Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_zcWU2AEnpYTaPKXmaO-Y40H_3c.roa
File: _zcWU2AEnpYTaPKXmaO-Y40H_3c.roa (raw, json)
Hash identifier: Zednht4DFCo4cvqWL2gB9vbFg0U8Gv5veVJoLvuzduA=
Subject key identifier: FF:37:16:53:60:04:9E:96:13:68:F2:97:99:A3:BE:63:8D:07:FF:77
Certificate issuer: /CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Certificate serial: 019141BC9911527B45052630F21CE9131E18
Authority key identifier: BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_zcWU2AEnpYTaPKXmaO-Y40H_3c.roa
Signing time: Sun 11 Aug 2024 13:59:24 +0000
ROA not before: Sun 11 Aug 2024 13:59:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.144.154.0/24 maxlen: 24
5.144.155.0/24 maxlen: 24
194.33.150.0/24 maxlen: 24
194.33.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 Aug 2024 05:39:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:bc:99:11:52:7b:45:05:26:30:f2:1c:e9:13:1e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb0d4e85937b7a0f271054d28614f2934d4ea500
Validity
Not Before: Aug 11 13:59:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff37165360049e961368f29799a3be638d07ff77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:0b:a8:55:11:d7:36:22:14:38:d0:5e:8f:f9:
77:52:b4:ec:01:56:b4:3d:a5:d6:2d:d8:67:62:16:
d4:b8:1f:2a:69:cc:dc:6e:51:77:8a:8d:10:24:4c:
42:2e:d2:8b:e2:8b:e8:38:22:30:2c:8d:f7:fa:4b:
88:bb:35:c4:49:07:e2:7d:c4:78:92:72:df:70:50:
2a:99:e4:c6:1b:d9:0a:83:a8:6f:f9:a8:30:81:7e:
a8:91:f4:68:ed:f9:18:d8:19:b0:0f:4f:60:e6:97:
22:a8:d1:25:e9:ee:e4:72:7c:21:d3:69:37:1b:c7:
c5:31:0e:06:80:9d:6e:87:11:8a:f9:c2:55:aa:d3:
52:66:36:91:bf:d1:e7:c3:ff:ac:4c:11:5a:c0:4f:
e6:87:b0:0f:f3:6f:2d:80:cc:1c:da:67:0f:5a:b5:
81:9c:3e:53:c4:b3:e9:a2:e4:41:e6:cd:43:54:78:
1d:fd:e7:09:61:24:65:1e:f6:83:34:5b:91:29:64:
05:51:3f:ff:f1:6e:0a:3a:01:c3:e7:fd:c6:94:e1:
8b:9e:30:11:2e:6c:3a:81:e0:73:a0:58:ba:3f:8a:
60:34:e3:07:7d:dd:bb:ca:e7:24:f8:35:48:51:c8:
bf:5f:06:50:4c:7e:5e:5d:5d:21:ed:b1:d9:a8:a9:
14:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:37:16:53:60:04:9E:96:13:68:F2:97:99:A3:BE:63:8D:07:FF:77
X509v3 Authority Key Identifier:
keyid:BB:0D:4E:85:93:7B:7A:0F:27:10:54:D2:86:14:F2:93:4D:4E:A5:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uw1OhZN7eg8nEFTShhTyk01OpQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/_zcWU2AEnpYTaPKXmaO-Y40H_3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/d17527-cf98-4d37-866f-8e9b98a99cdb/1/uw1OhZN7eg8nEFTShhTyk01OpQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.144.154.0/23
