Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ZZ6hak3AGt2SEGNh6vf56OMmxFs.roa
File: ZZ6hak3AGt2SEGNh6vf56OMmxFs.roa (raw, json)
Hash identifier: O7gzFwSVEfZeODA2CqFxLQA94jWgOecvmgsimlUVFk4=
Subject key identifier: 65:9E:A1:6A:4D:C0:1A:DD:92:10:63:61:EA:F7:F9:E8:E3:26:C4:5B
Certificate issuer: /CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Certificate serial: 018C1BE8F6A2444543702F055B71F30D0171
Authority key identifier: B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ZZ6hak3AGt2SEGNh6vf56OMmxFs.roa
Signing time: Wed 29 Nov 2023 16:28:21 +0000
ROA not before: Wed 29 Nov 2023 16:28:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44901
IP address blocks: 46.253.1.0/24 maxlen: 24
46.253.3.0/24 maxlen: 24
46.253.2.0/24 maxlen: 24
46.253.4.0/24 maxlen: 24
46.253.0.0/24 maxlen: 24
46.253.7.0/24 maxlen: 24
46.253.5.0/24 maxlen: 24
46.253.6.0/24 maxlen: 24
91.132.60.0/24 maxlen: 24
91.132.63.0/24 maxlen: 24
91.132.62.0/24 maxlen: 24
185.243.213.0/24 maxlen: 24
95.169.203.0/24 maxlen: 24
95.169.202.0/24 maxlen: 24
2a09:be80::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 06:29:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:1b:e8:f6:a2:44:45:43:70:2f:05:5b:71:f3:0d:01:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b62d4cec783305923e3497ed884f1c445b4e78fb
Validity
Not Before: Nov 29 16:28:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=659ea16a4dc01add92106361eaf7f9e8e326c45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:86:59:43:3d:52:39:e9:d5:95:e5:de:a5:83:
c4:a0:f7:6e:1c:62:d1:af:91:6a:f5:d2:8c:da:0d:
14:d6:6d:4b:1b:c0:27:8d:f2:d2:6d:ca:76:e9:94:
e4:a0:a1:56:07:78:ea:b6:bf:28:39:72:29:15:99:
8a:24:c5:ed:9f:4d:de:69:5b:ae:91:b6:ba:b2:ef:
8f:68:e1:d9:8d:a7:8e:c0:45:ab:a3:98:f3:7d:87:
98:94:1f:51:55:3d:93:b6:2b:52:4c:5e:fd:d0:12:
39:22:2f:75:21:08:d2:36:c2:9f:b5:cd:35:65:b9:
77:3a:ce:eb:20:74:dd:bd:f9:86:d6:18:df:d3:1f:
be:cf:79:59:0c:27:fc:73:85:96:b2:49:c9:5d:72:
ac:3b:7c:05:f6:d2:f1:d6:7c:5e:18:a7:de:7b:54:
26:8b:a7:78:dd:3e:8d:f5:7b:5a:e0:c8:9a:7d:3d:
bc:ba:f6:37:38:90:f1:6d:31:ba:82:71:9c:da:f5:
43:58:a4:06:b5:df:4a:4a:c3:85:83:e8:47:d4:b1:
d2:00:3c:9b:d5:25:bd:37:e5:e2:2b:e8:12:ea:88:
2a:bd:5f:be:f2:66:37:46:ee:7c:09:9f:e3:cf:97:
0b:d6:e4:af:b3:49:ec:5d:7e:48:c6:e1:27:17:c9:
89:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9E:A1:6A:4D:C0:1A:DD:92:10:63:61:EA:F7:F9:E8:E3:26:C4:5B
X509v3 Authority Key Identifier:
keyid:B6:2D:4C:EC:78:33:05:92:3E:34:97:ED:88:4F:1C:44:5B:4E:78:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ti1M7HgzBZI-NJftiE8cRFtOePs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ZZ6hak3AGt2SEGNh6vf56OMmxFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/f1b3da-bebf-44b0-ab12-d32e27fb7e59/1/ti1M7HgzBZI-NJftiE8cRFtOePs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.0.0/21
