Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhPy_LmUtYoJ7Ld_QXGCL3fmuFY.roa
File: ZhPy_LmUtYoJ7Ld_QXGCL3fmuFY.roa (raw, json)
Hash identifier: x4WJf/m+gmIT4zxWNNend1lUFLSdHnUWst27XKga2yU=
Subject key identifier: 66:13:F2:FC:B9:94:B5:8A:09:EC:B7:7F:41:71:82:2F:77:E6:B8:56
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E0EF5ECD0B9E7932A39ABAD6E00124EC6
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhPy_LmUtYoJ7Ld_QXGCL3fmuFY.roa
Signing time: Tue 05 Mar 2024 14:13:01 +0000
ROA not before: Tue 05 Mar 2024 14:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49505
IP address blocks: 2.59.49.0/24 maxlen: 24
31.216.60.0/24 maxlen: 24
37.221.82.0/23 maxlen: 23
45.10.64.0/22 maxlen: 22
45.10.80.0/22 maxlen: 22
45.11.196.0/24 maxlen: 24
45.15.238.0/24 maxlen: 24
45.93.80.0/24 maxlen: 24
45.132.36.0/24 maxlen: 24
45.132.37.0/24 maxlen: 24
45.132.38.0/24 maxlen: 24
45.132.128.0/24 maxlen: 24
45.132.129.0/24 maxlen: 24
45.138.213.0/24 maxlen: 24
45.138.214.0/24 maxlen: 24
45.139.52.0/24 maxlen: 24
45.139.53.0/24 maxlen: 24
45.139.55.0/24 maxlen: 24
45.140.64.0/24 maxlen: 24
45.140.72.0/22 maxlen: 22
45.146.24.0/24 maxlen: 24
45.146.25.0/24 maxlen: 24
45.146.27.0/24 maxlen: 24
45.147.12.0/24 maxlen: 24
45.147.13.0/24 maxlen: 24
45.147.14.0/24 maxlen: 24
45.147.15.0/24 maxlen: 24
45.149.129.0/24 maxlen: 24
45.152.116.0/24 maxlen: 24
45.152.117.0/24 maxlen: 24
45.159.84.0/24 maxlen: 24
45.159.87.0/24 maxlen: 24
62.233.34.0/24 maxlen: 24
62.233.48.0/24 maxlen: 24
84.246.81.0/24 maxlen: 24
89.107.12.0/24 maxlen: 24
91.199.189.0/24 maxlen: 24
91.206.68.0/24 maxlen: 24
91.236.121.0/24 maxlen: 24
93.190.120.0/24 maxlen: 24
94.124.75.0/24 maxlen: 24
94.124.77.0/24 maxlen: 24
176.116.12.0/24 maxlen: 24
176.222.56.0/24 maxlen: 24
176.222.57.0/24 maxlen: 24
176.222.59.0/24 maxlen: 24
185.188.41.0/24 maxlen: 24
193.5.28.0/24 maxlen: 24
193.31.4.0/24 maxlen: 24
193.31.5.0/24 maxlen: 24
193.58.170.0/24 maxlen: 24
193.107.22.0/24 maxlen: 24
194.104.228.0/24 maxlen: 24
195.216.132.0/22 maxlen: 22
195.225.99.0/24 maxlen: 24
213.166.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f5:ec:d0:b9:e7:93:2a:39:ab:ad:6e:00:12:4e:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 5 14:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6613f2fcb994b58a09ecb77f4171822f77e6b856
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4c:af:80:73:7c:5b:1d:1e:2e:24:d9:82:f0:
8c:44:94:b4:cc:05:50:e8:53:22:c4:be:b1:56:13:
01:6a:dc:05:6d:ef:a4:97:7c:02:38:da:c4:d0:88:
c1:0c:69:10:31:7b:33:68:f0:51:0e:dd:9c:9d:c4:
68:12:65:0b:d7:71:8f:35:48:b3:dd:fc:b8:fa:17:
b0:f3:1e:52:b6:7a:59:46:34:d2:22:47:ba:36:da:
80:03:1e:6f:fc:bc:47:e6:0e:f6:18:e0:92:ff:52:
8d:73:8f:c6:82:58:87:59:13:64:01:5c:41:2d:05:
1b:ac:84:6e:d1:95:9c:5a:6a:47:4a:f7:80:dc:19:
f2:75:e4:fd:17:9b:23:a3:5a:7b:86:06:bd:56:45:
b9:90:7e:37:d6:b7:bb:20:14:92:b9:92:39:61:1f:
1c:c2:12:b2:a9:36:7e:00:89:93:fd:2f:06:d7:90:
7f:e1:a7:e1:da:0c:12:bd:10:e6:9c:e9:18:3f:6a:
7e:ac:f6:f9:64:3a:c5:9c:1c:0e:26:ce:17:26:51:
bb:47:f7:a9:83:cb:d8:0d:84:44:4e:3b:2d:ab:75:
aa:ae:0d:ff:0f:89:6e:d0:f5:d2:3f:d6:47:d0:23:
1d:39:9a:b8:b8:f7:1c:4b:10:25:ed:f2:fc:c6:0e:
6b:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:13:F2:FC:B9:94:B5:8A:09:EC:B7:7F:41:71:82:2F:77:E6:B8:56
