Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/zxzSoXz5Hhx7BdR1nhRMP8FBkzs.roa
File: zxzSoXz5Hhx7BdR1nhRMP8FBkzs.roa (raw, json)
Hash identifier: Ba+WuZbvCb+ny3gl4L2+/H+BaSD0trqS2s+mFTT+qgI=
Subject key identifier: CF:1C:D2:A1:7C:F9:1E:1C:7B:05:D4:75:9E:14:4C:3F:C1:41:93:3B
Certificate issuer: /CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Certificate serial: 0186C60B260BC041AB98E2636ACAFD497813
Authority key identifier: D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/zxzSoXz5Hhx7BdR1nhRMP8FBkzs.roa
Signing time: Thu 09 Mar 2023 11:04:24 +0000
ROA not before: Thu 09 Mar 2023 11:04:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58073
IP address blocks: 45.145.252.0/22 maxlen: 22
193.104.186.0/24 maxlen: 24
45.152.192.0/22 maxlen: 22
37.220.32.0/21 maxlen: 24
45.10.116.0/22 maxlen: 22
45.129.176.0/22 maxlen: 22
185.38.12.0/22 maxlen: 24
2.58.23.0/24 maxlen: 24
2.58.20.0/22 maxlen: 22
45.82.44.0/22 maxlen: 22
45.88.16.0/22 maxlen: 22
45.93.32.0/22 maxlen: 22
46.182.104.0/24 maxlen: 24
46.182.105.0/24 maxlen: 24
46.182.106.0/24 maxlen: 24
46.182.107.0/24 maxlen: 24
46.182.111.0/24 maxlen: 24
46.182.109.0/24 maxlen: 24
46.182.110.0/24 maxlen: 24
2a02:2a38::/32 maxlen: 32
2a02:2a38:37::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c6:0b:26:0b:c0:41:ab:98:e2:63:6a:ca:fd:49:78:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d94bddafb5df098419020a8fbc7a90b16e341d63
Validity
Not Before: Mar 9 11:04:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cf1cd2a17cf91e1c7b05d4759e144c3fc141933b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d3:24:ab:31:9b:a6:69:0e:07:bc:14:50:a9:
1d:40:bc:d7:7a:b0:c9:99:75:f1:cd:29:eb:9f:a3:
2b:17:49:ed:96:25:2f:65:4e:5d:82:17:9b:27:4e:
34:8a:79:74:2f:37:6d:52:df:05:0e:a7:76:76:ae:
95:23:f1:0f:4a:5a:fd:e5:16:de:37:41:db:90:62:
f2:ad:a9:43:6f:6c:ca:a6:b3:0c:cc:ea:6b:d7:d2:
ae:35:4f:ee:c0:c9:2d:6c:0c:c6:2c:2f:8e:2e:b4:
91:64:6d:51:28:61:ee:2d:bf:16:91:99:45:46:20:
9b:71:c8:64:95:5a:0b:1f:7e:31:91:53:d5:5a:7f:
01:51:5f:9f:e7:fc:fa:49:f8:37:91:9d:e3:b8:2a:
74:23:56:11:e7:ab:94:0c:d6:7f:8b:e6:57:13:e9:
8d:21:a5:9d:fb:06:f5:d2:82:77:b7:57:90:9f:f6:
b1:38:59:84:d3:a9:d9:f6:d7:0c:d7:49:ae:97:0f:
d0:87:c0:40:d0:1e:3a:bc:3d:9b:90:04:11:51:c8:
60:fe:bf:69:6d:b0:7b:f7:f5:b5:f3:e9:8f:ab:6f:
fc:99:cd:17:5f:5a:2d:c0:63:a7:8a:d5:a6:97:f1:
03:14:96:35:54:53:b7:09:4f:7a:b0:84:72:3f:d8:
a3:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1C:D2:A1:7C:F9:1E:1C:7B:05:D4:75:9E:14:4C:3F:C1:41:93:3B
X509v3 Authority Key Identifier:
keyid:D9:4B:DD:AF:B5:DF:09:84:19:02:0A:8F:BC:7A:90:B1:6E:34:1D:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Uvdr7XfCYQZAgqPvHqQsW40HWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/zxzSoXz5Hhx7BdR1nhRMP8FBkzs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/cde757-7672-4720-8ce1-6e26b91f6910/1/2Uvdr7XfCYQZAgqPvHqQsW40HWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.20.0/22
