Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa
File: mzZEFenY7jWH6EdAv4VAPU9F1KU.roa (raw, json)
Hash identifier: Ka5rxmcx9AG0c5zrWikxLShNIrVAHKBOMbNdhegVcKM=
Subject key identifier: 9B:36:44:15:E9:D8:EE:35:87:E8:47:40:BF:85:40:3D:4F:45:D4:A5
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 018FDE605B605A70630845D907AB5AC848F4
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa
Signing time: Mon 03 Jun 2024 13:53:27 +0000
ROA not before: Mon 03 Jun 2024 13:53:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 2.57.241.0/24 maxlen: 24
45.135.181.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
45.135.183.0/24 maxlen: 24
45.144.172.0/24 maxlen: 24
86.105.4.0/24 maxlen: 24
86.107.100.0/24 maxlen: 24
89.34.106.0/24 maxlen: 24
92.114.32.0/24 maxlen: 24
93.114.183.0/24 maxlen: 24
188.64.142.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
217.19.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Jun 2024 07:35:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:de:60:5b:60:5a:70:63:08:45:d9:07:ab:5a:c8:48:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jun 3 13:53:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b364415e9d8ee3587e84740bf85403d4f45d4a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:77:93:02:92:90:f1:da:dd:92:d5:e8:e1:b4:
36:80:c4:87:e6:17:af:60:4c:d5:be:45:ad:7f:54:
97:0b:4c:1b:7c:fb:99:63:53:3f:db:c7:8d:46:9d:
72:6a:57:4d:36:68:f6:8d:42:3b:00:e2:d7:ac:d0:
7b:b3:36:73:7b:88:49:0c:dc:97:77:77:0e:95:90:
8c:84:5b:51:aa:1d:55:7b:21:e4:3d:b8:af:e6:d1:
e3:e9:3a:09:ce:77:a5:c2:82:90:20:4d:63:c5:1b:
a0:a1:66:61:fc:40:63:15:dc:40:ba:a6:d5:3f:42:
c8:7c:48:e7:95:75:f5:d2:42:df:0f:de:2b:8e:97:
3f:9f:0c:c6:cb:c6:2e:fb:67:b0:8d:38:52:8c:d9:
c4:8a:e0:b3:1f:e1:1d:2c:c2:91:4f:4c:24:7b:6e:
03:a1:63:f5:ff:ac:03:10:82:b6:44:22:f3:ae:81:
48:89:e2:a2:7a:e1:5b:db:95:8b:5b:d8:9d:2b:69:
65:1e:ef:5b:40:cc:b1:99:a0:ba:bc:ac:db:9c:89:
3a:a2:a1:7d:9b:c4:1f:02:40:e9:00:eb:71:1c:d5:
6d:d1:00:d9:af:9a:df:cc:c4:0c:94:b2:aa:95:9c:
61:52:10:54:b4:07:97:7c:a3:ab:31:eb:ad:db:da:
2e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:36:44:15:E9:D8:EE:35:87:E8:47:40:BF:85:40:3D:4F:45:D4:A5
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/mzZEFenY7jWH6EdAv4VAPU9F1KU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.241.0/24
45.135.181.0-45.135.183.255
45.144.172.0/24
86.105.4.0/24
86.107.100.0/24
89.34.106.0/24
92.114.32.0/24
93.114.183.0/24
188.64.142.0/24
188.208.103.0/24
217.19.4.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:de:1c:0f:cf:5f:ad:e7:2f:6b:9e:cd:f7:de:ec:bd:a4:31:
2e:dd:21:87:9b:e9:59:fd:cc:32:8b:ba:23:3a:fb:f9:10:23:
a4:75:aa:4e:8b:3b:47:ad:e2:3d:6c:f6:f5:83:cf:83:d5:61:
c9:88:bd:46:aa:c2:df:02:31:e8:d7:de:fa:cd:ff:c4:26:87:
9b:37:13:cd:62:52:eb:a9:17:2f:c3:c6:cd:ef:6d:8f:85:ab:
0e:98:e8:d2:ff:26:06:f3:5c:1a:23:98:6b:c9:65:ba:30:cc:
67:f7:23:b3:9a:26:03:36:29:9c:b4:69:a6:0a:85:5c:93:b3:
26:4e:34:35:38:32:9e:31:82:5b:2d:b4:63:8c:e3:57:f1:3b:
48:b3:85:e8:ef:85:3f:35:31:cf:7c:bf:0f:cf:ab:0a:41:50:
d1:1c:c5:9f:f2:67:e5:a2:ab:2c:b5:4b:db:5a:58:df:3e:3f:
e1:59:72:42:26:d7:7f:6c:5e:4a:0f:cd:3c:3c:24:87:13:25:
38:2a:15:f7:17:59:92:96:5c:82:bf:cb:70:ab:e7:91:53:57:
ab:ab:90:fb:96:bd:65:fc:f7:cd:96:df:00:b9:f6:ac:3d:ab:
9c:c8:89:c1:54:dc:ba:9a:52:ce:c0:34:f7:a6:90:1a:52:76:
96:4e:99:d5
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY/eYFtgWnBjCEXZB6tayEj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQwNjAzMTM1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM2NDQxNWU5ZDhlZTM1ODdlODQ3NDBiZjg1NDAzZDRmNDVkNGE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHeTApKQ8drdktXo4bQ2gMSH5hev
YEzVvkWtf1SXC0wbfPuZY1M/28eNRp1yaldNNmj2jUI7AOLXrNB7szZze4hJDNyX
d3cOlZCMhFtRqh1VeyHkPbiv5tHj6ToJznelwoKQIE1jxRugoWZh/EBjFdxAuqbV
P0LIfEjnlXX10kLfD94rjpc/nwzGy8Yu+2ewjThSjNnEiuCzH+EdLMKRT0wke24D
oWP1/6wDEIK2RCLzroFIieKieuFb25WLW9idK2llHu9bQMyxmaC6vKzbnIk6oqF9
m8QfAkDpAOtxHNVt0QDZr5rfzMQMlLKqlZxhUhBUtAeXfKOrMeut29ouUQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJs2RBXp2O41h+hHQL+FQD1PRdSlMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvbXpaRUZlblk3aldINkVkQXY0VkFQVTlGMUtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQAAjnxMAwD
BAAth7UDBAMth7ADBAAtkKwDBABWaQQDBABWa2QDBABZImoDBABcciADBABdcrcD
BAC8QI4DBAC80GcDBADZEwQwDQYJKoZIhvcNAQELBQADggEBAC7eHA/PX63nL2ue
zffe7L2kMS7dIYeb6Vn9zDKLuiM6+/kQI6R1qk6LO0et4j1s9vWDz4PVYcmIvUaq
wt8CMejX3vrN/8Qmh5s3E81iUuupFy/Dxs3vbY+Fqw6Y6NL/JgbzXBojmGvJZbow
zGf3I7OaJgM2KZy0aaYKhVyTsyZONDU4Mp4xglsttGOM41fxO0izhejvhT81Mc98
vw/PqwpBUNEcxZ/yZ+Wiqyy1S9taWN8+P+FZckIm139sXkoPzTw8JIcTJTgqFfcX
WZKWXIK/y3Cr55FTV6urkPuWvWX8982W3wC59qw9q5zIicFU3LqaUs7ANPemkBpS
dpZOmdU=
-----END CERTIFICATE-----
Generated at Sat Apr 19 09:45:29 2025 by rpki-client