Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa
File: zdVfWFrW8e-uaFBNzCEjKVDflXc.roa (raw, json)
Hash identifier: 2qeCqoiisMfcLLyH8nPNoXnTFzdh9Ub2NVdIZ8MTkjg=
Subject key identifier: CD:D5:5F:58:5A:D6:F1:EF:AE:68:50:4D:CC:21:23:29:50:DF:95:77
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 01896553B69E3C6677D24C20D4F4969FA019
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa
Signing time: Mon 17 Jul 2023 19:28:52 +0000
ROA not before: Mon 17 Jul 2023 19:28:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49505
IP address blocks: 195.245.103.0/24 maxlen: 24
194.32.222.0/24 maxlen: 24
45.140.175.0/24 maxlen: 24
45.144.37.0/24 maxlen: 24
92.249.15.0/24 maxlen: 24
92.249.12.0/24 maxlen: 24
45.154.163.0/24 maxlen: 24
45.154.160.0/24 maxlen: 24
45.154.161.0/24 maxlen: 24
91.191.184.0/24 maxlen: 24
45.94.20.0/24 maxlen: 24
45.150.60.0/24 maxlen: 24
45.150.61.0/24 maxlen: 24
45.146.230.0/24 maxlen: 24
45.146.231.0/24 maxlen: 24
45.146.168.0/24 maxlen: 24
45.146.169.0/24 maxlen: 24
45.146.171.0/24 maxlen: 24
45.147.0.0/24 maxlen: 24
193.150.99.0/24 maxlen: 24
91.221.39.0/24 maxlen: 24
45.85.66.0/24 maxlen: 24
91.230.38.0/24 maxlen: 24
91.230.39.0/24 maxlen: 24
194.55.105.0/24 maxlen: 24
194.55.102.0/24 maxlen: 24
45.153.54.0/24 maxlen: 24
45.153.55.0/24 maxlen: 24
45.153.52.0/24 maxlen: 24
45.153.53.0/24 maxlen: 24
109.196.172.0/24 maxlen: 24
45.149.132.0/24 maxlen: 24
45.152.226.0/24 maxlen: 24
45.152.224.0/24 maxlen: 24
45.149.135.0/24 maxlen: 24
91.220.81.0/24 maxlen: 24
194.156.93.0/24 maxlen: 24
45.155.61.0/24 maxlen: 24
45.141.197.0/24 maxlen: 24
194.61.77.0/24 maxlen: 24
45.148.240.0/24 maxlen: 24
45.148.241.0/24 maxlen: 24
45.148.242.0/24 maxlen: 24
45.145.169.0/24 maxlen: 24
45.145.170.0/24 maxlen: 24
45.145.88.0/24 maxlen: 24
45.145.89.0/24 maxlen: 24
45.145.91.0/24 maxlen: 24
109.94.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:65:53:b6:9e:3c:66:77:d2:4c:20:d4:f4:96:9f:a0:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jul 17 19:28:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cdd55f585ad6f1efae68504dcc21232950df9577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:b8:80:aa:9a:cd:1f:d0:0d:66:7e:5c:4c:
fd:29:6c:c4:57:21:60:91:e0:58:d5:cd:be:71:93:
c7:89:2d:d8:92:2b:a9:33:3b:9c:01:b2:55:60:99:
ec:de:ff:f2:67:cf:ed:39:05:82:1f:c0:12:c7:8a:
70:f9:d1:b8:9b:ae:4f:89:6e:68:f7:bf:0e:2d:28:
1b:b5:0c:9c:2e:da:f5:6c:75:a5:eb:f6:9a:b6:ed:
6d:b7:4f:5f:06:3f:16:5d:41:df:ed:31:95:6a:1c:
70:82:e1:17:8f:00:94:51:7a:10:0b:ae:e9:09:9b:
e4:f1:b2:92:c5:81:24:e4:51:82:ff:7d:d4:2d:90:
aa:20:9d:6f:ff:28:6c:b5:5a:6d:e4:95:57:c1:84:
82:0d:61:33:e6:dc:fa:dd:55:64:e5:fd:e5:24:a4:
76:77:bc:46:97:7c:90:a3:c0:50:ce:7d:d5:76:5a:
a2:78:09:60:2e:f5:ad:5e:be:99:53:e2:6f:3a:bb:
40:92:18:34:51:47:ba:18:dc:ed:ad:12:d8:d6:68:
6b:a4:fd:ad:02:34:d6:71:3c:35:cd:c5:32:d8:bc:
a3:32:c4:f8:b0:bc:17:f6:da:70:d5:37:2b:3e:79:
a2:95:9a:89:8d:90:c6:99:3d:eb:4a:ef:63:7a:e4:
b5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D5:5F:58:5A:D6:F1:EF:AE:68:50:4D:CC:21:23:29:50:DF:95:77
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/zdVfWFrW8e-uaFBNzCEjKVDflXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.66.0/24
