Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa
File: ZX32EfMSDyVff0uMPbGynmlZRZM.roa (raw, json)
Hash identifier: +K9F9RIaDhHg84y1WDrx/A4786fWX8OmnSyI4jtNUFk=
Subject key identifier: 65:7D:F6:11:F3:12:0F:25:5F:7F:4B:8C:3D:B1:B2:9E:69:59:45:93
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 018CC41F5A8661946111F54B0E137A6D3B6C
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa
Signing time: Mon 01 Jan 2024 08:23:58 +0000
ROA not before: Mon 01 Jan 2024 08:23:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48359
IP address blocks: 185.239.1.0/24 maxlen: 24
89.42.44.0/22 maxlen: 22
45.94.214.0/24 maxlen: 24
45.94.215.0/24 maxlen: 24
89.46.217.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 12:03:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:1f:5a:86:61:94:61:11:f5:4b:0e:13:7a:6d:3b:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jan 1 08:23:58 2024 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=657df611f3120f255f7f4b8c3db1b29e69594593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:86:6c:8b:01:a3:44:aa:c0:23:06:8f:eb:2f:
85:11:0c:f5:d1:0d:ad:40:fe:a0:13:9c:78:6e:35:
b2:bc:a9:70:f8:0e:79:69:10:36:89:7b:a6:f2:90:
03:3b:f4:f7:f1:50:4f:47:21:99:ac:62:11:f1:36:
0e:e3:47:74:5a:f4:0a:76:3d:9a:62:99:5e:e0:c6:
31:0d:8c:4c:f5:da:cf:fb:e1:1b:aa:b2:3c:fa:b0:
b9:4d:b1:81:03:fa:a3:70:2c:b7:fd:d8:ba:bb:18:
61:ae:3f:f7:81:df:57:49:37:1c:26:df:c7:c8:be:
95:99:48:14:2a:3d:0e:4b:06:44:76:86:c0:dc:73:
34:69:21:af:21:c0:32:4e:6b:61:f1:54:1a:ef:a4:
54:1b:a3:e4:27:89:8d:0d:72:bf:6f:96:21:0b:89:
84:eb:18:55:dd:bf:7c:3a:5d:fd:a4:29:c1:55:c5:
6e:6c:29:95:d8:f3:9d:d6:c0:c9:e8:4e:56:3c:3c:
ad:ea:bb:19:1a:c1:e5:dd:3d:67:57:38:34:26:db:
a3:63:e1:87:a8:25:fc:0f:92:70:00:2b:96:53:25:
39:d2:ab:d8:86:49:34:8f:6f:9a:ca:99:4c:74:d6:
1a:e1:b8:1e:29:e9:37:72:66:c5:29:cb:e6:ec:ff:
ad:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:7D:F6:11:F3:12:0F:25:5F:7F:4B:8C:3D:B1:B2:9E:69:59:45:93
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/ZX32EfMSDyVff0uMPbGynmlZRZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.214.0/23
89.42.44.0/22
89.46.217.0/24
185.239.1.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:27:d9:0b:e9:15:dd:0b:85:5a:94:8d:b9:d3:5f:fd:c8:09:
eb:cd:7f:cb:22:a1:9c:37:9b:6f:2b:b3:24:61:40:d4:45:cd:
35:ee:ed:05:1a:b6:0e:9d:5f:6c:07:ef:5d:4a:28:dc:86:54:
fb:b5:25:a6:95:18:6f:42:fd:14:8f:09:c9:a8:7b:f1:9e:24:
fe:53:e3:c2:ae:8c:68:4b:54:e4:b0:5c:de:7f:6a:cf:02:d3:
32:aa:f0:c1:92:e8:79:1b:63:08:dc:55:6d:b0:d3:d8:e4:86:
8e:63:5d:12:0d:db:0f:fd:74:92:27:08:fd:0d:e6:f8:bd:c0:
22:43:59:cd:69:49:55:b2:66:de:f0:40:02:c6:9b:16:e2:8d:
6f:ad:aa:2d:de:2b:25:94:53:1f:b7:e3:81:a2:e2:d8:77:31:
10:0e:70:72:6d:32:02:3e:17:9b:1e:f9:59:0a:2b:79:e2:93:
b5:3d:01:9c:6b:07:42:d4:ca:a1:b6:bb:81:e4:cf:ea:74:82:
29:23:1f:12:6c:38:92:71:28:4e:8c:03:d7:60:71:b0:4b:62:
be:86:59:73:d0:86:42:d8:98:83:61:26:98:b0:79:ee:e8:77:
b3:26:0e:ad:59:1c:80:81:33:11:b8:20:d7:ae:44:5c:48:9f:
01:39:75:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzEH1qGYZRhEfVLDhN6bTtsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQwMTAxMDgyMzU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTdkZjYxMWYzMTIwZjI1NWY3ZjRiOGMzZGIxYjI5ZTY5NTk0NTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoZsiwGjRKrAIwaP6y+FEQz10Q2t
QP6gE5x4bjWyvKlw+A55aRA2iXum8pADO/T38VBPRyGZrGIR8TYO40d0WvQKdj2a
Yple4MYxDYxM9drP++EbqrI8+rC5TbGBA/qjcCy3/di6uxhhrj/3gd9XSTccJt/H
yL6VmUgUKj0OSwZEdobA3HM0aSGvIcAyTmth8VQa76RUG6PkJ4mNDXK/b5YhC4mE
6xhV3b98Ol39pCnBVcVubCmV2POd1sDJ6E5WPDyt6rsZGsHl3T1nVzg0JtujY+GH
qCX8D5JwACuWUyU50qvYhkk0j2+ayplMdNYa4bgeKek3cmbFKcvm7P+tGQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGV99hHzEg8lX39LjD2xsp5pWUWTMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWlgzMkVmTVNEeVZmZjB1TVBiR3lubWxaUlpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBLV7WAwQC
WSosAwQAWS7ZAwQAue8BMA0GCSqGSIb3DQEBCwUAA4IBAQCqJ9kL6RXdC4ValI25
01/9yAnrzX/LIqGcN5tvK7MkYUDURc017u0FGrYOnV9sB+9dSijchlT7tSWmlRhv
Qv0UjwnJqHvxniT+U+PCroxoS1TksFzef2rPAtMyqvDBkuh5G2MI3FVtsNPY5IaO
Y10SDdsP/XSSJwj9Deb4vcAiQ1nNaUlVsmbe8EACxpsW4o1vraot3isllFMft+OB
ouLYdzEQDnBybTICPhebHvlZCit54pO1PQGcawdC1MqhtruB5M/qdIIpIx8SbDiS
cShOjAPXYHGwS2K+hllz0IZC2JiDYSaYsHnu6HezJg6tWRyAgTMRuCDXrkRcSJ8B
OXUd
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:09:49 2024 by rpki-client on console-ams.rpki-client.org