Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ZB2pQzYu5lUfpV7LlhHO22zuss.roa
File: 8ZB2pQzYu5lUfpV7LlhHO22zuss.roa (raw, json)
Hash identifier: 3ZMyz7ITYVz/UvVvkZkL7wOtylZvHChpIblYMPA2FXQ=
Subject key identifier: F1:90:76:A5:0C:D8:BB:99:54:7E:95:7B:2E:58:47:3B:6D:B3:BA:CB
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0191FE2C1B7A19D72A899B0E4B47479E81E6
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ZB2pQzYu5lUfpV7LlhHO22zuss.roa
Signing time: Tue 17 Sep 2024 04:09:48 +0000
ROA not before: Tue 17 Sep 2024 04:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 5.83.129.0/24 maxlen: 24
85.118.162.0/24 maxlen: 24
87.239.131.0/24 maxlen: 24
94.249.138.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 19:13:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:2c:1b:7a:19:d7:2a:89:9b:0e:4b:47:47:9e:81:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 17 04:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f19076a50cd8bb99547e957b2e58473b6db3bacb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a7:45:89:7d:b8:b4:90:ed:75:88:76:19:a1:
e3:25:90:cb:94:0e:59:15:39:2b:5c:6a:7a:31:86:
68:ed:08:c2:26:e1:13:bb:68:bc:bf:44:fa:8b:ef:
e9:2f:74:2a:df:d9:26:94:58:48:06:0f:19:72:8f:
90:f6:9b:c2:b8:a6:76:5e:07:82:9a:0b:9c:79:0b:
a3:00:12:6f:b3:12:a0:c6:76:4e:f5:87:98:9f:5c:
46:fd:6c:aa:97:1f:c2:ba:92:2e:9d:1a:17:b3:97:
4f:af:ba:9a:56:fd:6f:ff:60:ac:42:e6:e7:e5:ec:
64:a5:f9:5f:12:05:31:72:33:3c:3c:2f:c2:97:23:
11:b6:44:4b:74:9e:d1:c3:89:4f:07:1d:02:5c:c5:
65:d4:6b:ee:47:68:ff:04:3d:e9:65:7e:10:81:6c:
81:38:12:01:3b:b3:db:6e:aa:4a:f7:34:72:13:7e:
0c:25:e9:b8:e1:19:40:2c:5e:71:fa:ce:13:91:26:
ad:88:2d:95:ea:18:59:78:b8:21:fb:31:b6:1f:7e:
4b:ae:8e:79:43:83:3d:67:d5:f7:03:29:d5:7f:c0:
8e:ea:23:f8:78:70:a0:75:4f:51:6d:9e:52:8d:5a:
ef:28:65:91:5e:07:88:87:63:26:45:5c:ea:e9:eb:
77:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:90:76:A5:0C:D8:BB:99:54:7E:95:7B:2E:58:47:3B:6D:B3:BA:CB
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/8ZB2pQzYu5lUfpV7LlhHO22zuss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.129.0/24
85.118.162.0/24
87.239.131.0/24
94.249.138.0/24
94.249.148.0/24
Signature Algorithm: sha256WithRSAEncryption
41:3c:7d:62:f4:05:a3:66:65:2e:32:e3:8d:9b:6c:a2:36:65:
8e:da:a7:72:ae:47:04:3a:b9:3b:11:64:6a:2e:03:86:62:e9:
a9:de:70:be:6a:ca:17:72:54:43:32:c0:2d:ac:ee:10:37:38:
92:8e:25:05:e5:87:b6:9a:73:e9:6b:d1:86:01:2e:e2:28:e2:
cc:e0:84:f2:d6:70:68:fe:6b:6b:c5:0e:8e:58:3c:45:f9:7c:
ab:b6:65:28:86:fe:e8:28:cf:0f:15:ab:f2:1d:60:17:79:e6:
3d:88:9a:4b:8a:1a:2b:6d:33:5f:96:4f:2e:a4:53:50:0e:9b:
84:1b:86:c2:cb:8b:5a:0a:57:0e:0d:f6:ef:0d:18:f1:cb:9c:
39:12:0c:6c:39:1f:73:c9:61:46:79:f9:1b:ff:c2:b4:5e:2d:
fa:52:20:6e:9e:49:1d:4b:d9:f5:71:c9:02:d8:ed:46:ff:19:
42:10:2a:cd:22:62:2d:f4:42:67:cb:37:6d:39:b2:19:aa:06:
b2:c9:08:8d:f9:9f:9f:bf:9a:b2:d2:1b:3d:e0:3f:77:2a:3a:
6e:5e:3c:9f:96:17:7c:62:7d:39:8e:10:32:92:b7:fd:af:e6:
d6:30:55:20:4a:f0:fa:d9:aa:fa:cb:dc:bb:61:18:7c:08:df:
55:bb:8e:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZH+LBt6GdcqiZsOS0dHnoHmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjQwOTE3MDQwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkwNzZhNTBjZDhiYjk5NTQ3ZTk1N2IyZTU4NDczYjZkYjNiYWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqdFiX24tJDtdYh2GaHjJZDLlA5Z
FTkrXGp6MYZo7QjCJuETu2i8v0T6i+/pL3Qq39kmlFhIBg8Zco+Q9pvCuKZ2XgeC
mguceQujABJvsxKgxnZO9YeYn1xG/Wyqlx/CupIunRoXs5dPr7qaVv1v/2CsQubn
5exkpflfEgUxcjM8PC/ClyMRtkRLdJ7Rw4lPBx0CXMVl1GvuR2j/BD3pZX4QgWyB
OBIBO7PbbqpK9zRyE34MJem44RlALF5x+s4TkSatiC2V6hhZeLgh+zG2H35Lro55
Q4M9Z9X3AynVf8CO6iP4eHCgdU9RbZ5SjVrvKGWRXgeIh2MmRVzq6et3VwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPGQdqUM2LuZVH6Vey5YRztts7rLMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvOFpCMnBRell1NWxVZnBWN0xsaEhPMjJ6dXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABVOBAwQA
VXaiAwQAV++DAwQAXvmKAwQAXvmUMA0GCSqGSIb3DQEBCwUAA4IBAQBBPH1i9AWj
ZmUuMuONm2yiNmWO2qdyrkcEOrk7EWRqLgOGYump3nC+asoXclRDMsAtrO4QNziS
jiUF5Ye2mnPpa9GGAS7iKOLM4ITy1nBo/mtrxQ6OWDxF+XyrtmUohv7oKM8PFavy
HWAXeeY9iJpLihorbTNflk8upFNQDpuEG4bCy4taClcODfbvDRjxy5w5EgxsOR9z
yWFGefkb/8K0Xi36UiBunkkdS9n1cckC2O1G/xlCECrNImIt9EJnyzdtObIZqgay
yQiN+Z+fv5qy0hs94D93KjpuXjyflhd8Yn05jhAykrf9r+bWMFUgSvD62ar6y9y7
YRh8CN9Vu449
-----END CERTIFICATE-----
Generated at Tue Sep 17 20:45:53 2024 by rpki-client on console-fra.rpki-client.org