Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3zjbf-fId4P4vPIv-ro3ZJ2f4cs.roa
File: 3zjbf-fId4P4vPIv-ro3ZJ2f4cs.roa (raw, json)
Hash identifier: jkdCboR1WJ0XDPXJdeh4poB3OWVB/d5qKMhBbZ6xaPc=
Subject key identifier: DF:38:DB:7F:E7:C8:77:83:F8:BC:F2:2F:FA:BA:37:64:9D:9F:E1:CB
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018F3D9C2FE34FBFDA344D79276400FD9E5B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3zjbf-fId4P4vPIv-ro3ZJ2f4cs.roa
Signing time: Fri 03 May 2024 08:39:56 +0000
ROA not before: Fri 03 May 2024 08:39:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42864
IP address blocks: 45.9.169.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.171.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.11.0/24 maxlen: 24
45.88.93.0/24 maxlen: 24
77.242.144.0/22 maxlen: 24
77.242.148.0/24 maxlen: 24
77.242.151.0/24 maxlen: 24
88.209.193.0/24 maxlen: 24
88.209.196.0/24 maxlen: 24
88.209.208.0/24 maxlen: 24
88.209.210.0/24 maxlen: 24
88.209.212.0/24 maxlen: 24
88.209.213.0/24 maxlen: 24
88.209.214.0/24 maxlen: 24
88.209.215.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
92.52.209.0/24 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.212.0/22 maxlen: 24
92.52.215.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
193.138.125.0/24 maxlen: 24
2a00:1f40::/29 maxlen: 29
2a05:f5c0::/29 maxlen: 29
2a05:f5c0::/32 maxlen: 32
2a0c:f1c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 08 May 2024 06:24:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:9c:2f:e3:4f:bf:da:34:4d:79:27:64:00:fd:9e:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: May 3 08:39:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df38db7fe7c87783f8bcf22ffaba37649d9fe1cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:df:59:da:9e:7c:79:e8:45:c8:50:fd:e0:55:
29:a4:22:51:8e:ed:ac:f4:fd:38:da:ae:39:ec:6e:
e4:ea:b4:68:dd:f6:bc:8d:d6:3c:70:41:14:0c:06:
86:05:a8:25:b0:d7:98:97:77:e3:a2:72:74:4e:92:
98:14:b9:49:e6:63:49:bd:2b:78:55:6c:cb:b4:37:
27:bb:1f:2e:26:b2:9a:d1:04:93:ba:a2:52:58:67:
db:cc:f9:b9:b2:f1:a6:62:16:a6:5b:c3:51:2c:c2:
27:93:2e:10:f4:e5:e5:8d:77:b5:be:fe:87:15:d1:
59:8d:33:b7:6b:a9:77:7f:e2:16:c7:ed:77:7b:db:
cb:1d:03:25:9a:07:f8:1d:67:f4:13:7d:01:67:e9:
98:68:68:6b:8d:d9:05:80:d3:c1:06:36:59:e4:30:
57:9c:88:d3:40:ea:dd:a0:e5:88:ba:16:ef:97:bf:
b7:17:a6:92:72:b6:b2:a5:c1:5f:34:c4:35:e1:5a:
ad:ae:6e:96:59:b8:42:e1:6d:7d:62:07:ca:61:25:
b6:e9:70:6c:71:b5:a0:9f:30:89:b2:6d:b6:66:f2:
8b:9e:75:c4:87:4e:96:07:8c:65:52:93:35:cd:fe:
a1:8f:3b:e9:32:a2:c8:85:25:56:82:ef:40:b0:d8:
4e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:38:DB:7F:E7:C8:77:83:F8:BC:F2:2F:FA:BA:37:64:9D:9F:E1:CB
