Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zalt0NwuxXtJWrMYns0IHyPWxsw.roa
File: zalt0NwuxXtJWrMYns0IHyPWxsw.roa (raw, json)
Hash identifier: 1jhuOO/9psjA1Eo/UXiu4qKDGrmn/2pypJRyiBiSQew=
Subject key identifier: CD:A9:6D:D0:DC:2E:C5:7B:49:5A:B3:18:9E:CD:08:1F:23:D6:C6:CC
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01927AB05FA587DEBBC9BC82782D2A96642D
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zalt0NwuxXtJWrMYns0IHyPWxsw.roa
Signing time: Fri 11 Oct 2024 08:27:12 +0000
ROA not before: Fri 11 Oct 2024 08:27:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35277
IP address blocks: 5.8.45.0/24 maxlen: 24
5.8.46.0/24 maxlen: 24
5.8.47.0/24 maxlen: 24
5.101.44.0/24 maxlen: 24
5.101.45.0/24 maxlen: 24
5.101.46.0/24 maxlen: 24
5.101.47.0/24 maxlen: 24
5.188.50.0/24 maxlen: 24
5.188.201.0/24 maxlen: 24
5.188.202.0/24 maxlen: 24
5.189.216.0/24 maxlen: 24
5.189.217.0/24 maxlen: 24
5.189.218.0/24 maxlen: 24
5.189.219.0/24 maxlen: 24
5.189.252.0/24 maxlen: 24
5.189.253.0/24 maxlen: 24
5.189.255.0/24 maxlen: 24
91.243.40.0/24 maxlen: 24
91.243.43.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 13:16:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:7a:b0:5f:a5:87:de:bb:c9:bc:82:78:2d:2a:96:64:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Oct 11 08:27:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cda96dd0dc2ec57b495ab3189ecd081f23d6c6cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:67:4c:db:a4:1a:7c:ef:a6:83:5f:5d:89:5a:
15:3e:ec:26:22:74:f8:6e:48:30:85:b4:3d:b5:77:
f0:ce:b3:ac:88:60:c8:69:36:31:91:ac:c6:ec:8a:
51:c9:a4:e2:25:8e:81:5b:ee:d1:ac:cf:4d:8e:4f:
32:e1:66:e5:33:58:ab:8d:f3:d1:75:d1:a0:29:69:
26:52:2d:f4:02:61:57:69:bd:b5:5c:a1:aa:3f:ce:
df:87:88:26:a8:38:c4:4f:e4:5c:7c:ce:61:12:b0:
ac:35:8d:d2:c2:85:a3:8d:53:f0:d0:2e:19:03:73:
de:96:9d:8d:32:20:82:44:ff:35:04:3d:e9:7e:38:
9c:31:34:f2:bd:0f:78:20:a5:d5:97:5d:27:03:2f:
2c:d2:2d:aa:ad:cf:4d:31:f9:81:78:70:ad:05:5e:
d6:f8:23:f7:b3:36:0e:f3:c2:73:1c:0f:07:0e:95:
3f:61:d5:10:20:0c:ca:52:e7:54:5a:08:f5:8f:1b:
e2:5f:a4:c4:90:84:da:75:2c:3b:32:b4:b1:06:1c:
78:44:f5:0a:e4:24:98:74:93:73:74:90:fb:3b:30:
4e:36:e0:0a:a2:79:3c:cb:02:ef:b1:60:b2:b8:c8:
ba:d7:0e:68:39:6f:64:6f:b1:97:5c:e2:16:2e:ae:
8b:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A9:6D:D0:DC:2E:C5:7B:49:5A:B3:18:9E:CD:08:1F:23:D6:C6:CC
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/zalt0NwuxXtJWrMYns0IHyPWxsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.45.0-5.8.47.255
