Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ZPM15AhOYb9epTJAtFTQY2cZZ4A.roa
File: ZPM15AhOYb9epTJAtFTQY2cZZ4A.roa (raw, json)
Hash identifier: 8ZLB7eQTH3gix2xtPfMGJZsrpkaFwNQ3nEYQMgCpQzE=
Subject key identifier: 64:F3:35:E4:08:4E:61:BF:5E:A5:32:40:B4:54:D0:63:67:19:67:80
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018780ED33648CA6BCF66222E5BEA1E3EEB9
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ZPM15AhOYb9epTJAtFTQY2cZZ4A.roa
Signing time: Fri 14 Apr 2023 18:00:41 +0000
ROA not before: Fri 14 Apr 2023 18:00:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 85.208.105.0/24 maxlen: 24
45.66.152.0/22 maxlen: 24
5.180.32.0/22 maxlen: 24
5.180.51.0/24 maxlen: 24
5.180.48.0/24 maxlen: 24
5.180.50.0/24 maxlen: 24
5.180.49.0/24 maxlen: 24
85.208.112.0/22 maxlen: 24
45.8.184.0/22 maxlen: 24
45.8.192.0/22 maxlen: 24
45.8.188.0/22 maxlen: 24
45.8.199.0/24 maxlen: 24
45.8.198.0/24 maxlen: 24
45.8.197.0/24 maxlen: 24
45.8.203.0/24 maxlen: 24
193.168.208.0/22 maxlen: 24
5.180.82.0/24 maxlen: 24
5.180.80.0/24 maxlen: 24
5.180.232.0/22 maxlen: 24
85.209.160.0/22 maxlen: 24
85.209.163.0/24 maxlen: 24
5.253.36.0/22 maxlen: 24
5.253.44.0/24 maxlen: 24
45.8.252.0/24 maxlen: 24
45.8.253.0/24 maxlen: 24
5.253.46.0/24 maxlen: 24
5.253.47.0/24 maxlen: 24
5.253.45.0/24 maxlen: 24
45.9.0.0/22 maxlen: 24
45.8.255.0/24 maxlen: 24
45.9.4.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Apr 2023 05:14:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:ed:33:64:8c:a6:bc:f6:62:22:e5:be:a1:e3:ee:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Apr 14 18:00:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64f335e4084e61bf5ea53240b454d06367196780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e1:c7:a7:cc:81:e9:b5:d9:97:92:0d:54:38:
49:3b:0c:cf:67:5d:2c:96:fb:c4:2d:af:81:88:71:
8f:ba:55:2d:6b:a8:b2:41:11:a7:34:fe:fe:c0:f8:
10:27:49:4d:ed:64:c4:72:a1:bc:1c:22:e0:e9:78:
8e:70:ed:3b:b4:29:7c:9b:65:c9:82:3e:19:75:05:
07:84:2a:3a:b9:f0:06:b2:69:f7:96:cd:a6:00:95:
28:71:fd:6f:e9:74:af:c4:7d:b4:18:33:21:61:7f:
92:9c:77:61:cb:02:d7:f5:5f:7d:30:c3:7c:e6:29:
ab:c4:1d:93:df:4b:78:c3:c6:51:a7:04:b3:90:f4:
9a:04:f9:8d:e2:a3:b8:89:64:cd:b4:ef:e2:8e:12:
4e:f4:5a:a5:0b:e5:3e:26:06:02:dc:98:af:07:f6:
76:fc:8d:e3:d3:95:34:b2:49:13:6f:53:49:9f:d0:
df:8b:78:1b:b2:c1:52:38:2e:63:75:0b:b1:81:ad:
72:35:2d:c3:d3:1a:f8:ba:be:5e:1b:55:e5:f2:24:
d8:ab:49:8f:e2:d9:ae:62:66:b9:10:e7:7c:02:98:
49:ba:29:57:b0:db:8d:39:33:31:6b:be:1a:b7:24:
39:64:29:4d:dd:8b:0c:7d:2a:2e:8f:a9:ce:d6:c6:
dc:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F3:35:E4:08:4E:61:BF:5E:A5:32:40:B4:54:D0:63:67:19:67:80