45.94.20.0/24
45.140.175.0/24
45.141.197.0/24
45.144.37.0/24
45.145.88.0/23
45.145.91.0/24
45.145.169.0-45.145.170.255
45.146.168.0/23
45.146.171.0/24
45.146.230.0/23
45.147.0.0/24
45.148.240.0-45.148.242.255
45.149.132.0/24
45.149.135.0/24
45.150.60.0/23
45.152.224.0/24
45.152.226.0/24
45.153.52.0/22
45.154.160.0/23
45.154.163.0/24
45.155.61.0/24
91.191.184.0/24
91.220.81.0/24
91.221.39.0/24
91.230.38.0/23
92.249.12.0/24
92.249.15.0/24
109.94.210.0/24
109.196.172.0/24
193.150.99.0/24
194.32.222.0/24
194.55.102.0/24
194.55.105.0/24
194.61.77.0/24
194.156.93.0/24
195.245.103.0/24
Signature Algorithm: sha256WithRSAEncryption
96:78:ac:b5:ea:ea:d2:16:19:0d:be:a8:2d:8c:0f:a8:a1:21:
92:a7:69:c6:37:1d:88:c0:02:04:0f:54:f8:fe:22:80:90:1c:
97:95:64:18:ff:d2:b2:b4:a9:ca:fd:7b:d5:5a:5f:f3:51:d7:
79:13:77:67:4f:fd:47:9f:e3:33:2d:cb:c3:e7:dd:5d:0f:6b:
14:8d:67:15:53:c6:ad:c4:dc:9f:39:d9:29:01:35:10:c1:70:
e5:7a:d1:e2:53:19:30:3c:d5:1a:d8:ef:77:13:ad:0f:63:27:
8c:bd:0a:3b:0a:82:d4:e1:98:e7:7c:9b:11:d9:f9:46:ba:62:
18:db:9e:f4:66:46:3c:56:39:47:60:eb:30:a2:80:0b:db:f0:
b7:86:5d:34:21:0a:39:c8:f3:08:dd:3c:f2:60:a5:25:53:3e:
09:26:7d:3b:b5:90:31:10:29:f3:eb:eb:16:53:1c:17:92:dc:
22:67:2d:46:fd:f2:76:ec:38:be:85:c3:6d:e3:c4:fa:43:69:
85:46:0d:03:de:e5:2f:7e:c2:df:c5:3b:f9:34:01:39:7e:3a:
b3:0a:f0:35:0d:85:51:3d:e2:8a:8b:56:05:5d:e8:93:08:4f:
35:90:b8:40:de:00:4b:be:e7:a1:23:08:51:e1:6f:d4:24:45:
fa:88:da:4d
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAYllU7aePGZ30kwg1PSWn6AZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNzE3MTkyODUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ1NWY1ODVhZDZmMWVmYWU2ODUwNGRjYzIxMjMyOTUwZGY5NTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaG4gKqazR/QDWZ+XEz9KWzEVyFg
keBY1c2+cZPHiS3YkiupMzucAbJVYJns3v/yZ8/tOQWCH8ASx4pw+dG4m65PiW5o
978OLSgbtQycLtr1bHWl6/aatu1tt09fBj8WXUHf7TGVahxwguEXjwCUUXoQC67p
CZvk8bKSxYEk5FGC/33ULZCqIJ1v/yhstVpt5JVXwYSCDWEz5tz63VVk5f3lJKR2
d7xGl3yQo8BQzn3VdlqieAlgLvWtXr6ZU+JvOrtAkhg0UUe6GNztrRLY1mhrpP2t
AjTWcTw1zcUy2LyjMsT4sLwX9tpw1TcrPnmilZqJjZDGmT3rSu9jeuS15QIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFM3VX1ha1vHvrmhQTcwhIylQ35V3MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvemRWZldGclc4ZS11YUZCTnpDRWpLVkRmbFhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
LVVCAwQALV4UAwQALYyvAwQALY3FAwQALZAlAwQBLZFYAwQALZFbMAwDBAAtkakD
BAAtkaoDBAEtkqgDBAAtkqsDBAEtkuYDBAAtkwAwDAMEBC2U8AMEAC2U8gMEAC2V
hAMEAC2VhwMEAS2WPAMEAC2Y4AMEAC2Y4gMEAi2ZNAMEAS2aoAMEAC2aowMEAC2b
PQMEAFu/uAMEAFvcUQMEAFvdJwMEAVvmJgMEAFz5DAMEAFz5DwMEAG1e0gMEAG3E
rAMEAMGWYwMEAMIg3gMEAMI3ZgMEAMI3aQMEAMI9TQMEAMKcXQMEAMP1ZzANBgkq
hkiG9w0BAQsFAAOCAQEAlnisterq0hYZDb6oLYwPqKEhkqdpxjcdiMACBA9U+P4i
gJAcl5VkGP/SsrSpyv171Vpf81HXeRN3Z0/9R5/jMy3Lw+fdXQ9rFI1nFVPGrcTc
nznZKQE1EMFw5XrR4lMZMDzVGtjvdxOtD2MnjL0KOwqC1OGY53ybEdn5RrpiGNue
9GZGPFY5R2DrMKKAC9vwt4ZdNCEKOcjzCN088mClJVM+CSZ9O7WQMRAp8+vrFlMc
F5LcImctRv3yduw4voXDbePE+kNphUYNA97lL37C38U7+TQBOX46swrwNQ2FUT3i
iotWBV3okwhPNZC4QN4AS77noSMIUeFv1CRF+ojaTQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:04 2024 by rpki-client on console-ams.rpki-client.org