Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZRGT0Uc8fA--IlSj6a42KdWNle4.roa
File: ZRGT0Uc8fA--IlSj6a42KdWNle4.roa (raw, json)
Hash identifier: TmOHTp+tK5G8LWsGQfJu6rGHF8yST+C6Sxo6Rs+o9Pc=
Subject key identifier: 65:11:93:D1:47:3C:7C:0F:BE:22:54:A3:E9:AE:36:29:D5:8D:95:EE
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0190E3C3E6AD07B03A18601AF64D8B9392CD
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZRGT0Uc8fA--IlSj6a42KdWNle4.roa
Signing time: Wed 24 Jul 2024 08:03:04 +0000
ROA not before: Wed 24 Jul 2024 08:03:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208258
IP address blocks: 45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.152.58.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
195.88.226.0/24 maxlen: 24
195.88.227.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 02 Sep 2024 12:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:e3:c3:e6:ad:07:b0:3a:18:60:1a:f6:4d:8b:93:92:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Jul 24 08:03:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=651193d1473c7c0fbe2254a3e9ae3629d58d95ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:c6:d3:53:d0:12:1c:cc:b5:75:c2:7c:02:
83:e7:a6:a6:53:10:f1:b6:ea:67:f1:56:26:ed:94:
67:99:9d:99:e6:42:0b:fa:0e:c6:2a:dd:41:2e:1a:
b8:11:df:f0:d4:7e:24:51:55:0f:a9:8b:da:61:26:
ae:90:47:61:43:6e:2b:94:09:b3:60:84:79:e6:23:
46:a8:2f:a7:4d:cf:bf:41:27:32:9f:13:62:8d:c1:
0a:d1:f3:23:28:9f:05:5a:5f:8c:a7:2d:33:41:7a:
9c:d5:5a:bf:ef:36:ea:b7:de:56:d7:d2:9a:8b:af:
e0:ca:fe:76:56:a4:27:64:38:7b:41:21:af:ce:f3:
63:bf:02:da:b1:11:fc:7b:cd:8e:9d:d1:00:a5:e4:
af:c4:ca:ad:d5:aa:0f:52:d2:d5:a2:7a:20:22:92:
c0:85:cf:b7:5b:d2:28:4a:f5:a2:57:aa:20:b7:81:
11:fe:c0:c0:f9:56:d5:08:3c:d9:b3:31:f8:48:ad:
43:40:41:47:79:89:f1:10:20:f3:ee:24:26:a4:18:
27:5b:82:9b:ab:c4:1a:84:86:e6:e2:69:f2:fe:15:
ed:f9:f4:39:62:00:a9:b6:06:f1:77:38:41:99:ea:
0a:16:75:37:7e:e6:eb:95:6c:71:dc:79:98:14:66:
ad:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:11:93:D1:47:3C:7C:0F:BE:22:54:A3:E9:AE:36:29:D5:8D:95:EE
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/ZRGT0Uc8fA--IlSj6a42KdWNle4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.152.58.0/24
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
195.88.226.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
b9:15:9d:6a:99:93:51:62:35:fa:b1:1a:a9:19:20:4b:ff:a9:
73:ba:cd:74:fc:9f:89:10:ca:19:1b:8e:a8:9e:1c:e0:bd:ac:
27:29:bf:b5:5b:4d:6a:89:d8:22:7c:36:ff:bb:cd:e5:c5:8c:
6c:a9:29:a5:4a:cc:42:60:57:19:05:57:2e:bb:ae:73:e5:39:
76:66:0a:fa:69:25:0f:8b:0a:37:ac:be:da:51:4b:b9:d6:96:
e2:b9:6a:8c:28:48:e8:d8:ca:2b:e0:aa:69:b8:a2:c0:7c:ad:
58:ec:e5:73:7f:3a:fb:aa:3a:45:d6:7b:a5:4d:5f:b3:73:3d:
48:72:d1:9e:c1:37:65:81:c5:0a:9c:9e:fb:63:2a:64:ae:5f:
dd:8c:23:88:2e:73:8c:92:6b:d8:3d:87:b0:77:71:32:47:d2:
92:61:a0:66:36:18:b8:03:8f:bc:44:5b:52:61:1f:2e:8f:3d:
e9:ac:42:59:c0:c9:83:43:4e:b9:82:91:0c:91:c9:a3:16:ff:
bb:6c:39:53:99:99:de:be:90:39:2c:6d:ef:bb:6a:6b:ab:83:
47:72:39:01:33:84:45:9d:6a:eb:2e:11:d7:5e:be:42:1b:5c:
76:0e:c2:26:8f:5e:e2:ef:93:38:73:60:28:b2:2c:a9:03:e3:
1d:d8:d9:ea
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZDjw+atB7A6GGAa9k2Lk5LNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwNzI0MDgwMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTExOTNkMTQ3M2M3YzBmYmUyMjU0YTNlOWFlMzYyOWQ1OGQ5NWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsq3G01PQEhzMtXXCfAKD56amUxDx
tupn8VYm7ZRnmZ2Z5kIL+g7GKt1BLhq4Ed/w1H4kUVUPqYvaYSaukEdhQ24rlAmz
YIR55iNGqC+nTc+/QScynxNijcEK0fMjKJ8FWl+Mpy0zQXqc1Vq/7zbqt95W19Ka
i6/gyv52VqQnZDh7QSGvzvNjvwLasRH8e82OndEApeSvxMqt1aoPUtLVonogIpLA
hc+3W9IoSvWiV6ogt4ER/sDA+VbVCDzZszH4SK1DQEFHeYnxECDz7iQmpBgnW4Kb
q8QahIbm4mny/hXt+fQ5YgCptgbxdzhBmeoKFnU3fubrlWxx3HmYFGatdwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFGURk9FHPHwPviJUo+muNinVjZXuMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvWlJHVDBVYzhmQS0tSWxTajZhNDJLZFdObGU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMMAwDBAIt
kPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAC2YOgMEArnQ0AMEALnjUgMEALnkUwME
AbnzcAMEAMKSMAMEAcMaBgMEAcNY4jCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAuRWdapmTUWI1+rEaqRkgS/+p
c7rNdPyfiRDKGRuOqJ4c4L2sJym/tVtNaonYInw2/7vN5cWMbKkppUrMQmBXGQVX
Lruuc+U5dmYK+mklD4sKN6y+2lFLudaW4rlqjChI6NjKK+CqabiiwHytWOzlc386
+6o6RdZ7pU1fs3M9SHLRnsE3ZYHFCpye+2MqZK5f3YwjiC5zjJJr2D2HsHdxMkfS
kmGgZjYYuAOPvERbUmEfLo896axCWcDJg0NOuYKRDJHJoxb/u2w5U5mZ3r6QOSxt
77tqa6uDR3I5ATOERZ1q6y4R116+Qhtcdg7CJo9e4u+TOHNgKLIsqQPjHdjZ6g==
-----END CERTIFICATE-----
Generated at Mon Sep 2 15:35:04 2024 by rpki-client on console-ams.rpki-client.org