Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZwtdlFgkNsX_JwGMRZ1VVVmKatM.roa
File: ZwtdlFgkNsX_JwGMRZ1VVVmKatM.roa (raw, json)
Hash identifier: IARKtJvOq99EFTw1QIEdBfDuUJDMThUkSOBgnn1PoXg=
Subject key identifier: 67:0B:5D:94:58:24:36:C5:FF:27:01:8C:45:9D:55:55:59:8A:6A:D3
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 018FBF28F31D96E071EBCCDDA598A395D9AD
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZwtdlFgkNsX_JwGMRZ1VVVmKatM.roa
Signing time: Tue 28 May 2024 12:24:42 +0000
ROA not before: Tue 28 May 2024 12:24:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35196
IP address blocks: 45.9.73.179/32 maxlen: 32
45.9.73.184/32 maxlen: 32
45.9.73.236/32 maxlen: 32
45.89.65.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.128.176.0/24 maxlen: 24
45.128.177.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
94.142.136.67/32 maxlen: 32
94.142.139.0/24 maxlen: 24
185.5.248.0/22 maxlen: 22
185.5.248.0/23 maxlen: 23
185.5.250.0/23 maxlen: 23
185.5.250.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.206.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.87.48.18/32 maxlen: 32
185.87.49.0/24 maxlen: 24
185.87.50.0/24 maxlen: 24
185.87.51.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
185.125.216.0/22 maxlen: 22
185.125.218.0/23 maxlen: 23
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
193.124.176.0/20 maxlen: 20
194.67.192.0/19 maxlen: 19
194.67.194.0/23 maxlen: 23
194.67.196.0/22 maxlen: 22
194.67.200.0/21 maxlen: 21
194.67.202.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
195.47.250.0/24 maxlen: 24
2a09:5302:ffff::/48 maxlen: 48
2a0a:9300:1000::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 29 Jul 2024 08:22:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:28:f3:1d:96:e0:71:eb:cc:dd:a5:98:a3:95:d9:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 28 12:24:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=670b5d94582436c5ff27018c459d5555598a6ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:65:ce:45:67:74:a5:ff:d7:66:b7:af:a1:a3:
0a:b6:46:9e:1b:69:9d:f5:75:f8:97:67:53:e1:5e:
ae:67:4a:09:30:82:62:50:0d:2f:ec:ca:59:55:7d:
a1:8f:01:ea:06:56:4b:a4:54:48:e1:90:8a:77:f8:
b3:15:b7:03:98:7a:1a:a7:b3:f1:4c:dc:2d:ff:78:
95:26:7c:43:3d:27:00:aa:83:78:a5:09:b7:1e:48:
12:f4:3b:f2:b6:a4:ae:d2:03:98:d4:24:4d:9b:0d:
f2:9a:9a:4d:c6:ea:ea:fd:19:f0:b5:e7:d6:21:79:
be:1d:55:b7:b8:71:aa:62:86:33:4a:27:68:54:dd:
da:44:89:06:b7:a7:7e:37:f0:dc:80:48:2c:85:0b:
ea:dc:28:80:2c:12:65:1b:07:7d:e9:b3:e7:30:2e:
eb:36:f3:e6:29:ba:75:a5:91:13:7d:1e:c9:04:fe:
36:a9:6e:dd:4a:63:c6:37:1e:e6:e8:a3:eb:a7:65:
d0:35:b9:d7:43:4a:f2:14:90:15:2d:3f:f0:d0:3b:
13:ca:a6:f7:e0:1a:78:36:cc:5c:93:f1:a1:7b:ce:
c4:f5:ac:24:0c:98:ec:da:3b:5c:97:9e:1b:12:a6:
29:ad:08:85:9c:87:87:bd:bd:c4:9d:e0:32:7d:99:
30:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0B:5D:94:58:24:36:C5:FF:27:01:8C:45:9D:55:55:59:8A:6A:D3
