Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Zh3tpUdnw2aICBtgmHKFVEUbDIs.roa
File: Zh3tpUdnw2aICBtgmHKFVEUbDIs.roa (raw, json)
Hash identifier: i8EBOoEgiF8h9+y+cbMLFCbqyJBLLMu+gs0cDY3v9wU=
Subject key identifier: 66:1D:ED:A5:47:67:C3:66:88:08:1B:60:98:72:85:54:45:1B:0C:8B
Certificate issuer: /CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Certificate serial: 018F5E2ECDF6A4F043F858CEB126422524A0
Authority key identifier: D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Zh3tpUdnw2aICBtgmHKFVEUbDIs.roa
Signing time: Thu 09 May 2024 16:27:56 +0000
ROA not before: Thu 09 May 2024 16:27:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16371
IP address blocks: 45.6.48.0/22 maxlen: 23
77.240.112.0/20 maxlen: 20
77.240.112.0/21 maxlen: 21
77.240.120.0/21 maxlen: 21
77.240.124.0/23 maxlen: 23
77.240.124.0/24 maxlen: 24
77.240.125.0/24 maxlen: 24
77.240.126.0/24 maxlen: 24
79.139.120.0/21 maxlen: 21
79.139.120.0/22 maxlen: 22
79.139.124.0/22 maxlen: 22
82.194.64.0/19 maxlen: 19
82.194.64.0/20 maxlen: 20
82.194.64.0/24 maxlen: 24
82.194.80.0/20 maxlen: 20
85.187.56.0/22 maxlen: 22
85.187.56.0/23 maxlen: 23
85.187.58.0/23 maxlen: 23
86.109.96.0/19 maxlen: 19
86.109.96.0/20 maxlen: 20
86.109.97.0/24 maxlen: 24
86.109.99.0/24 maxlen: 24
86.109.102.0/24 maxlen: 24
86.109.112.0/20 maxlen: 20
86.109.124.0/22 maxlen: 22
86.109.124.0/23 maxlen: 23
86.109.126.0/23 maxlen: 23
87.238.88.0/21 maxlen: 22
89.17.192.0/20 maxlen: 20
89.17.192.0/21 maxlen: 21
89.17.200.0/21 maxlen: 21
89.17.208.0/20 maxlen: 20
89.17.208.0/21 maxlen: 21
89.17.216.0/21 maxlen: 21
89.37.224.0/23 maxlen: 23
89.37.224.0/24 maxlen: 24
89.37.225.0/24 maxlen: 24
93.90.16.0/20 maxlen: 20
93.90.16.0/21 maxlen: 21
93.90.24.0/21 maxlen: 21
93.90.28.0/22 maxlen: 22
93.90.28.0/23 maxlen: 23
93.90.30.0/23 maxlen: 23
109.70.32.0/21 maxlen: 21
109.70.32.0/22 maxlen: 22
109.70.32.0/24 maxlen: 24
109.70.36.0/22 maxlen: 22
176.28.96.0/19 maxlen: 19
176.28.96.0/20 maxlen: 20
176.28.97.0/24 maxlen: 24
176.28.103.0/24 maxlen: 24
176.28.112.0/20 maxlen: 20
176.28.119.0/24 maxlen: 24
176.28.126.0/23 maxlen: 23
176.28.126.0/24 maxlen: 24
176.28.127.0/24 maxlen: 24
185.2.68.0/22 maxlen: 22
185.2.68.0/24 maxlen: 24
185.2.69.0/24 maxlen: 24
185.2.70.0/23 maxlen: 23
185.78.24.0/22 maxlen: 23
194.116.184.0/23 maxlen: 23
194.116.184.0/24 maxlen: 24
194.116.185.0/24 maxlen: 24
213.149.224.0/20 maxlen: 20
213.149.224.0/21 maxlen: 21
213.149.232.0/21 maxlen: 21
213.149.240.0/20 maxlen: 20
213.149.240.0/21 maxlen: 21
