Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/rzJbRASbIFOfDNHGYCr3edXyScQ.roa
File: rzJbRASbIFOfDNHGYCr3edXyScQ.roa (raw, json)
Hash identifier: bxwQBLkSvY3Pq/TDncfhT+J53rbRzSDX1Ul6K7xvWC4=
Subject key identifier: AF:32:5B:44:04:9B:20:53:9F:0C:D1:C6:60:2A:F7:79:D5:F2:49:C4
Certificate issuer: /CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Certificate serial: 01856EB8FC5A98EAD57D95AB392C4B38E51E
Authority key identifier: 13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/rzJbRASbIFOfDNHGYCr3edXyScQ.roa
Signing time: Sun 01 Jan 2023 19:04:55 +0000
ROA not before: Sun 01 Jan 2023 19:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202140
IP address blocks: 91.236.153.0/24 maxlen: 24
185.51.218.0/24 maxlen: 24
185.51.216.0/24 maxlen: 24
185.51.219.0/24 maxlen: 24
185.51.216.0/22 maxlen: 22
185.51.217.0/24 maxlen: 24
2a00:6760::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:b8:fc:5a:98:ea:d5:7d:95:ab:39:2c:4b:38:e5:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1360d57284bf127c28140e04b26a8f3e8bdef179
Validity
Not Before: Jan 1 19:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af325b44049b20539f0cd1c6602af779d5f249c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a2:44:ea:93:bc:8a:26:2b:01:fe:a0:45:a9:
88:3a:5b:8e:5d:c3:61:9f:88:b6:85:a9:a3:9e:f1:
82:61:3e:b3:98:36:88:8a:83:21:f7:e6:fc:35:8e:
c2:3d:da:77:18:2b:5e:4a:a7:b0:55:93:c3:2c:db:
75:e8:16:93:8e:49:30:f2:ba:50:cb:c0:58:5c:30:
a2:e7:08:63:f2:d1:df:ae:61:12:01:26:66:4e:46:
29:05:10:17:26:7e:ac:9a:aa:42:97:91:54:50:7b:
b5:c3:53:92:2b:a9:2f:26:7c:a9:a4:0e:71:62:b3:
c9:ea:60:a2:27:1b:38:e7:b5:a7:76:fb:9c:16:31:
3e:eb:81:a7:06:11:d7:88:1d:b6:f3:83:81:35:39:
46:62:51:d8:2d:8f:1e:8b:5d:94:af:21:80:5e:1f:
27:8e:93:87:e8:0d:b3:1a:d3:e2:d9:09:67:c1:6a:
18:32:cf:d1:32:b8:2d:bd:2f:44:87:53:6b:e1:05:
9d:fb:75:83:f2:aa:44:b1:48:c8:b3:75:8d:6a:a1:
57:4a:cf:70:ff:b3:30:15:ba:68:71:d8:1a:3e:ee:
83:02:43:df:56:ff:3a:b0:b9:07:66:03:d8:b0:df:
98:bc:1e:e0:c7:34:7c:d6:ce:38:53:d3:0f:e2:0f:
55:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:32:5B:44:04:9B:20:53:9F:0C:D1:C6:60:2A:F7:79:D5:F2:49:C4
X509v3 Authority Key Identifier:
keyid:13:60:D5:72:84:BF:12:7C:28:14:0E:04:B2:6A:8F:3E:8B:DE:F1:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E2DVcoS_EnwoFA4EsmqPPove8Xk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/rzJbRASbIFOfDNHGYCr3edXyScQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/5c5821-f342-477a-9eb8-acc2879f9f2e/1/E2DVcoS_EnwoFA4EsmqPPove8Xk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.236.153.0/24