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/ZPM15AhOYb9epTJAtFTQY2cZZ4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.32.0/22
5.180.48.0/22
5.180.80.0/24
5.180.82.0/24
5.180.232.0/22
5.253.36.0/22
5.253.44.0/22
45.8.184.0-45.8.195.255
45.8.197.0-45.8.199.255
45.8.203.0/24
45.8.252.0/23
45.8.255.0-45.9.7.255
45.66.152.0/22
85.208.105.0/24
85.208.112.0/22
85.209.160.0/22
193.168.208.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:b6:a9:c0:79:78:74:c8:f0:f0:61:be:95:a6:0f:e5:43:6d:
d1:fa:63:19:ee:5a:0c:44:9b:a3:f5:79:91:c1:9e:05:bf:08:
8a:88:99:36:05:0d:86:ef:cc:12:db:cc:9c:cb:87:9b:e5:28:
ba:49:d1:a5:ab:c9:3b:27:dc:c1:c0:1a:f9:5d:68:e3:8d:12:
c5:e8:bb:63:4a:ab:70:7f:e3:63:a7:37:45:3b:86:f2:1e:9c:
8e:39:4e:9b:64:6b:8f:c2:f9:25:bd:63:46:74:30:66:bd:8b:
96:7f:72:be:76:97:c2:3c:8b:53:2e:df:8f:1d:3f:61:e2:81:
58:14:62:78:e1:4e:a3:b1:98:ba:cf:64:12:58:b0:63:70:7c:
0c:8a:fa:ee:b2:ba:f5:cc:f1:09:e2:06:4b:66:51:25:87:d9:
18:9b:4c:f6:e8:4c:08:11:a1:53:05:f6:d4:f8:47:87:f9:10:
f0:f7:7a:83:7f:11:1d:c4:ff:8d:fd:aa:2c:30:f1:9b:d0:f3:
92:3c:9d:a9:0f:6b:b3:6d:e5:79:b2:8e:8d:f6:4f:84:52:e0:
2e:0a:09:30:6a:2c:96:51:db:6a:3b:f0:cd:48:29:32:89:7a:
3c:17:8e:c2:bf:59:0f:f3:82:e5:8b:1a:25:f2:84:78:6a:f5:
ca:16:4e:3c
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAYeA7TNkjKa89mIi5b6h4+65MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwNDE0MTgwMDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGYzMzVlNDA4NGU2MWJmNWVhNTMyNDBiNDU0ZDA2MzY3MTk2NzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguHHp8yB6bXZl5INVDhJOwzPZ10s
lvvELa+BiHGPulUta6iyQRGnNP7+wPgQJ0lN7WTEcqG8HCLg6XiOcO07tCl8m2XJ
gj4ZdQUHhCo6ufAGsmn3ls2mAJUocf1v6XSvxH20GDMhYX+SnHdhywLX9V99MMN8
5imrxB2T30t4w8ZRpwSzkPSaBPmN4qO4iWTNtO/ijhJO9FqlC+U+JgYC3JivB/Z2
/I3j05U0skkTb1NJn9Dfi3gbssFSOC5jdQuxga1yNS3D0xr4ur5eG1Xl8iTYq0mP
4tmuYma5EOd8AphJuilXsNuNOTMxa74atyQ5ZClN3YsMfSouj6nO1sbcZwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGTzNeQITmG/XqUyQLRU0GNnGWeAMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvWlBNMTVBaE9ZYjllcFRKQXRGVFFZMmNaWjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAgW0
IAMEAgW0MAMEAAW0UAMEAAW0UgMEAgW06AMEAgX9JAMEAgX9LDAMAwQDLQi4AwQC
LQjAMAwDBAAtCMUDBAMtCMADBAAtCMsDBAEtCPwwDAMEAC0I/wMEAy0JAAMEAi1C
mAMEAFXQaQMEAlXQcAMEAlXRoAMEAsGo0DANBgkqhkiG9w0BAQsFAAOCAQEAS7ap
wHl4dMjw8GG+laYP5UNt0fpjGe5aDESbo/V5kcGeBb8IioiZNgUNhu/MEtvMnMuH
m+UouknRpavJOyfcwcAa+V1o440Sxei7Y0qrcH/jY6c3RTuG8h6cjjlOm2Rrj8L5
Jb1jRnQwZr2Lln9yvnaXwjyLUy7fjx0/YeKBWBRieOFOo7GYus9kEliwY3B8DIr6
7rK69czxCeIGS2ZRJYfZGJtM9uhMCBGhUwX21PhHh/kQ8Pd6g38RHcT/jf2qLDDx
m9DzkjydqQ9rs23lebKOjfZPhFLgLgoJMGosllHbajvwzUgpMol6PBeOwr9ZD/OC
5YsaJfKEeGr1yhZOPA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:25 2024 by rpki-client on console-fra.rpki-client.org