Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/ZUfaMsdHZq-QXxWr7NmPpkrBzfU.roa
File: ZUfaMsdHZq-QXxWr7NmPpkrBzfU.roa (raw, json)
Hash identifier: tBBnkbEX4gn4OfISqBm2M7HMznbji7onhnT4z+fi4c8=
Subject key identifier: 65:47:DA:32:C7:47:66:AF:90:5F:15:AB:EC:D9:8F:A6:4A:C1:CD:F5
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 018CC8016817A2097C2931808B135990905E
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/ZUfaMsdHZq-QXxWr7NmPpkrBzfU.roa
Signing time: Tue 02 Jan 2024 02:29:44 +0000
ROA not before: Tue 02 Jan 2024 02:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43180
IP address blocks: 45.12.0.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.11.57.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
176.119.31.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
176.97.112.0/23 maxlen: 23
2a09:2dc2::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 10 Jun 2024 13:22:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:68:17:a2:09:7c:29:31:80:8b:13:59:90:90:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Jan 2 02:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6547da32c74766af905f15abecd98fa64ac1cdf5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:5b:5c:ca:ed:d6:95:9c:3e:2c:96:b5:b0:c1:
f5:55:72:97:e4:73:c1:24:9f:19:69:df:bb:ed:d8:
6c:d0:20:94:8e:32:17:bc:0c:90:d3:91:d3:36:8b:
db:8e:e6:5b:1a:3e:38:67:38:57:e2:19:11:7f:f9:
c2:fa:cd:33:bb:02:c9:b9:1f:50:c7:59:03:6d:e2:
46:71:f8:ee:bd:28:23:cb:5f:e2:6e:f2:22:c3:b2:
2f:93:23:e7:9c:20:a3:7d:89:d8:4e:78:ae:11:3f:
a8:4f:9a:c7:2d:58:27:ea:07:5b:75:9e:41:7e:17:
28:a4:62:c1:63:c4:f3:a6:6e:4a:56:87:76:20:ab:
97:b2:4d:1a:b0:0d:b3:29:a7:48:66:2d:5f:37:64:
1b:ca:91:61:ff:b3:59:dc:22:69:6b:ca:fb:4f:88:
b2:63:2d:6a:a0:79:b9:b2:61:cd:b9:1e:7f:4b:83:
4a:22:a1:be:20:91:8b:a8:5a:39:a4:3f:89:5b:cd:
41:f3:05:1d:53:44:18:73:2a:01:5b:6f:9e:37:0a:
5f:13:bc:53:cc:cf:94:62:8c:55:90:23:b5:e8:80:
48:2f:8e:1c:19:2b:a2:14:bc:e9:50:ac:ec:ce:17:
7e:ec:5f:0c:7c:97:28:4b:0d:be:08:a7:8c:8c:86:
c9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:47:DA:32:C7:47:66:AF:90:5F:15:AB:EC:D9:8F:A6:4A:C1:CD:F5
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/ZUfaMsdHZq-QXxWr7NmPpkrBzfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.97.112.0/23
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/32
Signature Algorithm: sha256WithRSAEncryption
a2:fe:2a:7f:61:88:ae:bd:52:d0:e6:01:6d:66:84:7d:d4:27:
2b:f5:23:13:db:da:f8:b3:20:60:0c:ec:a3:be:ad:97:c5:cf:
0c:ae:7e:ba:56:9b:90:fe:7a:fc:b0:3a:d7:38:0b:7c:9e:c7:
c4:25:73:4d:ae:4b:1a:f4:46:5f:4d:46:ba:5b:ec:fe:bb:5d:
72:25:c9:9a:61:8e:bf:0c:b7:96:cc:4f:c1:e8:92:47:de:1c:
11:41:7e:df:70:d3:43:1b:3b:96:f5:e5:65:29:86:f9:8a:6c:
4a:d6:72:9c:55:a2:cc:72:a5:55:ef:6c:bf:cd:a1:1b:7c:3f:
e2:aa:df:b4:f7:aa:84:2e:fa:43:14:6f:4f:91:10:ca:b7:f6:
87:bb:3b:38:fa:04:1a:36:3d:6f:b2:f5:09:f4:33:2c:1c:29:
90:09:1a:c8:0a:40:9a:65:c7:d3:df:d2:af:7d:13:73:c0:1c:
d3:2d:81:0f:ce:23:41:35:49:33:fa:93:7b:50:25:5d:b8:72:
c1:74:66:05:49:9a:b1:4d:28:35:e6:8b:db:52:43:c6:d2:7a:
f3:33:ab:f5:e7:b4:9e:de:2d:2b:ef:22:ff:c4:e7:97:96:6e:
9e:64:e0:b5:20:4f:1a:f5:c8:16:cc:c2:0d:3c:5f:cf:bf:65:
2b:8d:5f:3a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzIAWgXogl8KTGAixNZkJBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwMTAyMDIyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTQ3ZGEzMmM3NDc2NmFmOTA1ZjE1YWJlY2Q5OGZhNjRhYzFjZGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlltcyu3WlZw+LJa1sMH1VXKX5HPB
JJ8Zad+77dhs0CCUjjIXvAyQ05HTNovbjuZbGj44ZzhX4hkRf/nC+s0zuwLJuR9Q
x1kDbeJGcfjuvSgjy1/ibvIiw7IvkyPnnCCjfYnYTniuET+oT5rHLVgn6gdbdZ5B
fhcopGLBY8Tzpm5KVod2IKuXsk0asA2zKadIZi1fN2QbypFh/7NZ3CJpa8r7T4iy
Yy1qoHm5smHNuR5/S4NKIqG+IJGLqFo5pD+JW81B8wUdU0QYcyoBW2+eNwpfE7xT
zM+UYoxVkCO16IBIL44cGSuiFLzpUKzszhd+7F8MfJcoSw2+CKeMjIbJMwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFGVH2jLHR2avkF8Vq+zZj6ZKwc31MB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvWlVmYU1zZEhacS1RWHhXcjdObVBwa3JCemZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQBsGFwAwQAsHcfAwQAuf7HAwQAwirMAwQAw0LSAwQB
w4D4MA0EAgACMAcDBQAqCS3CMA0GCSqGSIb3DQEBCwUAA4IBAQCi/ip/YYiuvVLQ
5gFtZoR91Ccr9SMT29r4syBgDOyjvq2Xxc8Mrn66VpuQ/nr8sDrXOAt8nsfEJXNN
rksa9EZfTUa6W+z+u11yJcmaYY6/DLeWzE/B6JJH3hwRQX7fcNNDGzuW9eVlKYb5
imxK1nKcVaLMcqVV72y/zaEbfD/iqt+096qELvpDFG9PkRDKt/aHuzs4+gQaNj1v
svUJ9DMsHCmQCRrICkCaZcfT39KvfRNzwBzTLYEPziNBNUkz+pN7UCVduHLBdGYF
SZqxTSg15ovbUkPG0nrzM6v157Se3i0r7yL/xOeXlm6eZOC1IE8a9cgWzMINPF/P
v2UrjV86
-----END CERTIFICATE-----
Generated at Mon Jun 10 16:21:31 2024 by rpki-client on console-fra.rpki-client.org