Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa
File: zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa (raw, json)
Hash identifier: ZRkmJbaPPtc7doTHpCaDhNuVD16Dycj4P1D3RW/+B50=
Subject key identifier: CD:50:EB:D2:70:81:DF:99:C5:92:F2:83:56:B8:57:3E:FE:10:AA:D7
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 018EC46E16E0E452B760271E2BBE32A7A53D
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa
Signing time: Tue 09 Apr 2024 19:55:32 +0000
ROA not before: Tue 09 Apr 2024 19:55:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 31.41.253.0/24 maxlen: 24
45.87.124.0/24 maxlen: 24
45.87.125.0/24 maxlen: 24
45.87.127.0/24 maxlen: 24
45.128.124.0/24 maxlen: 24
45.128.128.0/24 maxlen: 24
62.3.31.0/24 maxlen: 24
77.72.84.0/24 maxlen: 24
84.252.69.0/24 maxlen: 24
88.218.184.0/24 maxlen: 24
88.218.185.0/24 maxlen: 24
88.218.186.0/24 maxlen: 24
88.218.187.0/24 maxlen: 24
91.190.158.0/24 maxlen: 24
91.209.31.0/24 maxlen: 24
91.239.212.0/24 maxlen: 24
91.239.213.0/24 maxlen: 24
146.19.120.0/24 maxlen: 24
146.255.186.0/24 maxlen: 24
176.126.102.0/24 maxlen: 24
185.128.224.0/24 maxlen: 24
185.211.171.0/24 maxlen: 24
185.214.164.0/24 maxlen: 24
193.228.129.0/24 maxlen: 24
194.59.222.0/24 maxlen: 24
194.60.76.0/24 maxlen: 24
195.64.103.0/24 maxlen: 24
212.107.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Apr 2024 19:33:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c4:6e:16:e0:e4:52:b7:60:27:1e:2b:be:32:a7:a5:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Apr 9 19:55:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd50ebd27081df99c592f28356b8573efe10aad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:bd:40:7e:78:c4:78:2f:88:50:8d:dc:d0:7d:
05:c6:8f:fe:12:27:20:53:77:95:2e:c0:f8:48:e5:
73:3e:f2:5c:c4:c0:7f:5f:ba:09:2f:6c:fe:db:f9:
38:8a:ed:17:18:8a:fa:0d:2c:1d:7e:e4:2e:ca:38:
2c:19:26:1f:96:91:31:fc:bb:a4:e8:e9:e1:fb:00:
3c:1c:9f:d2:90:81:93:dd:ea:a4:4b:49:d3:e8:f9:
4c:18:13:38:6a:ab:fb:fe:13:47:9f:f3:74:71:ff:
1d:f0:2d:00:be:6e:3d:89:14:39:fd:b7:49:fd:d4:
43:eb:d7:98:b8:36:3f:db:22:2d:41:1c:3c:f0:7f:
b4:28:d0:a2:ec:b5:0a:5f:1d:95:e0:5d:aa:e9:7e:
17:a3:c6:c2:f8:6b:e5:e0:89:5a:60:e3:72:4d:ee:
49:1f:65:f2:5b:61:a7:b0:08:d3:31:8e:53:56:ce:
b0:38:a1:33:7e:f7:53:58:1c:4b:ee:1d:c8:8f:65:
77:ac:a6:c4:bd:e5:33:9e:cb:51:bc:0c:82:a0:77:
77:3b:b7:77:2a:cc:f7:4d:ce:b8:b9:ce:07:9d:ee:
fb:ec:7b:32:5f:ff:d0:5e:ac:d4:9f:bd:72:98:56:
56:98:c1:44:17:56:a4:41:6e:c0:0e:1a:92:bc:07:
2c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:50:EB:D2:70:81:DF:99:C5:92:F2:83:56:B8:57:3E:FE:10:AA:D7
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/zVDr0nCB35nFkvKDVrhXPv4Qqtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.253.0/24
