Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/zK0rAlT8KTrYxCrR2YFABzRwH2A.roa
File: zK0rAlT8KTrYxCrR2YFABzRwH2A.roa (raw, json)
Hash identifier: 1JoSmTXYhUNrFd/Qj+6XFLb6KHRYUqD30UxF9O9rqUM=
Subject key identifier: CC:AD:2B:02:54:FC:29:3A:D8:C4:2A:D1:D9:81:40:07:34:70:1F:60
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 018D60A58342F01E4106FEB65457F2BF34C4
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/zK0rAlT8KTrYxCrR2YFABzRwH2A.roa
Signing time: Wed 31 Jan 2024 17:51:16 +0000
ROA not before: Wed 31 Jan 2024 17:51:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206892
IP address blocks: 45.95.44.0/22 maxlen: 24
94.199.178.0/23 maxlen: 24
94.199.179.0/24 maxlen: 24
95.140.32.0/24 maxlen: 24
95.140.38.0/23 maxlen: 24
185.161.72.0/22 maxlen: 24
185.199.28.0/22 maxlen: 24
185.234.181.0/24 maxlen: 24
185.234.182.0/23 maxlen: 24
194.39.44.0/22 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: Failed, certificate revoked on Wed 31 Jan 2024 19:15:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:60:a5:83:42:f0:1e:41:06:fe:b6:54:57:f2:bf:34:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jan 31 17:51:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccad2b0254fc293ad8c42ad1d981400734701f60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b4:86:c5:58:02:77:5a:15:b8:55:e5:74:56:
a4:a8:11:31:4c:77:c1:eb:d8:3d:ee:f3:aa:46:75:
d8:49:43:97:72:db:96:37:b4:63:ab:9a:b0:eb:55:
0a:8b:d9:71:79:fd:bd:b1:3e:40:55:78:51:e4:b7:
e2:43:2a:85:86:62:6c:37:4b:b3:ba:b7:71:0e:46:
5a:94:a5:e7:63:7a:ed:05:93:df:c9:e8:eb:d0:04:
e4:80:1b:81:cc:49:3e:53:13:fd:32:30:c7:be:b1:
73:bc:e3:b2:80:c3:07:c0:bc:c6:74:43:a5:56:7e:
c8:ee:fa:2b:85:6c:e7:a2:ab:1d:ed:c9:1e:c1:f3:
7f:7d:c9:3d:98:eb:85:82:a1:0a:14:5a:7b:9c:21:
86:6a:de:21:8b:c8:4d:a0:07:c8:49:6d:bf:e3:4a:
84:c2:5f:2c:0a:15:39:c3:09:a9:fd:47:ba:7d:21:
31:ea:cd:2f:e5:ee:8e:44:6d:81:4d:a2:a5:d0:3f:
2e:a7:c2:ef:07:3a:f9:ed:d3:91:62:78:0f:43:95:
ea:ce:76:79:29:c2:90:5a:6d:19:1d:24:65:5e:17:
fd:b8:74:7b:3b:bb:b7:8e:a5:58:31:62:4e:c9:3c:
da:ef:f7:c3:14:f6:a0:30:46:e9:46:a1:2d:db:f1:
7f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:AD:2B:02:54:FC:29:3A:D8:C4:2A:D1:D9:81:40:07:34:70:1F:60
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/zK0rAlT8KTrYxCrR2YFABzRwH2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.178.0/23
95.140.32.0/24
95.140.38.0/23
185.161.72.0/22
185.199.28.0/22
185.234.181.0-185.234.183.255
194.39.44.0/22
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
5a:6f:4e:2b:71:ec:0e:a4:5d:9b:e3:0d:e3:ea:4a:c7:2c:6f:
06:2c:37:d3:ca:2b:d9:da:62:94:ce:28:4e:3a:a5:53:7e:12:
d9:99:ab:a4:07:30:f3:cc:3f:8d:03:36:f2:78:23:2b:6f:fb:
cb:af:f5:9f:a8:6b:c6:fa:84:1d:b9:45:46:0f:0d:db:92:66:
aa:6b:36:19:98:fb:1e:3a:af:03:d4:02:ea:e0:55:37:9c:5d:
bb:78:a4:e4:ef:b0:75:53:7c:b7:23:88:a1:aa:c4:7c:e7:64:
44:df:5f:9c:7b:17:bc:3d:65:8f:ef:85:35:24:e6:2e:45:b2:
b1:88:a2:2a:b6:b7:19:e8:18:03:ec:6e:0d:7d:34:d0:a4:f8:
e0:50:82:e9:95:f7:a2:c5:67:71:c7:95:fe:45:52:ae:9e:55:
74:4b:21:46:02:32:79:7a:20:50:21:71:c1:48:ce:e0:98:d9:
a5:dd:9a:ce:cd:fa:6d:35:fe:54:da:7b:47:b0:c5:74:80:0f:
a4:d9:1c:f7:64:ae:2c:10:21:e6:f3:c4:71:05:61:b9:64:5c:
c4:37:45:1f:1d:a4:e4:17:94:26:9f:76:48:0a:95:eb:73:70:
87:60:fc:ed:1a:ba:f7:a8:67:62:0f:c1:4a:cd:5b:a6:d4:9e:
6a:76:72:7f
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAY1gpYNC8B5BBv62VFfyvzTEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjQwMTMxMTc1MTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2FkMmIwMjU0ZmMyOTNhZDhjNDJhZDFkOTgxNDAwNzM0NzAxZjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbSGxVgCd1oVuFXldFakqBExTHfB
69g97vOqRnXYSUOXctuWN7Rjq5qw61UKi9lxef29sT5AVXhR5LfiQyqFhmJsN0uz
urdxDkZalKXnY3rtBZPfyejr0ATkgBuBzEk+UxP9MjDHvrFzvOOygMMHwLzGdEOl
Vn7I7vorhWznoqsd7ckewfN/fck9mOuFgqEKFFp7nCGGat4hi8hNoAfISW2/40qE
wl8sChU5wwmp/Ue6fSEx6s0v5e6ORG2BTaKl0D8up8LvBzr57dORYngPQ5XqznZ5
KcKQWm0ZHSRlXhf9uHR7O7u3jqVYMWJOyTza7/fDFPagMEbpRqEt2/F//wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMytKwJU/Ck62MQq0dmBQAc0cB9gMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvekswckFsVDhLVHJZeENyUjJZRkFCelJ3SDJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQCLV8sAwQB
XseyAwQAX4wgAwQBX4wmAwQCuaFIAwQCucccMAwDBAC56rUDBAO56rADBALCJyww
DQQCAAIwBwMFACoHwoAwDQYJKoZIhvcNAQELBQADggEBAFpvTitx7A6kXZvjDePq
SscsbwYsN9PKK9naYpTOKE46pVN+EtmZq6QHMPPMP40DNvJ4Iytv+8uv9Z+oa8b6
hB25RUYPDduSZqprNhmY+x46rwPUAurgVTecXbt4pOTvsHVTfLcjiKGqxHznZETf
X5x7F7w9ZY/vhTUk5i5FsrGIoiq2txnoGAPsbg19NNCk+OBQgumV96LFZ3HHlf5F
Uq6eVXRLIUYCMnl6IFAhccFIzuCY2aXdms7N+m01/lTae0ewxXSAD6TZHPdkriwQ
IebzxHEFYblkXMQ3RR8dpOQXlCafdkgKletzcIdg/O0auveoZ2IPwUrNW6bUnmp2
cn8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:22 2024 by rpki-client on console-ams.rpki-client.org