194.33.150.0/23
Signature Algorithm: sha256WithRSAEncryption
33:67:49:58:f6:25:19:78:28:4d:16:c6:ed:aa:82:19:25:74:
25:89:96:02:b4:8f:3b:70:e8:05:38:8b:c2:5b:f4:02:91:a8:
43:a6:83:21:d7:48:ff:53:71:f9:f2:8a:54:d9:10:b3:50:39:
65:3a:d8:d5:d3:f8:e1:4e:42:3d:c6:1c:e0:fc:24:a1:6a:a3:
8f:2e:52:a0:6f:7a:46:1a:4f:1f:a1:1d:76:ac:8a:af:96:55:
b9:74:5a:2a:b4:b9:9f:5c:0e:86:fc:a6:c8:85:67:ad:81:7c:
5b:4b:ee:13:42:7e:52:68:49:69:06:7b:16:b6:e1:32:d1:c8:
a5:9e:bd:e9:ae:70:19:29:62:60:5a:0d:ba:64:52:e1:66:32:
a0:78:2a:24:a6:5c:a4:f0:d3:01:8d:fa:58:21:b1:96:43:80:
b8:9e:a7:8b:2e:2f:16:19:dc:e4:aa:fe:d7:1d:ba:fa:ec:73:
18:93:ce:d3:49:81:fc:dd:4b:24:c9:e9:25:66:f1:5a:4a:f8:
47:b0:03:5b:7e:a4:01:4f:63:0c:19:c3:26:fe:a4:2e:4b:89:
a8:70:f8:78:56:73:d9:ad:43:23:9e:0f:69:5a:c7:45:2c:2f:
2b:1a:59:97:83:53:92:de:7e:38:d9:ef:1d:07:58:8d:35:21:
14:c8:bf:0b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFBvJkRUntFBSYw8hzpEx4YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMGQ0ZTg1OTM3YjdhMGYyNzEwNTRkMjg2MTRmMjkzNGQ0
ZWE1MDAwHhcNMjQwODExMTM1OTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjM3MTY1MzYwMDQ5ZTk2MTM2OGYyOTc5OWEzYmU2MzhkMDdmZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAuoVRHXNiIUONBej/l3UrTsAVa0
PaXWLdhnYhbUuB8qaczcblF3io0QJExCLtKL4ovoOCIwLI33+kuIuzXESQfifcR4
knLfcFAqmeTGG9kKg6hv+agwgX6okfRo7fkY2BmwD09g5pciqNEl6e7kcnwh02k3
G8fFMQ4GgJ1uhxGK+cJVqtNSZjaRv9Hnw/+sTBFawE/mh7AP828tgMwc2mcPWrWB
nD5TxLPpouRB5s1DVHgd/ecJYSRlHvaDNFuRKWQFUT//8W4KOgHD5/3GlOGLnjAR
Lmw6geBzoFi6P4pgNOMHfd27yuck+DVIUci/XwZQTH5eXV0h7bHZqKkUdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP83FlNgBJ6WE2jyl5mjvmONB/93MB8GA1UdIwQY
MBaAFLsNToWTe3oPJxBU0oYU8pNNTqUAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYt
OGU5Yjk4YTk5Y2RiLzEvX3pjV1UyQUVucFlUYVBLWG1hTy1ZNDBIXzNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9kMTc1MjctY2Y5OC00ZDM3LTg2NmYtOGU5Yjk4YTk5Y2Ri
LzEvdXcxT2haTjdlZzhuRUZUU2hoVHlrMDFPcFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBZCaAwQB
wiGWMA0GCSqGSIb3DQEBCwUAA4IBAQAzZ0lY9iUZeChNFsbtqoIZJXQliZYCtI87
cOgFOIvCW/QCkahDpoMh10j/U3H58opU2RCzUDllOtjV0/jhTkI9xhzg/CShaqOP
LlKgb3pGGk8foR12rIqvllW5dFoqtLmfXA6G/KbIhWetgXxbS+4TQn5SaElpBnsW
tuEy0cilnr3prnAZKWJgWg26ZFLhZjKgeCokplyk8NMBjfpYIbGWQ4C4nqeLLi8W
Gdzkqv7XHbr67HMYk87TSYH83UskyeklZvFaSvhHsANbfqQBT2MMGcMm/qQuS4mo
cPh4VnPZrUMjng9pWsdFLC8rGlmXg1OS3n442e8dB1iNNSEUyL8L
-----END CERTIFICATE-----
Generated at Mon Aug 12 06:53:16 2024 by rpki-client on console-ams.rpki-client.org