Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZjDUytPkHiI32_WXrXz0sIaUXBY.roa
File: ZjDUytPkHiI32_WXrXz0sIaUXBY.roa (raw, json)
Hash identifier: CAr00Gv1wR9ZvZnzg764L5ZaGcpnCn8HxCok7IWaUcA=
Subject key identifier: 66:30:D4:CA:D3:E4:1E:22:37:DB:F5:97:AD:7C:F4:B0:86:94:5C:16
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01928D96A06674CF8DEF96556A5454AF5E3A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZjDUytPkHiI32_WXrXz0sIaUXBY.roa
Signing time: Tue 15 Oct 2024 00:31:51 +0000
ROA not before: Tue 15 Oct 2024 00:31:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
188.253.16.0/21 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Oct 2024 06:24:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8d:96:a0:66:74:cf:8d:ef:96:55:6a:54:54:af:5e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 15 00:31:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6630d4cad3e41e2237dbf597ad7cf4b086945c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:73:a1:8e:4a:9d:54:27:a5:6b:c2:05:cc:ea:
6e:ab:8d:93:b2:cb:08:d2:c3:8e:5b:f3:33:b9:5a:
98:10:02:eb:ae:21:3d:eb:b8:38:f5:f1:a1:f1:72:
e2:4c:dd:d8:03:7b:6d:c7:43:14:e9:b8:b2:cb:c7:
57:82:ae:ad:df:00:7b:57:fc:ed:d9:db:4f:76:f3:
de:aa:ff:a4:ee:f6:64:94:30:aa:96:d4:08:33:97:
1b:f8:22:3f:47:30:bc:99:8a:18:aa:68:71:b3:3a:
aa:ab:c4:d1:d0:de:4e:78:28:0d:94:8a:8e:24:ec:
c5:39:f9:03:d2:97:5d:5d:ba:51:97:f4:37:80:90:
b3:8e:c8:1a:20:b1:5c:f9:6c:4e:8a:57:d6:62:a4:
dd:ac:28:cb:d3:c5:23:7f:7d:c2:9b:1c:e8:14:d4:
e2:14:41:c5:a3:cf:a1:c2:af:ec:39:e2:d3:50:4b:
49:04:b1:15:95:bf:b8:9e:43:95:80:96:75:98:84:
7e:ef:22:cf:69:b1:e7:b1:29:80:40:9b:f4:54:24:
c1:b1:2a:7a:95:93:d1:81:64:b3:e0:ad:70:39:61:
2f:0c:2b:1c:43:c9:3e:2c:bc:d5:f0:e1:b8:7b:06:
9e:28:0b:5c:81:05:53:80:46:3d:c1:bf:0d:1b:7f:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:30:D4:CA:D3:E4:1E:22:37:DB:F5:97:AD:7C:F4:B0:86:94:5C:16
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZjDUytPkHiI32_WXrXz0sIaUXBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0/22
188.253.16.0/21
Signature Algorithm: sha256WithRSAEncryption
d5:bc:e4:4f:7e:78:a2:84:b4:9a:41:ff:16:fb:ea:f7:6c:c7:
70:7f:d4:6a:17:e0:59:6a:64:d5:0a:a3:ab:61:cd:ee:a3:2a:
2b:b0:98:5f:b8:48:8e:18:6e:a9:94:56:ab:b8:e0:8b:a9:b6:
b5:b5:d0:76:5b:f9:59:be:ac:3f:9d:4d:f8:51:38:1e:08:18:
a8:17:71:00:46:99:08:4e:68:0e:82:68:11:de:67:59:2b:31:
bb:13:37:aa:bc:12:ce:09:2e:bf:6c:a8:a0:c1:84:27:65:6e:
9c:69:27:fa:fb:b9:16:f7:a6:4b:1b:da:67:a2:45:8b:91:0c:
83:fa:d5:90:32:99:77:64:8b:b9:a3:f4:fb:a4:e2:9c:70:b7:
3f:87:ed:21:dd:3b:14:36:aa:6f:86:27:9d:82:d1:83:26:f3:
f6:4a:b3:0a:ae:39:f1:51:05:bc:7d:3a:e1:60:8f:c4:06:95:
31:f8:24:9e:de:50:5c:f7:90:e7:e8:1e:21:5c:aa:68:68:28:
27:a0:a3:5e:83:bc:0e:ba:93:b9:73:fa:e9:43:5b:66:5c:bc:
dc:e6:a9:67:78:53:35:42:b9:e6:9b:49:14:d5:9a:f1:d0:8b:
80:49:6d:28:0a:4d:8f:40:81:3d:26:67:7b:97:83:df:70:65:
bf:fa:9d:ce
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKNlqBmdM+N75ZValRUr146MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMDE1MDAzMTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjMwZDRjYWQzZTQxZTIyMzdkYmY1OTdhZDdjZjRiMDg2OTQ1YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXOhjkqdVCela8IFzOpuq42TsssI
0sOOW/MzuVqYEALrriE967g49fGh8XLiTN3YA3ttx0MU6biyy8dXgq6t3wB7V/zt
2dtPdvPeqv+k7vZklDCqltQIM5cb+CI/RzC8mYoYqmhxszqqq8TR0N5OeCgNlIqO
JOzFOfkD0pddXbpRl/Q3gJCzjsgaILFc+WxOilfWYqTdrCjL08Ujf33CmxzoFNTi
FEHFo8+hwq/sOeLTUEtJBLEVlb+4nkOVgJZ1mIR+7yLPabHnsSmAQJv0VCTBsSp6
lZPRgWSz4K1wOWEvDCscQ8k+LLzV8OG4ewaeKAtcgQVTgEY9wb8NG3+GvQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGYw1MrT5B4iN9v1l6189LCGlFwWMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWmpEVXl0UGtIaUkzMl9XWHJYejBzSWFVWEJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDBSLQAwQC
UnMEAwQDvP0QMA0GCSqGSIb3DQEBCwUAA4IBAQDVvORPfniihLSaQf8W++r3bMdw
f9RqF+BZamTVCqOrYc3uoyorsJhfuEiOGG6plFaruOCLqba1tdB2W/lZvqw/nU34
UTgeCBioF3EARpkITmgOgmgR3mdZKzG7EzeqvBLOCS6/bKigwYQnZW6caSf6+7kW
96ZLG9pnokWLkQyD+tWQMpl3ZIu5o/T7pOKccLc/h+0h3TsUNqpvhiedgtGDJvP2
SrMKrjnxUQW8fTrhYI/EBpUx+CSe3lBc95Dn6B4hXKpoaCgnoKNeg7wOupO5c/rp
Q1tmXLzc5qlneFM1Qrnmm0kU1Zrx0IuASW0oCk2PQIE9Jmd7l4PfcGW/+p3O
-----END CERTIFICATE-----
Generated at Tue Oct 15 07:36:29 2024 by rpki-client on console-ams.rpki-client.org