Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/zd9mYLGTD28YGp7lbFIEbjRTlSk.roa
File: zd9mYLGTD28YGp7lbFIEbjRTlSk.roa (raw, json)
Hash identifier: Kdn9dD/21OJ/2rUkByKfRtMk2upOoZ+FnvwFOpwLjes=
Subject key identifier: CD:DF:66:60:B1:93:0F:6F:18:1A:9E:E5:6C:52:04:6E:34:53:95:29
Certificate issuer: /CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Certificate serial: 01938FBD54CAF54C29DB16F6A6CBB20BCDC6
Authority key identifier: 0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/zd9mYLGTD28YGp7lbFIEbjRTlSk.roa
Signing time: Wed 04 Dec 2024 03:36:10 +0000
ROA not before: Wed 04 Dec 2024 03:36:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50131
IP address blocks: 37.72.132.0/24 maxlen: 32
45.142.156.0/24 maxlen: 32
45.142.157.0/24 maxlen: 32
45.142.158.0/23 maxlen: 32
45.145.72.0/23 maxlen: 32
45.145.74.0/23 maxlen: 32
45.150.164.0/22 maxlen: 32
45.150.226.0/23 maxlen: 32
45.151.132.0/22 maxlen: 32
45.154.212.0/22 maxlen: 32
62.204.54.0/24 maxlen: 32
91.246.39.0/24 maxlen: 24
94.154.114.0/24 maxlen: 32
146.19.114.0/24 maxlen: 32
146.19.223.0/24 maxlen: 32
176.116.1.0/24 maxlen: 32
178.22.30.0/24 maxlen: 32
188.93.139.0/24 maxlen: 32
193.218.200.0/23 maxlen: 32
193.221.94.0/23 maxlen: 32
194.124.218.0/23 maxlen: 32
194.124.224.0/23 maxlen: 32
194.147.98.0/23 maxlen: 32
194.147.100.0/23 maxlen: 32
212.18.111.0/24 maxlen: 32
217.114.47.0/24 maxlen: 32
2a0e:da40:4000::/34 maxlen: 128
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8f:bd:54:ca:f5:4c:29:db:16:f6:a6:cb:b2:0b:cd:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0db67c5c7fa7fe2492eec37cf427642b71d425b0
Validity
Not Before: Dec 4 03:36:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cddf6660b1930f6f181a9ee56c52046e34539529
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:83:85:66:b1:37:b0:61:d2:60:ea:87:c5:6d:
91:ed:d8:e5:14:cc:d5:d2:7f:0c:62:8b:73:22:ec:
8b:d1:46:05:0c:75:94:e1:73:b8:5a:f7:6d:30:76:
b8:2d:5d:26:97:26:77:51:bf:b4:28:fe:d8:c7:42:
6b:b8:9c:5c:b8:70:15:87:7f:9f:42:ab:ff:b4:cb:
cc:19:68:d6:f6:25:3b:e4:10:b3:59:79:6f:76:cc:
6b:ae:65:c5:40:41:13:67:9e:97:1c:a7:37:00:fc:
9e:d9:e8:11:1d:16:96:09:27:ec:5b:a8:81:0b:78:
a3:d1:f8:cd:48:3a:41:fb:82:97:98:aa:48:16:e1:
36:23:c4:67:88:66:49:3c:ea:bb:00:92:f0:6b:df:
24:17:d2:c9:e1:71:f4:c7:37:0a:67:b7:77:80:0e:
50:ef:95:d4:bb:db:f4:dd:4a:f0:37:62:03:71:bc:
96:e0:f4:a7:1b:5a:ca:71:32:c8:9a:00:a7:a0:9f:
38:82:d9:cd:6d:5d:39:08:f1:92:cb:33:8d:81:74:
0c:c5:e4:7f:80:49:85:7e:88:ba:3e:51:06:97:b8:
0f:9a:6a:b7:68:38:6d:7a:d0:24:a6:36:31:90:18:
9b:c3:73:e3:01:0e:2d:12:83:b6:96:9a:58:b9:19:
e8:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:DF:66:60:B1:93:0F:6F:18:1A:9E:E5:6C:52:04:6E:34:53:95:29
X509v3 Authority Key Identifier:
keyid:0D:B6:7C:5C:7F:A7:FE:24:92:EE:C3:7C:F4:27:64:2B:71:D4:25:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DbZ8XH-n_iSS7sN89CdkK3HUJbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/zd9mYLGTD28YGp7lbFIEbjRTlSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0f3757-f0ed-4e7e-9329-b03df996e481/1/DbZ8XH-n_iSS7sN89CdkK3HUJbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.132.0/24
