a3:0b:03:e2:b5:82:b3:75:56:ae:d2:1d:51:6e:
75:8e:59:57:ba:e4:36:6d:06:17:3f:df:87:6e:e9:4b:f5:32:
e5:46:50:71:69:bd:fe:3f:72:43:66:c6:78:f4:f1:65:40:2b:
0f:e3:0f:1f:76:bc:7c:d4:dc:da:fc:3f:f2:f6:51:bd:c7:26:
2a:a2:53:a1
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYwkm6YdswIYNmxb9/ruYVlzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDBlOTgxOTUzMDYxOTcyYzg5NmJkNmQyNzczOGQwODNh
YWRiMGUwHhcNMjMxMjAxMDkwMDI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZlNDY0ZjM1M2ZlOWMyOGU3MzAzNjFkMzgwMTZlYjVmMGU3MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGRp+GyeGwQVFVOCHIya+7h41xNa
e1A2GDDJIb5hE6FU4RYVtfv4Bz2lTwvMebOo9ZiicXCAGNxoCVa+Si42V6eEPmZE
FmITG/tjW0kKyu9Tbn/l6SBcskU2Skrp5z8yy3bSLHaDwd2kPXgaEvhs1Mk93hmt
5oyGCZAXc1gqxUnPWqk3zJ9MxBazeOwhgOGlZK7B5geovznpmoKPoDg7Xo3G38iz
MshB+cWraJWM3iklczDl6jZlZh2TGoIPb15HbA/4CfD/QRRXv3NFvrPAgGQPeXPQ
kSYsQD9EWin0WpP12ItG1ag4QNzpSE1V0ldndVe48uNnQDECTsSVLFOIhQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM1uRk81P+nCjnMDYdOAFutfDnLNMB8GA1UdIwQY
MBaAFNoA6YGVMGGXLIlr1tJ3ONCDqtsOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAt
OWE0OGVjZjllMTVlLzEvelc1R1R6VV82Y0tPY3dOaDA0QVc2MThPY3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi84MmE3ZDYtOTJhOS00MjA0LTlhZTAtOWE0OGVjZjllMTVl
LzEvMmdEcGdaVXdZWmNzaVd2VzBuYzQwSU9xMnc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDBSPAAwQE
VOoQAwQCVcygAwQCW+iIAwQDwlhgAwQEwlhwMA0GCSqGSIb3DQEBCwUAA4IBAQCP
aCEkMt5q/UjCbV8Mn4MUopbBXiUSKeQNye6lrI/R+qJOld9wNW/SvuRNAgFz6kBy
sy+ghMRPdwwmY/w+Mntu2wIjFWPqGalPjwzC6AOVC7Taa1SaKUIkykxfSRx8wAMq
HUWwv/QxV6BBKt96ORFKM93/Vk8EexjMYorXCh4YRWhuq9Hm3zc7nVO80GEL1aM5
WstG4GDtKTT6EhZsXbMs4XKPK+pP767+FKkC/+wMTssceLpyAlw7owsD4rWCs3VW
rtIdUW51jllXuuQ2bQYXP9+HbulL9TLlRlBxab3+P3JDZsZ49PFlQCsP4w8fdrx8
1Nza/D/y9lG9xyYqolOh
-----END CERTIFICATE-----
Generated at Mon Jan 1 17:26:45 2024 by rpki-client on console-fra.rpki-client.org