Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z_Uh6yOz6j1pJiIdC1lmn1XudX4.roa
File: z_Uh6yOz6j1pJiIdC1lmn1XudX4.roa (raw, json)
Hash identifier: 7zUiBpfV2AgwI2byI+2cVJ9XGSQkymxoF+NAmJui3Os=
Subject key identifier: CF:F5:21:EB:23:B3:EA:3D:69:26:22:1D:0B:59:66:9F:55:EE:75:7E
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018DE5B088F1CF870EE148E3628328B0D07E
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z_Uh6yOz6j1pJiIdC1lmn1XudX4.roa
Signing time: Mon 26 Feb 2024 13:52:48 +0000
ROA not before: Mon 26 Feb 2024 13:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38136
IP address blocks: 5.34.216.0/21 maxlen: 24
5.226.48.0/22 maxlen: 24
45.137.180.0/22 maxlen: 24
178.236.36.0/22 maxlen: 24
185.36.192.0/22 maxlen: 24
185.220.236.0/22 maxlen: 24
185.248.184.0/22 maxlen: 24
188.253.4.0/22 maxlen: 24
212.87.192.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 05:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:b0:88:f1:cf:87:0e:e1:48:e3:62:83:28:b0:d0:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Feb 26 13:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cff521eb23b3ea3d6926221d0b59669f55ee757e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5d:a6:3a:59:e5:93:31:06:89:6b:4d:bb:d2:
d7:a8:33:c2:c7:45:d2:86:9c:4a:5d:ce:7a:fd:59:
9d:1b:55:d4:d3:87:1f:7d:bd:8e:28:b6:84:6b:c1:
b3:1b:d6:48:ba:31:ee:73:94:36:29:c6:a9:c1:76:
8c:16:a3:cf:69:2f:8b:d4:17:13:79:39:a1:71:f0:
c8:fb:63:f3:3f:e2:29:ec:44:fd:a1:ad:38:08:aa:
b5:22:c6:51:e6:65:8c:34:44:f6:c0:b8:a3:00:a0:
db:b8:f3:09:4d:c4:a7:4b:f8:c7:fd:d9:d5:27:da:
b7:f5:ed:77:45:bc:cf:af:06:ee:07:de:b1:01:51:
cb:0e:8d:22:e7:20:37:e3:bf:93:3b:02:e1:35:c6:
27:69:62:e9:22:55:dd:b1:b4:3e:e9:fb:c3:28:58:
ab:82:be:50:b8:2f:8d:8a:b8:63:27:52:a3:00:3d:
29:2f:c1:41:2c:4a:17:c1:94:82:58:7a:f5:5a:47:
5e:07:d0:cd:d6:95:3c:7f:18:08:30:b0:f7:a9:d4:
9b:7c:61:29:d5:56:82:f2:42:75:f8:70:c8:ce:64:
98:bc:ce:2e:6f:88:59:0d:71:f6:8d:25:7d:08:1a:
05:18:1a:ea:a0:bd:9d:61:d0:77:79:c7:fa:1b:16:
f8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:F5:21:EB:23:B3:EA:3D:69:26:22:1D:0B:59:66:9F:55:EE:75:7E
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/z_Uh6yOz6j1pJiIdC1lmn1XudX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.216.0/21
5.226.48.0/22
45.137.180.0/22
178.236.36.0/22
185.36.192.0/22
185.220.236.0/22
185.248.184.0/22
188.253.4.0/22
212.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:db:1c:ab:16:b8:7e:33:fc:6b:9e:3d:50:1b:59:8d:5a:30:
2f:b0:f2:8d:17:41:82:92:d9:8e:78:88:c8:a8:9f:21:04:eb:
98:06:0a:95:c1:9a:f6:84:62:ec:00:27:09:3e:25:48:4f:1d:
43:62:8d:6c:35:99:45:22:20:c3:b8:6d:c0:a8:8f:91:76:77:
d8:9a:c5:bf:ec:15:0a:17:05:c6:82:86:75:5d:63:f4:ae:8c:
dd:a6:06:45:9e:df:ec:44:d9:a5:f1:90:4f:4f:2f:c6:d1:71:
e2:b1:c6:59:66:42:66:ce:5d:f7:ec:c4:a4:d8:cb:95:20:80:
53:fd:c3:43:53:fe:19:af:c0:90:91:f3:63:f2:78:0f:f6:8b:
a3:9f:16:d1:f6:52:4a:06:f9:dc:7c:d3:6a:99:11:ee:3c:9c:
fb:0a:56:a7:19:18:b5:47:a0:d4:eb:7b:16:80:25:3f:3d:dc:
b5:22:46:69:b5:33:ee:bc:51:0e:14:4b:ea:a8:21:bb:a1:8e:
b7:f6:49:2a:d1:d5:95:c0:8a:e1:38:ac:ac:88:3c:6f:3b:21:
0a:1f:75:85:46:9e:4e:48:91:4e:b9:7e:fb:80:da:f4:a8:95:
fe:3c:5b:96:d2:7b:65:4c:32:be:22:83:19:8d:14:9d:57:9c:
df:e4:fb:93
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAY3lsIjxz4cO4UjjYoMosNB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMjI2MTM1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmY1MjFlYjIzYjNlYTNkNjkyNjIyMWQwYjU5NjY5ZjU1ZWU3NTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgF2mOlnlkzEGiWtNu9LXqDPCx0XS
hpxKXc56/VmdG1XU04cffb2OKLaEa8GzG9ZIujHuc5Q2KcapwXaMFqPPaS+L1BcT
eTmhcfDI+2PzP+Ip7ET9oa04CKq1IsZR5mWMNET2wLijAKDbuPMJTcSnS/jH/dnV
J9q39e13RbzPrwbuB96xAVHLDo0i5yA347+TOwLhNcYnaWLpIlXdsbQ+6fvDKFir
gr5QuC+NirhjJ1KjAD0pL8FBLEoXwZSCWHr1WkdeB9DN1pU8fxgIMLD3qdSbfGEp
1VaC8kJ1+HDIzmSYvM4ub4hZDXH2jSV9CBoFGBrqoL2dYdB3ecf6Gxb4rQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFM/1Iesjs+o9aSYiHQtZZp9V7nV+MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvel9VaDZ5T3o2ajFwSmlJZEMxbG1uMVh1ZFg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDBSLYAwQC
BeIwAwQCLYm0AwQCsuwkAwQCuSTAAwQCudzsAwQCufi4AwQCvP0EAwQC1FfAMA0G
CSqGSIb3DQEBCwUAA4IBAQBv2xyrFrh+M/xrnj1QG1mNWjAvsPKNF0GCktmOeIjI
qJ8hBOuYBgqVwZr2hGLsACcJPiVITx1DYo1sNZlFIiDDuG3AqI+RdnfYmsW/7BUK
FwXGgoZ1XWP0rozdpgZFnt/sRNml8ZBPTy/G0XHiscZZZkJmzl337MSk2MuVIIBT
/cNDU/4Zr8CQkfNj8ngP9oujnxbR9lJKBvncfNNqmRHuPJz7ClanGRi1R6DU63sW
gCU/Pdy1IkZptTPuvFEOFEvqqCG7oY639kkq0dWVwIrhOKysiDxvOyEKH3WFRp5O
SJFOuX77gNr0qJX+PFuW0ntlTDK+IoMZjRSdV5zf5PuT
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:35 2024 by rpki-client on console-fra.rpki-client.org