45.142.156.0/22
45.145.72.0/22
45.150.164.0/22
45.150.226.0/23
45.151.132.0/22
45.154.212.0/22
62.204.54.0/24
91.246.39.0/24
94.154.114.0/24
146.19.114.0/24
146.19.223.0/24
176.116.1.0/24
178.22.30.0/24
188.93.139.0/24
193.218.200.0/23
193.221.94.0/23
194.124.218.0/23
194.124.224.0/23
194.147.98.0-194.147.101.255
212.18.111.0/24
217.114.47.0/24
IPv6:
2a0e:da40:4000::/34
Signature Algorithm: sha256WithRSAEncryption
ca:01:f3:1b:4d:aa:7f:d5:29:9d:0d:89:7a:2b:92:b7:3d:57:
cf:90:c2:d3:52:3e:b0:02:3f:ad:64:92:1e:c7:91:62:e1:ae:
4a:02:95:ad:7e:5f:0b:0a:e2:15:5e:f2:80:4e:24:81:3b:ca:
1f:10:6a:12:7e:2c:73:41:3b:53:11:b4:e6:29:b9:0a:fd:14:
24:80:96:05:6f:1d:b2:66:7f:59:96:ab:9c:b8:bb:a4:2d:be:
bc:7f:88:67:5c:92:ed:ea:ed:24:25:4d:68:0d:20:1d:46:68:
11:49:37:ea:21:a5:53:01:eb:61:0b:95:67:55:04:10:83:50:
1a:c6:19:ed:fa:00:fb:bb:bf:ff:30:e3:c1:5e:89:7c:36:89:
d2:c2:47:d7:64:22:c0:5d:d2:62:5b:85:37:06:5f:6d:07:a5:
f3:48:78:c8:1c:c5:f3:4c:4e:60:8f:50:da:24:31:53:a7:24:
e9:75:47:d4:b4:1b:01:77:b8:65:5e:5d:45:83:fd:ce:05:a2:
5b:ee:18:65:ca:10:71:ba:f0:7d:6f:d9:51:68:a6:da:4d:55:
b1:64:eb:6e:19:bf:54:f2:96:a7:bb:1f:b5:7a:1e:23:d0:6e:
00:b0:73:5d:6d:74:28:dd:81:69:8c:48:10:28:b5:15:67:d0:
7c:55:5b:d9
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZOPvVTK9Uwp2xb2psuyC83GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkYjY3YzVjN2ZhN2ZlMjQ5MmVlYzM3Y2Y0Mjc2NDJiNzFk
NDI1YjAwHhcNMjQxMjA0MDMzNjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGRmNjY2MGIxOTMwZjZmMTgxYTllZTU2YzUyMDQ2ZTM0NTM5NTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIOFZrE3sGHSYOqHxW2R7djlFMzV
0n8MYotzIuyL0UYFDHWU4XO4WvdtMHa4LV0mlyZ3Ub+0KP7Yx0JruJxcuHAVh3+f
Qqv/tMvMGWjW9iU75BCzWXlvdsxrrmXFQEETZ56XHKc3APye2egRHRaWCSfsW6iB
C3ij0fjNSDpB+4KXmKpIFuE2I8RniGZJPOq7AJLwa98kF9LJ4XH0xzcKZ7d3gA5Q
75XUu9v03UrwN2IDcbyW4PSnG1rKcTLImgCnoJ84gtnNbV05CPGSyzONgXQMxeR/
gEmFfoi6PlEGl7gPmmq3aDhtetAkpjYxkBibw3PjAQ4tEoO2lppYuRno5QIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFM3fZmCxkw9vGBqe5WxSBG40U5UpMB8GA1UdIwQY
MBaAFA22fFx/p/4kku7DfPQnZCtx1CWwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjkt
YjAzZGY5OTZlNDgxLzEvemQ5bVlMR1REMjhZR3A3bGJGSUVialJUbFNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wZjM3NTctZjBlZC00ZTdlLTkzMjktYjAzZGY5OTZlNDgx
LzEvRGJaOFhILW5faVNTN3NOODlDZGtLM0hVSmJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBkwQCAAEwgYwDBAAl
SIQDBAItjpwDBAItkUgDBAItlqQDBAEtluIDBAItl4QDBAItmtQDBAA+zDYDBABb
9icDBABemnIDBACSE3IDBACSE98DBACwdAEDBACyFh4DBAC8XYsDBAHB2sgDBAHB
3V4DBAHCfNoDBAHCfOAwDAMEAcKTYgMEAcKTZAMEANQSbwMEANlyLzAOBAIAAjAI
AwYGKg7aQEAwDQYJKoZIhvcNAQELBQADggEBAMoB8xtNqn/VKZ0NiXorkrc9V8+Q
wtNSPrACP61kkh7HkWLhrkoCla1+XwsK4hVe8oBOJIE7yh8QahJ+LHNBO1MRtOYp
uQr9FCSAlgVvHbJmf1mWq5y4u6Qtvrx/iGdcku3q7SQlTWgNIB1GaBFJN+ohpVMB
62ELlWdVBBCDUBrGGe36APu7v/8w48FeiXw2idLCR9dkIsBd0mJbhTcGX20HpfNI
eMgcxfNMTmCPUNokMVOnJOl1R9S0GwF3uGVeXUWD/c4FolvuGGXKEHG68H1v2VFo
ptpNVbFk624Zv1Tylqe7H7V6HiPQbgCwc11tdCjdgWmMSBAotRVn0HxVW9k=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:51:17 2025 by rpki-client