Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zuHSfKpXezdlzUyHFrTzdBWh2MI.roa
File: zuHSfKpXezdlzUyHFrTzdBWh2MI.roa (raw, json)
Hash identifier: uA5pUiH7SS5oATdL/QRNQon1cNGJSaU0xZU/8iK50Zc=
Subject key identifier: CE:E1:D2:7C:AA:57:7B:37:65:CD:4C:87:16:B4:F3:74:15:A1:D8:C2
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019092A6CA8522A356949B47F114A2FF2C9B
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zuHSfKpXezdlzUyHFrTzdBWh2MI.roa
Signing time: Mon 08 Jul 2024 14:02:02 +0000
ROA not before: Mon 08 Jul 2024 14:02:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 2.56.0.0/22 maxlen: 22
5.180.4.0/22 maxlen: 22
5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.86.16.0/21 maxlen: 21
85.159.117.0/24 maxlen: 24
89.39.242.0/24 maxlen: 24
89.40.161.0/24 maxlen: 24
91.239.59.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.72.0/23 maxlen: 23
91.242.73.0/24 maxlen: 24
91.242.74.0/23 maxlen: 23
91.242.94.0/24 maxlen: 24
91.242.95.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.125.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
94.231.198.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
178.175.176.0/22 maxlen: 22
185.40.105.0/24 maxlen: 24
185.173.244.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
194.50.200.0/23 maxlen: 24
194.50.201.0/24 maxlen: 24
194.50.206.0/23 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 22
195.138.104.0/24 maxlen: 24
195.138.105.0/24 maxlen: 24
195.138.106.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.108.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.112.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.122.0/23 maxlen: 23
195.138.124.0/22 maxlen: 22
195.138.124.0/24 maxlen: 24
195.216.156.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 07 Sep 2024 15:05:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:92:a6:ca:85:22:a3:56:94:9b:47:f1:14:a2:ff:2c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 8 14:02:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cee1d27caa577b3765cd4c8716b4f37415a1d8c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:f4:3e:ac:44:7c:1f:bb:a9:16:a6:c0:7f:
9d:4b:f6:41:36:b7:27:f1:48:5c:81:cc:3f:7e:53:
c6:0c:21:9b:7a:ff:c6:b0:42:21:45:14:34:9e:56:
26:12:15:9b:18:61:fd:9c:33:0d:98:78:17:02:96:
3f:ec:c0:2f:01:8e:e2:1c:57:36:60:67:d8:25:19:
c1:32:43:71:59:c7:1e:a7:99:79:9d:43:7a:6f:41:
91:ec:f0:12:96:c5:0b:d1:d8:4d:e7:bd:d2:64:76:
b0:ab:1f:42:db:c0:c7:0a:e3:7d:17:8e:50:9a:d9:
d4:c5:6d:cb:8b:a8:d5:b8:0c:f1:2a:14:cb:ab:2d:
a1:e1:43:1b:38:36:07:df:f1:34:3c:f8:24:67:a9:
20:39:2d:9b:56:ce:26:c2:e3:c0:6f:86:43:8e:db:
df:66:8c:95:96:34:5e:0a:80:25:ac:a7:52:4b:5d:
5d:02:94:e1:b1:7f:ff:2f:11:89:89:8c:9c:25:b3:
c3:aa:fa:19:7c:b3:d8:c7:87:5a:32:14:c2:a9:1f:
8f:ac:b6:10:1b:fe:57:97:71:67:50:6d:27:18:55:
ff:0d:a6:da:2e:ca:cb:37:60:5b:20:b7:56:96:21:
e8:e7:83:82:c9:7f:15:19:80:8f:9a:7d:0f:ac:66:
21:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E1:D2:7C:AA:57:7B:37:65:CD:4C:87:16:B4:F3:74:15:A1:D8:C2
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/zuHSfKpXezdlzUyHFrTzdBWh2MI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.0.0/22