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/3zjbf-fId4P4vPIv-ro3ZJ2f4cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.10.0/23
45.88.93.0/24
77.242.144.0-77.242.148.255
77.242.151.0/24
88.209.193.0/24
88.209.196.0/24
88.209.208.0/24
88.209.210.0/24
88.209.212.0/22
92.52.208.0/21
92.52.219.0/24
178.248.200.0/21
193.138.125.0/24
IPv6:
2a00:1f40::/29
2a05:f5c0::/29
2a0c:f1c0::/29
Signature Algorithm: sha256WithRSAEncryption
bf:88:71:cb:73:32:24:3d:f8:ed:f4:87:96:87:6f:51:5c:75:
10:d5:c8:e8:b1:9b:5d:c1:0b:52:88:07:c7:8b:ce:8d:c8:28:
b1:97:57:5b:23:fb:79:63:d8:77:ad:52:98:eb:cb:c0:40:9c:
35:d7:8d:1a:98:a5:f4:a7:75:a2:a1:37:53:9c:1d:f1:15:51:
e3:eb:73:f5:c3:34:ec:28:09:73:1f:fb:c5:3d:d9:fb:da:91:
ea:3b:68:7c:92:07:11:8d:e4:42:1f:54:55:49:c1:b2:6d:d9:
fc:bb:f0:c1:75:5b:36:f9:18:ea:f9:95:a2:34:87:b7:54:fa:
a2:74:a3:12:61:ab:fd:d5:0e:b7:b9:71:f8:a3:c4:1c:2e:a8:
a4:6f:fb:ad:37:3d:50:3c:d1:e8:32:83:1c:df:1f:a9:09:65:
d2:ab:88:3a:a2:be:a4:cc:cc:1b:fd:be:48:53:5c:92:54:56:
75:52:51:2a:08:24:47:91:43:bf:2f:40:9a:d5:00:0a:44:e2:
86:fe:e6:dc:b1:08:51:24:46:9b:1a:d2:be:99:25:e6:10:ff:
2a:56:2c:66:df:47:c1:d5:9d:fc:1c:da:04:74:19:4f:79:8e:
cb:a4:5f:b5:af:8c:be:f3:aa:28:63:c4:0c:32:09:52:54:c8:
a4:ad:7f:ca
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAY89nC/jT7/aNE15J2QA/Z5bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwNTAzMDgzOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjM4ZGI3ZmU3Yzg3NzgzZjhiY2YyMmZmYWJhMzc2NDlkOWZlMWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs99Z2p58eehFyFD94FUppCJRju2s
9P042q457G7k6rRo3fa8jdY8cEEUDAaGBaglsNeYl3fjonJ0TpKYFLlJ5mNJvSt4
VWzLtDcnux8uJrKa0QSTuqJSWGfbzPm5svGmYhamW8NRLMInky4Q9OXljXe1vv6H
FdFZjTO3a6l3f+IWx+13e9vLHQMlmgf4HWf0E30BZ+mYaGhrjdkFgNPBBjZZ5DBX
nIjTQOrdoOWIuhbvl7+3F6aScraypcFfNMQ14Vqtrm6WWbhC4W19YgfKYSW26XBs
cbWgnzCJsm22ZvKLnnXEh06WB4xlUpM1zf6hjzvpMqLIhSVWgu9AsNhOmwIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFN8423/nyHeD+LzyL/q6N2Sdn+HLMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvM3pqYmYtZklkNFA0dlBJdi1ybzNaSjJmNGNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTBqBAIAATBkMAwDBAAt
CakDBAItCagDBAEtDgoDBAAtWF0wDAMEBE3ykAMEAE3ylAMEAE3ylwMEAFjRwQME
AFjRxAMEAFjR0AMEAFjR0gMEAljR1AMEA1w00AMEAFw02wMEA7L4yAMEAMGKfTAb
BAIAAjAVAwUDKgAfQAMFAyoF9cADBQMqDPHAMA0GCSqGSIb3DQEBCwUAA4IBAQC/
iHHLczIkPfjt9IeWh29RXHUQ1cjosZtdwQtSiAfHi86NyCixl1dbI/t5Y9h3rVKY
68vAQJw1140amKX0p3WioTdTnB3xFVHj63P1wzTsKAlzH/vFPdn72pHqO2h8kgcR
jeRCH1RVScGybdn8u/DBdVs2+Rjq+ZWiNIe3VPqidKMSYav91Q63uXH4o8QcLqik
b/utNz1QPNHoMoMc3x+pCWXSq4g6or6kzMwb/b5IU1ySVFZ1UlEqCCRHkUO/L0Ca
1QAKROKG/ubcsQhRJEabGtK+mSXmEP8qVixm30fB1Z38HNoEdBlPeY7LpF+1r4y+
86ooY8QMMglSVMikrX/K
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:26 2024 by rpki-client on console-fra.rpki-client.org