Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zkTZ54Q4mPNRqXFDdrzEfArxw6g.roa
File: zkTZ54Q4mPNRqXFDdrzEfArxw6g.roa (raw, json)
Hash identifier: hgch2vk1FwOi0Pzuz5PZZs7Qbc+8jDf0RoI6D6FmpiY=
Subject key identifier: CE:44:D9:E7:84:38:98:F3:51:A9:71:43:76:BC:C4:7C:0A:F1:C3:A8
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0191BB841D2364F167A52F337F0397FB4B3E
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zkTZ54Q4mPNRqXFDdrzEfArxw6g.roa
Signing time: Wed 04 Sep 2024 05:31:22 +0000
ROA not before: Wed 04 Sep 2024 05:31:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 2.58.148.0/22 maxlen: 24
45.91.149.0/24 maxlen: 24
45.143.53.0/24 maxlen: 24
45.145.44.0/23 maxlen: 24
45.145.47.0/24 maxlen: 24
62.197.144.0/24 maxlen: 24
62.197.147.0/24 maxlen: 24
62.197.148.0/24 maxlen: 24
62.197.150.0/24 maxlen: 24
62.197.151.0/24 maxlen: 24
62.197.152.0/24 maxlen: 24
62.197.159.0/24 maxlen: 24
84.247.25.0/24 maxlen: 24
84.247.26.0/24 maxlen: 24
89.33.84.0/24 maxlen: 24
89.37.62.0/24 maxlen: 24
92.62.121.0/24 maxlen: 24
94.103.249.0/24 maxlen: 24
94.103.250.0/24 maxlen: 24
185.121.121.0/24 maxlen: 24
185.121.122.0/24 maxlen: 24
185.121.123.0/24 maxlen: 24
185.184.134.0/24 maxlen: 24
185.205.190.0/24 maxlen: 24
185.239.241.0/24 maxlen: 24
185.239.243.0/24 maxlen: 24
185.244.137.0/24 maxlen: 24
185.245.5.0/24 maxlen: 24
188.240.68.0/24 maxlen: 24
188.240.74.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
193.218.32.0/24 maxlen: 24
193.239.164.0/23 maxlen: 24
194.169.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Sep 2024 06:31:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:84:1d:23:64:f1:67:a5:2f:33:7f:03:97:fb:4b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Sep 4 05:31:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce44d9e7843898f351a9714376bcc47c0af1c3a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:db:09:00:b0:ed:66:23:32:3c:01:4d:ae:2e:
af:9e:a9:7c:6a:21:f0:b5:5c:17:46:fe:2a:f5:0c:
37:c5:b5:a7:79:e0:57:80:99:9a:8c:94:f5:a6:95:
b6:95:55:90:11:39:13:b1:c6:f8:54:42:4e:ca:d5:
9a:04:d4:09:65:d0:80:26:3e:2b:18:86:01:02:a9:
ce:15:6a:fc:15:fd:95:ce:4b:7b:40:70:9c:80:16:
2b:37:63:f6:cf:41:d8:09:63:0c:34:48:ca:f4:43:
56:f6:ba:fa:78:00:23:2c:d3:21:c0:8e:a4:f8:cd:
4c:07:38:45:6e:09:25:92:c4:bc:bd:11:5c:3d:b9:
86:b2:a5:38:80:bd:55:c5:1f:1e:a9:bf:18:99:24:
2d:9b:c9:19:98:fd:6c:8f:b6:62:72:8d:e9:69:e5:
6f:c7:2a:03:05:81:4d:b4:45:19:1b:18:b3:c1:1e:
1d:95:9c:17:54:85:7d:63:bb:8d:13:80:55:d9:ea:
6c:3e:04:3d:ea:a5:6d:b8:46:9c:e1:bf:86:fc:6e:
9f:fd:62:52:ea:6a:f1:25:d4:f7:a8:64:38:98:61:
d2:c9:7a:ab:7f:ab:0f:0d:37:a7:d7:4d:7b:0c:f1:
c6:fd:3f:d3:d8:cc:ea:f4:75:4f:4a:af:8e:9b:6a:
99:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:44:D9:E7:84:38:98:F3:51:A9:71:43:76:BC:C4:7C:0A:F1:C3:A8
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/zkTZ54Q4mPNRqXFDdrzEfArxw6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.148.0/22
45.91.149.0/24
