Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa
File: DZTfP1fOZGD-vo_ipkZgraShgcg.roa (raw, json)
Hash identifier: C3PE70gkS0wmyLfYtAPJGSdfnXNDFUllmZJVoe2ZP+4=
Subject key identifier: 0D:94:DF:3F:57:CE:64:60:FE:BE:8F:E2:A6:46:60:AD:A4:A1:81:C8
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0192DC7523E9400580AE149D65555BCEA6E7
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa
Signing time: Wed 30 Oct 2024 08:05:17 +0000
ROA not before: Wed 30 Oct 2024 08:05:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.242.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Oct 2024 21:13:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:75:23:e9:40:05:80:ae:14:9d:65:55:5b:ce:a6:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 30 08:05:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d94df3f57ce6460febe8fe2a64660ada4a181c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:28:66:6d:63:15:7a:be:19:d9:d9:6c:df:7d:
67:27:2b:fc:c4:c4:3f:9f:92:24:e4:5f:73:a9:e6:
3d:85:8a:64:6b:55:b6:57:8e:dd:df:f9:f6:07:36:
76:ac:06:5e:3d:0f:df:15:07:e9:d0:02:11:00:76:
be:5a:a2:00:e9:e8:f9:94:26:69:2f:85:b8:c6:d2:
c5:07:12:82:ea:25:66:43:e8:b3:ea:91:62:10:a2:
5d:b1:a6:72:00:b5:aa:d7:55:56:04:85:32:2c:55:
a7:d6:ee:21:e4:33:5b:37:19:8b:77:fe:b1:16:80:
a4:c1:dc:19:50:3f:93:26:b9:60:ff:9f:2d:12:55:
a7:9d:a7:38:03:f9:25:61:54:c1:f9:15:31:f7:e9:
fd:ad:ba:b4:61:34:62:cf:fb:36:6f:9a:08:02:db:
c2:84:dd:2b:b3:76:b0:6a:31:e2:0a:dd:0d:94:f9:
5c:1a:22:a9:9b:42:17:33:b0:fb:55:47:16:22:26:
74:bf:b2:4f:2a:aa:6b:fc:af:b1:34:63:b6:5b:26:
06:c8:e8:45:67:cb:c1:80:d6:5a:b6:bc:14:48:de:
3b:9a:ea:ed:fe:d8:e1:ab:0a:c4:02:1d:40:a9:27:
01:ea:3b:5a:87:76:26:fd:58:fa:2c:92:b7:55:8b:
5f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:94:DF:3F:57:CE:64:60:FE:BE:8F:E2:A6:46:60:AD:A4:A1:81:C8
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/DZTfP1fOZGD-vo_ipkZgraShgcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.135.182.0/23
89.34.106.0/24
93.114.183.0/24
188.64.142.0/24
Signature Algorithm: sha256WithRSAEncryption
22:00:6d:0e:9e:41:73:4c:58:6c:1a:36:b8:80:ec:46:d7:6b:
9c:55:35:89:07:62:5f:e5:ae:90:e6:c9:c2:82:34:f5:35:7f:
40:e3:9a:9e:33:78:35:c4:e3:6b:9f:a1:ed:51:ca:9d:fa:33:
d7:5a:ea:0f:3b:ec:da:e7:22:36:70:f0:b1:21:31:07:12:1a:
7c:1e:03:ec:bd:3c:81:4e:f0:47:54:78:15:dd:6d:b6:1c:be:
f9:76:06:82:91:d7:f6:02:e8:21:0b:33:87:e8:a2:c4:1f:f1:
f8:e6:da:6f:d3:33:43:a3:3a:5b:08:be:7c:85:ac:33:fa:d8:
06:d4:fe:a4:47:03:ec:0b:f8:de:a8:9a:0a:bf:78:ee:2e:7a:
89:fe:ea:18:68:de:57:dc:c8:ec:a8:e9:bb:03:ff:59:5f:c8:
85:a6:49:57:79:96:a0:a5:d3:4e:49:36:74:be:f8:82:e4:8d:
e6:11:55:cc:40:5d:9b:b5:64:90:76:f6:33:ab:85:74:e4:b8:
f9:de:98:61:a7:f2:fd:02:b4:11:05:b9:f2:dd:18:06:12:a0:
cb:b5:e0:22:8d:c3:e4:d5:73:fd:a5:53:4c:bc:77:6d:02:d6:
6c:63:7c:b7:e3:f3:f1:fc:6a:40:6c:34:dc:b0:c4:58:17:01:
ff:ec:72:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLcdSPpQAWArhSdZVVbzqbnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMDMwMDgwNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDk0ZGYzZjU3Y2U2NDYwZmViZThmZTJhNjQ2NjBhZGE0YTE4MWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ihmbWMVer4Z2dls331nJyv8xMQ/
n5Ik5F9zqeY9hYpka1W2V47d3/n2BzZ2rAZePQ/fFQfp0AIRAHa+WqIA6ej5lCZp
L4W4xtLFBxKC6iVmQ+iz6pFiEKJdsaZyALWq11VWBIUyLFWn1u4h5DNbNxmLd/6x
FoCkwdwZUD+TJrlg/58tElWnnac4A/klYVTB+RUx9+n9rbq0YTRiz/s2b5oIAtvC
hN0rs3awajHiCt0NlPlcGiKpm0IXM7D7VUcWIiZ0v7JPKqpr/K+xNGO2WyYGyOhF
Z8vBgNZatrwUSN47murt/tjhqwrEAh1AqScB6jtah3Ym/Vj6LJK3VYtf1wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA2U3z9XzmRg/r6P4qZGYK2koYHIMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvRFpUZlAxZk9aR0Qtdm9faXBrWmdyYVNoZ2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAAjnyAwQB
LYe2AwQAWSJqAwQAXXK3AwQAvECOMA0GCSqGSIb3DQEBCwUAA4IBAQAiAG0OnkFz
TFhsGja4gOxG12ucVTWJB2Jf5a6Q5snCgjT1NX9A45qeM3g1xONrn6HtUcqd+jPX
WuoPO+za5yI2cPCxITEHEhp8HgPsvTyBTvBHVHgV3W22HL75dgaCkdf2AughCzOH
6KLEH/H45tpv0zNDozpbCL58hawz+tgG1P6kRwPsC/jeqJoKv3juLnqJ/uoYaN5X
3MjsqOm7A/9ZX8iFpklXeZagpdNOSTZ0vviC5I3mEVXMQF2btWSQdvYzq4V05Lj5
3phhp/L9ArQRBbny3RgGEqDLteAijcPk1XP9pVNMvHdtAtZsY3y34/Px/GpAbDTc
sMRYFwH/7HI8
-----END CERTIFICATE-----
Generated at Wed Oct 30 22:49:39 2024 by rpki-client on console-fra.rpki-client.org