Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/zj5FugtwsO1G465aossEJN24YIE.roa
File: zj5FugtwsO1G465aossEJN24YIE.roa (raw, json)
Hash identifier: 5AcersAbTWx96ctNnr53+NiH/awF9T9ZeIawqN7OvvU=
Subject key identifier: CE:3E:45:BA:0B:70:B0:ED:46:E3:AE:5A:A2:CB:04:24:DD:B8:60:81
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 01856DB883AB9CC76676866C8B2B93042953
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/zj5FugtwsO1G465aossEJN24YIE.roa
Signing time: Sun 01 Jan 2023 14:24:46 +0000
ROA not before: Sun 01 Jan 2023 14:24:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60695
IP address blocks: 185.228.108.0/22 maxlen: 22
45.88.4.0/24 maxlen: 24
155.133.33.0/24 maxlen: 24
185.225.100.0/22 maxlen: 22
155.133.60.0/23 maxlen: 23
2a06:1e00::/29 maxlen: 48
2a0d:b400::/29 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:b8:83:ab:9c:c7:66:76:86:6c:8b:2b:93:04:29:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Jan 1 14:24:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ce3e45ba0b70b0ed46e3ae5aa2cb0424ddb86081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8f:01:d4:b4:20:11:47:a2:8c:09:73:85:d9:
f6:6e:60:f1:97:e4:29:93:cc:86:32:fe:a9:a7:61:
52:d4:cc:3f:fe:a9:89:7c:7f:7a:20:6b:2a:e2:29:
49:81:9f:b5:18:f7:16:7a:d4:15:5f:f8:de:2f:77:
e2:72:ec:7f:af:c7:bd:e6:7c:87:36:74:8e:b1:7f:
53:32:ee:f7:55:09:2e:00:a8:6a:03:bf:24:04:c9:
75:5e:60:21:02:71:14:67:6d:65:08:a4:e9:24:51:
04:02:46:cf:a0:fb:3a:75:ba:23:2e:f5:a3:e7:42:
9d:c4:9f:db:16:31:f8:08:ea:eb:9c:94:27:41:dc:
fd:30:58:9f:ee:6f:15:5f:c8:33:b9:d5:32:52:73:
21:04:f2:ea:a8:67:01:b8:47:62:96:ec:b8:d1:fc:
19:e1:16:5f:c6:20:c0:f9:04:bd:59:e2:64:5c:c1:
86:e1:d9:c0:49:d3:c7:d5:e3:45:e4:60:73:e2:0a:
fe:4a:2b:40:ad:50:74:96:65:f9:89:9d:53:c0:71:
38:cc:69:c3:01:20:f5:1c:c9:21:ea:d0:82:28:7d:
0f:62:a5:28:77:0a:4a:81:c4:68:36:1f:90:be:f3:
7e:f1:5f:82:1b:4b:66:2d:ca:21:8b:a5:56:81:60:
f2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:3E:45:BA:0B:70:B0:ED:46:E3:AE:5A:A2:CB:04:24:DD:B8:60:81
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/zj5FugtwsO1G465aossEJN24YIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.4.0/24
155.133.33.0/24
155.133.60.0/23
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/29
2a0d:b400::/29
Signature Algorithm: sha256WithRSAEncryption
21:c7:4a:0c:4b:56:bc:70:ce:5b:bf:d5:40:0a:b2:2c:dc:63:
72:75:cf:ee:d8:c6:6a:de:cb:3f:63:2e:df:5e:77:a9:6f:64:
07:ed:94:81:d0:de:75:1c:3d:ac:8f:20:39:10:e8:09:61:59:
ab:e7:7f:c2:aa:b4:32:57:09:37:24:ec:ee:20:8a:13:94:f4:
ae:85:41:61:72:a8:76:dd:8d:8e:e4:e9:67:9c:63:3a:db:61:
b0:05:4f:b1:63:68:09:ec:bf:c5:38:87:dc:d9:07:15:81:1e:
08:e3:b8:dc:0d:8f:70:08:e6:0f:db:45:ea:14:09:5b:77:9f:
bd:6f:9f:b3:8f:50:a1:ed:bf:01:9f:55:47:79:ce:37:a8:17:
eb:18:f0:a9:90:d6:bd:20:71:ae:24:ff:2a:9f:3f:b3:d6:2f:
5d:4d:35:1b:af:a3:68:1c:2d:34:3f:e0:33:e1:8e:2f:15:ed:
2a:46:0d:2f:2e:6e:ab:38:5c:8d:32:2e:90:53:bc:3f:12:be:
9d:4d:8a:90:5a:01:48:7d:1e:c1:dd:a8:ab:c1:78:ed:55:ee:
38:4b:da:19:9e:73:40:51:96:91:31:fd:4f:16:e1:f6:10:e4:
ce:4b:d7:91:0b:0b:b9:27:10:f1:99:28:14:e4:57:79:f3:74:
cc:1e:fc:75
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYVtuIOrnMdmdoZsiyuTBClTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjMwMTAxMTQyNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTNlNDViYTBiNzBiMGVkNDZlM2FlNWFhMmNiMDQyNGRkYjg2MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo48B1LQgEUeijAlzhdn2bmDxl+Qp
k8yGMv6pp2FS1Mw//qmJfH96IGsq4ilJgZ+1GPcWetQVX/jeL3ficux/r8e95nyH
NnSOsX9TMu73VQkuAKhqA78kBMl1XmAhAnEUZ21lCKTpJFEEAkbPoPs6dbojLvWj
50KdxJ/bFjH4COrrnJQnQdz9MFif7m8VX8gzudUyUnMhBPLqqGcBuEdiluy40fwZ
4RZfxiDA+QS9WeJkXMGG4dnASdPH1eNF5GBz4gr+SitArVB0lmX5iZ1TwHE4zGnD
ASD1HMkh6tCCKH0PYqUodwpKgcRoNh+QvvN+8V+CG0tmLcohi6VWgWDyDwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFM4+RboLcLDtRuOuWqLLBCTduGCBMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvemo1RnVndHdzTzFHNDY1YW9zc0VKTjI0WUlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQALVgEAwQA
m4UhAwQBm4U8AwQCueFkAwQCueRsMBQEAgACMA4DBQMqBh4AAwUDKg20ADANBgkq
hkiG9w0BAQsFAAOCAQEAIcdKDEtWvHDOW7/VQAqyLNxjcnXP7tjGat7LP2Mu3153
qW9kB+2UgdDedRw9rI8gORDoCWFZq+d/wqq0MlcJNyTs7iCKE5T0roVBYXKodt2N
juTpZ5xjOtthsAVPsWNoCey/xTiH3NkHFYEeCOO43A2PcAjmD9tF6hQJW3efvW+f
s49Qoe2/AZ9VR3nON6gX6xjwqZDWvSBxriT/Kp8/s9YvXU01G6+jaBwtND/gM+GO
LxXtKkYNLy5uqzhcjTIukFO8PxK+nU2KkFoBSH0ewd2oq8F47VXuOEvaGZ5zQFGW
kTH9Txbh9hDkzkvXkQsLuScQ8ZkoFORXefN0zB78dQ==
-----END CERTIFICATE-----
Generated at Tue Jan 2 11:36:10 2024 by rpki-client on console-ams.rpki-client.org