Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZjKJVje2PR5Of7WS09nNi6EYi18.roa
File: ZjKJVje2PR5Of7WS09nNi6EYi18.roa (raw, json)
Hash identifier: +BeUBceiod8qEahSIEJUYXPJJq2HSHp8gMjkzOT76AY=
Subject key identifier: 66:32:89:56:37:B6:3D:1E:4E:7F:B5:92:D3:D9:CD:8B:A1:18:8B:5F
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 018E9EE13DBFEDD2B8D5EFC13E040A260162
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZjKJVje2PR5Of7WS09nNi6EYi18.roa
Signing time: Tue 02 Apr 2024 12:55:45 +0000
ROA not before: Tue 02 Apr 2024 12:55:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.2.0/24 maxlen: 24
85.254.4.0/24 maxlen: 24
85.254.7.0/24 maxlen: 24
85.254.29.0/24 maxlen: 24
85.254.30.0/24 maxlen: 24
85.254.40.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.51.0/24 maxlen: 24
85.254.59.0/24 maxlen: 24
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.84.0/23 maxlen: 23
85.254.103.0/24 maxlen: 24
85.254.112.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
85.254.134.0/24 maxlen: 24
85.254.137.0/24 maxlen: 24
85.254.138.0/23 maxlen: 23
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
159.148.26.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.169.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.179.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.246.0/23 maxlen: 23
159.148.248.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 12:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:e1:3d:bf:ed:d2:b8:d5:ef:c1:3e:04:0a:26:01:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Apr 2 12:55:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6632895637b63d1e4e7fb592d3d9cd8ba1188b5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3e:18:d3:d1:32:07:66:de:3b:75:2c:63:9e:
a7:cd:9d:3f:6c:af:b4:c7:8e:63:51:76:bf:af:da:
18:ef:20:c8:bc:bd:4b:a4:2c:74:bc:2c:7e:35:bc:
2b:19:39:dc:2d:40:c5:2e:d3:77:4f:92:53:f3:a3:
ce:12:c1:fb:99:33:7f:2d:81:ad:bf:b3:2d:ad:4e:
fd:64:cd:3b:c8:1c:a3:ef:e7:1d:f4:42:a3:59:e3:
d8:4f:a9:d7:dd:f6:5a:fd:17:a0:a9:dc:aa:28:ae:
8c:8c:e2:84:0d:5c:6f:02:cc:b1:3a:89:84:ba:49:
4e:0e:71:71:ba:1f:4a:91:6f:b6:7a:8e:e1:7a:a8:
be:f9:97:3a:03:e6:a2:41:4b:38:56:e7:1e:86:f1:
e7:d8:3f:95:be:20:17:64:f3:28:b9:2e:7d:68:47:
d3:22:6f:64:f1:45:28:53:0c:19:b2:b3:21:f8:b7:
11:98:4c:61:e9:88:39:5b:b1:51:7f:91:3f:30:1e:
25:62:1d:bb:c5:13:cd:33:15:3b:5f:3b:cb:be:a2:
7e:94:90:ed:36:a9:81:d2:9f:f6:12:e4:f0:19:b4:
a2:cd:41:10:24:d2:5d:19:fc:d5:ff:cd:72:92:cc:
50:4a:b7:a5:cc:7c:d3:28:03:4f:42:f6:a6:30:09:
74:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:32:89:56:37:B6:3D:1E:4E:7F:B5:92:D3:D9:CD:8B:A1:18:8B:5F
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/ZjKJVje2PR5Of7WS09nNi6EYi18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.4.0/24
85.254.7.0/24
85.254.29.0-85.254.30.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.59.0/24
85.254.64.0/23
85.254.76.0/22
85.254.84.0/23
