Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/zSnJl6JGbyBdJ01xJwFruGcUQ90.roa
File: zSnJl6JGbyBdJ01xJwFruGcUQ90.roa (raw, json)
Hash identifier: y3rQbhfUxUfz9+ruTcCZlnFthk61OG0obxXyLdB8/To=
Subject key identifier: CD:29:C9:97:A2:46:6F:20:5D:27:4D:71:27:01:6B:B8:67:14:43:DD
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018B34B84E395AE937A45700F25337774CD4
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/zSnJl6JGbyBdJ01xJwFruGcUQ90.roa
Signing time: Sun 15 Oct 2023 19:02:55 +0000
ROA not before: Sun 15 Oct 2023 19:02:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204916
IP address blocks: 95.215.109.0/24 maxlen: 24
45.151.139.0/24 maxlen: 24
194.113.105.0/24 maxlen: 24
45.142.210.0/24 maxlen: 24
45.142.211.0/24 maxlen: 24
84.54.36.0/24 maxlen: 24
83.171.240.0/24 maxlen: 24
83.171.240.0/22 maxlen: 22
83.171.243.0/24 maxlen: 24
83.171.242.0/24 maxlen: 24
2a09:3d00::/29 maxlen: 36
2a11:207::/32 maxlen: 32
2a11:206::/32 maxlen: 32
2a10:c0c3::/32 maxlen: 32
2a10:c0c0::/29 maxlen: 29
2a11:e87:6000::/36 maxlen: 36
2a11:af01::/32 maxlen: 32
2a11:205::/32 maxlen: 32
2a0c:e8c0::/29 maxlen: 29
2a10:c0c1::/32 maxlen: 32
2a10:c0c7:5000::/36 maxlen: 36
2a10:c0c7:3000::/36 maxlen: 36
2a10:c0c0::/32 maxlen: 32
2a0d:5ec0::/29 maxlen: 36
2a06:d900::/29 maxlen: 29
2a09:4e03::/32 maxlen: 32
2a09:3b00::/29 maxlen: 29
2a0d:8b03::/32 maxlen: 32
2a0f:cc87::/36 maxlen: 36
2a11:b80::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a09:3800::/32 maxlen: 32
2a11:200:a000::/36 maxlen: 36
2a11:200:4000::/36 maxlen: 36
2a11:200::/36 maxlen: 36
2a11:200:5000::/36 maxlen: 36
2a11:200:7000::/36 maxlen: 36
2a11:200:8000::/36 maxlen: 36
2a09:3505:9000::/36 maxlen: 36
2a0d:5ec5::/32 maxlen: 32
2a11:202::/32 maxlen: 32
2a0d:8b04::/32 maxlen: 32
2a11:e82::/32 maxlen: 32
2a11:780::/29 maxlen: 36
2a10:c0c5::/32 maxlen: 32
2a09:4e01:a000::/36 maxlen: 36
2a09:4e01:9000::/36 maxlen: 36
2a09:4e01:5000::/36 maxlen: 36
2a09:4e01:4000::/36 maxlen: 36
2a09:4e01:3000::/36 maxlen: 36
2a11:201::/32 maxlen: 32
2a0c:2104::/32 maxlen: 32
2a11:980::/29 maxlen: 29
2a11:204::/32 maxlen: 32
2a10:c340::/29 maxlen: 36