91.132.60.0/24
91.132.62.0/23
95.169.202.0/23
185.243.213.0/24
IPv6:
2a09:be80::/32
Signature Algorithm: sha256WithRSAEncryption
34:c5:e9:8c:60:22:b8:b4:33:47:1e:3a:01:58:74:b2:2b:f1:
83:62:8b:d1:49:1a:74:57:cc:1e:33:b5:43:b9:15:4b:71:54:
3c:1c:06:82:7a:39:6d:fc:e0:c5:b4:98:f3:ae:ed:a9:37:f0:
ff:9f:4d:71:88:79:f4:c8:f8:86:d6:26:97:51:ad:5c:80:76:
51:63:c3:bd:c8:aa:cb:79:d8:3c:25:f7:6c:e2:97:34:10:27:
6a:37:38:9b:5c:2a:9f:a0:57:57:7e:bd:0c:7e:13:e3:91:8e:
17:ee:91:6a:6e:d3:7f:07:a8:7f:32:8b:5c:70:c3:a4:7c:d2:
88:91:fa:bc:0e:37:47:ac:33:00:a2:47:70:19:97:47:11:8f:
d9:aa:71:db:dc:71:2d:4a:9a:d2:a6:3f:6d:a2:f5:6d:d8:bf:
5b:d8:8e:84:92:8d:13:9f:11:5d:82:23:59:54:20:67:38:37:
81:7e:94:b6:a7:5f:d0:14:7c:7c:f4:27:4f:9e:ec:e1:a1:b4:
c3:4d:3e:ca:e8:a3:62:df:35:d1:2c:b0:d8:72:05:64:ee:a5:
f3:a6:6c:25:09:0d:a2:60:75:d4:c6:87:3f:1e:e0:66:22:a1:
60:b5:0a:bd:4e:68:60:79:3a:8c:48:5c:b8:fe:7f:c4:f7:db:
ca:a1:8d:a3
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYwb6PaiREVDcC8FW3HzDQFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MmQ0Y2VjNzgzMzA1OTIzZTM0OTdlZDg4NGYxYzQ0NWI0
ZTc4ZmIwHhcNMjMxMTI5MTYyODIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTllYTE2YTRkYzAxYWRkOTIxMDYzNjFlYWY3ZjllOGUzMjZjNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4ZZQz1SOenVleXepYPEoPduHGLR
r5Fq9dKM2g0U1m1LG8AnjfLSbcp26ZTkoKFWB3jqtr8oOXIpFZmKJMXtn03eaVuu
kba6su+PaOHZjaeOwEWro5jzfYeYlB9RVT2TtitSTF790BI5Ii91IQjSNsKftc01
Zbl3Os7rIHTdvfmG1hjf0x++z3lZDCf8c4WWsknJXXKsO3wF9tLx1nxeGKfee1Qm
i6d43T6N9Xta4MiafT28uvY3OJDxbTG6gnGc2vVDWKQGtd9KSsOFg+hH1LHSADyb
1SW9N+XiK+gS6ogqvV++8mY3Ru58CZ/jz5cL1uSvs0nsXX5IxuEnF8mJGwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGWeoWpNwBrdkhBjYer3+ejjJsRbMB8GA1UdIwQY
MBaAFLYtTOx4MwWSPjSX7YhPHERbTnj7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTIt
ZDMyZTI3ZmI3ZTU5LzEvWlo2aGFrM0FHdDJTRUdOaDZ2ZjU2T01teEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9mMWIzZGEtYmViZi00NGIwLWFiMTItZDMyZTI3ZmI3ZTU5
LzEvdGkxTTdIZ3pCWkktTkpmdGlFOGNSRnRPZVBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDLv0AAwQA
W4Q8AwQBW4Q+AwQBX6nKAwQAufPVMA0EAgACMAcDBQAqCb6AMA0GCSqGSIb3DQEB
CwUAA4IBAQA0xemMYCK4tDNHHjoBWHSyK/GDYovRSRp0V8weM7VDuRVLcVQ8HAaC
ejlt/ODFtJjzru2pN/D/n01xiHn0yPiG1iaXUa1cgHZRY8O9yKrLedg8Jfds4pc0
ECdqNzibXCqfoFdXfr0MfhPjkY4X7pFqbtN/B6h/MotccMOkfNKIkfq8DjdHrDMA
okdwGZdHEY/ZqnHb3HEtSprSpj9tovVt2L9b2I6Eko0TnxFdgiNZVCBnODeBfpS2
p1/QFHx89CdPnuzhobTDTT7K6KNi3zXRLLDYcgVk7qXzpmwlCQ2iYHXUxoc/HuBm
IqFgtQq9TmhgeTqMSFy4/n/E99vKoY2j
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:39 2024 by rpki-client on console-ams.rpki-client.org