Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/Z1pDtqDkWrM3OiFniOnFn0yBXzc.roa
File: Z1pDtqDkWrM3OiFniOnFn0yBXzc.roa (raw, json)
Hash identifier: QAvhMlgoPKuwzTM1AcQ3Ig84oukPl4fPduCDDugtz0Y=
Subject key identifier: 67:5A:43:B6:A0:E4:5A:B3:37:3A:21:67:88:E9:C5:9F:4C:81:5F:37
Certificate issuer: /CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Certificate serial: 018CC3B7170F58C3F6483786EE39D5CBFD6B
Authority key identifier: A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/Z1pDtqDkWrM3OiFniOnFn0yBXzc.roa
Signing time: Mon 01 Jan 2024 06:30:05 +0000
ROA not before: Mon 01 Jan 2024 06:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42652
IP address blocks: 185.7.208.0/22 maxlen: 22
212.43.64.0/19 maxlen: 19
5.100.128.0/20 maxlen: 20
89.21.96.0/19 maxlen: 19
188.210.0.0/18 maxlen: 18
5.45.0.0/21 maxlen: 21
128.0.96.0/21 maxlen: 21
109.75.208.0/20 maxlen: 20
156.67.128.0/20 maxlen: 20
77.244.96.0/20 maxlen: 20
178.76.128.0/18 maxlen: 18
185.18.128.0/22 maxlen: 22
46.165.128.0/18 maxlen: 18
131.117.144.0/20 maxlen: 20
37.157.40.0/21 maxlen: 21
185.74.180.0/22 maxlen: 22
2a01:5c0::/32 maxlen: 32
2a02:6d40::/32 maxlen: 32
2a03:4920::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 21 Mar 2024 09:32:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:17:0f:58:c3:f6:48:37:86:ee:39:d5:cb:fd:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a18164d9961a16d2eff773f5027821e9d2bd3740
Validity
Not Before: Jan 1 06:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=675a43b6a0e45ab3373a216788e9c59f4c815f37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:92:65:24:ca:6a:42:51:36:5a:42:94:1a:13:
1c:46:98:94:fc:f3:cd:ac:63:4f:b8:b9:5f:d4:32:
44:64:1a:08:c5:99:0a:e1:fd:15:23:9f:13:fd:2e:
be:8e:b6:fc:0e:4b:bf:19:23:39:ea:9e:25:00:e6:
39:0e:fd:b8:1f:ac:2d:d8:fe:a9:c3:5d:f6:dd:38:
3e:b7:38:2a:26:e2:26:8a:4e:af:9d:79:95:f1:84:
06:64:c8:10:f7:90:49:ab:76:c7:a9:57:ea:76:bc:
b8:c1:ac:04:e8:33:2e:3b:90:ee:b5:04:45:9e:f5:
c1:fc:2b:00:73:92:d5:b5:38:f1:e7:a8:cc:0d:b2:
1c:f0:d2:f9:4c:ff:dc:0c:fd:54:a7:e3:7f:1a:6c:
5e:b2:75:37:10:28:de:a5:dd:ee:85:fe:d8:57:9e:
3a:39:fb:77:03:43:93:a7:5a:ad:a4:97:e1:68:0a:
49:8f:d9:d2:45:07:c4:e5:6e:c5:89:97:40:f2:67:
fb:4b:25:4f:c6:7d:cd:6b:67:ec:9b:26:2b:bb:ed:
dc:11:a8:ae:ed:da:d4:84:4e:5b:ba:ac:df:ed:72:
17:da:9a:69:4e:63:85:4f:f8:b5:db:97:9f:c4:ae:
f4:74:9b:e4:92:f9:44:cb:a3:ec:a3:ca:4c:68:a8:
7e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5A:43:B6:A0:E4:5A:B3:37:3A:21:67:88:E9:C5:9F:4C:81:5F:37
X509v3 Authority Key Identifier:
keyid:A1:81:64:D9:96:1A:16:D2:EF:F7:73:F5:02:78:21:E9:D2:BD:37:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oYFk2ZYaFtLv93P1Angh6dK9N0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/Z1pDtqDkWrM3OiFniOnFn0yBXzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/b8ed2d-3545-4599-97e5-1523803fadaf/1/oYFk2ZYaFtLv93P1Angh6dK9N0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.0.0/21
