Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/853996-6cbb-4d42-8778-b1d7ac9ea321/1/ZDbnBfO9cB2x_DpvGZ6lPv4axtw.roa
File: ZDbnBfO9cB2x_DpvGZ6lPv4axtw.roa (raw, json)
Hash identifier: A1D4uYxLj22j0+KE6/bhqQ0DpLJeofaRTj4NP1ehgok=
Subject key identifier: 64:36:E7:05:F3:BD:70:1D:B1:FC:3A:6F:19:9E:A5:3E:FE:1A:C6:DC
Certificate issuer: /CN=089523953939f8a5e464b1cc7719ebeb9467ca3f
Certificate serial: 018CC4253BAE96C26B14B644773B888D2CA9
Authority key identifier: 08:95:23:95:39:39:F8:A5:E4:64:B1:CC:77:19:EB:EB:94:67:CA:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CJUjlTk5-KXkZLHMdxnr65Rnyj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/853996-6cbb-4d42-8778-b1d7ac9ea321/1/ZDbnBfO9cB2x_DpvGZ6lPv4axtw.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12353
IP address blocks: 94.60.0.0/14 maxlen: 14
89.114.0.0/15 maxlen: 15
46.189.128.0/17 maxlen: 17
5.43.0.0/18 maxlen: 18
192.160.246.0/23 maxlen: 23
178.166.0.0/17 maxlen: 17
192.160.245.0/24 maxlen: 24
192.160.251.0/24 maxlen: 24
161.230.0.0/16 maxlen: 16
192.160.248.0/23 maxlen: 23
148.69.0.0/16 maxlen: 16
188.37.0.0/16 maxlen: 16
95.136.0.0/17 maxlen: 17
78.137.192.0/18 maxlen: 18
213.30.0.0/17 maxlen: 17
5.158.0.0/18 maxlen: 18
5.249.0.0/17 maxlen: 17
93.108.0.0/16 maxlen: 16
87.103.0.0/17 maxlen: 17
148.71.0.0/16 maxlen: 16
212.18.160.0/19 maxlen: 19
77.54.0.0/16 maxlen: 16
37.28.192.0/18 maxlen: 18
148.63.0.0/16 maxlen: 16
149.90.0.0/16 maxlen: 16
185.37.208.0/22 maxlen: 22
83.174.0.0/18 maxlen: 18
2001:818::/32 maxlen: 32
2001:818::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3b:ae:96:c2:6b:14:b6:44:77:3b:88:8d:2c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=089523953939f8a5e464b1cc7719ebeb9467ca3f
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6436e705f3bd701db1fc3a6f199ea53efe1ac6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:38:23:b7:14:c5:d4:51:b2:79:a8:28:49:
39:1e:df:4d:b0:28:dd:cb:a9:55:0a:cf:d9:91:31:
ab:b2:64:27:ba:bb:7f:4d:d5:e2:e5:cb:ac:4f:8b:
d4:92:4a:11:5e:7f:5d:88:17:93:d5:44:0d:2a:5b:
a6:5a:11:70:3f:25:79:80:17:3b:7d:41:a4:78:48:
3a:1f:34:5e:6b:df:de:4c:45:f7:e4:39:eb:cc:cd:
12:f0:68:a0:a4:73:0d:f4:5e:05:5a:d4:56:ed:47:
ab:c3:e9:36:79:a3:5c:c3:85:85:b0:9f:79:f4:16:
be:37:b7:7b:95:ea:26:ae:26:2f:9d:15:87:79:a2:
03:65:bd:35:a2:6c:2e:86:45:14:aa:a8:94:ba:bd:
d1:1c:bc:66:7f:9d:a2:0b:19:20:90:9c:e1:e2:c3:
c8:ad:1a:df:0c:70:c8:5b:a0:9d:e8:b1:cc:e7:3e:
f7:d7:2e:19:d2:d6:d3:64:f6:2f:d3:e9:c2:5c:ea:
ff:88:64:92:2a:d8:34:b3:d1:02:69:62:51:03:67:
4f:20:f2:d9:38:dc:92:a9:4a:61:1a:23:bd:3d:46:
64:c2:3c:6f:f7:5d:f9:37:e4:82:ff:d6:a6:19:00:
9f:55:65:8c:53:e1:3c:47:83:b7:4f:d6:dc:a9:07:
da:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:36:E7:05:F3:BD:70:1D:B1:FC:3A:6F:19:9E:A5:3E:FE:1A:C6:DC
X509v3 Authority Key Identifier:
keyid:08:95:23:95:39:39:F8:A5:E4:64:B1:CC:77:19:EB:EB:94:67:CA:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CJUjlTk5-KXkZLHMdxnr65Rnyj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/853996-6cbb-4d42-8778-b1d7ac9ea321/1/ZDbnBfO9cB2x_DpvGZ6lPv4axtw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/853996-6cbb-4d42-8778-b1d7ac9ea321/1/CJUjlTk5-KXkZLHMdxnr65Rnyj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.43.0.0/18