185.51.216.0/22
IPv6:
2a00:6760::/32
Signature Algorithm: sha256WithRSAEncryption
77:5b:d3:c0:f5:3e:77:0f:aa:c2:0d:7c:5a:98:49:8e:39:6a:
ed:2b:6c:80:62:04:ee:ca:27:6b:09:ce:ef:39:52:4f:94:05:
67:6a:cb:82:3a:d4:3b:22:4f:ce:86:34:9c:8b:e1:5f:5f:ef:
b0:23:59:13:28:fe:f7:94:d0:4c:71:25:af:a4:13:88:ba:43:
95:72:fc:f7:fe:41:d1:4b:30:57:d9:e6:ea:bb:e6:c9:63:70:
28:5e:fb:b0:66:74:d3:1f:e0:c8:ae:b4:05:0b:14:96:2f:10:
29:f3:0e:d2:7e:a5:09:28:bb:c8:f9:d2:63:63:c9:9c:15:2f:
32:be:88:06:ac:33:62:04:f5:7b:fc:7f:be:5e:1e:78:86:57:
3a:70:27:cd:b5:15:ef:ff:12:7f:cc:0a:f6:05:6d:2b:71:ac:
99:69:20:61:27:3a:62:d9:7f:d5:14:2b:30:7b:37:eb:7f:9f:
4c:7c:cc:67:8b:7f:70:0a:be:d2:9f:6d:c1:ec:6f:b1:6d:02:
7c:83:37:94:70:e0:53:9a:1f:eb:d6:9a:f1:43:99:0d:15:e5:
b6:02:3c:2c:18:49:12:69:ff:cc:4b:65:9a:49:74:24:cf:75:
6b:e0:0f:a2:c5:ac:e5:c5:8a:af:b8:d3:8e:05:c2:1f:f9:e6:
0a:80:41:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVuuPxamOrVfZWrOSxLOOUeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNjBkNTcyODRiZjEyN2MyODE0MGUwNGIyNmE4ZjNlOGJk
ZWYxNzkwHhcNMjMwMTAxMTkwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjMyNWI0NDA0OWIyMDUzOWYwY2QxYzY2MDJhZjc3OWQ1ZjI0OWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6JE6pO8iiYrAf6gRamIOluOXcNh
n4i2hamjnvGCYT6zmDaIioMh9+b8NY7CPdp3GCteSqewVZPDLNt16BaTjkkw8rpQ
y8BYXDCi5whj8tHfrmESASZmTkYpBRAXJn6smqpCl5FUUHu1w1OSK6kvJnyppA5x
YrPJ6mCiJxs457WndvucFjE+64GnBhHXiB2284OBNTlGYlHYLY8ei12UryGAXh8n
jpOH6A2zGtPi2QlnwWoYMs/RMrgtvS9Eh1Nr4QWd+3WD8qpEsUjIs3WNaqFXSs9w
/7MwFbpocdgaPu6DAkPfVv86sLkHZgPYsN+YvB7gxzR81s44U9MP4g9VyQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFK8yW0QEmyBTnwzRxmAq93nV8knEMB8GA1UdIwQY
MBaAFBNg1XKEvxJ8KBQOBLJqjz6L3vF5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgt
YWNjMjg3OWY5ZjJlLzEvcnpKYlJBU2JJRk9mRE5IR1lDcjNlZFh5U2NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy81YzU4MjEtZjM0Mi00NzdhLTllYjgtYWNjMjg3OWY5ZjJl
LzEvRTJEVmNvU19FbndvRkE0RXNtcVBQb3ZlOFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW+yZAwQC
uTPYMA0EAgACMAcDBQAqAGdgMA0GCSqGSIb3DQEBCwUAA4IBAQB3W9PA9T53D6rC
DXxamEmOOWrtK2yAYgTuyidrCc7vOVJPlAVnasuCOtQ7Ik/OhjSci+FfX++wI1kT
KP73lNBMcSWvpBOIukOVcvz3/kHRSzBX2ebqu+bJY3AoXvuwZnTTH+DIrrQFCxSW
LxAp8w7SfqUJKLvI+dJjY8mcFS8yvogGrDNiBPV7/H++Xh54hlc6cCfNtRXv/xJ/
zAr2BW0rcayZaSBhJzpi2X/VFCswezfrf59MfMxni39wCr7Sn23B7G+xbQJ8gzeU
cOBTmh/r1prxQ5kNFeW2AjwsGEkSaf/MS2WaSXQkz3Vr4A+ixazlxYqvuNOOBcIf
+eYKgEGh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:02 2024 by rpki-client on console-fra.rpki-client.org