Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZKHXWHnZODp8e-9L5ojQbdjDuWw.roa
File: ZKHXWHnZODp8e-9L5ojQbdjDuWw.roa (raw, json)
Hash identifier: G9Un4KpW5w1326YJKwMMY+mwDo7KR5hd3pa+Pax0Pio=
Subject key identifier: 64:A1:D7:58:79:D9:38:3A:7C:7B:EF:4B:E6:88:D0:6D:D8:C3:B9:6C
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0189CE2C53009416B1203D59DC8496BC8F75
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZKHXWHnZODp8e-9L5ojQbdjDuWw.roa
Signing time: Mon 07 Aug 2023 04:05:58 +0000
ROA not before: Mon 07 Aug 2023 04:05:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44477
IP address blocks: 5.189.248.0/22 maxlen: 24
5.188.194.0/23 maxlen: 23
5.188.204.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 25 Dec 2023 15:24:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ce:2c:53:00:94:16:b1:20:3d:59:dc:84:96:bc:8f:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 7 04:05:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=64a1d75879d9383a7c7bef4be688d06dd8c3b96c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:02:4e:0f:74:b9:6a:d7:d1:89:cd:36:0c:59:
89:df:05:bb:d8:fc:6f:a2:9e:62:89:e6:08:3d:07:
ac:69:76:f0:6a:c6:9c:c3:f7:91:16:e4:0a:b2:28:
64:68:7a:b5:10:6f:d7:3a:6a:61:45:e6:64:8a:58:
7c:59:54:74:90:27:a2:b5:65:dd:ac:8d:f2:bb:5d:
dd:b8:0c:3c:44:c1:cd:95:ee:1d:87:93:ba:08:2b:
da:a8:92:c9:37:7b:6b:bb:df:d1:26:fe:16:ad:4d:
57:bf:d8:74:80:76:68:c7:53:61:80:43:88:b2:c3:
b9:25:1c:2d:c2:03:5a:09:68:45:4f:de:eb:df:c7:
a0:a9:be:16:43:dd:99:28:b6:10:fe:32:b7:a0:ff:
ea:02:d6:07:5d:e6:6a:e7:d4:45:de:63:79:a0:b5:
a0:4e:fd:40:91:47:9e:22:f8:05:b1:fb:01:39:20:
99:3e:8e:24:8a:5b:a7:3f:a6:00:5f:94:08:f6:b6:
5d:c3:ec:bf:eb:6f:f1:0f:3c:0c:32:bd:ed:95:17:
db:5b:9c:23:a6:4f:ec:17:0b:60:43:89:58:70:33:
c1:b0:3a:11:6a:eb:32:7f:eb:38:47:12:66:56:2f:
13:35:ec:46:ab:7e:3f:b8:ca:1c:9b:f1:ed:16:b2:
c4:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A1:D7:58:79:D9:38:3A:7C:7B:EF:4B:E6:88:D0:6D:D8:C3:B9:6C
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/ZKHXWHnZODp8e-9L5ojQbdjDuWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.194.0/23
5.188.204.0/23
5.189.248.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:43:a1:82:b8:b4:54:38:15:db:1f:16:d0:57:82:61:15:ad:
ac:87:8c:41:3a:62:db:55:58:a8:36:c4:a4:af:fc:4f:e4:73:
f6:74:06:14:c6:b4:73:37:37:18:71:76:2c:cf:bc:d9:fc:f7:
50:1a:ee:cf:d8:53:5a:2b:80:08:51:d1:8a:8d:3f:d4:ea:8b:
35:93:fc:12:a4:a1:a9:fd:4a:db:32:40:ab:07:4b:bc:6b:ba:
76:e5:d4:db:bf:cf:b8:9a:c1:ff:ed:cf:a0:d3:25:94:69:eb:
fc:5c:af:a3:7b:5a:c9:51:58:1f:df:48:ac:f6:ca:a8:69:9d:
0a:04:30:11:bf:6b:1a:db:6e:42:2f:d8:c1:90:06:cd:a9:62:
29:8c:ee:f2:6c:e2:e7:3a:14:a9:30:5b:78:a0:c6:91:31:f6:
c9:65:f1:c8:e0:6b:8d:f0:fc:3f:b4:f9:f6:13:69:c6:fe:ba:
01:f1:5b:5e:c8:a0:3c:6e:2e:6c:fd:29:15:bb:cd:a2:46:04:
15:80:de:5e:8a:a8:21:34:94:e8:4c:a7:dd:3f:47:f8:51:b8:
82:cc:6f:4a:0f:f7:b0:2a:e0:72:f2:06:d3:9e:45:d9:01:06:
01:b8:f2:ab:11:c2:7d:fc:a7:be:5a:c9:8c:14:2f:d2:49:b3:
51:c3:c7:af
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYnOLFMAlBaxID1Z3ISWvI91MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjMwODA3MDQwNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGExZDc1ODc5ZDkzODNhN2M3YmVmNGJlNjg4ZDA2ZGQ4YzNiOTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAJOD3S5atfRic02DFmJ3wW72Pxv
op5iieYIPQesaXbwasacw/eRFuQKsihkaHq1EG/XOmphReZkilh8WVR0kCeitWXd
rI3yu13duAw8RMHNle4dh5O6CCvaqJLJN3tru9/RJv4WrU1Xv9h0gHZox1NhgEOI
ssO5JRwtwgNaCWhFT97r38egqb4WQ92ZKLYQ/jK3oP/qAtYHXeZq59RF3mN5oLWg
Tv1AkUeeIvgFsfsBOSCZPo4kilunP6YAX5QI9rZdw+y/62/xDzwMMr3tlRfbW5wj
pk/sFwtgQ4lYcDPBsDoRausyf+s4RxJmVi8TNexGq34/uMocm/HtFrLE8wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGSh11h52Tg6fHvvS+aI0G3Yw7lsMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvWktIWFdIblpPRHA4ZS05TDVvalFiZGpEdVd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBbzCAwQB
BbzMAwQCBb34MA0GCSqGSIb3DQEBCwUAA4IBAQB8Q6GCuLRUOBXbHxbQV4JhFa2s
h4xBOmLbVVioNsSkr/xP5HP2dAYUxrRzNzcYcXYsz7zZ/PdQGu7P2FNaK4AIUdGK
jT/U6os1k/wSpKGp/UrbMkCrB0u8a7p25dTbv8+4msH/7c+g0yWUaev8XK+je1rJ
UVgf30is9sqoaZ0KBDARv2sa225CL9jBkAbNqWIpjO7ybOLnOhSpMFt4oMaRMfbJ
ZfHI4GuN8Pw/tPn2E2nG/roB8VteyKA8bi5s/SkVu82iRgQVgN5eiqghNJToTKfd
P0f4UbiCzG9KD/ewKuBy8gbTnkXZAQYBuPKrEcJ9/Ke+WsmMFC/SSbNRw8ev
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:21:29 2024 by rpki-client on console-fra.rpki-client.org