5.158.0.0/18
5.249.0.0/17
37.28.192.0/18
46.189.128.0/17
77.54.0.0/16
78.137.192.0/18
83.174.0.0/18
87.103.0.0/17
89.114.0.0/15
93.108.0.0/16
94.60.0.0/14
95.136.0.0/17
148.63.0.0/16
148.69.0.0/16
148.71.0.0/16
149.90.0.0/16
161.230.0.0/16
178.166.0.0/17
185.37.208.0/22
188.37.0.0/16
192.160.245.0-192.160.249.255
192.160.251.0/24
212.18.160.0/19
213.30.0.0/17
IPv6:
2001:818::/29
Signature Algorithm: sha256WithRSAEncryption
3a:57:19:63:a8:d2:43:35:ae:50:dc:bd:3f:d3:8c:6e:6c:a7:
f6:74:f8:8f:74:e6:4c:a0:27:99:c9:e9:b2:a1:bc:24:47:f6:
29:52:45:4f:38:61:43:c5:3c:f9:d4:8e:bd:ca:5d:28:db:09:
40:49:87:b7:7c:1e:4f:80:54:bd:ee:ba:ad:95:60:9a:7f:ff:
50:5d:ab:ef:98:7a:b2:6e:1a:21:9f:1a:97:d8:0e:c3:44:37:
21:22:e8:87:01:38:58:95:7c:cb:e8:c7:13:73:d8:89:75:89:
53:9c:59:a5:89:30:19:63:4f:96:a8:cb:40:50:a0:54:20:7c:
df:25:77:9c:65:63:9f:a1:4d:0d:95:07:47:d0:34:fb:ef:24:
06:56:3f:71:7d:37:ea:c0:3f:fa:a3:05:67:50:1d:71:0a:a3:
fa:70:e7:18:9d:bc:d1:1e:46:74:61:19:b7:5f:4c:61:de:91:
a6:5b:c9:18:41:2c:ca:66:9a:57:44:a2:53:98:2d:7a:6d:16:
ca:8c:11:3c:7f:fa:55:54:0a:23:f1:e4:46:12:86:a9:2c:8f:
9f:66:f4:29:a2:6a:0f:81:92:8d:ce:94:53:81:bf:ea:2c:75:
50:be:b2:0d:94:06:27:b1:62:17:c0:c0:70:95:fd:ae:7a:74:
42:4d:e2:35
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYzEJTuulsJrFLZEdzuIjSypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OTUyMzk1MzkzOWY4YTVlNDY0YjFjYzc3MTllYmViOTQ2
N2NhM2YwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM2ZTcwNWYzYmQ3MDFkYjFmYzNhNmYxOTllYTUzZWZlMWFjNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr84I7cUxdRRsnmoKEk5Ht9NsCjd
y6lVCs/ZkTGrsmQnurt/TdXi5cusT4vUkkoRXn9diBeT1UQNKlumWhFwPyV5gBc7
fUGkeEg6HzRea9/eTEX35DnrzM0S8GigpHMN9F4FWtRW7Uerw+k2eaNcw4WFsJ95
9Ba+N7d7leomriYvnRWHeaIDZb01omwuhkUUqqiUur3RHLxmf52iCxkgkJzh4sPI
rRrfDHDIW6Cd6LHM5z731y4Z0tbTZPYv0+nCXOr/iGSSKtg0s9ECaWJRA2dPIPLZ
ONySqUphGiO9PUZkwjxv9135N+SC/9amGQCfVWWMU+E8R4O3T9bcqQfa8QIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFGQ25wXzvXAdsfw6bxmepT7+GsbcMB8GA1UdIwQY
MBaAFAiVI5U5Ofil5GSxzHcZ6+uUZ8o/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0pVamxUazUtS1hrWkxITWR4bnI2NVJueWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84NTM5OTYtNmNiYi00ZDQyLTg3Nzgt
YjFkN2FjOWVhMzIxLzEvWkRibkJmTzljQjJ4X0RwdkdaNmxQdjRheHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84NTM5OTYtNmNiYi00ZDQyLTg3NzgtYjFkN2FjOWVhMzIx
LzEvQ0pVamxUazUtS1hrWkxITWR4bnI2NVJueWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmwQCAAEwgZQDBAYF
KwADBAYFngADBAcF+QADBAYlHMADBAcuvYADAwBNNgMEBk6JwAMEBlOuAAMEB1dn
AAMDAVlyAwMAXWwDAwJePAMEB1+IAAMDAJQ/AwMAlEUDAwCURwMDAJVaAwMAoeYD
BAeypgADBAK5JdADAwC8JTAMAwQAwKD1AwQBwKD4AwQAwKD7AwQF1BKgAwQH1R4A
MA0EAgACMAcDBQMgAQgYMA0GCSqGSIb3DQEBCwUAA4IBAQA6VxljqNJDNa5Q3L0/
04xubKf2dPiPdOZMoCeZyemyobwkR/YpUkVPOGFDxTz51I69yl0o2wlASYe3fB5P
gFS97rqtlWCaf/9QXavvmHqybhohnxqX2A7DRDchIuiHAThYlXzL6McTc9iJdYlT
nFmliTAZY0+WqMtAUKBUIHzfJXecZWOfoU0NlQdH0DT77yQGVj9xfTfqwD/6owVn
UB1xCqP6cOcYnbzRHkZ0YRm3X0xh3pGmW8kYQSzKZppXRKJTmC16bRbKjBE8f/pV
VAoj8eRGEoapLI+fZvQpomoPgZKNzpRTgb/qLHVQvrINlAYnsWIXwMBwlf2uenRC
TeI1
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:49:38 2025 by rpki-client