Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Z90ZSjxlJeAbqcFTKCOfRZgnlt0.roa
File: Z90ZSjxlJeAbqcFTKCOfRZgnlt0.roa (raw, json)
Hash identifier: t4A1LqbVFLmiRaLPCx2sEDe3T67x57/NLXu7dmtxIEU=
Subject key identifier: 67:DD:19:4A:3C:65:25:E0:1B:A9:C1:53:28:23:9F:45:98:27:96:DD
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018FA9E7F6BA7F07A45BE297773D9D9DEF4D
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Z90ZSjxlJeAbqcFTKCOfRZgnlt0.roa
Signing time: Fri 24 May 2024 09:21:42 +0000
ROA not before: Fri 24 May 2024 09:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6698
IP address blocks: 45.11.57.0/24 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
128.0.104.0/24 maxlen: 24
176.97.112.0/23 maxlen: 24
176.97.114.0/24 maxlen: 24
176.97.115.0/24 maxlen: 24
176.97.116.0/22 maxlen: 22
176.97.122.0/23 maxlen: 23
176.119.31.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 27 May 2024 07:46:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a9:e7:f6:ba:7f:07:a4:5b:e2:97:77:3d:9d:9d:ef:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: May 24 09:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67dd194a3c6525e01ba9c15328239f45982796dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cc:1f:42:4f:12:d2:af:e5:a4:f6:86:f9:c6:
e4:af:42:89:a4:21:b6:ab:56:a9:f0:47:01:11:da:
07:18:cb:95:71:77:23:27:b1:3f:a4:75:15:06:ae:
76:af:52:72:fd:73:ff:5e:c3:0e:07:f5:86:a9:b9:
a1:26:d5:ba:67:a7:0f:87:d9:6f:45:45:f7:64:21:
1e:ec:48:f3:17:a0:d0:4a:67:9f:ca:8f:8d:4c:12:
a6:df:93:16:b6:3d:85:dd:6e:8b:1f:c3:bc:c7:26:
ed:b0:3b:28:33:42:f8:57:84:ea:6b:ef:a6:ad:3d:
75:ec:65:c9:65:43:02:33:be:78:2e:c1:c6:30:0a:
be:c6:8f:aa:66:b5:84:27:a1:74:9a:6a:48:5c:46:
ec:52:67:78:a2:86:37:7d:6e:2d:d4:8f:6f:b1:f5:
2a:60:b9:fa:f8:2e:35:d7:34:59:85:5a:46:0b:1c:
73:2c:58:d1:61:08:dc:4f:07:98:1c:c7:2d:5f:88:
eb:30:84:d9:3f:5b:da:ce:38:62:25:4a:d9:0b:db:
67:7a:1a:81:ce:4f:3a:4c:b7:d6:a0:35:f5:5f:8b:
f1:62:a9:f3:6e:0c:07:70:44:d7:bb:b7:7d:e7:a0:
c4:85:13:d9:1e:6b:bc:43:fa:e0:e3:38:63:70:db:
f1:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:DD:19:4A:3C:65:25:E0:1B:A9:C1:53:28:23:9F:45:98:27:96:DD
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/Z90ZSjxlJeAbqcFTKCOfRZgnlt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
128.0.104.0/24
176.97.112.0/21
176.97.122.0/23
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
32:8e:65:e0:f0:64:e4:c9:1c:ff:c2:78:79:5b:a3:df:16:42:
0e:58:ca:60:47:3d:49:ce:2d:59:47:f6:80:4d:c8:04:52:8e:
61:69:1d:fa:b2:b3:65:ca:20:39:ed:a6:2d:80:2d:91:ca:4a:
59:03:1d:b2:c3:5e:2a:a0:1c:98:a0:17:14:8e:1c:29:71:2a:
42:d2:ba:0c:2a:c5:96:7b:be:8e:a1:50:5d:3f:60:06:da:cb:
2c:be:6c:66:ac:c0:46:91:79:3d:a7:b2:d1:b1:1a:69:45:c5:
17:ff:2b:ea:07:78:83:b6:25:22:ec:66:95:9a:7e:c0:e3:a3:
fc:13:47:61:f2:ca:cd:68:06:c0:0c:f4:8a:b8:05:a1:e6:cf:
e1:29:e9:e7:6e:cc:5c:31:49:af:6b:88:84:12:04:ae:ea:77:
79:0e:de:bc:ed:5c:6e:f2:05:7c:59:38:c0:3d:f3:71:08:9b:
d5:34:66:6f:00:79:85:e4:7d:0c:07:e4:36:0e:11:f8:82:dd:
7d:8c:8f:0a:98:56:37:f4:aa:72:3c:36:01:7c:96:06:22:2c:
74:30:e6:e0:ae:94:60:83:6e:6f:50:e7:5d:b7:54:00:4d:cc:
1a:f5:fd:d1:0d:27:3e:28:8e:67:dc:eb:60:21:9a:9d:19:6c:
7e:8d:f3:4f
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAY+p5/a6fwekW+KXdz2dne9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwNTI0MDkyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2RkMTk0YTNjNjUyNWUwMWJhOWMxNTMyODIzOWY0NTk4Mjc5NmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8wfQk8S0q/lpPaG+cbkr0KJpCG2
q1ap8EcBEdoHGMuVcXcjJ7E/pHUVBq52r1Jy/XP/XsMOB/WGqbmhJtW6Z6cPh9lv
RUX3ZCEe7EjzF6DQSmefyo+NTBKm35MWtj2F3W6LH8O8xybtsDsoM0L4V4Tqa++m
rT117GXJZUMCM754LsHGMAq+xo+qZrWEJ6F0mmpIXEbsUmd4ooY3fW4t1I9vsfUq
YLn6+C411zRZhVpGCxxzLFjRYQjcTweYHMctX4jrMITZP1vazjhiJUrZC9tnehqB
zk86TLfWoDX1X4vxYqnzbgwHcETXu7d956DEhRPZHmu8Q/rg4zhjcNvxrQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGfdGUo8ZSXgG6nBUygjn0WYJ5bdMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvWjkwWlNqeGxKZUFicWNGVEtDT2ZSWmdubHQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQAgABoAwQDsGFwAwQBsGF6AwQAsHcfAwQAuf7HAwQA
wirMAwQAw0LSAwQBw4D4MA0EAgACMAcDBQAqCS3CMA0GCSqGSIb3DQEBCwUAA4IB
AQAyjmXg8GTkyRz/wnh5W6PfFkIOWMpgRz1Jzi1ZR/aATcgEUo5haR36srNlyiA5
7aYtgC2RykpZAx2yw14qoByYoBcUjhwpcSpC0roMKsWWe76OoVBdP2AG2sssvmxm
rMBGkXk9p7LRsRppRcUX/yvqB3iDtiUi7GaVmn7A46P8E0dh8srNaAbADPSKuAWh
5s/hKennbsxcMUmva4iEEgSu6nd5Dt687Vxu8gV8WTjAPfNxCJvVNGZvAHmF5H0M
B+Q2DhH4gt19jI8KmFY39KpyPDYBfJYGIix0MObgrpRgg25vUOddt1QATcwa9f3R
DSc+KI5n3OtgIZqdGWx+jfNP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:21 2024 by rpki-client on console-fra.rpki-client.org