Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZTiNkuA4Tni3Mq_6y5CV7igv8-k.roa
File: ZTiNkuA4Tni3Mq_6y5CV7igv8-k.roa (raw, json)
Hash identifier: n/T5UMkKyHect98qUen8/6lqb0zawHHMQtcHdmv8+IA=
Subject key identifier: 65:38:8D:92:E0:38:4E:78:B7:32:AF:FA:CB:90:95:EE:28:2F:F3:E9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0189B32CADB8CA60E13C5A1C625C3E8D219B
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZTiNkuA4Tni3Mq_6y5CV7igv8-k.roa
Signing time: Tue 01 Aug 2023 22:16:36 +0000
ROA not before: Tue 01 Aug 2023 22:16:36 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43260
IP address blocks: 5.34.208.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Oct 2023 08:37:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:b3:2c:ad:b8:ca:60:e1:3c:5a:1c:62:5c:3e:8d:21:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Aug 1 22:16:36 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=65388d92e0384e78b732affacb9095ee282ff3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7c:3e:0b:8a:40:c5:a5:85:eb:e0:1e:f7:2c:
d9:33:55:3c:d7:0c:06:f8:ae:b1:71:77:50:d4:35:
f5:b1:c6:ae:fa:e1:c2:c0:02:30:5a:15:19:48:79:
7e:c2:3d:dd:51:a2:0f:8d:89:b7:12:4d:6d:6b:ef:
48:7c:8c:e4:1f:75:52:92:fa:d0:36:3c:85:de:ed:
26:fa:48:7d:1b:36:91:bd:58:c1:40:12:c0:e0:34:
c1:83:7f:bd:70:09:0c:ef:1d:f7:9e:bd:34:c6:65:
20:2f:28:a9:32:f7:89:48:f8:83:ec:7e:db:7d:7c:
74:2b:fa:31:c2:bf:74:e8:af:d0:a7:91:dc:77:0e:
d6:f9:54:88:b8:10:f3:c9:8a:d6:ec:d0:81:92:98:
30:4d:5e:8f:99:1b:6e:76:c8:eb:38:d6:85:30:47:
4f:ee:e7:d6:6b:56:67:47:66:65:33:de:4c:ad:18:
a2:65:8f:91:90:1e:c9:61:e8:c8:64:df:88:da:63:
af:44:f4:cf:12:4c:b6:e5:0b:20:1b:6d:72:7d:42:
a0:65:ee:e5:b3:e3:60:43:b4:9d:f4:8d:8a:3a:57:
db:a4:e8:41:39:de:dd:e9:e4:01:e8:25:cd:71:ed:
77:54:ee:9e:8b:f1:9f:c8:9b:e7:e5:5b:43:db:99:
74:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:38:8D:92:E0:38:4E:78:B7:32:AF:FA:CB:90:95:EE:28:2F:F3:E9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZTiNkuA4Tni3Mq_6y5CV7igv8-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
Signature Algorithm: sha256WithRSAEncryption
2c:78:4d:39:f3:53:0e:12:c9:50:0b:df:f8:c7:bd:7f:e8:72:
a7:c9:5b:1d:90:61:8f:22:af:01:d8:d8:f2:f5:6a:c3:9d:28:
2b:d3:82:b9:19:d6:d3:0b:d3:43:c3:44:a5:a1:43:bd:a4:f9:
66:20:95:86:97:ea:94:2c:7a:90:6f:36:59:d1:0b:6a:cd:05:
63:67:45:3c:0c:5f:ab:da:91:92:51:6c:93:81:53:27:46:f9:
57:8a:01:c2:6c:35:db:d8:64:b6:87:a4:aa:7c:9b:44:bb:92:
e6:13:8e:73:0e:96:05:be:f9:be:a9:88:94:31:a2:95:2d:07:
b6:62:53:4d:9a:e3:43:8b:b7:e6:b9:ed:99:22:87:a1:21:64:
16:8d:24:23:2d:8f:02:00:21:67:24:ff:cc:08:fd:64:bc:c1:
7e:02:ad:c1:97:76:23:f0:ee:17:55:8c:52:8f:a3:5a:ea:56:
3e:9e:40:31:45:66:54:8a:ba:cc:9d:4f:5d:35:c8:85:27:18:
e7:98:80:5c:28:a7:45:32:d8:a5:e7:13:2d:34:64:2b:1b:44:
43:5e:78:86:78:42:eb:55:87:b3:4d:54:ce:40:ed:4a:f8:d4:
53:83:cf:92:f2:d3:7e:26:dc:e3:f7:5b:13:5b:f1:c6:74:42:
2a:82:d9:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYmzLK24ymDhPFocYlw+jSGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjMwODAxMjIxNjM2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM4OGQ5MmUwMzg0ZTc4YjczMmFmZmFjYjkwOTVlZTI4MmZmM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXw+C4pAxaWF6+Ae9yzZM1U81wwG
+K6xcXdQ1DX1scau+uHCwAIwWhUZSHl+wj3dUaIPjYm3Ek1ta+9IfIzkH3VSkvrQ
NjyF3u0m+kh9GzaRvVjBQBLA4DTBg3+9cAkM7x33nr00xmUgLyipMveJSPiD7H7b
fXx0K/oxwr906K/Qp5Hcdw7W+VSIuBDzyYrW7NCBkpgwTV6PmRtudsjrONaFMEdP
7ufWa1ZnR2ZlM95MrRiiZY+RkB7JYejIZN+I2mOvRPTPEky25QsgG21yfUKgZe7l
s+NgQ7Sd9I2KOlfbpOhBOd7d6eQB6CXNce13VO6ei/GfyJvn5VtD25l0+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU4jZLgOE54tzKv+suQle4oL/PpMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWlRpTmt1QTRUbmkzTXFfNnk1Q1Y3aWd2OC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDBSLQMA0G
CSqGSIb3DQEBCwUAA4IBAQAseE0581MOEslQC9/4x71/6HKnyVsdkGGPIq8B2Njy
9WrDnSgr04K5GdbTC9NDw0SloUO9pPlmIJWGl+qULHqQbzZZ0QtqzQVjZ0U8DF+r
2pGSUWyTgVMnRvlXigHCbDXb2GS2h6SqfJtEu5LmE45zDpYFvvm+qYiUMaKVLQe2
YlNNmuNDi7fmue2ZIoehIWQWjSQjLY8CACFnJP/MCP1kvMF+Aq3Bl3Yj8O4XVYxS
j6Na6lY+nkAxRWZUirrMnU9dNciFJxjnmIBcKKdFMtil5xMtNGQrG0RDXniGeELr
VYezTVTOQO1K+NRTg8+S8tN+Jtzj91sTW/HGdEIqgtkg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:17:16 2024 by rpki-client on console-ams.rpki-client.org