5.180.4.0/22
5.182.28.0/22
45.67.117.0/24
45.86.16.0/21
85.159.117.0/24
89.39.242.0/24
89.40.161.0/24
91.239.59.0/24
91.242.70.0/24
91.242.72.0/22
91.242.94.0/23
91.242.103.0/24
91.242.105.0/24
91.242.123.0-91.242.127.255
94.231.198.0/24
176.126.223.0/24
178.175.176.0/22
185.40.105.0/24
185.173.244.0/24
185.173.247.0/24
185.180.145.0/24
185.212.11.0/24
194.50.200.0/23
194.50.206.0/23
195.138.103.0-195.138.108.255
195.138.111.0-195.138.112.255
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
195.138.122.0-195.138.127.255
195.216.156.0/22
Signature Algorithm: sha256WithRSAEncryption
85:e0:e3:04:93:da:8e:c5:fd:57:af:3f:18:12:1f:1a:ce:70:
57:f5:39:05:e2:7d:71:51:fe:80:c5:41:42:05:2d:81:62:e3:
76:42:61:91:e1:ec:8a:82:1a:79:2e:7c:94:52:d0:e9:92:61:
88:bf:5b:d4:66:c8:45:55:1b:43:8a:b6:fb:f4:9e:db:1a:f4:
26:eb:91:d5:53:50:10:b9:1f:ab:ab:ce:57:08:8c:83:d0:bc:
0d:0f:17:b2:cb:88:0c:53:01:9d:88:cb:e5:f4:82:08:32:76:
22:37:f8:01:99:f3:94:8c:b7:65:ec:da:53:cb:b8:2c:0f:55:
62:aa:db:9e:56:5c:3f:92:fd:8a:62:9b:f9:c3:c2:cc:90:be:
7c:ed:7e:48:bb:42:f4:8b:f7:9a:92:4b:a0:fc:21:1d:64:e2:
11:fe:3b:d4:59:70:f3:b0:9d:11:f3:06:08:09:81:13:26:ce:
b6:59:a1:bf:8e:6e:30:34:08:55:8d:7e:a7:46:70:52:f5:fd:
e1:57:d3:3f:ac:0c:2a:4c:4f:b5:98:76:8b:b8:81:a5:4e:18:
ed:8e:0f:fd:27:c4:f9:bd:7e:f3:7b:58:f2:b6:a6:bc:93:6a:
c7:64:25:76:0d:33:25:9f:75:3e:68:57:44:2f:3d:8d:0a:f1:
ce:2d:73:26
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZCSpsqFIqNWlJtH8RSi/yybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwNzA4MTQwMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWUxZDI3Y2FhNTc3YjM3NjVjZDRjODcxNmI0ZjM3NDE1YTFkOGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfX0PqxEfB+7qRamwH+dS/ZBNrcn
8Uhcgcw/flPGDCGbev/GsEIhRRQ0nlYmEhWbGGH9nDMNmHgXApY/7MAvAY7iHFc2
YGfYJRnBMkNxWccep5l5nUN6b0GR7PASlsUL0dhN573SZHawqx9C28DHCuN9F45Q
mtnUxW3Li6jVuAzxKhTLqy2h4UMbODYH3/E0PPgkZ6kgOS2bVs4mwuPAb4ZDjtvf
ZoyVljReCoAlrKdSS11dApThsX//LxGJiYycJbPDqvoZfLPYx4daMhTCqR+PrLYQ
G/5Xl3FnUG0nGFX/DabaLsrLN2BbILdWliHo54OCyX8VGYCPmn0PrGYhvQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFM7h0nyqV3s3Zc1Mhxa083QVodjCMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvenVIU2ZLcFhlemRselV5SEZyVHpkQldoMk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmAwQC
AjgAAwQCBbQEAwQCBbYcAwQALUN1AwQDLVYQAwQAVZ91AwQAWSfyAwQAWSihAwQA
W+87AwQAW/JGAwQCW/JIAwQBW/JeAwQAW/JnAwQAW/JpMAwDBABb8nsDBAdb8gAD
BABe58YDBACwft8DBAKyr7ADBAC5KGkDBAC5rfQDBAC5rfcDBAC5tJEDBAC51AsD
BAHCMsgDBAHCMs4wDAMEAMOKZwMEAMOKbDAMAwQAw4pvAwQAw4pwAwQAw4pyAwQA
w4p0AwQAw4p2AwQAw4p4MAwDBAHDinoDBAfDigADBALD2JwwDQYJKoZIhvcNAQEL
BQADggEBAIXg4wST2o7F/VevPxgSHxrOcFf1OQXifXFR/oDFQUIFLYFi43ZCYZHh
7IqCGnkufJRS0OmSYYi/W9RmyEVVG0OKtvv0ntsa9CbrkdVTUBC5H6urzlcIjIPQ
vA0PF7LLiAxTAZ2Iy+X0gggydiI3+AGZ85SMt2Xs2lPLuCwPVWKq255WXD+S/Ypi
m/nDwsyQvnztfki7QvSL95qSS6D8IR1k4hH+O9RZcPOwnRHzBggJgRMmzrZZob+O
bjA0CFWNfqdGcFL1/eFX0z+sDCpMT7WYdou4gaVOGO2OD/0nxPm9fvN7WPK2pryT
asdkJXYNMyWfdT5oV0QvPY0K8c4tcyY=
-----END CERTIFICATE-----
Generated at Sat Sep 7 17:17:19 2024 by rpki-client on console-fra.rpki-client.org