37.220.32.0/21
45.10.116.0/22
45.82.44.0/22
45.88.16.0/22
45.93.32.0/22
45.129.176.0/22
45.145.252.0/22
45.152.192.0/22
46.182.104.0/22
46.182.109.0-46.182.111.255
185.38.12.0/22
193.104.186.0/24
IPv6:
2a02:2a38::/32
Signature Algorithm: sha256WithRSAEncryption
5e:1c:30:83:8d:4e:f7:4f:a1:57:57:13:5a:59:42:82:70:b0:
6f:2a:0b:d8:b3:b1:c2:1f:80:be:e5:25:6b:97:61:af:a2:ac:
18:4b:cb:2f:ca:eb:18:bb:14:7f:f1:51:60:8b:08:f7:79:ef:
10:24:e2:5a:72:4c:33:5d:8e:e7:36:05:f4:82:4b:ae:63:82:
d8:d5:73:26:d5:3b:4a:e6:5a:58:d4:60:38:d2:62:6e:c9:ea:
a9:6d:f5:6e:ad:d1:79:08:da:8c:59:71:18:5a:6b:35:f5:57:
83:7d:86:69:be:43:dd:7b:1a:9b:e1:aa:f4:dc:c8:ea:d5:7f:
12:76:cb:6c:3b:7c:f4:14:4a:84:83:19:3a:ce:c8:d3:eb:5a:
b4:5b:0e:06:c0:99:58:b2:0c:6d:27:c5:55:8b:d7:e3:17:63:
80:80:3f:e1:e6:20:a3:76:3a:8a:9c:53:62:56:f7:41:f5:cd:
09:de:cb:7f:ba:ad:03:93:38:9e:af:ec:f7:ec:64:44:cf:a8:
65:22:c1:ce:b0:1c:55:93:fc:4c:3a:6f:6a:57:c0:38:5d:4b:
54:76:e7:a8:32:a9:31:0b:20:08:83:72:90:80:ff:4f:ea:c3:
30:9c:a5:43:91:5d:b2:12:30:b0:10:bd:4b:f8:cb:a1:a0:78:
51:c8:85:f2
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgISAYbGCyYLwEGrmOJjasr9SXgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5NGJkZGFmYjVkZjA5ODQxOTAyMGE4ZmJjN2E5MGIxNmUz
NDFkNjMwHhcNMjMwMzA5MTEwNDI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFjZDJhMTdjZjkxZTFjN2IwNWQ0NzU5ZTE0NGMzZmMxNDE5MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9MkqzGbpmkOB7wUUKkdQLzXerDJ
mXXxzSnrn6MrF0ntliUvZU5dghebJ040inl0LzdtUt8FDqd2dq6VI/EPSlr95Rbe
N0HbkGLyralDb2zKprMMzOpr19KuNU/uwMktbAzGLC+OLrSRZG1RKGHuLb8WkZlF
RiCbcchklVoLH34xkVPVWn8BUV+f5/z6Sfg3kZ3juCp0I1YR56uUDNZ/i+ZXE+mN
IaWd+wb10oJ3t1eQn/axOFmE06nZ9tcM10mulw/Qh8BA0B46vD2bkAQRUchg/r9p
bbB79/W18+mPq2/8mc0XX1otwGOnitWml/EDFJY1VFO3CU96sIRyP9ijtwIDAQAB
o4ICaDCCAmQwHQYDVR0OBBYEFM8c0qF8+R4cewXUdZ4UTD/BQZM7MB8GA1UdIwQY
MBaAFNlL3a+13wmEGQIKj7x6kLFuNB1jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEt
NmUyNmI5MWY2OTEwLzEvenh6U29YejVIaHg3QmRSMW5oUk1QOEZCa3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jZGU3NTctNzY3Mi00NzIwLThjZTEtNmUyNmI5MWY2OTEw
LzEvMlV2ZHI3WGZDWVFaQWdxUHZIcVFzVzQwSFdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH4GCCsGAQUFBwEHAQH/BG8wbTBcBAIAATBWAwQCAjoUAwQD
JdwgAwQCLQp0AwQCLVIsAwQCLVgQAwQCLV0gAwQCLYGwAwQCLZH8AwQCLZjAAwQC
LrZoMAwDBAAutm0DBAQutmADBAK5JgwDBADBaLowDQQCAAIwBwMFACoCKjgwDQYJ
KoZIhvcNAQELBQADggEBAF4cMIONTvdPoVdXE1pZQoJwsG8qC9izscIfgL7lJWuX
Ya+irBhLyy/K6xi7FH/xUWCLCPd57xAk4lpyTDNdjuc2BfSCS65jgtjVcybVO0rm
WljUYDjSYm7J6qlt9W6t0XkI2oxZcRhaazX1V4N9hmm+Q917GpvhqvTcyOrVfxJ2
y2w7fPQUSoSDGTrOyNPrWrRbDgbAmViyDG0nxVWL1+MXY4CAP+HmIKN2OoqcU2JW
90H1zQney3+6rQOTOJ6v7PfsZETPqGUiwc6wHFWT/Ew6b2pXwDhdS1R256gyqTEL
IAiDcpCA/0/qwzCcpUORXbISMLAQvUv4y6GgeFHIhfI=
-----END CERTIFICATE-----
Generated at Tue Jan 2 17:34:18 2024 by rpki-client on console-fra.rpki-client.org