213.149.248.0/21 maxlen: 21
213.149.248.0/24 maxlen: 24
217.116.0.0/20 maxlen: 20
217.116.0.0/21 maxlen: 21
217.116.0.0/24 maxlen: 24
217.116.2.0/24 maxlen: 24
217.116.8.0/21 maxlen: 21
217.116.15.0/24 maxlen: 24
217.116.16.0/20 maxlen: 20
217.116.16.0/21 maxlen: 21
217.116.18.0/24 maxlen: 24
217.116.24.0/21 maxlen: 21
217.116.27.0/24 maxlen: 24
217.116.28.0/24 maxlen: 24
2a02:3b8::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 10 Jul 2024 08:49:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5e:2e:cd:f6:a4:f0:43:f8:58:ce:b1:26:42:25:24:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8ff71f2b1a8d62af446a92ba2bdea33f9b69ddc
Validity
Not Before: May 9 16:27:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=661deda54767c36688081b6098728554451b0c8b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:88:81:5d:23:e7:e7:c7:58:77:31:87:e8:48:
a9:0a:47:75:79:79:f4:c1:65:af:06:5a:79:d7:78:
d6:28:e8:7e:a9:ba:4f:ce:bf:05:28:57:38:85:7e:
bd:68:51:29:b0:a7:17:b1:b5:ef:b6:1b:47:f8:a8:
83:c4:99:70:5e:97:de:5a:f6:4e:8e:de:3d:18:38:
38:04:78:78:ef:a5:41:97:7c:8c:d5:9d:b8:22:13:
f9:14:16:37:42:78:99:38:a1:68:43:18:27:f7:01:
70:f5:a4:ac:48:92:ae:30:5e:8a:6e:ce:1c:8c:39:
96:8d:48:a1:86:e1:bf:10:87:6a:4d:cb:02:e5:70:
a6:aa:11:44:8d:6d:a6:46:4b:6c:2c:f6:97:a8:d7:
6b:85:d2:10:8d:47:d0:84:70:e5:7e:fe:1b:69:65:
d6:6a:7c:8a:19:84:72:99:6d:04:e2:ed:6b:e3:b2:
29:54:e3:51:23:ec:b4:f4:23:12:a4:64:29:68:fb:
74:b5:dc:fb:d6:fe:af:ce:0c:aa:5f:18:54:fd:df:
13:1b:ba:10:15:1a:15:f7:a3:e1:fe:45:a8:96:21:
cc:bc:5a:5d:ae:f1:7a:33:a2:b1:f5:85:d6:ad:82:
97:46:85:cf:ef:65:0a:a9:e1:b1:f1:68:b9:0a:68:
c1:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1D:ED:A5:47:67:C3:66:88:08:1B:60:98:72:85:54:45:1B:0C:8B
X509v3 Authority Key Identifier:
keyid:D8:FF:71:F2:B1:A8:D6:2A:F4:46:A9:2B:A2:BD:EA:33:F9:B6:9D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2P9x8rGo1ir0Rqkror3qM_m2ndw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/Zh3tpUdnw2aICBtgmHKFVEUbDIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ea71d4-4dbb-4451-b26b-3b75a567f73a/1/2P9x8rGo1ir0Rqkror3qM_m2ndw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.6.48.0/22
77.240.112.0/20
79.139.120.0/21
82.194.64.0/19
85.187.56.0/22
86.109.96.0/19
87.238.88.0/21
89.17.192.0/19
89.37.224.0/23
93.90.16.0/20
109.70.32.0/21
176.28.96.0/19
185.2.68.0/22
185.78.24.0/22
194.116.184.0/23
213.149.224.0/19
217.116.0.0/19
IPv6:
2a02:3b8::/32
Signature Algorithm: sha256WithRSAEncryption
72:cd:f4:0a:38:24:1b:5d:8f:9b:16:d1:30:8f:b3:26:81:29:
1e:17:06:14:9d:ed:7d:de:39:18:b7:06:35:53:b3:0a:a5:d1:
7b:cf:b6:dc:d9:6e:ba:60:d4:b2:41:31:79:ce:ab:9b:d7:6d:
cd:d3:3b:bc:cd:cc:99:09:a8:60:60:81:cc:53:be:54:5c:7f:
f7:60:01:e6:67:d2:cb:71:a1:22:14:32:90:d0:2c:28:0f:d8:
83:23:4f:d8:44:09:a0:09:3e:5b:3d:5d:34:04:09:0e:81:c7:
b6:c5:d1:48:fa:12:a2:eb:d1:a3:92:5c:19:ec:d8:42:2c:66:
20:d0:90:ac:ad:7d:04:7f:16:29:3a:b5:33:81:94:a3:ef:ae:
3c:38:c6:ee:d8:7c:b1:7e:58:b4:18:46:05:34:2b:ab:37:8e:
bf:26:c0:4f:7c:38:fe:a3:9a:13:b1:5a:29:e8:4d:b0:37:b5:
8b:ab:0d:bd:9e:24:bf:36:24:fd:ab:d8:a1:ec:c3:ca:ae:24:
99:4f:5a:23:d8:58:61:f1:3d:65:c0:e2:c2:1e:c9:cd:07:7b:
37:53:09:8f:4e:1f:3f:bb:ca:5d:34:55:97:3e:16:67:92:f7:
02:b1:55:58:24:00:61:73:18:2b:65:06:97:99:5c:07:96:39:
12:7e:58:33
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAY9eLs32pPBD+FjOsSZCJSSgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4ZmY3MWYyYjFhOGQ2MmFmNDQ2YTkyYmEyYmRlYTMzZjli
NjlkZGMwHhcNMjQwNTA5MTYyNzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjFkZWRhNTQ3NjdjMzY2ODgwODFiNjA5ODcyODU1NDQ1MWIwYzhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoiBXSPn58dYdzGH6EipCkd1eXn0
wWWvBlp513jWKOh+qbpPzr8FKFc4hX69aFEpsKcXsbXvthtH+KiDxJlwXpfeWvZO
jt49GDg4BHh476VBl3yM1Z24IhP5FBY3QniZOKFoQxgn9wFw9aSsSJKuMF6Kbs4c
jDmWjUihhuG/EIdqTcsC5XCmqhFEjW2mRktsLPaXqNdrhdIQjUfQhHDlfv4baWXW
anyKGYRymW0E4u1r47IpVONRI+y09CMSpGQpaPt0tdz71v6vzgyqXxhU/d8TG7oQ
FRoV96Ph/kWoliHMvFpdrvF6M6Kx9YXWrYKXRoXP72UKqeGx8Wi5CmjB5wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFGYd7aVHZ8NmiAgbYJhyhVRFGwyLMB8GA1UdIwQY
MBaAFNj/cfKxqNYq9EapK6K96jP5tp3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmIt
M2I3NWE1NjdmNzNhLzEvWmgzdHBVZG53MmFJQ0J0Z21IS0ZWRVViRElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lYTcxZDQtNGRiYi00NDUxLWIyNmItM2I3NWE1NjdmNzNh
LzEvMlA5eDhyR28xaXIwUnFrcm9yM3FNX20ybmR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAi0GMAME
BE3wcAMEA0+LeAMEBVLCQAMEAlW7OAMEBVZtYAMEA1fuWAMEBVkRwAMEAVkl4AME
BF1aEAMEA21GIAMEBbAcYAMEArkCRAMEArlOGAMEAcJ0uAMEBdWV4AMEBdl0ADAN
BAIAAjAHAwUAKgIDuDANBgkqhkiG9w0BAQsFAAOCAQEAcs30CjgkG12PmxbRMI+z
JoEpHhcGFJ3tfd45GLcGNVOzCqXRe8+23NluumDUskExec6rm9dtzdM7vM3MmQmo
YGCBzFO+VFx/92AB5mfSy3GhIhQykNAsKA/YgyNP2EQJoAk+Wz1dNAQJDoHHtsXR
SPoSouvRo5JcGezYQixmINCQrK19BH8WKTq1M4GUo++uPDjG7th8sX5YtBhGBTQr
qzeOvybAT3w4/qOaE7FaKehNsDe1i6sNvZ4kvzYk/avYoezDyq4kmU9aI9hYYfE9
ZcDiwh7JzQd7N1MJj04fP7vKXTRVlz4WZ5L3ArFVWCQAYXMYK2UGl5lcB5Y5En5Y
Mw==
-----END CERTIFICATE-----
Generated at Wed Jul 10 10:34:13 2024 by rpki-client on console-ams.rpki-client.org