Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zTo4JJpwIr1aS_tATNQqcqQo5mY.roa
File: zTo4JJpwIr1aS_tATNQqcqQo5mY.roa (raw, json)
Hash identifier: 1sEntwLfiwbHk+h1TQ66vRgU4CZWOt31pdiVqz91gfg=
Subject key identifier: CD:3A:38:24:9A:70:22:BD:5A:4B:FB:40:4C:D4:2A:72:A4:28:E6:66
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0193D690A0F59FF2689EBFCF3152EF8213AF
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zTo4JJpwIr1aS_tATNQqcqQo5mY.roa
Signing time: Tue 17 Dec 2024 21:40:22 +0000
ROA not before: Tue 17 Dec 2024 21:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 45.84.216.0/24 maxlen: 24
45.85.90.0/24 maxlen: 24
45.95.243.0/24 maxlen: 24
45.130.143.0/24 maxlen: 24
45.146.53.0/24 maxlen: 24
45.148.25.0/24 maxlen: 24
45.157.98.0/24 maxlen: 24
45.157.99.0/24 maxlen: 24
136.144.26.0/24 maxlen: 24
136.144.27.0/24 maxlen: 24
185.227.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Dec 2024 07:11:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d6:90:a0:f5:9f:f2:68:9e:bf:cf:31:52:ef:82:13:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Dec 17 21:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd3a38249a7022bd5a4bfb404cd42a72a428e666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:26:e6:48:d4:43:64:8f:e2:af:7c:c2:59:07:
bc:e3:ef:fd:2a:37:3a:65:bc:51:f9:ff:54:65:f5:
93:52:fc:ce:f0:f7:f0:10:1a:8b:62:5e:1b:20:f5:
de:60:0d:ee:78:59:49:b7:7f:dd:17:14:46:15:67:
9c:8b:02:c4:53:c8:1b:4d:cc:d1:1b:2c:22:a1:b2:
b7:80:b5:22:6b:fd:53:20:bc:d5:68:47:ff:cb:f9:
b2:76:7b:e8:a7:9f:db:08:85:ad:39:34:5a:78:d9:
00:86:c8:41:bb:9a:95:2e:79:86:e8:af:2e:86:27:
c1:6c:6d:3f:c4:a5:7d:34:3f:75:6d:2a:77:df:57:
80:87:9d:be:f3:17:d7:0a:ca:a3:a2:3f:a2:81:6f:
f1:77:5c:29:ac:16:3f:05:a7:40:0e:ee:a5:5e:ad:
19:70:11:c1:6f:ff:37:7f:79:bf:bc:e1:21:0d:d7:
49:05:c6:ab:cb:3d:89:f9:4a:c0:70:bd:9f:86:4b:
82:a8:1e:2f:52:4f:ef:53:b8:59:22:ff:73:16:7b:
1b:a7:1c:d0:fb:0d:e6:d0:1b:f2:e4:85:e6:76:4c:
52:9a:d2:f4:37:48:3b:1e:82:25:58:f6:8b:d6:2d:
ca:cd:c2:d5:3f:ba:eb:ed:ff:18:bb:a0:1c:ab:c8:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3A:38:24:9A:70:22:BD:5A:4B:FB:40:4C:D4:2A:72:A4:28:E6:66
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/zTo4JJpwIr1aS_tATNQqcqQo5mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.216.0/24
45.85.90.0/24
45.95.243.0/24
45.130.143.0/24
45.146.53.0/24
45.148.25.0/24
45.157.98.0/23
136.144.26.0/23
185.227.33.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:8b:84:bf:3f:55:d8:1c:ff:f2:8e:99:ba:6f:e7:82:57:c3:
f1:fc:22:1e:c5:ef:b3:10:a6:8a:cb:df:d9:95:5f:47:2b:61:
19:3c:62:fc:20:81:65:77:68:6b:5f:5f:5b:f9:64:d3:46:db:
8d:46:16:eb:7c:68:29:11:83:81:92:fc:06:a4:46:c0:0b:7f:
bb:44:ed:46:ca:12:ee:59:b2:be:b7:20:63:2f:f6:24:dd:88:
f0:90:09:2f:9b:41:be:a6:d2:f8:44:98:4b:b6:2a:c0:72:f4:
0d:f0:4b:ca:d0:59:ba:5f:bc:45:31:70:45:2b:e3:39:1e:f2:
ee:9f:4e:0f:b3:40:f8:1b:e2:9a:07:84:36:0b:96:8d:c8:90:
1b:68:4b:d0:44:e6:20:65:3d:99:3c:cb:34:2b:af:dd:8d:47:
c0:63:37:d9:58:cc:a1:52:eb:e4:09:ef:ee:25:da:c9:b9:cb:
b6:be:1d:df:2b:64:f2:e9:8c:51:ca:ac:96:63:2c:83:4e:c2:
89:9d:bc:4a:de:ea:64:58:4b:dc:d6:35:6f:b6:b8:d3:6f:0f:
10:98:f1:84:91:32:12:b7:b1:09:ce:4f:85:03:bb:cb:36:23:
03:90:2e:2a:72:f8:b5:29:14:24:90:ed:92:aa:28:20:d2:9e:
7b:c4:c0:5c
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZPWkKD1n/Jonr/PMVLvghOvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQxMjE3MjE0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNhMzgyNDlhNzAyMmJkNWE0YmZiNDA0Y2Q0MmE3MmE0MjhlNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ybmSNRDZI/ir3zCWQe84+/9Kjc6
ZbxR+f9UZfWTUvzO8PfwEBqLYl4bIPXeYA3ueFlJt3/dFxRGFWeciwLEU8gbTczR
GywiobK3gLUia/1TILzVaEf/y/mydnvop5/bCIWtOTRaeNkAhshBu5qVLnmG6K8u
hifBbG0/xKV9ND91bSp331eAh52+8xfXCsqjoj+igW/xd1wprBY/BadADu6lXq0Z
cBHBb/83f3m/vOEhDddJBcaryz2J+UrAcL2fhkuCqB4vUk/vU7hZIv9zFnsbpxzQ
+w3m0Bvy5IXmdkxSmtL0N0g7HoIlWPaL1i3KzcLVP7rr7f8Yu6Acq8hsdwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFM06OCSacCK9Wkv7QEzUKnKkKOZmMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvelRvNEpKcHdJcjFhU190QVROUXFjcVFvNW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALVTYAwQA
LVVaAwQALV/zAwQALYKPAwQALZI1AwQALZQZAwQBLZ1iAwQBiJAaAwQAueMhMA0G
CSqGSIb3DQEBCwUAA4IBAQCxi4S/P1XYHP/yjpm6b+eCV8Px/CIexe+zEKaKy9/Z
lV9HK2EZPGL8IIFld2hrX19b+WTTRtuNRhbrfGgpEYOBkvwGpEbAC3+7RO1GyhLu
WbK+tyBjL/Yk3YjwkAkvm0G+ptL4RJhLtirAcvQN8EvK0Fm6X7xFMXBFK+M5HvLu
n04Ps0D4G+KaB4Q2C5aNyJAbaEvQROYgZT2ZPMs0K6/djUfAYzfZWMyhUuvkCe/u
JdrJucu2vh3fK2Ty6YxRyqyWYyyDTsKJnbxK3upkWEvc1jVvtrjTbw8QmPGEkTIS
t7EJzk+FA7vLNiMDkC4qcvi1KRQkkO2Sqigg0p57xMBc
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:29:29 2025 by rpki-client