Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0ZWQ5mcmn-EduzMjBN9ZWaDFrjs.roa
File: 0ZWQ5mcmn-EduzMjBN9ZWaDFrjs.roa (raw, json)
Hash identifier: z6lzmq8R4lDdUyvarAkLy4iAq7KQTLlZ/uJXInbuyso=
Subject key identifier: D1:95:90:E6:67:26:9F:E1:1D:BB:33:23:04:DF:59:59:A0:C5:AE:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019258B5372723E2337B990F5B6E63F88218
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0ZWQ5mcmn-EduzMjBN9ZWaDFrjs.roa
Signing time: Fri 04 Oct 2024 18:05:23 +0000
ROA not before: Fri 04 Oct 2024 18:05:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 81.168.96.0/24 maxlen: 24
82.153.51.0/24 maxlen: 24
82.153.148.0/24 maxlen: 24
82.163.15.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.63.0/24 maxlen: 24
89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
109.176.242.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 04 Nov 2024 11:08:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:b5:37:27:23:e2:33:7b:99:0f:5b:6e:63:f8:82:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 4 18:05:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d19590e667269fe11dbb332304df5959a0c5ae3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e7:05:a5:39:1b:19:9a:39:97:5e:2a:d6:2b:
71:28:14:5d:89:c5:48:48:41:ce:8c:08:f3:a1:80:
3e:98:79:1b:c3:b5:c5:3a:d7:fc:a3:94:17:58:b9:
92:ce:61:a2:1e:25:86:5a:19:7a:37:d6:6f:9e:2f:
f8:f7:5c:79:f5:50:e3:dc:15:c9:25:75:9b:8c:26:
95:28:2e:80:73:d4:cd:c7:ce:5d:e0:14:8d:a5:61:
ff:b7:2d:31:5b:38:cf:4a:c0:80:d1:9d:69:16:c8:
c5:f1:7a:51:2b:56:ae:2b:a9:d5:5b:4a:fb:e0:10:
e8:db:48:0c:2d:71:45:bb:77:60:bb:33:69:e3:fc:
84:83:35:22:51:d6:c1:4b:35:9b:98:c1:da:73:8f:
39:cb:f1:98:49:9e:44:49:a7:b6:f5:83:82:4d:66:
38:9e:ed:3c:ee:41:57:e5:d1:e9:6d:fd:62:b2:70:
f4:c5:c5:f1:f9:c6:9d:68:9e:97:78:d7:b7:b7:4b:
43:f3:27:23:02:a9:90:da:c5:fe:e8:b0:29:e2:b4:
2a:b3:90:d9:bf:08:33:54:10:96:77:b2:20:6b:a9:
fd:1c:91:41:ee:58:d4:b8:ac:b7:6f:12:ce:74:47:
73:9e:2e:00:cd:d9:9e:a4:78:c1:25:9c:e7:15:e3:
c5:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:95:90:E6:67:26:9F:E1:1D:BB:33:23:04:DF:59:59:A0:C5:AE:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0ZWQ5mcmn-EduzMjBN9ZWaDFrjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.96.0/24
82.153.51.0/24
82.153.148.0/24
82.163.15.0/24
89.213.6.0/24
89.213.63.0/24
89.213.107.0/24
89.213.112.0/23
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
109.176.242.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
06:fe:2d:e7:92:ec:6b:23:89:36:8f:a0:b3:e4:d2:90:d0:de:
64:21:73:7a:78:b1:68:41:72:64:2e:bc:95:76:aa:d4:4a:f1:
fd:80:2e:54:df:12:9e:25:95:fc:db:6c:bd:7b:d6:9c:13:b1:
c4:a4:2c:b3:77:2b:a5:b3:e3:02:db:5c:ad:81:4f:c3:ad:67:
79:3a:bf:7a:f3:ae:d5:ab:b0:af:a5:c2:c4:e0:20:a2:6d:e1:
bb:6f:3e:9d:15:f4:65:24:68:60:85:e4:60:71:80:e3:77:16:
40:99:da:da:07:f8:9c:d5:0d:f1:07:d4:66:af:d6:8d:28:5c:
4c:0b:08:0f:17:ac:a3:12:ae:3d:1b:b3:c9:aa:5e:fb:14:02:
ac:4c:3b:7b:94:06:9a:e0:e3:fa:51:e4:eb:e7:28:f2:e2:78:
92:1a:22:a3:06:d8:27:ef:a2:05:cf:57:1e:ea:56:92:5a:6e:
5b:7b:e3:39:2b:fa:e3:92:b2:99:7a:7a:2e:65:15:3a:75:32:
db:b8:c2:96:ae:23:c2:06:3f:3a:d4:23:f7:0b:2d:ef:05:16:
01:d5:f9:42:d2:ab:69:d9:c5:d6:7d:12:ac:3a:b0:55:54:fd:
c1:9b:28:43:39:5a:1b:1a:f2:91:96:db:76:ae:e5:f6:c6:89:
dd:83:93:ba
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZJYtTcnI+Ize5kPW25j+IIYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDA0MTgwNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTk1OTBlNjY3MjY5ZmUxMWRiYjMzMjMwNGRmNTk1OWEwYzVhZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+cFpTkbGZo5l14q1itxKBRdicVI
SEHOjAjzoYA+mHkbw7XFOtf8o5QXWLmSzmGiHiWGWhl6N9Zvni/491x59VDj3BXJ
JXWbjCaVKC6Ac9TNx85d4BSNpWH/ty0xWzjPSsCA0Z1pFsjF8XpRK1auK6nVW0r7
4BDo20gMLXFFu3dguzNp4/yEgzUiUdbBSzWbmMHac485y/GYSZ5ESae29YOCTWY4
nu087kFX5dHpbf1isnD0xcXx+cadaJ6XeNe3t0tD8ycjAqmQ2sX+6LAp4rQqs5DZ
vwgzVBCWd7Iga6n9HJFB7ljUuKy3bxLOdEdzni4AzdmepHjBJZznFePFbwIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFNGVkOZnJp/hHbszIwTfWVmgxa47MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMFpXUTVtY21uLUVkdXpNakJOOVpXYURGcmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQAUahgAwQA
UpkzAwQAUpmUAwQAUqMPAwQAWdUGAwQAWdU/AwQAWdVrAwQBWdVwAwQAWdV0AwQA
WdV5AwQAWdWdAwQAWdXjAwQAbbDyAwQA1YKJMAwDBAPVgpgDBADVgpowDQYJKoZI
hvcNAQELBQADggEBAAb+LeeS7GsjiTaPoLPk0pDQ3mQhc3p4sWhBcmQuvJV2qtRK
8f2ALlTfEp4llfzbbL171pwTscSkLLN3K6Wz4wLbXK2BT8OtZ3k6v3rzrtWrsK+l
wsTgIKJt4btvPp0V9GUkaGCF5GBxgON3FkCZ2toH+JzVDfEH1Gav1o0oXEwLCA8X
rKMSrj0bs8mqXvsUAqxMO3uUBprg4/pR5OvnKPLieJIaIqMG2CfvogXPVx7qVpJa
blt74zkr+uOSspl6ei5lFTp1Mtu4wpauI8IGPzrUI/cLLe8FFgHV+ULSq2nZxdZ9
Eqw6sFVU/cGbKEM5Whsa8pGW23au5fbGid2Dk7o=
-----END CERTIFICATE-----
Generated at Tue Apr 29 21:00:58 2025 by rpki-client