Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/zu5F7bir0kXzydgeVIYGzm1Rs1Q.roa
File: zu5F7bir0kXzydgeVIYGzm1Rs1Q.roa (raw, json)
Hash identifier: wSvZQb9KQ+UdBZKFEOFTs4ReQA+yDP/QgE2/67rSQxU=
Subject key identifier: CE:EE:45:ED:B8:AB:D2:45:F3:C9:D8:1E:54:86:06:CE:6D:51:B3:54
Certificate issuer: /CN=8e626c909eb4951154bcee8221e43951b4257624
Certificate serial: 0185A5E67E9D38E6CFF302AC94487CB61C67
Authority key identifier: 8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/zu5F7bir0kXzydgeVIYGzm1Rs1Q.roa
Signing time: Thu 12 Jan 2023 12:13:44 +0000
ROA not before: Thu 12 Jan 2023 12:13:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51088
IP address blocks: 5.10.192.0/24 maxlen: 24
185.51.52.0/23 maxlen: 23
178.249.152.0/21 maxlen: 21
31.41.255.0/24 maxlen: 24
31.134.200.0/21 maxlen: 21
185.205.52.0/22 maxlen: 22
2a02:166b::/32 maxlen: 32
2a02:1668::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Jan 2023 09:48:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:a5:e6:7e:9d:38:e6:cf:f3:02:ac:94:48:7c:b6:1c:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e626c909eb4951154bcee8221e43951b4257624
Validity
Not Before: Jan 12 12:13:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=ceee45edb8abd245f3c9d81e548606ce6d51b354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:b1:a1:6f:85:7f:19:bc:34:bc:2d:a5:75:
59:0a:18:1c:0c:7a:a0:a2:e1:33:69:84:da:a0:3c:
0d:27:a9:4a:20:bd:7a:a6:7a:93:bd:48:a9:2b:1d:
c2:43:83:da:76:8b:e6:14:f1:0b:9f:68:9b:2c:02:
32:73:9a:92:65:da:59:9f:ad:98:f9:1d:34:48:89:
56:19:26:26:b5:f0:d2:98:15:7d:fe:f5:94:93:eb:
63:b7:ec:ca:9f:ac:57:ff:88:cc:da:50:62:a4:a2:
e7:11:03:54:dd:d1:0d:1d:4a:26:bb:5d:12:f0:1c:
62:5f:3e:50:80:d0:d8:ef:44:97:cd:4c:00:dc:21:
7e:bd:97:b8:cd:80:cb:68:63:25:c1:4f:8b:20:94:
5b:87:04:1a:bf:62:6c:08:65:d8:f2:15:37:ae:85:
46:c5:0b:c5:42:2f:c9:f4:ee:4b:4a:75:f5:b6:85:
b9:2f:78:5d:07:d6:e2:e4:45:a8:c8:0f:36:58:d0:
3a:54:e0:e8:dd:f8:78:3b:f6:c4:38:c0:7d:b1:91:
8b:1c:01:27:ab:db:5b:fa:ed:e5:7e:d5:47:93:0d:
35:e9:ab:69:34:0d:4a:32:a9:e9:ee:db:b2:d9:0f:
cf:e0:32:50:aa:cd:f6:a3:23:0b:83:f2:f7:c3:23:
60:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EE:45:ED:B8:AB:D2:45:F3:C9:D8:1E:54:86:06:CE:6D:51:B3:54
X509v3 Authority Key Identifier:
keyid:8E:62:6C:90:9E:B4:95:11:54:BC:EE:82:21:E4:39:51:B4:25:76:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jmJskJ60lRFUvO6CIeQ5UbQldiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/zu5F7bir0kXzydgeVIYGzm1Rs1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fe4266-7f54-4fb3-b810-e97d1d0220af/1/jmJskJ60lRFUvO6CIeQ5UbQldiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.192.0/24
