Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/zNSR27rKZxroXSbVh5-UiUQGtXw.roa
File: zNSR27rKZxroXSbVh5-UiUQGtXw.roa (raw, json)
Hash identifier: 5cretSZ5fGxn7+Txg4Hwtv7uOwV7LxP6OJ2Rg4MIYEY=
Subject key identifier: CC:D4:91:DB:BA:CA:67:1A:E8:5D:26:D5:87:9F:94:89:44:06:B5:7C
Certificate issuer: /CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Certificate serial: 019248E4368DCC651F9041025F19315AC968
Authority key identifier: 9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/zNSR27rKZxroXSbVh5-UiUQGtXw.roa
Signing time: Tue 01 Oct 2024 16:22:48 +0000
ROA not before: Tue 01 Oct 2024 16:22:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25198
IP address blocks: 46.229.243.0/24 maxlen: 24
46.229.251.0/24 maxlen: 24
46.229.253.0/24 maxlen: 24
76.164.200.0/24 maxlen: 24
77.74.123.0/24 maxlen: 24
83.229.61.0/24 maxlen: 24
85.204.107.0/24 maxlen: 24
92.42.100.0/24 maxlen: 24
103.112.171.0/24 maxlen: 24
103.121.48.0/24 maxlen: 24
103.121.49.0/24 maxlen: 24
103.126.50.0/24 maxlen: 24
103.126.51.0/24 maxlen: 24
103.244.144.0/24 maxlen: 24
103.244.145.0/24 maxlen: 24
103.246.248.0/24 maxlen: 24
185.104.63.0/24 maxlen: 24
195.74.93.0/24 maxlen: 24
203.14.32.0/24 maxlen: 24
203.25.108.0/24 maxlen: 24
2a12:3200::/36 maxlen: 36
2a12:3200:1000::/36 maxlen: 36
2a12:3200:2000::/36 maxlen: 36
2a12:3200:3000::/36 maxlen: 36
2a12:3200:4000::/36 maxlen: 36
2a12:3200:5000::/36 maxlen: 36
2a12:3200:6000::/36 maxlen: 36
Validation: Failed, certificate revoked on Sat 05 Oct 2024 12:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:e4:36:8d:cc:65:1f:90:41:02:5f:19:31:5a:c9:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eb50e5386c809a0fae6530aa5e8d9825251ded0
Validity
Not Before: Oct 1 16:22:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd491dbbaca671ae85d26d5879f94894406b57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4a:40:35:a4:76:90:fb:6d:5b:8f:5a:d5:dd:
30:f4:d9:29:a7:46:71:97:2f:4f:94:e0:d7:db:04:
ba:33:d1:c9:ec:8d:84:87:bf:13:6d:b1:71:4d:6d:
b4:47:8d:60:08:51:91:b9:18:a9:27:30:ee:1a:64:
d2:b7:cf:5d:97:ad:08:c0:f9:13:a5:7e:1c:19:06:
28:85:ec:8d:9f:b3:d6:ac:3c:9e:3f:74:cb:f0:6a:
3c:91:c0:d8:e1:3a:cb:5c:87:c7:d1:06:83:1e:ed:
09:57:4f:d1:df:74:1c:3c:e3:fe:c1:ab:3a:4c:8d:
23:d7:55:64:52:ce:41:f1:21:97:eb:af:98:ed:07:
0f:61:e5:8c:1e:ab:64:85:f3:dc:bd:55:29:20:10:
60:8d:24:d0:8f:01:14:b3:f0:f7:81:a5:5f:4c:15:
47:7c:b4:ff:08:c8:4b:21:76:e4:84:83:f5:84:5a:
4b:f3:7c:02:00:62:28:40:b5:b7:2b:4f:dc:68:17:
57:74:20:52:78:d9:bd:2d:e7:31:2f:cf:e9:ce:f7:
5f:16:57:aa:78:04:2d:5a:2b:58:a1:67:ef:22:73:
24:a0:03:d7:0d:9c:96:0d:0d:2e:2e:4c:87:41:ef:
00:77:c8:3d:e6:c4:68:d6:a2:9d:c9:19:52:7c:c3:
11:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D4:91:DB:BA:CA:67:1A:E8:5D:26:D5:87:9F:94:89:44:06:B5:7C
X509v3 Authority Key Identifier:
keyid:9E:B5:0E:53:86:C8:09:A0:FA:E6:53:0A:A5:E8:D9:82:52:51:DE:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nrUOU4bICaD65lMKpejZglJR3tA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/zNSR27rKZxroXSbVh5-UiUQGtXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/b54641-a95a-4add-a45e-1cada6e8b1a9/1/nrUOU4bICaD65lMKpejZglJR3tA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.243.0/24
