Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zteKeZ3xmTft6taL2yl7yLjLQn0.roa
File: zteKeZ3xmTft6taL2yl7yLjLQn0.roa (raw, json)
Hash identifier: TE8cgXdrq5v4pNv1duSflGdFbYhcXX+6gtYfaCmd9lM=
Subject key identifier: CE:D7:8A:79:9D:F1:99:37:ED:EA:D6:8B:DB:29:7B:C8:B8:CB:42:7D
Certificate issuer: /CN=d5637692ff5c45486d1053b149dc1420026cd733
Certificate serial: 018AA47957A19C329027DDB5FE18257E1CF0
Authority key identifier: D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zteKeZ3xmTft6taL2yl7yLjLQn0.roa
Signing time: Sun 17 Sep 2023 18:48:50 +0000
ROA not before: Sun 17 Sep 2023 18:48:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 45.149.94.0/24 maxlen: 24
80.246.225.0/24 maxlen: 24
80.246.232.0/24 maxlen: 24
80.246.228.0/24 maxlen: 24
80.246.236.0/24 maxlen: 24
80.246.236.0/22 maxlen: 24
80.246.237.0/24 maxlen: 24
80.246.238.0/24 maxlen: 24
80.246.239.0/24 maxlen: 24
80.246.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 19 Sep 2023 10:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:a4:79:57:a1:9c:32:90:27:dd:b5:fe:18:25:7e:1c:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5637692ff5c45486d1053b149dc1420026cd733
Validity
Not Before: Sep 17 18:48:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ced78a799df19937edead68bdb297bc8b8cb427d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e0:2d:f7:b6:52:ae:a7:f7:f9:a2:0a:59:18:
88:c1:dd:67:66:83:d6:76:c6:65:7b:93:62:3d:21:
ea:6b:28:af:f8:84:b0:5d:93:5d:06:2e:4b:11:d3:
93:e5:76:68:a7:40:9d:f9:5b:35:05:77:92:60:d7:
e0:47:3d:6d:b0:43:00:8d:dd:4b:12:31:aa:ab:56:
96:18:0f:06:0b:c7:bb:f7:11:5a:2f:47:61:18:22:
28:b5:90:45:dc:e7:de:cd:85:f8:ac:c6:f8:42:f4:
15:0f:0c:53:c6:a6:cb:db:41:f3:3e:ca:1c:bf:3b:
f4:5d:f6:3d:f5:82:ca:1b:71:5e:cf:52:c8:91:44:
9c:80:86:10:d7:12:96:ac:1c:19:ff:a0:f4:d0:0f:
55:b1:4b:ea:9a:bb:bd:c0:57:05:1e:4a:77:73:6d:
54:d3:d4:99:4b:71:0b:d6:a6:b3:f0:a0:70:e4:60:
03:da:ab:a3:30:19:fe:b4:32:72:3d:fd:9d:08:83:
af:08:d6:d7:f8:82:c3:1b:41:c5:fe:bd:3e:bc:d8:
91:86:b5:81:4f:81:15:c6:fb:45:4b:ff:79:90:39:
c8:04:de:4a:58:8d:ea:47:14:74:42:29:77:19:6b:
c9:8b:93:32:12:d0:7d:6b:4e:e0:09:34:88:eb:5e:
20:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D7:8A:79:9D:F1:99:37:ED:EA:D6:8B:DB:29:7B:C8:B8:CB:42:7D
X509v3 Authority Key Identifier:
keyid:D5:63:76:92:FF:5C:45:48:6D:10:53:B1:49:DC:14:20:02:6C:D7:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1WN2kv9cRUhtEFOxSdwUIAJs1zM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/zteKeZ3xmTft6taL2yl7yLjLQn0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/98e113-e002-4d93-9a49-adeade2865c1/1/1WN2kv9cRUhtEFOxSdwUIAJs1zM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.94.0/24
