Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/L_ZO9-CdBEekKrCvBjYEuU1X-tY.roa
File: L_ZO9-CdBEekKrCvBjYEuU1X-tY.roa (raw, json)
Hash identifier: 6PASJPaWE8w8IyrgGrlIbUv9ebQzSxHhWFhsZCRjfMY=
Subject key identifier: 2F:F6:4E:F7:E0:9D:04:47:A4:2A:B0:AF:06:36:04:B9:4D:57:FA:D6
Certificate issuer: /CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Certificate serial: 018C57EBCED165687D39BA4F652725C52922
Authority key identifier: 57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/L_ZO9-CdBEekKrCvBjYEuU1X-tY.roa
Signing time: Mon 11 Dec 2023 08:08:40 +0000
ROA not before: Mon 11 Dec 2023 08:08:40 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211261
IP address blocks: 185.210.192.0/24 maxlen: 24
185.210.195.0/24 maxlen: 24
185.210.193.0/24 maxlen: 24
91.210.126.0/24 maxlen: 24
5.253.157.0/24 maxlen: 24
5.253.156.0/24 maxlen: 24
5.253.159.0/24 maxlen: 24
185.146.67.0/24 maxlen: 24
185.204.201.0/24 maxlen: 24
185.204.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 01 Jan 2024 18:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:57:eb:ce:d1:65:68:7d:39:ba:4f:65:27:25:c5:29:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=577021dcdf44b6afdd3810547c55a79bd1a9fa3b
Validity
Not Before: Dec 11 08:08:40 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2ff64ef7e09d0447a42ab0af063604b94d57fad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:94:b7:3f:ff:58:a4:ef:a7:a5:23:df:80:8d:
1f:74:c7:bf:48:a1:62:62:8d:08:28:f6:75:f5:86:
15:57:29:93:fc:c9:df:e2:60:a1:aa:cf:ef:3f:06:
5f:8b:44:25:f2:42:c8:80:80:52:7c:db:32:27:90:
37:ed:c9:e1:d1:13:2c:df:26:14:43:32:68:b9:2d:
7e:fe:0a:af:e5:c0:2f:0e:89:1d:ee:db:81:d8:a2:
7f:0e:2d:f5:33:f7:b2:fa:e8:0b:5e:d3:79:64:8d:
86:4b:b1:df:2c:9d:89:0d:5c:42:dc:76:5f:df:2f:
3b:2e:0b:27:ed:c6:05:a6:14:33:28:15:bc:6c:8a:
ba:80:6f:c4:18:5c:76:e9:b1:66:71:fd:59:9d:72:
75:04:c8:5e:8a:38:d7:f2:fb:66:57:b9:63:0f:57:
ce:b7:a7:d1:ec:0f:49:0f:a7:69:eb:c5:e4:4c:5c:
9e:84:e0:3c:f9:65:02:af:6e:de:74:18:cf:7d:8a:
1e:27:4b:64:b4:7d:31:76:1b:0f:04:72:86:6a:0f:
9f:7b:71:3e:ad:49:e8:a0:4f:73:63:ce:fd:3e:49:
ed:0f:26:37:75:69:c6:3e:a1:9c:16:19:22:ff:36:
88:d2:d1:7b:75:5f:ff:b1:25:ff:59:b6:d2:a1:ee:
dd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F6:4E:F7:E0:9D:04:47:A4:2A:B0:AF:06:36:04:B9:4D:57:FA:D6
X509v3 Authority Key Identifier:
keyid:57:70:21:DC:DF:44:B6:AF:DD:38:10:54:7C:55:A7:9B:D1:A9:FA:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/L_ZO9-CdBEekKrCvBjYEuU1X-tY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/0ac27a-2159-48d7-8bfd-c907ae1c211e/1/V3Ah3N9Etq_dOBBUfFWnm9Gp-js.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.156.0/23
