Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zugIXBrWk1sf2cnkB_FV-0ewp2I.roa
File: zugIXBrWk1sf2cnkB_FV-0ewp2I.roa (raw, json)
Hash identifier: 60N8sO1NMx+vWZ3LlG7C+mb7Vc1E/eMBvUGF1L/Fh2Y=
Subject key identifier: CE:E8:08:5C:1A:D6:93:5B:1F:D9:C9:E4:07:F1:55:FB:47:B0:A7:62
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018E0EF5ED479337F2547F68371F10779C2A
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zugIXBrWk1sf2cnkB_FV-0ewp2I.roa
Signing time: Tue 05 Mar 2024 14:13:01 +0000
ROA not before: Tue 05 Mar 2024 14:13:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
31.222.248.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.238.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
195.64.109.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.117.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 06 Mar 2024 15:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:f5:ed:47:93:37:f2:54:7f:68:37:1f:10:77:9c:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Mar 5 14:13:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cee8085c1ad6935b1fd9c9e407f155fb47b0a762
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:dc:cb:ea:ac:ff:30:bf:88:45:f9:1c:3d:32:
73:96:5c:6b:39:2e:1c:eb:1d:8a:78:7c:12:cb:88:
c4:2b:a8:bb:29:02:7f:88:b6:1e:84:5e:f6:4f:b4:
f7:46:f8:33:89:f1:50:37:f7:e8:5e:59:68:dd:6c:
e0:88:49:06:93:8f:a8:ab:b5:cc:64:95:55:67:bd:
94:93:c8:79:6c:fa:5b:22:6b:2c:60:92:7c:8e:dc:
b0:db:4b:df:84:e2:07:c7:ab:c3:c9:db:ae:b9:e7:
0a:9b:6d:d5:c3:48:b2:a8:b2:ad:72:9d:ed:41:7c:
1f:9c:18:e2:de:58:40:3e:99:ac:39:5b:ac:36:7f:
20:25:aa:ee:fc:ec:96:41:0e:1d:f2:5f:57:c2:14:
84:a0:f8:a9:ec:eb:48:7d:82:e0:0c:61:1c:86:93:
cc:82:b0:67:54:e0:77:c4:b0:c5:0b:dd:e8:6f:f2:
81:d4:68:0c:c1:16:33:7c:4d:f5:8a:10:9d:91:1c:
4f:04:40:5f:a3:6f:5a:97:91:0d:b3:a9:11:9a:05:
86:d2:98:54:69:0f:9d:40:11:a0:02:14:83:f7:18:
c9:94:03:46:f7:a4:cd:fd:f6:fd:95:08:f9:88:ce:
6a:db:a9:72:77:95:45:32:6c:b7:2b:ed:05:ba:b3:
82:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E8:08:5C:1A:D6:93:5B:1F:D9:C9:E4:07:F1:55:FB:47:B0:A7:62
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/zugIXBrWk1sf2cnkB_FV-0ewp2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
31.222.248.0/24
62.68.83.0/24
62.204.57.0/24
62.233.49.0/24
80.91.210.0/24
91.213.117.0/24
91.242.225.0/24
91.242.238.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.137.0/24
146.19.194.0/24
176.56.38.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.216.0/24
194.26.221.0/24
194.32.243.0/24
195.64.106.0/24
195.64.109.0/24
