Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/CDZFA2wZkbTNq7w60uu6C_za7sI.roa
File: CDZFA2wZkbTNq7w60uu6C_za7sI.roa (raw, json)
Hash identifier: 46dHbO3PxO5IdVte4Z1Txz4GZJOQZfcES9GlfqrBFJg=
Subject key identifier: 08:36:45:03:6C:19:91:B4:CD:AB:BC:3A:D2:EB:BA:0B:FC:DA:EE:C2
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 0192D25AEBC6E5F8B0298457118F0F458442
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/CDZFA2wZkbTNq7w60uu6C_za7sI.roa
Signing time: Mon 28 Oct 2024 09:00:26 +0000
ROA not before: Mon 28 Oct 2024 09:00:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215597
IP address blocks: 82.199.222.0/23 maxlen: 23
82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 10:54:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d2:5a:eb:c6:e5:f8:b0:29:84:57:11:8f:0f:45:84:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Oct 28 09:00:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=083645036c1991b4cdabbc3ad2ebba0bfcdaeec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:db:86:97:8e:7f:5f:06:57:04:c4:e1:2c:b5:
3a:1f:6f:f9:6c:3f:fb:da:23:09:d4:46:2a:10:4c:
8c:74:17:07:57:68:c6:c6:94:c2:db:fe:fc:fc:e9:
85:86:9b:db:61:7d:00:76:cf:23:59:3e:61:08:ae:
2b:45:78:dc:64:7d:08:45:d0:9d:d4:17:d1:5d:24:
19:17:ce:be:ba:c3:d0:32:39:8c:67:39:e7:4f:c9:
11:4e:2e:40:f6:ed:64:2c:b9:41:e2:fc:6d:6c:63:
cc:17:03:20:87:31:be:8b:a7:68:45:2b:09:dc:6b:
fa:67:6d:b3:21:a9:b5:58:c0:2a:3d:c1:9e:16:8e:
be:a7:4f:58:ba:2f:1e:f8:f2:11:0c:cd:40:5a:aa:
7d:fb:51:b8:0f:f1:76:a9:00:cc:2b:2d:df:d3:f0:
07:58:56:d7:b2:2f:40:23:57:39:38:8f:70:60:0c:
4d:23:11:c3:d0:02:5c:e6:6a:29:34:31:94:5e:fc:
fd:e4:ac:6c:fc:15:c3:90:a2:a5:46:3f:81:a9:0f:
5f:23:5c:1f:73:66:60:da:23:dc:0e:d0:63:31:8a:
53:22:e4:da:80:ad:12:c6:b4:17:75:20:7a:31:10:
48:28:b4:aa:22:05:a8:0c:58:60:e8:b6:2e:e2:c1:
7b:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:36:45:03:6C:19:91:B4:CD:AB:BC:3A:D2:EB:BA:0B:FC:DA:EE:C2
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/CDZFA2wZkbTNq7w60uu6C_za7sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.199.222.0/23
91.213.191.0/24
91.217.185.0/24
185.95.206.0/23
212.95.142.0/24
212.95.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:4a:1b:78:78:cc:51:95:4a:93:5d:78:a5:95:11:89:89:c8:
2a:75:59:32:1a:31:9b:ae:03:96:b8:94:06:44:df:62:53:8c:
af:64:96:b2:31:28:19:1e:64:b5:74:0d:89:30:a1:db:80:68:
cd:ca:fc:5a:0c:79:81:da:37:ac:bb:27:1a:51:4c:30:36:2d:
cf:cd:d6:ba:28:2c:c8:e0:5f:24:ea:68:60:0e:95:83:b3:04:
88:45:88:39:18:db:78:59:76:e0:e5:d1:7f:4c:9c:19:e9:41:
fd:0b:9b:77:40:9f:28:f5:47:c8:43:44:23:29:3f:94:35:28:
21:6b:79:8f:d6:23:ad:5a:86:f5:10:29:40:3b:e2:4c:40:4e:
58:23:4a:c6:6b:eb:f6:0d:4d:9b:07:83:06:ed:10:8c:66:98:
4c:07:72:57:d0:97:de:b3:56:0d:2e:d2:37:62:e9:3d:7d:43:
d8:95:fc:d6:bf:78:c4:32:0f:67:ee:2c:75:6c:e4:2b:38:06:
99:f8:48:24:f5:f1:f5:ca:b3:67:30:71:db:62:65:35:35:bf:
bc:04:c6:09:12:dd:0e:7a:fe:c6:66:ee:42:bf:fe:ca:f8:82:
4e:3f:b9:3a:98:14:d0:b2:d0:e4:d2:35:e9:87:aa:f2:7c:13:
d3:e9:68:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZLSWuvG5fiwKYRXEY8PRYRCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjQxMDI4MDkwMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM2NDUwMzZjMTk5MWI0Y2RhYmJjM2FkMmViYmEwYmZjZGFlZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09uGl45/XwZXBMThLLU6H2/5bD/7
2iMJ1EYqEEyMdBcHV2jGxpTC2/78/OmFhpvbYX0Ads8jWT5hCK4rRXjcZH0IRdCd
1BfRXSQZF86+usPQMjmMZznnT8kRTi5A9u1kLLlB4vxtbGPMFwMghzG+i6doRSsJ
3Gv6Z22zIam1WMAqPcGeFo6+p09Yui8e+PIRDM1AWqp9+1G4D/F2qQDMKy3f0/AH
WFbXsi9AI1c5OI9wYAxNIxHD0AJc5mopNDGUXvz95Kxs/BXDkKKlRj+BqQ9fI1wf
c2Zg2iPcDtBjMYpTIuTagK0SxrQXdSB6MRBIKLSqIgWoDFhg6LYu4sF7cQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAg2RQNsGZG0zau8OtLrugv82u7CMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvQ0RaRkEyd1prYlROcTd3NjB1dTZDX3phN3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUsfeAwQA
W9W/AwQAW9m5AwQBuV/OAwQA1F+OAwQA1F+UMA0GCSqGSIb3DQEBCwUAA4IBAQBe
Sht4eMxRlUqTXXillRGJicgqdVkyGjGbrgOWuJQGRN9iU4yvZJayMSgZHmS1dA2J
MKHbgGjNyvxaDHmB2jesuycaUUwwNi3Pzda6KCzI4F8k6mhgDpWDswSIRYg5GNt4
WXbg5dF/TJwZ6UH9C5t3QJ8o9UfIQ0QjKT+UNSgha3mP1iOtWob1EClAO+JMQE5Y
I0rGa+v2DU2bB4MG7RCMZphMB3JX0Jfes1YNLtI3Yuk9fUPYlfzWv3jEMg9n7ix1
bOQrOAaZ+Egk9fH1yrNnMHHbYmU1Nb+8BMYJEt0Oev7GZu5Cv/7K+IJOP7k6mBTQ
stDk0jXph6ryfBPT6Wiq
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:29:14 2025 by rpki-client