Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zqqpRE2Tu_uk_IdWi0L-feX4obE.roa
File: zqqpRE2Tu_uk_IdWi0L-feX4obE.roa (raw, json)
Hash identifier: ht1Ocmuo2+G+kXo/6HlL+LV0fArtfxCWwrhZ/zJusys=
Subject key identifier: CE:AA:A9:44:4D:93:BB:FB:A4:FC:87:56:8B:42:FE:7D:E5:F8:A1:B1
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 01918D9E3A239EE6E04E8358170436FE128A
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zqqpRE2Tu_uk_IdWi0L-feX4obE.roa
Signing time: Mon 26 Aug 2024 07:37:22 +0000
ROA not before: Mon 26 Aug 2024 07:37:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.134.23.0/24 maxlen: 24
45.152.150.0/23 maxlen: 24
185.94.65.0/24 maxlen: 24
185.94.66.0/24 maxlen: 24
185.198.155.0/24 maxlen: 24
195.64.107.0/24 maxlen: 24
195.64.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Oct 2024 14:36:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8d:9e:3a:23:9e:e6:e0:4e:83:58:17:04:36:fe:12:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Aug 26 07:37:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ceaaa9444d93bbfba4fc87568b42fe7de5f8a1b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:ec:b6:05:b1:eb:de:a2:b6:eb:97:86:94:8d:
90:1f:9e:09:ed:7e:dc:25:1f:d8:c0:7e:56:73:08:
c4:80:17:4b:43:b5:de:9a:d7:8f:4b:c0:b0:d7:aa:
9e:5b:58:55:14:7f:38:4b:f5:be:0c:91:7b:92:1f:
be:b4:e0:8c:25:1d:d5:69:cc:37:f0:7a:20:38:29:
ba:6d:fc:e9:fd:d5:ce:f6:7e:e1:ac:65:74:0b:41:
62:88:6e:aa:85:c0:70:7c:c5:fd:73:6c:1b:4d:97:
81:d1:25:51:48:2d:1e:8f:44:6b:76:74:0a:17:2e:
ec:fe:b2:c4:eb:b5:95:ff:9d:f2:72:55:8a:7c:e1:
f9:89:3c:4e:34:2d:da:4d:cb:3d:4a:8a:70:e9:01:
be:b5:5b:f4:6f:6d:67:9c:61:0b:12:cc:94:30:16:
0a:ea:5f:55:01:8d:fb:c3:14:5b:a6:7e:60:1a:de:
33:87:ed:50:a9:55:1e:93:03:2e:1d:8c:92:a4:eb:
d2:76:dd:90:fc:72:8e:ad:55:98:ee:a8:f5:4e:98:
4c:93:a0:4d:55:39:c3:4f:a7:b8:35:cd:9b:b0:08:
3c:e4:b0:91:e7:cd:cb:cb:6b:d8:3f:a3:78:55:99:
f0:8c:d1:4e:f4:56:97:bb:dc:ca:3d:7d:6a:3a:d7:
d6:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AA:A9:44:4D:93:BB:FB:A4:FC:87:56:8B:42:FE:7D:E5:F8:A1:B1
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/zqqpRE2Tu_uk_IdWi0L-feX4obE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.134.23.0/24
45.152.150.0/23
185.94.65.0-185.94.66.255
185.198.155.0/24
195.64.107.0/24
195.64.113.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:fe:55:6a:17:e1:9f:01:f1:c4:95:ec:c4:91:94:50:bd:c0:
5d:d9:31:6b:d5:e3:91:39:da:79:c7:e0:48:10:d9:44:53:31:
28:c2:42:4d:5a:b2:91:8a:09:0f:c0:33:8b:21:6f:5a:3b:4f:
4e:a8:3e:e1:6e:82:9c:63:aa:30:9c:55:f3:1c:43:26:a0:46:
24:df:3a:df:44:ad:b3:53:88:ce:82:42:3c:92:1c:4f:eb:40:
cc:84:b3:47:88:f0:ca:2a:eb:3f:e9:25:c3:49:b6:0c:7b:a6:
7f:e8:89:a8:32:b5:8c:3b:00:87:e4:2b:18:08:41:fc:7a:e4:
c7:7a:b5:12:f2:d2:a3:42:9a:12:9b:1f:d2:b3:60:06:47:5c:
a2:4a:09:2c:9b:b2:b2:7b:6c:50:25:7a:d8:b1:57:d4:6a:15:
d4:e0:d3:f4:37:0f:7c:89:bb:82:cf:10:b4:40:42:73:46:08:
cd:3e:14:12:63:61:fd:6c:e3:b0:e7:ca:9b:2e:f9:aa:d4:ca:
46:11:f1:da:ea:19:ef:77:20:42:7d:66:3c:31:23:b3:45:38:
92:37:c3:c9:a6:c7:72:d0:ea:64:d9:a1:94:03:64:be:25:b9:
df:da:e5:dd:0b:f8:43:18:f3:d2:69:22:67:bd:d6:40:0a:b8:
b3:b4:44:3e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZGNnjojnubgToNYFwQ2/hKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwODI2MDczNzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFhYTk0NDRkOTNiYmZiYTRmYzg3NTY4YjQyZmU3ZGU1ZjhhMWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3+y2BbHr3qK265eGlI2QH54J7X7c
JR/YwH5WcwjEgBdLQ7XemtePS8Cw16qeW1hVFH84S/W+DJF7kh++tOCMJR3Vacw3
8HogOCm6bfzp/dXO9n7hrGV0C0FiiG6qhcBwfMX9c2wbTZeB0SVRSC0ej0RrdnQK
Fy7s/rLE67WV/53yclWKfOH5iTxONC3aTcs9Sopw6QG+tVv0b21nnGELEsyUMBYK
6l9VAY37wxRbpn5gGt4zh+1QqVUekwMuHYySpOvSdt2Q/HKOrVWY7qj1TphMk6BN
VTnDT6e4Nc2bsAg85LCR583Ly2vYP6N4VZnwjNFO9FaXu9zKPX1qOtfWuQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFM6qqURNk7v7pPyHVotC/n3l+KGxMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvenFxcFJFMlR1X3VrX0lkV2kwTC1mZVg0b2JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQALYYXAwQB
LZiWMAwDBAC5XkEDBAC5XkIDBAC5xpsDBADDQGsDBADDQHEwDQYJKoZIhvcNAQEL
BQADggEBAFz+VWoX4Z8B8cSV7MSRlFC9wF3ZMWvV45E52nnH4EgQ2URTMSjCQk1a
spGKCQ/AM4shb1o7T06oPuFugpxjqjCcVfMcQyagRiTfOt9ErbNTiM6CQjySHE/r
QMyEs0eI8Moq6z/pJcNJtgx7pn/oiagytYw7AIfkKxgIQfx65Md6tRLy0qNCmhKb
H9KzYAZHXKJKCSybsrJ7bFAletixV9RqFdTg0/Q3D3yJu4LPELRAQnNGCM0+FBJj
Yf1s47Dnypsu+arUykYR8drqGe93IEJ9ZjwxI7NFOJI3w8mmx3LQ6mTZoZQDZL4l
ud/a5d0L+EMY89JpIme91kAKuLO0RD4=
-----END CERTIFICATE-----
Generated at Tue Oct 22 19:33:53 2024 by rpki-client on console-ams.rpki-client.org