85.254.103.0/24
85.254.112.0/22
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.137.0-85.254.140.255
85.254.174.0/23
85.254.180.0/23
159.148.26.0/24
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.246.0-159.148.248.255
185.27.94.0/24
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
ac:d8:7f:c8:6b:a6:e4:3e:f0:24:65:d7:73:41:3c:76:b5:ac:
ea:2e:79:21:f8:94:8c:c5:3b:53:ec:8a:11:f2:88:33:16:4f:
da:06:1f:c0:af:d6:fd:83:dd:51:91:41:23:ac:1f:0b:5f:e9:
8b:dd:fb:ca:5f:24:4f:f8:84:2f:a2:56:00:13:ac:76:ca:9c:
45:e8:11:31:c3:93:94:e6:09:7a:33:9f:f7:82:17:65:c3:b7:
ef:2a:a0:9f:5d:93:8c:a4:02:e3:eb:c2:13:ad:f5:66:1e:8a:
d3:c3:50:8b:8f:f6:3e:62:68:1b:63:2a:ef:f9:60:9b:60:ff:
6c:81:43:28:e3:53:1e:bd:de:58:3f:4c:c1:0b:35:36:8c:d4:
d9:bc:9e:3d:cb:d9:02:1f:82:84:df:f1:d2:78:04:c4:cd:28:
e1:c7:af:1d:25:83:f9:ca:0d:2a:ce:5c:d1:d1:a2:ef:f4:24:
58:65:c5:0d:e1:64:5b:a2:65:a2:c3:72:fb:cb:ac:58:29:59:
89:16:17:6b:5d:4c:9e:75:ee:4d:61:d9:c2:90:24:31:a2:53:
80:26:7c:5d:0f:5f:25:32:c3:0c:a7:52:87:3a:1e:60:17:50:
e4:7b:f3:8f:43:01:04:e5:de:1a:50:14:5f:76:73:42:7d:3a:
70:ba:d9:6e
-----BEGIN CERTIFICATE-----
MIIGQTCCBSmgAwIBAgISAY6e4T2/7dK41e/BPgQKJgFiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjQwNDAyMTI1NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMyODk1NjM3YjYzZDFlNGU3ZmI1OTJkM2Q5Y2Q4YmExMTg4YjVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT4Y09EyB2beO3UsY56nzZ0/bK+0
x45jUXa/r9oY7yDIvL1LpCx0vCx+NbwrGTncLUDFLtN3T5JT86POEsH7mTN/LYGt
v7MtrU79ZM07yByj7+cd9EKjWePYT6nX3fZa/RegqdyqKK6MjOKEDVxvAsyxOomE
uklODnFxuh9KkW+2eo7heqi++Zc6A+aiQUs4VucehvHn2D+VviAXZPMouS59aEfT
Im9k8UUoUwwZsrMh+LcRmExh6Yg5W7FRf5E/MB4lYh27xRPNMxU7XzvLvqJ+lJDt
NqmB0p/2EuTwGbSizUEQJNJdGfzV/81yksxQSrelzHzTKANPQvamMAl0fwIDAQAB
o4IDTTCCA0kwHQYDVR0OBBYEFGYyiVY3tj0eTn+1ktPZzYuhGItfMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvWmpLSlZqZTJQUjVPZjdXUzA5bk5pNkVZaTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYQYIKwYBBQUHAQcBAf8EggFQMIIBTDCCAUgEAgABMIIB
QAMEAFX+AgMEAFX+BAMEAFX+BzAMAwQAVf4dAwQAVf4eAwQAVf4oAwQBVf4qAwQA
Vf4zAwQAVf47AwQBVf5AAwQCVf5MAwQBVf5UAwQAVf5nAwQCVf5wMAwDBAJV/nwD
BABV/n4DBAJV/oADBABV/oYwDAMEAFX+iQMEAFX+jAMEAVX+rgMEAVX+tAMEAJ+U
GgMEAJ+UNgMEAJ+UPgMEAJ+UQgMEAJ+UbQMEAJ+UfgMEAJ+UgAMEAJ+UgjAMAwQA
n5SdAwQAn5SeAwQAn5SjAwQBn5SmAwQAn5SpAwQAn5SxMAwDBACflLMDBACflLQD
BACflMwDBACflNgDBACflNoDBACflOoDBACflOwDBACflO8DBACflPEwDAMEAZ+U
9gMEAJ+U+AMEALkbXgMEANlFeTAMAwQA2UV9AwQH2UUAMA0GCSqGSIb3DQEBCwUA
A4IBAQCs2H/Ia6bkPvAkZddzQTx2tazqLnkh+JSMxTtT7IoR8ogzFk/aBh/Ar9b9
g91RkUEjrB8LX+mL3fvKXyRP+IQvolYAE6x2ypxF6BExw5OU5gl6M5/3ghdlw7fv
KqCfXZOMpALj68ITrfVmHorTw1CLj/Y+YmgbYyrv+WCbYP9sgUMo41Mevd5YP0zB
CzU2jNTZvJ49y9kCH4KE3/HSeATEzSjhx68dJYP5yg0qzlzR0aLv9CRYZcUN4WRb
omWiw3L7y6xYKVmJFhdrXUyede5NYdnCkCQxolOAJnxdD18lMsMMp1KHOh5gF1Dk
e/OPQwEE5d4aUBRfdnNCfTpwutlu
-----END CERTIFICATE-----
Generated at Wed Apr 10 16:53:36 2024 by rpki-client on console-fra.rpki-client.org