31.41.255.0/24
31.134.200.0/21
178.249.152.0/21
185.51.52.0/23
185.205.52.0/22
IPv6:
2a02:1668::/32
2a02:166b::/32
Signature Algorithm: sha256WithRSAEncryption
37:b0:77:40:48:b5:d1:d0:09:a5:64:f2:50:6b:b3:15:87:55:
82:4d:d6:52:11:1d:d3:cd:ae:d1:c7:c9:3c:68:ea:c7:a8:2b:
fa:f1:f1:18:bc:09:44:dc:97:09:0d:2d:b1:43:fe:52:f0:d5:
f6:26:b7:f0:d8:2c:4e:c7:bf:57:48:17:25:df:ea:41:c7:26:
d2:84:61:23:72:da:f5:90:ff:db:80:6e:ee:dd:91:9d:4f:06:
dc:a0:00:8a:1b:59:57:fc:28:56:34:ed:4d:7d:41:d2:a0:8b:
65:27:b1:20:10:74:80:ac:cd:aa:06:a0:55:ee:b2:78:a9:ee:
d7:af:f1:9c:e6:43:2a:cb:81:57:91:74:fe:d0:b1:9e:05:63:
e2:bf:bf:0e:d9:ab:5f:8e:c3:f2:65:6b:33:fe:ff:d9:90:55:
c7:09:b6:cd:f2:02:32:93:2a:d6:d9:58:9e:8d:2f:4b:a2:18:
00:9b:e6:a9:ec:a1:aa:40:89:d7:4c:ba:99:ff:15:3d:41:e3:
2f:d9:7b:15:18:97:43:3a:bc:a7:32:35:6e:2c:03:b2:9e:ab:
0c:a2:29:a4:92:de:fd:91:bd:da:4c:04:64:4c:0a:fd:b3:6d:
08:5c:78:05:05:ee:df:a8:0a:e0:ec:a3:02:25:58:41:f6:6e:
72:71:34:91
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYWl5n6dOObP8wKslEh8thxnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNjI2YzkwOWViNDk1MTE1NGJjZWU4MjIxZTQzOTUxYjQy
NTc2MjQwHhcNMjMwMTEyMTIxMzQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVlNDVlZGI4YWJkMjQ1ZjNjOWQ4MWU1NDg2MDZjZTZkNTFiMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUexoW+Ffxm8NLwtpXVZChgcDHqg
ouEzaYTaoDwNJ6lKIL16pnqTvUipKx3CQ4PadovmFPELn2ibLAIyc5qSZdpZn62Y
+R00SIlWGSYmtfDSmBV9/vWUk+tjt+zKn6xX/4jM2lBipKLnEQNU3dENHUomu10S
8BxiXz5QgNDY70SXzUwA3CF+vZe4zYDLaGMlwU+LIJRbhwQav2JsCGXY8hU3roVG
xQvFQi/J9O5LSnX1toW5L3hdB9bi5EWoyA82WNA6VODo3fh4O/bEOMB9sZGLHAEn
q9tb+u3lftVHkw016atpNA1KMqnp7tuy2Q/P4DJQqs32oyMLg/L3wyNgVQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFM7uRe24q9JF88nYHlSGBs5tUbNUMB8GA1UdIwQY
MBaAFI5ibJCetJURVLzugiHkOVG0JXYkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAt
ZTk3ZDFkMDIyMGFmLzEvenU1RjdiaXIwa1h6eWRnZVZJWUd6bTFSczFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mZTQyNjYtN2Y1NC00ZmIzLWI4MTAtZTk3ZDFkMDIyMGFm
LzEvam1Kc2tKNjBsUkZVdk82Q0llUTVVYlFsZGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQABQrAAwQA
Hyn/AwQDH4bIAwQDsvmYAwQBuTM0AwQCuc00MBQEAgACMA4DBQAqAhZoAwUAKgIW
azANBgkqhkiG9w0BAQsFAAOCAQEAN7B3QEi10dAJpWTyUGuzFYdVgk3WUhEd082u
0cfJPGjqx6gr+vHxGLwJRNyXCQ0tsUP+UvDV9ia38NgsTse/V0gXJd/qQccm0oRh
I3La9ZD/24Bu7t2RnU8G3KAAihtZV/woVjTtTX1B0qCLZSexIBB0gKzNqgagVe6y
eKnu16/xnOZDKsuBV5F0/tCxngVj4r+/DtmrX47D8mVrM/7/2ZBVxwm2zfICMpMq
1tlYno0vS6IYAJvmqeyhqkCJ10y6mf8VPUHjL9l7FRiXQzq8pzI1biwDsp6rDKIp
pJLe/ZG92kwEZEwK/bNtCFx4BQXu36gK4OyjAiVYQfZucnE0kQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:41 2024 by rpki-client on console-fra.rpki-client.org