Validation: Failed, certificate revoked on Tue 17 Oct 2023 05:08:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:34:b8:4e:39:5a:e9:37:a4:57:00:f2:53:37:77:4c:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Oct 15 19:02:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd29c997a2466f205d274d7127016bb8671443dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:96:02:33:11:95:d1:c7:dd:a8:38:09:1f:
d7:b6:31:a5:69:a9:af:7d:76:a9:c4:5b:5b:da:4a:
80:3a:d1:12:27:6b:07:3d:be:94:47:98:5a:18:6b:
5e:10:0c:77:eb:61:cb:e4:e1:79:7f:d4:8a:a7:bd:
f2:0b:59:b3:11:35:b5:1b:da:77:b2:db:19:4f:b3:
92:67:81:c8:25:74:fb:03:cf:f0:b8:6c:7a:0f:ae:
60:63:86:78:a8:86:3f:a7:f7:5e:c7:e7:c5:75:9c:
34:a0:2d:76:7f:ae:b2:72:ff:21:b9:a5:2f:16:c1:
30:e8:db:6e:ef:c6:75:4e:5b:f4:ed:b8:c8:ea:08:
0f:99:9f:2a:56:3b:03:89:93:1b:42:58:29:fb:4f:
c9:c5:d2:52:06:27:36:47:a6:bd:68:9d:0b:48:5a:
44:94:6b:af:96:c0:1e:0f:f6:60:99:26:b2:91:99:
bb:2e:a7:7c:7c:63:ee:37:d9:3d:92:ea:a8:ce:32:
a6:47:0f:12:20:41:31:11:42:c8:e3:ec:3d:a7:8c:
ae:79:4f:af:05:6f:d1:90:2f:1a:b3:71:fa:3d:68:
fa:f7:41:b7:4e:6d:a9:a7:3b:99:ba:c3:2f:04:51:
99:e5:e0:ec:4e:42:aa:12:c4:b9:33:1e:bd:3e:01:
10:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:29:C9:97:A2:46:6F:20:5D:27:4D:71:27:01:6B:B8:67:14:43:DD
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/zSnJl6JGbyBdJ01xJwFruGcUQ90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.210.0/23
45.151.139.0/24
83.171.240.0/22
84.54.36.0/24
95.215.109.0/24
194.113.105.0/24
IPv6:
2a06:d900::/29
2a09:3505:9000::/36
2a09:3800::/32
2a09:3b00::/29
2a09:3d00::/29
2a09:4e01:3000::-2a09:4e01:5fff:ffff:ffff:ffff:ffff:ffff
2a09:4e01:9000::-2a09:4e01:afff:ffff:ffff:ffff:ffff:ffff
2a09:4e03::/32
2a09:b680::/29
2a0c:2104::/32
2a0c:e8c0::/29
2a0d:5ec0::/29
2a0d:8b03::-2a0d:8b04:ffff:ffff:ffff:ffff:ffff:ffff
2a0f:cc87::/36
2a10:c0c0::/29
2a10:c340::/29
2a11:200::/36
2a11:200:4000::/35
2a11:200:7000::-2a11:200:8fff:ffff:ffff:ffff:ffff:ffff
2a11:200:a000::/36
2a11:201::-2a11:202:ffff:ffff:ffff:ffff:ffff:ffff
2a11:204::/30
2a11:780::/29
2a11:980::/29
2a11:b80::/29
2a11:e82::/32
2a11:e87:6000::/36
2a11:af01::/32
Signature Algorithm: sha256WithRSAEncryption
08:36:e6:c3:71:dd:ed:75:78:63:a9:ae:f7:4c:32:a7:4a:2f:
32:7f:eb:56:4c:7c:07:27:ff:1c:b9:d4:b7:1d:b6:46:9b:ea:
db:9c:04:37:c1:c9:9d:d7:73:b3:0c:3b:07:ae:8f:23:d7:8d:
a2:96:a6:d4:59:66:4f:b0:82:e4:c7:4e:a5:42:8b:b7:2a:7f:
3b:bd:72:cd:22:7b:f0:8e:ed:15:2e:4d:0a:32:45:5c:1f:5a:
fd:18:33:1a:85:28:8e:70:df:c2:7d:9b:fe:be:5f:27:f2:ef:
4c:f2:57:64:67:f6:fd:f8:9c:9b:60:50:ff:19:d4:b3:8f:eb:
0d:01:64:4f:00:cf:5d:ba:e6:db:ed:dc:3d:e1:83:87:d4:6d:
00:72:cf:83:cf:2e:74:ed:77:8a:f9:1a:a7:10:b6:c6:f9:59:
4c:b2:df:c3:a8:68:c7:13:e4:86:fe:e2:b6:0a:40:88:46:ae:
b1:d1:56:05:cc:01:fb:b5:5b:79:c0:fd:2b:e6:2e:f7:66:1f:
e0:25:49:da:bc:61:05:35:61:66:5e:a4:ed:ac:54:11:b0:e8:
1b:0f:e7:0b:dd:23:2f:0f:f6:e2:39:f7:7c:ec:07:e8:79:af:
c7:67:e4:c9:49:69:f2:ac:91:d1:cc:b2:4e:6d:69:13:4b:34:
16:43:2e:12
-----BEGIN CERTIFICATE-----
MIIGKTCCBRGgAwIBAgISAYs0uE45Wuk3pFcA8lM3d0zUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjMxMDE1MTkwMjU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI5Yzk5N2EyNDY2ZjIwNWQyNzRkNzEyNzAxNmJiODY3MTQ0M2RkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv6WAjMRldHH3ag4CR/XtjGlaamv
fXapxFtb2kqAOtESJ2sHPb6UR5haGGteEAx362HL5OF5f9SKp73yC1mzETW1G9p3
stsZT7OSZ4HIJXT7A8/wuGx6D65gY4Z4qIY/p/dex+fFdZw0oC12f66ycv8huaUv
FsEw6Ntu78Z1Tlv07bjI6ggPmZ8qVjsDiZMbQlgp+0/JxdJSBic2R6a9aJ0LSFpE
lGuvlsAeD/ZgmSaykZm7Lqd8fGPuN9k9kuqozjKmRw8SIEExEULI4+w9p4yueU+v
BW/RkC8as3H6PWj690G3Tm2ppzuZusMvBFGZ5eDsTkKqEsS5Mx69PgEQMQIDAQAB
o4IDNTCCAzEwHQYDVR0OBBYEFM0pyZeiRm8gXSdNcScBa7hnFEPdMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvelNuSmw2SkdieUJkSjAxeEp3RnJ1R2NVUTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBSQYIKwYBBQUHAQcBAf8EggE4MIIBNDAqBAIAATAkAwQB
LY7SAwQALZeLAwQCU6vwAwQAVDYkAwQAX9dtAwQAwnFpMIIBBAQCAAIwgf0DBQMq
BtkAAwYEKgk1BZADBQAqCTgAAwUDKgk7AAMFAyoJPQAwEAMGBCoJTgEwAwYFKglO
AUAwEAMGBCoJTgGQAwYEKglOAaADBQAqCU4DAwUDKgm2gAMFACoMIQQDBQMqDOjA
AwUDKg1ewDAOAwUAKg2LAwMFACoNiwQDBgQqD8yHAAMFAyoQwMADBQMqEMNAAwYE
KhECAAADBgUqEQIAQDAQAwYEKhECAHADBgQqEQIAgAMGBCoRAgCgMA4DBQAqEQIB
AwUAKhECAgMFAioRAgQDBQMqEQeAAwUDKhEJgAMFAyoRC4ADBQAqEQ6CAwYEKhEO
h2ADBQAqEa8BMA0GCSqGSIb3DQEBCwUAA4IBAQAINubDcd3tdXhjqa73TDKnSi8y
f+tWTHwHJ/8cudS3HbZGm+rbnAQ3wcmd13OzDDsHro8j142ilqbUWWZPsILkx06l
Qou3Kn87vXLNInvwju0VLk0KMkVcH1r9GDMahSiOcN/CfZv+vl8n8u9M8ldkZ/b9
+JybYFD/GdSzj+sNAWRPAM9duubb7dw94YOH1G0Acs+Dzy507XeK+RqnELbG+VlM
st/DqGjHE+SG/uK2CkCIRq6x0VYFzAH7tVt5wP0r5i73Zh/gJUnavGEFNWFmXqTt
rFQRsOgbD+cL3SMvD/biOfd87Afoea/HZ+TJSWnyrJHRzLJObWkTSzQWQy4S
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:05 2024 by rpki-client on console-fra.rpki-client.org