45.143.53.0/24
45.145.44.0/23
45.145.47.0/24
62.197.144.0/24
62.197.147.0-62.197.148.255
62.197.150.0-62.197.152.255
62.197.159.0/24
84.247.25.0-84.247.26.255
89.33.84.0/24
89.37.62.0/24
92.62.121.0/24
94.103.249.0-94.103.250.255
185.121.121.0-185.121.123.255
185.184.134.0/24
185.205.190.0/24
185.239.241.0/24
185.239.243.0/24
185.244.137.0/24
185.245.5.0/24
188.240.68.0/24
188.240.74.0/24
193.19.108.0/24
193.218.32.0/24
193.239.164.0/23
194.169.169.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:28:6c:eb:32:aa:8e:81:1d:db:1b:6b:df:f9:38:6a:20:32:
52:dd:74:aa:21:01:e4:fa:80:a4:47:68:d1:b9:60:46:88:6b:
35:e3:b3:5f:54:9a:61:b1:8b:1a:ea:2c:ae:e1:1f:47:46:0c:
4b:c0:0b:dc:4a:56:f2:62:7e:9a:27:8e:8b:d5:71:6c:ee:40:
6e:cd:82:68:4b:cd:67:bc:fe:42:7c:3b:b6:52:88:55:0b:3c:
6b:14:b8:1a:27:ff:84:2a:4e:54:de:bc:0c:bb:5f:82:76:ed:
d7:b5:d0:3c:a0:19:88:1a:bb:e4:e3:08:01:8b:c4:ad:fe:77:
4c:79:06:1e:6f:93:42:cb:eb:90:ab:53:95:ec:c8:fb:11:1d:
e7:35:77:86:72:63:af:72:b3:25:a2:df:aa:74:bf:b4:54:ce:
f8:ce:94:3c:94:36:83:48:67:58:da:34:94:b7:72:74:a3:24:
12:b8:e6:3b:6e:74:67:58:14:19:89:46:4f:63:f9:a6:ab:38:
92:77:0c:77:d1:c0:fb:fe:85:24:b6:ea:01:3e:4e:92:5d:58:
38:97:c0:2d:0f:26:25:e3:ec:6b:b6:2f:12:df:65:9a:06:1e:
f6:a2:5b:2e:34:fb:55:4f:35:3e:d4:20:d2:e5:8f:3b:b7:3d:
21:b2:ba:ac
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZG7hB0jZPFnpS8zfwOX+0s+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwOTA0MDUzMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQ0ZDllNzg0Mzg5OGYzNTFhOTcxNDM3NmJjYzQ3YzBhZjFjM2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdsJALDtZiMyPAFNri6vnql8aiHw
tVwXRv4q9Qw3xbWneeBXgJmajJT1ppW2lVWQETkTscb4VEJOytWaBNQJZdCAJj4r
GIYBAqnOFWr8Ff2Vzkt7QHCcgBYrN2P2z0HYCWMMNEjK9ENW9rr6eAAjLNMhwI6k
+M1MBzhFbgklksS8vRFcPbmGsqU4gL1VxR8eqb8YmSQtm8kZmP1sj7Zico3paeVv
xyoDBYFNtEUZGxizwR4dlZwXVIV9Y7uNE4BV2epsPgQ96qVtuEac4b+G/G6f/WJS
6mrxJdT3qGQ4mGHSyXqrf6sPDTen1017DPHG/T/T2Mzq9HVPSq+Om2qZlQIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFM5E2eeEOJjzUalxQ3a8xHwK8cOoMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvemtUWjU0UTRtUE5ScVhGRGRyekVmQXJ4dzZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcoDBAIC
OpQDBAAtW5UDBAAtjzUDBAEtkSwDBAAtkS8DBAA+xZAwDAMEAD7FkwMEAD7FlDAM
AwQBPsWWAwQAPsWYAwQAPsWfMAwDBABU9xkDBABU9xoDBABZIVQDBABZJT4DBABc
PnkwDAMEAF5n+QMEAF5n+jAMAwQAuXl5AwQCuXl4AwQAubiGAwQAuc2+AwQAue/x
AwQAue/zAwQAufSJAwQAufUFAwQAvPBEAwQAvPBKAwQAwRNsAwQAwdogAwQBwe+k
AwQAwqmpMA0GCSqGSIb3DQEBCwUAA4IBAQBeKGzrMqqOgR3bG2vf+ThqIDJS3XSq
IQHk+oCkR2jRuWBGiGs147NfVJphsYsa6iyu4R9HRgxLwAvcSlbyYn6aJ46L1XFs
7kBuzYJoS81nvP5CfDu2UohVCzxrFLgaJ/+EKk5U3rwMu1+Cdu3XtdA8oBmIGrvk
4wgBi8St/ndMeQYeb5NCy+uQq1OV7Mj7ER3nNXeGcmOvcrMlot+qdL+0VM74zpQ8
lDaDSGdY2jSUt3J0oyQSuOY7bnRnWBQZiUZPY/mmqziSdwx30cD7/oUktuoBPk6S
XVg4l8AtDyYl4+xrti8S32WaBh72olsuNPtVTzU+1CDS5Y87tz0hsrqs
-----END CERTIFICATE-----
Generated at Thu Sep 5 08:09:13 2024 by rpki-client on console-ams.rpki-client.org