80.246.225.0/24
80.246.228.0/24
80.246.232.0/24
80.246.235.0-80.246.239.255
Signature Algorithm: sha256WithRSAEncryption
31:05:f0:ea:2f:07:14:e0:f4:dd:7e:18:62:02:22:c5:7f:cc:
d2:ca:36:43:47:39:d3:df:d2:68:75:6d:2c:a7:ad:7b:01:6b:
fd:7d:6e:a1:c2:0b:1e:0f:81:c3:b0:86:3c:4a:81:24:07:9f:
3e:de:df:04:f5:bc:7c:73:0f:73:47:46:8f:dd:dd:f7:83:ca:
dc:22:44:a3:72:28:18:9d:2a:df:27:e3:8b:41:02:e1:ef:0e:
d7:1e:c0:0a:16:c8:d0:a6:1f:03:ad:ab:33:68:08:84:cf:18:
34:89:eb:d2:f1:c6:c9:50:59:63:ff:45:cf:94:a9:8b:94:95:
2b:29:df:4d:36:3d:50:11:d1:4a:7d:f3:49:71:03:80:10:97:
a0:3d:f6:5b:66:f2:49:53:1c:11:27:51:57:a1:80:4b:2d:39:
58:5f:67:1d:1d:3e:00:75:46:12:f6:27:42:3c:84:73:b5:d1:
20:06:06:50:59:9f:d5:d9:22:2b:b2:d6:25:a6:df:8e:82:83:
16:d3:4b:15:85:47:b8:67:d5:db:1f:f8:f3:db:ab:02:df:61:
76:e9:57:4a:ab:4b:95:17:9e:91:96:0a:98:fd:8a:42:f9:28:
13:30:f5:0e:9d:37:82:62:e4:27:9c:07:74:b2:9f:52:1e:7a:
1d:02:77:e1
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYqkeVehnDKQJ921/hglfhzwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1NjM3NjkyZmY1YzQ1NDg2ZDEwNTNiMTQ5ZGMxNDIwMDI2
Y2Q3MzMwHhcNMjMwOTE3MTg0ODUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQ3OGE3OTlkZjE5OTM3ZWRlYWQ2OGJkYjI5N2JjOGI4Y2I0MjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuAt97ZSrqf3+aIKWRiIwd1nZoPW
dsZle5NiPSHqayiv+ISwXZNdBi5LEdOT5XZop0Cd+Vs1BXeSYNfgRz1tsEMAjd1L
EjGqq1aWGA8GC8e79xFaL0dhGCIotZBF3OfezYX4rMb4QvQVDwxTxqbL20HzPsoc
vzv0XfY99YLKG3Fez1LIkUScgIYQ1xKWrBwZ/6D00A9VsUvqmru9wFcFHkp3c21U
09SZS3EL1qaz8KBw5GAD2qujMBn+tDJyPf2dCIOvCNbX+ILDG0HF/r0+vNiRhrWB
T4EVxvtFS/95kDnIBN5KWI3qRxR0Qil3GWvJi5MyEtB9a07gCTSI614ggQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFM7Xinmd8Zk37erWi9spe8i4y0J9MB8GA1UdIwQY
MBaAFNVjdpL/XEVIbRBTsUncFCACbNczMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDkt
YWRlYWRlMjg2NWMxLzEvenRlS2VaM3htVGZ0NnRhTDJ5bDd5TGpMUW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi85OGUxMTMtZTAwMi00ZDkzLTlhNDktYWRlYWRlMjg2NWMx
LzEvMVdOMmt2OWNSVWh0RUZPeFNkd1VJQUpzMXpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQALZVeAwQA
UPbhAwQAUPbkAwQAUPboMAwDBABQ9usDBARQ9uAwDQYJKoZIhvcNAQELBQADggEB
ADEF8OovBxTg9N1+GGICIsV/zNLKNkNHOdPf0mh1bSynrXsBa/19bqHCCx4PgcOw
hjxKgSQHnz7e3wT1vHxzD3NHRo/d3feDytwiRKNyKBidKt8n44tBAuHvDtcewAoW
yNCmHwOtqzNoCITPGDSJ69LxxslQWWP/Rc+UqYuUlSsp3002PVAR0Up980lxA4AQ
l6A99ltm8klTHBEnUVehgEstOVhfZx0dPgB1RhL2J0I8hHO10SAGBlBZn9XZIiuy
1iWm346CgxbTSxWFR7hn1dsf+PPbqwLfYXbpV0qrS5UXnpGWCpj9ikL5KBMw9Q6d
N4Ji5CecB3Syn1Ieeh0Cd+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:31 2024 by rpki-client on console-ams.rpki-client.org