195.64.112.0/24
195.64.117.0/24
195.96.146.0/24
195.96.157.0/24
212.18.103.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:fb:52:46:fe:bd:be:48:1b:50:6b:4e:02:aa:04:d9:c9:1b:
09:53:ad:42:38:4d:1b:4e:75:f5:20:22:c8:b2:53:59:9e:8a:
75:eb:5e:f1:15:83:8f:81:60:a2:45:98:26:5f:ff:1e:dc:b5:
5c:b3:75:aa:70:91:e8:dc:d6:3c:1e:38:40:8a:6e:10:c8:96:
e5:f4:c2:4b:dc:2e:1f:82:53:0e:41:ec:05:4d:19:b6:1e:bd:
8b:f1:ad:48:9c:fa:75:4a:ed:27:16:6b:ca:b7:6e:1b:94:72:
23:bc:0d:2a:58:4f:e0:24:7e:f4:c5:e3:aa:87:78:e0:b9:8a:
e4:12:f7:42:9a:ad:6a:87:da:51:da:1a:d5:f2:10:44:2f:67:
91:e0:a6:69:9a:fb:8e:1f:c2:c6:ce:cd:2d:65:21:db:15:43:
7a:a3:2e:ce:86:95:32:05:f4:5d:25:eb:45:1e:1f:2e:ed:a3:
9d:d9:90:86:71:5e:ab:07:cb:f2:cb:fe:c5:10:d5:b1:eb:68:
05:f8:b4:4b:1c:91:de:a2:f4:17:3b:10:73:cb:2a:4b:1c:80:
06:ef:75:72:6a:c5:4d:28:3c:cf:b8:81:31:26:ac:31:3f:1e:
c1:8d:68:48:8f:20:bd:5c:39:87:1e:4b:95:8e:18:0c:0f:ae:
78:b2:58:a3
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAY4O9e1HkzfyVH9oNx8Qd5wqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwMzA1MTQxMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU4MDg1YzFhZDY5MzViMWZkOWM5ZTQwN2YxNTVmYjQ3YjBhNzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodzL6qz/ML+IRfkcPTJzllxrOS4c
6x2KeHwSy4jEK6i7KQJ/iLYehF72T7T3RvgzifFQN/foXllo3WzgiEkGk4+oq7XM
ZJVVZ72Uk8h5bPpbImssYJJ8jtyw20vfhOIHx6vDyduuuecKm23Vw0iyqLKtcp3t
QXwfnBji3lhAPpmsOVusNn8gJaru/OyWQQ4d8l9XwhSEoPip7OtIfYLgDGEchpPM
grBnVOB3xLDFC93ob/KB1GgMwRYzfE31ihCdkRxPBEBfo29al5ENs6kRmgWG0phU
aQ+dQBGgAhSD9xjJlANG96TN/fb9lQj5iM5q26lyd5VFMmy3K+0FurOCKQIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFM7oCFwa1pNbH9nJ5AfxVftHsKdiMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvenVnSVhCcldrMXNmMmNua0JfRlYtMGV3cDJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAEC
OHADBAAFt4ADBAAf3vgDBAA+RFMDBAA+zDkDBAA+6TEDBABQW9IDBABb1XUDBABb
8uEDBABb8u4DBABenr8DBACCwU8DBACC/6kDBACSE4kDBACSE8IDBACwOCYDBAC5
2gEDBAC56C8DBADBAxYDBADBjTUDBADB79EDBADCGtgDBADCGt0DBADCIPMDBADD
QGoDBADDQG0DBADDQHADBADDQHUDBADDYJIDBADDYJ0DBADUEmcDBADUNAUDBADZ
ciADBADZd4IwDQYJKoZIhvcNAQELBQADggEBAB/7Ukb+vb5IG1BrTgKqBNnJGwlT
rUI4TRtOdfUgIsiyU1meinXrXvEVg4+BYKJFmCZf/x7ctVyzdapwkejc1jweOECK
bhDIluX0wkvcLh+CUw5B7AVNGbYevYvxrUic+nVK7ScWa8q3bhuUciO8DSpYT+Ak
fvTF46qHeOC5iuQS90KarWqH2lHaGtXyEEQvZ5Hgpmma+44fwsbOzS1lIdsVQ3qj
Ls6GlTIF9F0l60UeHy7to53ZkIZxXqsHy/LL/sUQ1bHraAX4tEsckd6i9Bc7EHPL
KkscgAbvdXJqxU0oPM+4gTEmrDE/HsGNaEiPIL1cOYceS5WOGAwPrniyWKM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:00 2024 by rpki-client on console-ams.rpki-client.org