5.100.128.0/20
37.157.40.0/21
46.165.128.0/18
77.244.96.0/20
89.21.96.0/19
109.75.208.0/20
128.0.96.0/21
131.117.144.0/20
156.67.128.0/20
178.76.128.0/18
185.7.208.0/22
185.18.128.0/22
185.74.180.0/22
188.210.0.0/18
212.43.64.0/19
IPv6:
2a01:5c0::/32
2a02:6d40::/32
2a03:4920::/32
Signature Algorithm: sha256WithRSAEncryption
64:cf:ce:64:e6:10:72:86:8b:50:c4:f2:0c:23:e6:d1:81:6b:
20:bf:c3:48:8c:03:7f:b7:39:57:a3:05:8d:18:49:e1:c8:ff:
90:95:f7:61:32:66:f6:bf:a7:39:99:cf:11:0a:92:2e:e9:98:
7b:71:89:6d:32:8d:cd:fb:9f:e0:78:a0:1a:66:c0:39:e8:1a:
a5:bc:e3:cd:d7:70:00:c4:2f:cb:29:c2:5a:f6:d6:d7:cc:d2:
39:53:31:eb:50:85:d6:f1:b7:ae:13:b6:34:ce:12:cd:37:01:
85:fb:b8:ac:d9:bc:ee:d2:ac:d2:96:52:19:3c:63:e2:36:18:
3f:c4:f3:02:cf:ab:86:32:81:d8:d6:f4:a4:23:48:fd:a6:c3:
92:19:8d:75:21:8e:19:1e:87:db:8e:a2:50:0e:76:45:00:60:
8c:7f:8c:06:24:6f:20:6e:96:9e:5d:6e:d1:f3:67:a0:8c:24:
1f:d3:b8:bb:4a:fc:8a:0b:5c:e3:c6:82:0d:ca:85:ad:21:d1:
bb:d3:19:ed:65:ff:b9:8f:61:a0:8c:33:1c:62:bd:38:9f:80:
8c:61:da:a3:45:2d:05:86:51:47:70:67:9d:94:c2:c0:63:d4:
18:8f:a1:46:f8:43:b5:2f:ec:7c:2c:15:80:4a:e0:19:35:21:
27:63:4c:71
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYzDtxcPWMP2SDeG7jnVy/1rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExODE2NGQ5OTYxYTE2ZDJlZmY3NzNmNTAyNzgyMWU5ZDJi
ZDM3NDAwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVhNDNiNmEwZTQ1YWIzMzczYTIxNjc4OGU5YzU5ZjRjODE1ZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpJlJMpqQlE2WkKUGhMcRpiU/PPN
rGNPuLlf1DJEZBoIxZkK4f0VI58T/S6+jrb8Dku/GSM56p4lAOY5Dv24H6wt2P6p
w1323Tg+tzgqJuImik6vnXmV8YQGZMgQ95BJq3bHqVfqdry4wawE6DMuO5DutQRF
nvXB/CsAc5LVtTjx56jMDbIc8NL5TP/cDP1Up+N/GmxesnU3ECjepd3uhf7YV546
Oft3A0OTp1qtpJfhaApJj9nSRQfE5W7FiZdA8mf7SyVPxn3Na2fsmyYru+3cEaiu
7drUhE5buqzf7XIX2pppTmOFT/i125efxK70dJvkkvlEy6Pso8pMaKh+TQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFGdaQ7ag5FqzNzohZ4jpxZ9MgV83MB8GA1UdIwQY
MBaAFKGBZNmWGhbS7/dz9QJ4IenSvTdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUt
MTUyMzgwM2ZhZGFmLzEvWjFwRHRxRGtXck0zT2lGbmlPbkZuMHlCWHpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9iOGVkMmQtMzU0NS00NTk5LTk3ZTUtMTUyMzgwM2ZhZGFm
LzEvb1lGazJaWWFGdEx2OTNQMUFuZ2g2ZEs5TjBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBmBAIAATBgAwQDBS0A
AwQEBWSAAwQDJZ0oAwQGLqWAAwQETfRgAwQFWRVgAwQEbUvQAwQDgABgAwQEg3WQ
AwQEnEOAAwQGskyAAwQCuQfQAwQCuRKAAwQCuUq0AwQGvNIAAwQF1CtAMBsEAgAC
MBUDBQAqAQXAAwUAKgJtQAMFACoDSSAwDQYJKoZIhvcNAQELBQADggEBAGTPzmTm
EHKGi1DE8gwj5tGBayC/w0iMA3+3OVejBY0YSeHI/5CV92EyZva/pzmZzxEKki7p
mHtxiW0yjc37n+B4oBpmwDnoGqW8483XcADEL8spwlr21tfM0jlTMetQhdbxt64T
tjTOEs03AYX7uKzZvO7SrNKWUhk8Y+I2GD/E8wLPq4YygdjW9KQjSP2mw5IZjXUh
jhkeh9uOolAOdkUAYIx/jAYkbyBulp5dbtHzZ6CMJB/TuLtK/IoLXOPGgg3Kha0h
0bvTGe1l/7mPYaCMMxxivTifgIxh2qNFLQWGUUdwZ52UwsBj1BiPoUb4Q7Uv7Hws
FYBK4Bk1ISdjTHE=
-----END CERTIFICATE-----
Generated at Thu Mar 21 15:18:30 2024 by rpki-client on console.sobornost.net