Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/cZXOpZ-jYgkpvAHjMP8sBdwpA08.roa
File: cZXOpZ-jYgkpvAHjMP8sBdwpA08.roa (raw, json)
Hash identifier: 4jjIzX3Z0CetQNo4v9stdBq8TJu7cCFgYK2R1OwKve0=
Subject key identifier: 71:95:CE:A5:9F:A3:62:09:29:BC:01:E3:30:FF:2C:05:DC:29:03:4F
Certificate issuer: /CN=f73cdc6751d7c59073e4b706402d3691af09086f
Certificate serial: 0193681B743465FD930E7F26F8B0FF359904
Authority key identifier: F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/cZXOpZ-jYgkpvAHjMP8sBdwpA08.roa
Signing time: Tue 26 Nov 2024 10:54:09 +0000
ROA not before: Tue 26 Nov 2024 10:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39699
IP address blocks: 45.152.104.0/22 maxlen: 22
62.121.32.0/19 maxlen: 19
83.148.192.0/18 maxlen: 18
86.60.128.0/17 maxlen: 17
185.132.104.0/22 maxlen: 22
2a03:50a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:68:1b:74:34:65:fd:93:0e:7f:26:f8:b0:ff:35:99:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f73cdc6751d7c59073e4b706402d3691af09086f
Validity
Not Before: Nov 26 10:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7195cea59fa3620929bc01e330ff2c05dc29034f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ed:1b:b2:63:50:a2:f6:18:70:40:23:ff:3b:
53:36:46:f4:fc:a3:07:a8:97:f4:e0:45:e8:da:8f:
a2:84:b1:f6:13:33:92:56:54:6e:b3:d7:46:d6:8a:
25:b3:be:4a:64:36:3c:50:0d:9d:d9:22:1c:bf:80:
75:f9:f6:80:4c:dc:2a:e8:2f:4f:a5:60:d2:ea:0b:
df:e3:42:65:8c:7e:40:ef:dd:19:18:2a:f4:69:fc:
da:43:76:73:67:d5:10:ef:31:32:66:c7:07:aa:18:
96:53:56:b2:d7:4f:5e:26:72:50:f5:64:8e:1e:ba:
45:02:f9:3c:4d:11:8b:c0:cf:9e:20:84:f2:39:18:
bb:f8:31:32:f2:fc:25:eb:fd:d7:b1:99:df:0c:22:
6d:be:b8:36:f9:dd:9d:1f:ad:04:95:63:33:47:69:
d7:8e:24:af:d5:c6:a4:75:75:c9:c9:a1:c4:5a:50:
b9:87:9e:6c:e3:21:80:6f:a2:92:3a:c0:61:12:9c:
9e:f0:6b:f7:0d:d1:cc:c5:01:5c:62:1a:1b:6b:5b:
1a:f1:8e:79:e7:4d:cd:e9:5f:3b:ed:8c:df:25:93:
ca:d5:8f:fc:97:87:1b:96:05:ba:26:5b:08:a4:29:
1e:a9:da:d4:dc:06:10:98:b4:83:99:09:38:ef:6b:
26:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:95:CE:A5:9F:A3:62:09:29:BC:01:E3:30:FF:2C:05:DC:29:03:4F
X509v3 Authority Key Identifier:
keyid:F7:3C:DC:67:51:D7:C5:90:73:E4:B7:06:40:2D:36:91:AF:09:08:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9zzcZ1HXxZBz5LcGQC02ka8JCG8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/cZXOpZ-jYgkpvAHjMP8sBdwpA08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/855002-d823-41fe-8f9a-718fd195c5eb/1/9zzcZ1HXxZBz5LcGQC02ka8JCG8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.104.0/22
62.121.32.0/19