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZwtdlFgkNsX_JwGMRZ1VVVmKatM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.179/32
45.9.73.184/32
45.9.73.236/32
45.89.65.0-45.89.67.255
45.128.176.0/22
91.217.80.0/24
94.142.136.0/21
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/23
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
IPv6:
2a09:5302:ffff::/48
2a0a:9300:1000::/48
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
35:3c:9e:74:cd:f1:13:14:d8:33:08:57:ab:c5:4f:c4:04:25:
4c:20:46:5b:5d:fb:9f:0f:d2:75:df:38:36:14:d2:06:a9:42:
63:66:3d:31:91:af:54:d3:ce:0c:16:74:d0:dc:68:b2:dc:33:
11:b7:e1:de:9b:32:68:7c:ec:1b:b2:e4:78:f1:e5:54:29:36:
83:c5:41:e5:1b:f1:e6:54:cd:31:0d:10:d0:28:49:e4:64:7d:
f0:17:fe:54:83:39:33:68:98:02:0b:70:f4:53:ac:90:98:6d:
e3:1d:12:24:d1:d8:be:45:4c:89:eb:e2:64:2f:5e:f8:ce:57:
65:33:6b:61:dc:fd:a3:98:26:c4:b4:86:52:e8:0b:95:98:c4:
58:d3:93:dc:59:a8:75:1e:f1:c9:66:75:c6:ab:33:81:4a:c7:
fc:db:ae:04:83:0e:ab:86:8e:7a:78:7e:9f:08:00:e6:c4:8d:
62:23:07:ac:eb:ab:f5:d2:23:05:70:a5:5b:4d:76:9c:eb:63:
c3:42:10:5e:23:cf:93:1f:55:9f:bf:16:00:75:86:b6:fe:af:
51:08:28:5f:04:0c:62:77:8b:3a:98:09:ae:5f:1b:d1:3b:c5:
8c:4d:15:cd:e1:84:c8:4b:62:5c:ef:f9:32:db:dc:25:ba:b4:
cb:88:71:fa
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgISAY+/KPMdluBx68zdpZijldmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjQwNTI4MTIyNDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzBiNWQ5NDU4MjQzNmM1ZmYyNzAxOGM0NTlkNTU1NTU5OGE2YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWXORWd0pf/XZrevoaMKtkaeG2md
9XX4l2dT4V6uZ0oJMIJiUA0v7MpZVX2hjwHqBlZLpFRI4ZCKd/izFbcDmHoap7Px
TNwt/3iVJnxDPScAqoN4pQm3HkgS9DvytqSu0gOY1CRNmw3ymppNxurq/RnwtefW
IXm+HVW3uHGqYoYzSidoVN3aRIkGt6d+N/DcgEgshQvq3CiALBJlGwd96bPnMC7r
NvPmKbp1pZETfR7JBP42qW7dSmPGNx7m6KPrp2XQNbnXQ0ryFJAVLT/w0DsTyqb3
4Bp4Nsxck/Ghe87E9awkDJjs2jtcl54bEqYprQiFnIeHvb3EneAyfZkwiQIDAQAB
o4ICqjCCAqYwHQYDVR0OBBYEFGcLXZRYJDbF/ycBjEWdVVVZimrTMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWnd0ZGxGZ2tOc1hfSndHTVJaMVZWVm1LYXRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG/BggrBgEFBQcBBwEB/wSBrzCBrDB3BAIAATBxAwUALQlJ
swMFAC0JSbgDBQAtCUnsMAwDBAAtWUEDBAItWUADBAItgLADBABb2VADBANejogD
BAK5BfgDBAK5OswDBAK5VzADBAG5aXQDBAK5dZgDBAK5fdgDBAK5feQDBATBfLAD
BAXCQ8ADBADDL/owMQQCAAIwKwMHACoJUwL//wMHACoKkwAQADAQAwUAKgqTAQMH
ACoKkwEAAgMFACoKkwIwDQYJKoZIhvcNAQELBQADggEBADU8nnTN8RMU2DMIV6vF
T8QEJUwgRltd+58P0nXfODYU0gapQmNmPTGRr1TTzgwWdNDcaLLcMxG34d6bMmh8
7Buy5Hjx5VQpNoPFQeUb8eZUzTENENAoSeRkffAX/lSDOTNomAILcPRTrJCYbeMd
EiTR2L5FTInr4mQvXvjOV2Uza2Hc/aOYJsS0hlLoC5WYxFjTk9xZqHUe8clmdcar
M4FKx/zbrgSDDquGjnp4fp8IAObEjWIjB6zrq/XSIwVwpVtNdpzrY8NCEF4jz5Mf
VZ+/FgB1hrb+r1EIKF8EDGJ3izqYCa5fG9E7xYxNFc3hhMhLYlzv+TLb3CW6tMuI
cfo=
-----END CERTIFICATE-----
Generated at Mon Jul 29 12:09:47 2024 by rpki-client on console-ams.rpki-client.org