5.253.159.0/24
91.210.126.0/24
185.146.67.0/24
185.204.200.0/23
185.210.192.0/23
185.210.195.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:1e:b5:73:3b:a6:2a:89:d9:3c:a4:4f:94:66:16:39:40:1f:
86:e5:b0:2b:46:d4:9f:b8:8b:90:57:f7:04:a6:6a:cc:63:5f:
22:e0:ab:e3:b1:07:cc:cd:07:ec:70:3e:ea:88:b8:96:c7:8f:
91:d2:dd:ae:70:5b:28:df:41:2f:8f:3a:d7:a0:2d:de:dc:18:
9f:0a:93:2a:c2:df:ec:d0:9b:72:12:cf:d4:55:c5:66:07:e4:
b3:3f:c7:7b:30:e8:c6:74:fa:e4:36:fb:bd:a0:53:d6:a5:4e:
9b:82:ac:be:83:f7:51:07:8d:79:40:eb:13:39:b8:a4:c5:89:
f2:69:44:1f:fc:af:80:7c:85:e0:31:30:fc:e8:a8:09:60:fe:
bf:59:41:3c:ec:ed:c1:7e:0a:8e:6c:0e:98:bf:5d:9b:14:ec:
ad:13:f9:de:ad:69:c3:36:24:66:6f:69:f4:9c:25:d8:e2:d2:
b0:c4:6e:cd:ad:c1:f2:f2:2b:48:89:92:01:90:66:5d:bf:7b:
20:e1:13:a2:de:20:2b:a5:72:52:fb:9d:de:7b:e0:87:8e:76:
9b:66:45:ca:be:79:f5:55:e9:76:e1:49:da:e0:5c:ef:bb:cd:
cf:32:eb:12:6d:84:44:02:c8:66:ea:aa:65:00:6f:0a:29:e3:
1a:03:af:df
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYxX687RZWh9ObpPZSclxSkiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NzAyMWRjZGY0NGI2YWZkZDM4MTA1NDdjNTVhNzliZDFh
OWZhM2IwHhcNMjMxMjExMDgwODQwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmY2NGVmN2UwOWQwNDQ3YTQyYWIwYWYwNjM2MDRiOTRkNTdmYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgpS3P/9YpO+npSPfgI0fdMe/SKFi
Yo0IKPZ19YYVVymT/Mnf4mChqs/vPwZfi0Ql8kLIgIBSfNsyJ5A37cnh0RMs3yYU
QzJouS1+/gqv5cAvDokd7tuB2KJ/Di31M/ey+ugLXtN5ZI2GS7HfLJ2JDVxC3HZf
3y87Lgsn7cYFphQzKBW8bIq6gG/EGFx26bFmcf1ZnXJ1BMheijjX8vtmV7ljD1fO
t6fR7A9JD6dp68XkTFyehOA8+WUCr27edBjPfYoeJ0tktH0xdhsPBHKGag+fe3E+
rUnooE9zY879PkntDyY3dWnGPqGcFhki/zaI0tF7dV//sSX/WbbSoe7dqwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFC/2TvfgnQRHpCqwrwY2BLlNV/rWMB8GA1UdIwQY
MBaAFFdwIdzfRLav3TgQVHxVp5vRqfo7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQt
YzkwN2FlMWMyMTFlLzEvTF9aTzktQ2RCRWVrS3JDdkJqWUV1VTFYLXRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS8wYWMyN2EtMjE1OS00OGQ3LThiZmQtYzkwN2FlMWMyMTFl
LzEvVjNBaDNOOUV0cV9kT0JCVWZGV25tOUdwLWpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBBf2cAwQA
Bf2fAwQAW9J+AwQAuZJDAwQBuczIAwQBudLAAwQAudLDMA0GCSqGSIb3DQEBCwUA
A4IBAQDBHrVzO6Yqidk8pE+UZhY5QB+G5bArRtSfuIuQV/cEpmrMY18i4KvjsQfM
zQfscD7qiLiWx4+R0t2ucFso30EvjzrXoC3e3BifCpMqwt/s0JtyEs/UVcVmB+Sz
P8d7MOjGdPrkNvu9oFPWpU6bgqy+g/dRB415QOsTObikxYnyaUQf/K+AfIXgMTD8
6KgJYP6/WUE87O3BfgqObA6Yv12bFOytE/nerWnDNiRmb2n0nCXY4tKwxG7NrcHy
8itIiZIBkGZdv3sg4ROi3iArpXJS+53ee+CHjnabZkXKvnn1Vel24Una4Fzvu83P
MusSbYREAshm6qplAG8KKeMaA6/f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:15 2024 by rpki-client on console-fra.rpki-client.org