Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Z85ZxTqnBKg2cmc-9FWKUtH7q6c.roa
File: Z85ZxTqnBKg2cmc-9FWKUtH7q6c.roa (raw, json)
Hash identifier: Xj8Iv++Rh+t6J2sHOZj578ogJwyEDLVxnqeF678HGpM=
Subject key identifier: 67:CE:59:C5:3A:A7:04:A8:36:72:67:3E:F4:55:8A:52:D1:FB:AB:A7
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018F9B1BD9620FCEA132CF7CBCB6AC025732
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Z85ZxTqnBKg2cmc-9FWKUtH7q6c.roa
Signing time: Tue 21 May 2024 12:24:04 +0000
ROA not before: Tue 21 May 2024 12:24:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
89.251.10.0/24 maxlen: 24
103.25.86.0/23 maxlen: 24
188.253.8.0/22 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 10:12:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:1b:d9:62:0f:ce:a1:32:cf:7c:bc:b6:ac:02:57:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: May 21 12:24:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67ce59c53aa704a83672673ef4558a52d1fbaba7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5d:46:e3:65:94:3d:25:6f:0b:10:3a:c9:1f:
a3:5f:a0:e7:94:36:b8:ee:ef:12:ff:18:1f:be:b2:
91:7a:20:2f:40:27:25:02:9c:2f:18:d3:d2:8b:17:
2b:cf:ca:ee:e6:d0:16:05:56:99:00:c3:3b:57:fd:
3c:4c:82:43:14:7b:ea:bf:d5:6e:26:8b:a5:da:95:
70:81:85:0a:db:64:4f:bc:87:19:60:10:04:55:fa:
7c:52:bd:0d:f8:4e:aa:b2:3e:1a:b1:63:39:2a:96:
21:80:97:66:46:53:d8:7a:8b:34:d7:ad:9f:aa:8f:
3c:9d:f8:3d:89:cb:2f:4a:29:ff:18:63:64:ba:51:
8f:41:c0:07:55:4d:73:fc:87:18:0c:7e:e0:93:d5:
68:3c:b1:02:a5:c9:89:39:9e:2a:6d:c0:3c:ba:51:
5f:97:a9:1e:d5:42:e3:52:c1:ee:47:0b:2e:78:c1:
bd:fd:c3:12:90:a4:22:f6:b1:2d:61:c9:d5:e3:53:
00:8e:c8:a4:ca:79:0c:86:37:af:7f:7b:6f:b4:cf:
51:51:51:1c:ae:ee:02:fa:1a:29:1a:fc:ad:79:4f:
86:56:45:de:c9:34:0d:f6:b8:db:ff:73:cc:c5:c7:
01:f8:76:74:3e:f8:f0:5f:e8:a4:6b:77:6a:e6:d6:
66:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:CE:59:C5:3A:A7:04:A8:36:72:67:3E:F4:55:8A:52:D1:FB:AB:A7
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/Z85ZxTqnBKg2cmc-9FWKUtH7q6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0/22
89.251.10.0/24
103.25.86.0/23
188.253.8.0/22
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
65:c6:28:fa:cd:f7:a0:00:65:ed:d4:67:e3:fb:92:f3:a2:60:
34:88:56:ac:a3:40:77:a3:8c:85:87:5f:ac:ea:f8:b0:f2:85:
7a:e8:43:08:03:f5:c7:d6:58:c9:50:d6:50:c5:af:34:65:10:
b2:14:ce:04:63:5e:22:cf:1d:ae:2c:d0:c0:9a:e8:44:dd:c3:
ee:a6:62:7e:fa:21:dc:71:30:8c:7b:c5:19:0d:36:1a:02:80:
c9:5e:94:4d:35:57:e9:d8:88:a9:82:93:34:11:12:1c:88:0f:
84:12:84:6d:af:37:1d:6c:f3:eb:ac:4d:ed:4e:c9:5c:cc:bd:
8c:33:de:e6:15:f1:4d:05:81:ab:6f:f6:88:f5:4f:a9:43:74:
68:cd:a1:b8:6c:c2:ea:0d:16:02:08:07:b4:19:2a:c6:b5:44:
57:33:56:99:30:76:11:ee:33:b2:8b:ed:38:8f:5f:d9:6a:0c:
5c:a2:80:73:c9:d5:1a:0e:d3:23:51:af:01:ef:e7:63:12:c0:
4a:c9:51:fe:91:44:88:cd:01:3c:d2:96:97:bf:94:6a:86:4c:
0e:85:44:4f:4a:fa:5f:e8:d6:07:c5:0e:17:2c:5d:6f:43:d5:
d3:1c:65:72:5c:f2:99:7f:49:bf:19:b0:36:ac:8e:99:42:e5:
18:1c:ec:c0
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY+bG9liD86hMs98vLasAlcyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwNTIxMTIyNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2NlNTljNTNhYTcwNGE4MzY3MjY3M2VmNDU1OGE1MmQxZmJhYmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl1G42WUPSVvCxA6yR+jX6DnlDa4
7u8S/xgfvrKReiAvQCclApwvGNPSixcrz8ru5tAWBVaZAMM7V/08TIJDFHvqv9Vu
Joul2pVwgYUK22RPvIcZYBAEVfp8Ur0N+E6qsj4asWM5KpYhgJdmRlPYeos0162f
qo88nfg9icsvSin/GGNkulGPQcAHVU1z/IcYDH7gk9VoPLECpcmJOZ4qbcA8ulFf
l6ke1ULjUsHuRwsueMG9/cMSkKQi9rEtYcnV41MAjsikynkMhjevf3tvtM9RUVEc
ru4C+hopGvyteU+GVkXeyTQN9rjb/3PMxccB+HZ0PvjwX+ika3dq5tZmUwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGfOWcU6pwSoNnJnPvRVilLR+6unMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWjg1WnhUcW5CS2cyY21jLTlGV0tVdEg3cTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDBSLQAwQC
UnMEAwQAWfsKAwQBZxlWAwQCvP0IAwQByoVaAwQC1a0gMA0GCSqGSIb3DQEBCwUA
A4IBAQBlxij6zfegAGXt1Gfj+5LzomA0iFaso0B3o4yFh1+s6viw8oV66EMIA/XH
1ljJUNZQxa80ZRCyFM4EY14izx2uLNDAmuhE3cPupmJ++iHccTCMe8UZDTYaAoDJ
XpRNNVfp2IipgpM0ERIciA+EEoRtrzcdbPPrrE3tTslczL2MM97mFfFNBYGrb/aI
9U+pQ3RozaG4bMLqDRYCCAe0GSrGtURXM1aZMHYR7jOyi+04j1/ZagxcooBzydUa
DtMjUa8B7+djEsBKyVH+kUSIzQE80paXv5RqhkwOhURPSvpf6NYHxQ4XLF1vQ9XT
HGVyXPKZf0m/GbA2rI6ZQuUYHOzA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org