45.87.124.0/23
45.87.127.0/24
45.128.124.0/24
45.128.128.0/24
62.3.31.0/24
77.72.84.0/24
84.252.69.0/24
88.218.184.0/22
91.190.158.0/24
91.209.31.0/24
91.239.212.0/23
146.19.120.0/24
146.255.186.0/24
176.126.102.0/24
185.128.224.0/24
185.211.171.0/24
185.214.164.0/24
193.228.129.0/24
194.59.222.0/24
194.60.76.0/24
195.64.103.0/24
212.107.25.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:41:61:cc:21:08:93:09:57:82:70:52:e1:93:dc:06:00:db:
d8:37:c9:88:90:11:ee:64:5a:11:b4:f9:54:21:8e:00:bb:8e:
86:d3:fa:46:f5:65:80:7d:2f:b8:b5:59:c6:17:9d:db:e4:23:
1e:f8:21:36:ca:fd:7f:cf:ef:3f:83:e5:c0:a0:6c:73:43:f9:
46:dc:09:ad:8d:2f:ef:9f:8e:ec:4c:de:2e:c2:9b:d7:06:e2:
61:4a:b2:46:f3:4b:42:0a:8a:9c:b8:54:61:33:db:66:95:20:
56:15:08:20:f9:3d:30:7a:25:16:49:b0:89:dd:2e:de:f4:af:
f2:cb:71:56:88:65:57:7d:b8:95:5a:6a:ac:54:ff:c5:ec:99:
17:ae:f7:44:57:7a:7b:d0:e2:48:6a:9a:45:6a:65:19:7d:fa:
f2:81:a8:be:bb:70:8f:57:c4:bf:c2:d0:91:d7:2f:ba:4a:73:
6c:f8:c4:c0:48:88:55:53:88:ea:19:4e:7f:b5:cd:64:52:91:
c9:bf:be:99:96:f8:bd:d9:0b:33:aa:ad:99:1a:0c:14:79:56:
3d:84:6c:1a:d1:c4:42:8c:18:5c:2c:e7:a5:04:1e:1f:3c:9b:
b8:09:84:c0:4e:4a:05:75:19:b8:88:ea:43:fb:d2:2f:65:a1:
d5:62:27:43
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAY7Ebhbg5FK3YCceK74yp6U9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwNDA5MTk1NTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDUwZWJkMjcwODFkZjk5YzU5MmYyODM1NmI4NTczZWZlMTBhYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp71AfnjEeC+IUI3c0H0Fxo/+Eicg
U3eVLsD4SOVzPvJcxMB/X7oJL2z+2/k4iu0XGIr6DSwdfuQuyjgsGSYflpEx/Luk
6Onh+wA8HJ/SkIGT3eqkS0nT6PlMGBM4aqv7/hNHn/N0cf8d8C0Avm49iRQ5/bdJ
/dRD69eYuDY/2yItQRw88H+0KNCi7LUKXx2V4F2q6X4Xo8bC+Gvl4IlaYONyTe5J
H2XyW2GnsAjTMY5TVs6wOKEzfvdTWBxL7h3Ij2V3rKbEveUznstRvAyCoHd3O7d3
Ksz3Tc64uc4Hne777HsyX//QXqzUn71ymFZWmMFEF1akQW7ADhqSvAcs7QIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFM1Q69Jwgd+ZxZLyg1a4Vz7+EKrXMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvelZEcjBuQ0IzNW5Ga3ZLRFZyaFhQdjRRcXRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAAf
Kf0DBAEtV3wDBAAtV38DBAAtgHwDBAAtgIADBAA+Ax8DBABNSFQDBABU/EUDBAJY
2rgDBABbvp4DBABb0R8DBAFb79QDBACSE3gDBACS/7oDBACwfmYDBAC5gOADBAC5
06sDBAC51qQDBADB5IEDBADCO94DBADCPEwDBADDQGcDBADUaxkwDQYJKoZIhvcN
AQELBQADggEBAD9BYcwhCJMJV4JwUuGT3AYA29g3yYiQEe5kWhG0+VQhjgC7jobT
+kb1ZYB9L7i1WcYXndvkIx74ITbK/X/P7z+D5cCgbHND+UbcCa2NL++fjuxM3i7C
m9cG4mFKskbzS0IKipy4VGEz22aVIFYVCCD5PTB6JRZJsIndLt70r/LLcVaIZVd9
uJVaaqxU/8XsmReu90RXenvQ4khqmkVqZRl9+vKBqL67cI9XxL/C0JHXL7pKc2z4
xMBIiFVTiOoZTn+1zWRSkcm/vpmW+L3ZCzOqrZkaDBR5Vj2EbBrRxEKMGFws56UE
Hh88m7gJhMBOSgV1GbiI6kP70i9lodViJ0M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:08 2024 by rpki-client on console-fra.rpki-client.org