Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zNzo9hPGswkNS_0bcEXS-54deRo.roa
File: zNzo9hPGswkNS_0bcEXS-54deRo.roa (raw, json)
Hash identifier: FHd1IgleqnFVqhlNTHXe6+toTb6/i2hh9BgYqDGGib4=
Subject key identifier: CC:DC:E8:F6:13:C6:B3:09:0D:4B:FD:1B:70:45:D2:FB:9E:1D:79:1A
Certificate issuer: /CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Certificate serial: 018CC9BC91F58FB3E173B10C88A3B7F9658D
Authority key identifier: 58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zNzo9hPGswkNS_0bcEXS-54deRo.roa
Signing time: Tue 02 Jan 2024 10:33:47 +0000
ROA not before: Tue 02 Jan 2024 10:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35228
IP address blocks: 82.132.138.0/23 maxlen: 24
82.132.216.0/22 maxlen: 24
82.132.220.0/22 maxlen: 24
82.132.224.0/22 maxlen: 24
82.132.232.0/22 maxlen: 24
82.132.228.0/22 maxlen: 24
82.132.236.0/22 maxlen: 24
82.132.240.0/22 maxlen: 24
82.132.244.0/22 maxlen: 24
82.132.248.0/23 maxlen: 24
82.132.164.0/23 maxlen: 24
82.132.162.0/23 maxlen: 24
82.132.160.0/23 maxlen: 24
82.132.168.0/23 maxlen: 24
82.132.166.0/23 maxlen: 24
82.132.172.0/23 maxlen: 24
82.132.170.0/23 maxlen: 24
82.132.174.0/23 maxlen: 24
82.132.182.0/23 maxlen: 24
82.132.180.0/23 maxlen: 24
82.132.184.0/22 maxlen: 24
82.132.199.0/24 maxlen: 24
82.132.198.0/23 maxlen: 24
82.132.210.0/23 maxlen: 24
82.132.212.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 14:27:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:91:f5:8f:b3:e1:73:b1:0c:88:a3:b7:f9:65:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58b29e7b8a0ddb9c36c6e0e3f49577817b0ea3a6
Validity
Not Before: Jan 2 10:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccdce8f613c6b3090d4bfd1b7045d2fb9e1d791a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:88:ed:48:84:85:6d:c6:66:10:a5:88:27:d8:
c2:71:6c:c9:00:9e:1c:8e:59:24:7a:1a:aa:91:6c:
a3:fa:8c:bf:55:be:6b:60:0c:0e:28:a9:c9:ed:a7:
b7:a4:b4:72:ca:a7:89:1f:1c:96:bf:6e:3b:d9:91:
32:5b:58:84:2b:53:4d:53:d4:a7:d9:fa:3a:43:84:
8e:6f:c2:94:b4:c4:4d:e4:ad:c0:96:77:6a:ae:b2:
d8:31:08:35:a6:14:db:11:51:9f:cb:0f:ed:80:11:
e7:32:2d:99:d0:b3:cf:d8:11:bd:6e:57:a8:84:6a:
93:b8:2b:06:32:f6:b5:f5:9d:27:24:4e:b4:76:8b:
92:8f:7d:50:df:1c:d3:47:ac:be:e8:7b:76:09:7a:
7b:ee:a4:91:53:d8:bc:00:2d:03:c1:8d:1c:ca:ae:
7d:31:75:1d:22:05:2b:f4:44:bf:00:70:0d:db:90:
4e:f9:1e:b9:b7:c9:65:14:8d:41:92:99:49:8b:7d:
52:eb:4d:41:1e:2e:41:6b:68:ce:d3:06:9a:7b:b9:
38:c8:82:ad:b9:ab:3f:a6:3d:70:72:44:15:4f:f8:
9e:b2:05:6e:1d:c5:bb:41:e2:ab:80:44:c7:b0:d5:
1a:15:6e:64:37:93:8b:fd:7f:12:c4:35:02:98:98:
18:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DC:E8:F6:13:C6:B3:09:0D:4B:FD:1B:70:45:D2:FB:9E:1D:79:1A
X509v3 Authority Key Identifier:
keyid:58:B2:9E:7B:8A:0D:DB:9C:36:C6:E0:E3:F4:95:77:81:7B:0E:A3:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLKee4oN25w2xuDj9JV3gXsOo6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/zNzo9hPGswkNS_0bcEXS-54deRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2cb3bb-0ed1-4ecf-8af5-ee73fe21ed23/1/WLKee4oN25w2xuDj9JV3gXsOo6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.132.138.0/23
82.132.160.0/20
82.132.180.0-82.132.187.255
82.132.198.0/23
82.132.210.0-82.132.249.255
Signature Algorithm: sha256WithRSAEncryption
55:76:df:f8:a3:14:7c:e7:71:27:26:f4:e4:ca:d5:47:15:9c:
f1:90:36:15:e2:25:44:6b:2b:eb:b5:80:91:48:04:45:62:7d:
be:c5:25:02:9e:95:f0:67:88:af:e0:6f:28:57:e1:81:31:aa:
7e:9f:86:02:26:d1:47:20:85:14:5f:1f:8b:02:85:98:47:4f:
3d:fc:65:dd:ed:fb:17:70:a2:70:7c:83:22:82:2d:5b:ca:f8:
34:d0:3e:a9:5d:56:df:3e:e2:19:b7:54:37:b9:ba:02:05:ec:
23:39:30:2e:1f:9f:98:9d:c9:a9:4a:aa:f4:dd:0e:7a:07:3d:
e3:91:fc:41:8a:da:c7:29:32:06:0b:fc:2b:4d:b8:fa:76:c1:
7a:5d:9e:3d:35:07:64:c2:e7:b8:47:1f:9a:6f:c5:52:6e:fe:
0a:7a:9d:45:28:3c:2d:5f:cc:6b:9f:bc:90:cd:dc:57:84:17:
cb:73:7c:54:76:aa:7c:4f:81:80:1f:14:22:2f:57:c5:10:b1:
28:23:e4:14:d8:94:39:b7:a7:a1:d5:50:f5:68:7b:7c:d4:06:
78:71:36:0f:6a:3c:e1:7e:4c:f6:97:63:50:a8:2b:cf:7f:0c:
7a:6b:a8:d5:d4:50:0f:e9:47:09:e1:0a:5b:6c:d1:2c:b4:7b:
19:78:f1:0f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzJvJH1j7Phc7EMiKO3+WWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YjI5ZTdiOGEwZGRiOWMzNmM2ZTBlM2Y0OTU3NzgxN2Iw
ZWEzYTYwHhcNMjQwMTAyMTAzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RjZThmNjEzYzZiMzA5MGQ0YmZkMWI3MDQ1ZDJmYjllMWQ3OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsojtSISFbcZmEKWIJ9jCcWzJAJ4c
jlkkehqqkWyj+oy/Vb5rYAwOKKnJ7ae3pLRyyqeJHxyWv2472ZEyW1iEK1NNU9Sn
2fo6Q4SOb8KUtMRN5K3AlndqrrLYMQg1phTbEVGfyw/tgBHnMi2Z0LPP2BG9bleo
hGqTuCsGMva19Z0nJE60douSj31Q3xzTR6y+6Ht2CXp77qSRU9i8AC0DwY0cyq59
MXUdIgUr9ES/AHAN25BO+R65t8llFI1BkplJi31S601BHi5Ba2jO0waae7k4yIKt
uas/pj1wckQVT/iesgVuHcW7QeKrgETHsNUaFW5kN5OL/X8SxDUCmJgYqwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFMzc6PYTxrMJDUv9G3BF0vueHXkaMB8GA1UdIwQY
MBaAFFiynnuKDducNsbg4/SVd4F7DqOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUt
ZWU3M2ZlMjFlZDIzLzEvek56bzloUEdzd2tOU18wYmNFWFMtNTRkZVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yY2IzYmItMGVkMS00ZWNmLThhZjUtZWU3M2ZlMjFlZDIz
LzEvV0xLZWU0b04yNXcyeHVEajlKVjNnWHNPbzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQBUoSKAwQE
UoSgMAwDBAJShLQDBAJShLgDBAFShMYwDAMEAVKE0gMEAVKE+DANBgkqhkiG9w0B
AQsFAAOCAQEAVXbf+KMUfOdxJyb05MrVRxWc8ZA2FeIlRGsr67WAkUgERWJ9vsUl
Ap6V8GeIr+BvKFfhgTGqfp+GAibRRyCFFF8fiwKFmEdPPfxl3e37F3CicHyDIoIt
W8r4NNA+qV1W3z7iGbdUN7m6AgXsIzkwLh+fmJ3JqUqq9N0Oegc945H8QYraxyky
Bgv8K024+nbBel2ePTUHZMLnuEcfmm/FUm7+CnqdRSg8LV/Ma5+8kM3cV4QXy3N8
VHaqfE+BgB8UIi9XxRCxKCPkFNiUObenodVQ9Wh7fNQGeHE2D2o84X5M9pdjUKgr
z38Memuo1dRQD+lHCeEKW2zRLLR7GXjxDw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:20:50 2025 by rpki-client