83.148.192.0/18
86.60.128.0/17
185.132.104.0/22
IPv6:
2a03:50a0::/32
Signature Algorithm: sha256WithRSAEncryption
ad:ac:f0:a9:6c:7e:b3:e5:11:0b:c3:c2:69:3a:37:03:19:1e:
0b:d6:b6:f6:35:b4:76:ff:36:8d:60:57:34:29:c5:19:92:98:
38:c3:eb:11:8e:39:bb:3f:57:9a:cf:8f:6d:57:e6:79:0d:4c:
db:d3:7d:48:d8:1f:ba:c1:49:74:f5:5e:11:19:5c:2e:d7:6b:
2f:5a:44:0b:f1:b2:84:83:28:da:8d:db:f3:43:6c:c0:d9:71:
2e:9a:22:89:7b:9a:63:ba:ed:8f:69:f0:7b:34:c6:db:9f:33:
a3:01:a3:bf:3a:5f:bc:a8:1b:da:0d:f3:ff:20:46:0e:5b:70:
ca:15:6f:33:37:59:c8:8c:28:25:37:df:ca:0f:80:9a:49:8d:
75:7d:4c:54:4e:a9:5c:73:e0:ce:f8:8e:7d:cc:66:05:29:72:
8a:21:d0:2c:ea:8a:a0:6d:28:47:30:df:b3:91:b9:78:b1:ce:
50:cb:b2:3a:e9:41:97:ac:86:b7:87:69:a4:c8:0e:4b:0c:68:
d4:92:8f:53:ef:0d:bf:1e:35:b5:f8:7d:71:c4:c6:1d:01:52:
a2:10:8a:77:a1:8d:35:13:b3:0c:9c:eb:5a:da:f0:ac:4e:00:
5a:49:e5:2b:c4:29:6e:19:5c:c1:d8:52:73:36:1f:b8:c0:1c:
9c:de:73:25
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZNoG3Q0Zf2TDn8m+LD/NZkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3M2NkYzY3NTFkN2M1OTA3M2U0YjcwNjQwMmQzNjkxYWYw
OTA4NmYwHhcNMjQxMTI2MTA1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTk1Y2VhNTlmYTM2MjA5MjliYzAxZTMzMGZmMmMwNWRjMjkwMzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAse0bsmNQovYYcEAj/ztTNkb0/KMH
qJf04EXo2o+ihLH2EzOSVlRus9dG1ools75KZDY8UA2d2SIcv4B1+faATNwq6C9P
pWDS6gvf40JljH5A790ZGCr0afzaQ3ZzZ9UQ7zEyZscHqhiWU1ay109eJnJQ9WSO
HrpFAvk8TRGLwM+eIITyORi7+DEy8vwl6/3XsZnfDCJtvrg2+d2dH60ElWMzR2nX
jiSv1cakdXXJyaHEWlC5h55s4yGAb6KSOsBhEpye8Gv3DdHMxQFcYhoba1sa8Y55
503N6V877YzfJZPK1Y/8l4cblgW6JlsIpCkeqdrU3AYQmLSDmQk472smWQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFHGVzqWfo2IJKbwB4zD/LAXcKQNPMB8GA1UdIwQY
MBaAFPc83GdR18WQc+S3BkAtNpGvCQhvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEt
NzE4ZmQxOTVjNWViLzEvY1pYT3BaLWpZZ2twdkFIak1QOHNCZHdwQTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS84NTUwMDItZDgyMy00MWZlLThmOWEtNzE4ZmQxOTVjNWVi
LzEvOXp6Y1oxSFh4WkJ6NUxjR1FDMDJrYThKQ0c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLZhoAwQF
PnkgAwQGU5TAAwQHVjyAAwQCuYRoMA0EAgACMAcDBQAqA1CgMA0GCSqGSIb3DQEB
CwUAA4IBAQCtrPCpbH6z5RELw8JpOjcDGR4L1rb2NbR2/zaNYFc0KcUZkpg4w+sR
jjm7P1eaz49tV+Z5DUzb031I2B+6wUl09V4RGVwu12svWkQL8bKEgyjajdvzQ2zA
2XEumiKJe5pjuu2PafB7NMbbnzOjAaO/Ol+8qBvaDfP/IEYOW3DKFW8zN1nIjCgl
N9/KD4CaSY11fUxUTqlcc+DO+I59zGYFKXKKIdAs6oqgbShHMN+zkbl4sc5Qy7I6
6UGXrIa3h2mkyA5LDGjUko9T7w2/HjW1+H1xxMYdAVKiEIp3oY01E7MMnOta2vCs
TgBaSeUrxCluGVzB2FJzNh+4wByc3nMl
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:36:56 2025 by rpki-client