5.101.44.0/22
5.188.50.0/24
5.188.201.0-5.188.202.255
5.189.216.0/22
5.189.252.0/23
5.189.255.0/24
91.243.40.0/24
91.243.43.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:f7:52:a1:32:40:08:3a:99:42:03:45:d8:77:91:69:f4:eb:
bc:d0:63:ae:39:ae:ed:c0:f8:23:52:c9:b0:21:60:a8:d0:3a:
b4:ed:18:71:33:65:5c:b1:cd:fd:5a:09:95:6a:1c:e2:9d:6f:
b4:c0:b9:d1:92:68:e4:5d:1c:89:7a:af:bb:75:d4:01:3f:48:
2c:17:e8:3a:b0:d7:af:1c:52:f8:58:3e:0a:d1:c6:86:41:13:
ea:70:49:9c:4a:fc:ad:e9:12:e2:5c:cf:75:56:dc:52:e3:36:
c9:3f:d8:33:16:b4:bb:df:38:e7:ed:c5:26:de:1d:59:01:4d:
23:e3:fd:55:e9:fa:00:90:ec:7c:67:e1:f4:3d:1f:04:57:1f:
b7:fa:09:27:d0:ef:70:ce:87:06:ac:3c:66:d6:f9:5a:38:c6:
7d:97:c0:cd:fb:1b:a2:44:b2:ea:62:b7:f3:f7:fb:11:a1:84:
1d:dc:73:22:dc:19:10:14:6f:65:e2:36:01:99:5b:2d:8f:cc:
8f:64:ef:2a:bb:d5:f5:15:9b:5e:b0:57:cd:e9:47:48:b9:0e:
f3:4c:a6:97:c7:54:f1:c0:0b:d1:5a:1f:4b:62:ad:58:e6:2e:
54:45:8c:42:3d:66:7f:5e:20:44:46:94:62:f0:2f:25:fe:70:
91:e7:80:74
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZJ6sF+lh967ybyCeC0qlmQtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQxMDExMDgyNzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE5NmRkMGRjMmVjNTdiNDk1YWIzMTg5ZWNkMDgxZjIzZDZjNmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWdM26QafO+mg19diVoVPuwmInT4
bkgwhbQ9tXfwzrOsiGDIaTYxkazG7IpRyaTiJY6BW+7RrM9Njk8y4WblM1irjfPR
ddGgKWkmUi30AmFXab21XKGqP87fh4gmqDjET+RcfM5hErCsNY3SwoWjjVPw0C4Z
A3Pelp2NMiCCRP81BD3pfjicMTTyvQ94IKXVl10nAy8s0i2qrc9NMfmBeHCtBV7W
+CP3szYO88JzHA8HDpU/YdUQIAzKUudUWgj1jxviX6TEkITadSw7MrSxBhx4RPUK
5CSYdJNzdJD7OzBONuAKonk8ywLvsWCyuMi61w5oOW9kb7GXXOIWLq6LlQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFM2pbdDcLsV7SVqzGJ7NCB8j1sbMMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvemFsdDBOd3V4WHRKV3JNWW5zMElIeVBXeHN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGMAwDBAAFCC0D
BAQFCCADBAIFZSwDBAAFvDIwDAMEAAW8yQMEAAW8ygMEAgW92AMEAQW9/AMEAAW9
/wMEAFvzKAMEAFvzKzANBgkqhkiG9w0BAQsFAAOCAQEAOvdSoTJACDqZQgNF2HeR
afTrvNBjrjmu7cD4I1LJsCFgqNA6tO0YcTNlXLHN/VoJlWoc4p1vtMC50ZJo5F0c
iXqvu3XUAT9ILBfoOrDXrxxS+Fg+CtHGhkET6nBJnEr8rekS4lzPdVbcUuM2yT/Y
Mxa0u9845+3FJt4dWQFNI+P9Ven6AJDsfGfh9D0fBFcft/oJJ9DvcM6HBqw8Ztb5
WjjGfZfAzfsbokSy6mK38/f7EaGEHdxzItwZEBRvZeI2AZlbLY/Mj2TvKrvV9RWb
XrBXzelHSLkO80yml8dU8cAL0VofS2KtWOYuVEWMQj1mf14gREaUYvAvJf5wkeeA
dA==
-----END CERTIFICATE-----
Generated at Mon Oct 28 16:44:24 2024 by rpki-client on console-fra.rpki-client.org