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/ZhPy_LmUtYoJ7Ld_QXGCL3fmuFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.49.0/24
31.216.60.0/24
37.221.82.0/23
45.10.64.0/22
45.10.80.0/22
45.11.196.0/24
45.15.238.0/24
45.93.80.0/24
45.132.36.0-45.132.38.255
45.132.128.0/23
45.138.213.0-45.138.214.255
45.139.52.0/23
45.139.55.0/24
45.140.64.0/24
45.140.72.0/22
45.146.24.0/23
45.146.27.0/24
45.147.12.0/22
45.149.129.0/24
45.152.116.0/23
45.159.84.0/24
45.159.87.0/24
62.233.34.0/24
62.233.48.0/24
84.246.81.0/24
89.107.12.0/24
91.199.189.0/24
91.206.68.0/24
91.236.121.0/24
93.190.120.0/24
94.124.75.0/24
94.124.77.0/24
176.116.12.0/24
176.222.56.0/23
176.222.59.0/24
185.188.41.0/24
193.5.28.0/24
193.31.4.0/23
193.58.170.0/24
193.107.22.0/24
194.104.228.0/24
195.216.132.0/22
195.225.99.0/24
213.166.64.0/22
Signature Algorithm: sha256WithRSAEncryption
28:c4:65:4b:fd:73:61:fc:6a:66:1f:ad:92:2b:24:48:48:f3:
8c:94:7b:46:1a:5c:31:92:9c:80:a0:c9:74:98:17:03:2b:39:
e8:45:24:a0:1e:91:54:79:8b:c3:1e:87:18:cc:0c:19:4a:ab:
b3:b0:da:66:3d:b2:3a:7a:17:c9:8a:23:0a:e8:12:db:b1:40:
a2:57:89:06:d4:e6:1d:9d:9e:c2:be:06:b8:f8:1e:73:4c:a9:
14:99:e1:f6:eb:95:56:0b:2b:27:a0:6d:29:dc:c5:6c:b2:d4:
26:e4:e0:f9:9f:1d:89:2c:82:b8:3d:ec:a0:ec:e2:b4:f7:c2:
b8:c1:a4:98:4f:db:48:9f:ea:fa:2b:93:df:44:69:7a:3f:61:
d2:36:8c:af:06:d5:cf:8a:8a:08:d3:83:e7:54:be:11:92:5b:
73:7e:9b:aa:a3:e0:5a:d9:32:15:09:22:b3:f1:12:5c:ac:95:
c4:88:52:c3:04:04:c5:50:62:a0:e5:1a:40:17:3e:6f:66:b9:
04:58:05:72:b3:83:95:06:27:92:e6:50:77:ba:82:70:7f:e6:
e9:ae:b4:35:46:7d:97:9b:e1:23:a3:4a:5c:63:5b:8a:ba:13:
ee:ed:45:57:58:40:5c:3e:69:38:66:e9:1b:d2:b1:e2:37:7f:
de:ae:66:e1
-----BEGIN CERTIFICATE-----
MIIGGTCCBQGgAwIBAgISAY4O9ezQueeTKjmrrW4AEk7GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA1MTQxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjEzZjJmY2I5OTRiNThhMDllY2I3N2Y0MTcxODIyZjc3ZTZiODU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUyvgHN8Wx0eLiTZgvCMRJS0zAVQ
6FMixL6xVhMBatwFbe+kl3wCONrE0IjBDGkQMXszaPBRDt2cncRoEmUL13GPNUiz
3fy4+hew8x5StnpZRjTSIke6NtqAAx5v/LxH5g72GOCS/1KNc4/GgliHWRNkAVxB
LQUbrIRu0ZWcWmpHSveA3BnydeT9F5sjo1p7hga9VkW5kH431re7IBSSuZI5YR8c
whKyqTZ+AImT/S8G15B/4afh2gwSvRDmnOkYP2p+rPb5ZDrFnBwOJs4XJlG7R/ep
g8vYDYRETjstq3Wqrg3/D4lu0PXSP9ZH0CMdOZq4uPccSxAl7fL8xg5r8QIDAQAB
o4IDJTCCAyEwHQYDVR0OBBYEFGYT8vy5lLWKCey3f0Fxgi935rhWMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvWmhQeV9MbVV0WW9KN0xkX1FYR0NMM2ZtdUZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOQYIKwYBBQUHAQcBAf8EggEoMIIBJDCCASAEAgABMIIB
GAMEAAI7MQMEAB/YPAMEASXdUgMEAi0KQAMEAi0KUAMEAC0LxAMEAC0P7gMEAC1d
UDAMAwQCLYQkAwQALYQmAwQBLYSAMAwDBAAtitUDBAAtitYDBAEtizQDBAAtizcD
BAAtjEADBAItjEgDBAEtkhgDBAAtkhsDBAItkwwDBAAtlYEDBAEtmHQDBAAtn1QD
BAAtn1cDBAA+6SIDBAA+6TADBABU9lEDBABZawwDBABbx70DBABbzkQDBABb7HkD
BABdvngDBABefEsDBABefE0DBACwdAwDBAGw3jgDBACw3jsDBAC5vCkDBADBBRwD
BAHBHwQDBADBOqoDBADBaxYDBADCaOQDBALD2IQDBADD4WMDBALVpkAwDQYJKoZI
hvcNAQELBQADggEBACjEZUv9c2H8amYfrZIrJEhI84yUe0YaXDGSnICgyXSYFwMr
OehFJKAekVR5i8MehxjMDBlKq7Ow2mY9sjp6F8mKIwroEtuxQKJXiQbU5h2dnsK+
Brj4HnNMqRSZ4fbrlVYLKyegbSncxWyy1Cbk4PmfHYksgrg97KDs4rT3wrjBpJhP
20if6vork99EaXo/YdI2jK8G1c+KigjTg+dUvhGSW3N+m6qj4FrZMhUJIrPxElys
lcSIUsMEBMVQYqDlGkAXPm9muQRYBXKzg5UGJ5LmUHe6gnB/5umutDVGfZeb4SOj
SlxjW4q6E+7tRVdYQFw+aThm6RvSseI3f96uZuE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:23 2024 by rpki-client on console-fra.rpki-client.org