46.229.251.0/24
46.229.253.0/24
76.164.200.0/24
77.74.123.0/24
83.229.61.0/24
85.204.107.0/24
92.42.100.0/24
103.112.171.0/24
103.121.48.0/23
103.126.50.0/23
103.244.144.0/23
103.246.248.0/24
185.104.63.0/24
195.74.93.0/24
203.14.32.0/24
203.25.108.0/24
IPv6:
2a12:3200::-2a12:3200:6fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
b9:8a:35:87:14:bf:98:ac:07:ab:f2:03:56:34:1e:c6:a8:3b:
a9:3c:33:28:a5:d6:de:2f:6d:1e:df:fd:91:9c:09:8f:fa:f0:
20:b5:50:8c:4f:50:c1:f8:0d:6d:30:07:00:64:8d:57:38:2d:
de:1c:6b:4b:1e:d4:b9:c5:2b:78:ba:55:ce:44:03:db:9d:1b:
ca:43:9d:5f:26:b4:63:6c:3f:79:14:bd:02:05:ab:bc:44:3a:
d4:10:72:67:2b:e6:b6:12:76:ac:f1:e2:95:39:a6:7f:b8:c9:
ac:67:01:c1:35:6f:86:6d:56:55:b5:de:b0:0b:01:5c:e4:30:
ee:77:46:ac:6d:27:cb:a6:24:db:cf:44:cf:f1:c4:60:d6:87:
ff:6f:6b:17:6e:1f:6d:0a:be:0d:9d:6c:15:c5:6d:d0:79:29:
b1:75:01:06:86:c5:ff:ec:b0:c5:6f:21:66:ff:f0:88:48:69:
d7:f3:a2:b3:95:56:a9:e3:2d:25:1d:85:42:ba:71:6a:8f:68:
40:28:16:62:9b:0e:74:7e:ad:33:26:9a:35:f0:98:ec:2e:50:
e1:0b:9d:cd:ad:a5:ec:95:40:5b:41:f5:82:46:a6:f3:dd:d8:
d4:5f:f9:ea:2f:0e:de:60:d7:7b:f5:26:cd:74:58:2a:de:68:
52:a8:86:7e
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAZJI5DaNzGUfkEECXxkxWsloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllYjUwZTUzODZjODA5YTBmYWU2NTMwYWE1ZThkOTgyNTI1
MWRlZDAwHhcNMjQxMDAxMTYyMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2Q0OTFkYmJhY2E2NzFhZTg1ZDI2ZDU4NzlmOTQ4OTQ0MDZiNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEpANaR2kPttW49a1d0w9Nkpp0Zx
ly9PlODX2wS6M9HJ7I2Eh78TbbFxTW20R41gCFGRuRipJzDuGmTSt89dl60IwPkT
pX4cGQYoheyNn7PWrDyeP3TL8Go8kcDY4TrLXIfH0QaDHu0JV0/R33QcPOP+was6
TI0j11VkUs5B8SGX66+Y7QcPYeWMHqtkhfPcvVUpIBBgjSTQjwEUs/D3gaVfTBVH
fLT/CMhLIXbkhIP1hFpL83wCAGIoQLW3K0/caBdXdCBSeNm9LecxL8/pzvdfFleq
eAQtWitYoWfvInMkoAPXDZyWDQ0uLkyHQe8Ad8g95sRo1qKdyRlSfMMRwQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFMzUkdu6ymca6F0m1YeflIlEBrV8MB8GA1UdIwQY
MBaAFJ61DlOGyAmg+uZTCqXo2YJSUd7QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUt
MWNhZGE2ZThiMWE5LzEvek5TUjI3cktaeHJvWFNiVmg1LVVpVVFHdFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy9iNTQ2NDEtYTk1YS00YWRkLWE0NWUtMWNhZGE2ZThiMWE5
LzEvbnJVT1U0YklDYUQ2NWxNS3BlalpnbEpSM3RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjBsBAIAATBmAwQALuXz
AwQALuX7AwQALuX9AwQATKTIAwQATUp7AwQAU+U9AwQAVcxrAwQAXCpkAwQAZ3Cr
AwQBZ3kwAwQBZ34yAwQBZ/SQAwQAZ/b4AwQAuWg/AwQAw0pdAwQAyw4gAwQAyxls
MBYEAgACMBAwDgMEASoSMgMGBCoSMgBgMA0GCSqGSIb3DQEBCwUAA4IBAQC5ijWH
FL+YrAer8gNWNB7GqDupPDMopdbeL20e3/2RnAmP+vAgtVCMT1DB+A1tMAcAZI1X
OC3eHGtLHtS5xSt4ulXORAPbnRvKQ51fJrRjbD95FL0CBau8RDrUEHJnK+a2Enas
8eKVOaZ/uMmsZwHBNW+GbVZVtd6wCwFc5DDud0asbSfLpiTbz0TP8cRg1of/b2sX
bh9tCr4NnWwVxW3QeSmxdQEGhsX/7LDFbyFm//CISGnX86KzlVap4y0lHYVCunFq
j2hAKBZimw50fq0zJpo18JjsLlDhC53NraXslUBbQfWCRqbz3djUX/nqLw7eYNd7
9SbNdFgq3mhSqIZ+
-----END CERTIFICATE-----
Generated at Sat Oct 5 16:36:55 2024 by rpki-client on console-fra.rpki-client.org