Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/z8fAdm_nXstrNgXhsOf4bG6KZyU.roa
File: z8fAdm_nXstrNgXhsOf4bG6KZyU.roa (raw, json)
Hash identifier: Cg+fAr5gw5kaYSZoe7NHR5QAmfAE4MPUpRqRNLRUqTI=
Subject key identifier: CF:C7:C0:76:6F:E7:5E:CB:6B:36:05:E1:B0:E7:F8:6C:6E:8A:67:25
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 018CDAD122CAA2226A1FDDF0FEB214C38891
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/z8fAdm_nXstrNgXhsOf4bG6KZyU.roa
Signing time: Fri 05 Jan 2024 18:09:48 +0000
ROA not before: Fri 05 Jan 2024 18:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 45.12.216.0/24 maxlen: 24
45.12.217.0/24 maxlen: 24
45.12.219.0/24 maxlen: 24
5.39.248.0/24 maxlen: 24
5.39.251.0/24 maxlen: 24
5.39.252.0/24 maxlen: 24
5.39.250.0/24 maxlen: 24
5.39.253.0/24 maxlen: 24
185.5.36.0/22 maxlen: 22
31.192.240.0/21 maxlen: 21
5.178.98.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.96.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
5.178.100.0/24 maxlen: 24
5.178.105.0/24 maxlen: 24
5.178.104.0/24 maxlen: 24
5.178.106.0/24 maxlen: 24
5.178.109.0/24 maxlen: 24
5.178.108.0/24 maxlen: 24
5.39.254.0/24 maxlen: 24
5.39.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 11 Jan 2024 10:11:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:da:d1:22:ca:a2:22:6a:1f:dd:f0:fe:b2:14:c3:88:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Jan 5 18:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfc7c0766fe75ecb6b3605e1b0e7f86c6e8a6725
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:df:b1:8e:9c:58:b2:23:c4:20:96:bc:47:8f:
4d:97:b7:cd:6d:1e:ef:dd:97:ee:f0:ab:c2:c4:0f:
1e:27:e6:c9:c6:08:c1:06:d7:61:4f:d6:d0:0c:2f:
a8:60:42:90:3c:93:09:af:2b:8b:41:0a:8c:1c:ce:
23:b1:3a:8b:4f:4d:1f:f2:67:97:8c:f5:71:b5:f5:
90:9c:7d:bc:06:a4:86:65:7b:8f:56:31:04:3c:a3:
92:0f:1f:bc:f3:27:88:e3:62:92:ac:6c:ad:ea:39:
1e:5d:6f:8c:95:b4:7d:6e:cc:54:05:f2:90:9b:57:
47:c5:97:f4:ad:2d:00:b5:4d:17:28:10:f7:52:29:
09:3d:9f:b1:c4:08:e1:2f:92:d2:71:ce:31:96:64:
db:7a:0e:43:9d:98:41:c9:54:b4:50:50:98:e4:81:
d7:3f:94:d6:b0:18:b1:f8:ed:40:86:3a:8a:7f:b6:
92:c7:b3:05:5a:4b:92:ed:2e:01:26:3a:1b:67:9c:
8c:34:e7:69:26:0a:ed:a9:d6:0d:8d:89:6a:2c:40:
76:0e:13:0a:74:ac:36:ad:ec:64:7c:ca:a7:c0:7f:
8e:1c:0c:8a:e8:41:07:cf:3b:9d:19:36:e8:f5:ce:
f3:19:5f:8c:68:0b:cb:15:80:c6:b0:c2:82:21:a5:
27:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:C7:C0:76:6F:E7:5E:CB:6B:36:05:E1:B0:E7:F8:6C:6E:8A:67:25
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/z8fAdm_nXstrNgXhsOf4bG6KZyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.39.250.0-5.39.255.255
5.178.96.0-5.178.100.255
5.178.104.0-5.178.106.255
5.178.108.0/23
31.192.240.0/21
45.12.216.0/23
45.12.219.0/24
185.5.36.0/22
Signature Algorithm: sha256WithRSAEncryption
bc:fd:33:27:69:5a:9a:c0:8d:6a:fc:8c:86:1b:69:c1:2c:f5:
f1:5d:d4:bb:76:22:e1:86:54:fe:94:a3:65:a0:c8:10:15:e1:
93:f5:2d:62:09:15:4d:aa:66:12:69:4d:49:fb:63:3c:74:90:
33:81:77:f4:30:2a:63:53:ac:b6:49:4e:b6:83:82:64:e5:fd:
d2:34:e4:81:03:56:00:15:50:89:6a:cb:27:6a:eb:6c:8d:67:
16:67:2a:15:fc:f6:d0:7e:95:a2:43:35:08:53:a7:7d:88:4d:
da:57:5b:a1:be:9c:42:46:4d:c1:8c:0d:b0:41:bb:c5:dc:0e:
68:81:ca:c4:cf:7f:11:00:51:04:19:56:b4:ce:4e:4f:47:3c:
2c:ac:66:76:0d:14:3f:ca:95:71:94:71:77:4b:ae:3c:d9:46:
56:d8:ba:e6:5c:53:9f:f6:f4:4a:84:2b:e1:d7:0f:7d:0d:cb:
f5:bf:3e:5a:a0:a1:98:e2:d8:44:70:ec:27:5e:98:81:4d:32:
03:48:48:91:63:e3:e1:51:f3:3d:82:3a:dd:e6:ba:b5:c8:84:
bf:af:6e:f4:90:2c:13:60:9f:03:4e:31:da:70:58:90:4d:5c:
b5:08:cb:6c:49:7b:c2:af:d3:fb:04:d1:4a:fd:5c:51:4d:22:
3a:04:84:50
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYza0SLKoiJqH93w/rIUw4iRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQwMTA1MTgwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmM3YzA3NjZmZTc1ZWNiNmIzNjA1ZTFiMGU3Zjg2YzZlOGE2NzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29+xjpxYsiPEIJa8R49Nl7fNbR7v
3Zfu8KvCxA8eJ+bJxgjBBtdhT9bQDC+oYEKQPJMJryuLQQqMHM4jsTqLT00f8meX
jPVxtfWQnH28BqSGZXuPVjEEPKOSDx+88yeI42KSrGyt6jkeXW+MlbR9bsxUBfKQ
m1dHxZf0rS0AtU0XKBD3UikJPZ+xxAjhL5LScc4xlmTbeg5DnZhByVS0UFCY5IHX
P5TWsBix+O1AhjqKf7aSx7MFWkuS7S4BJjobZ5yMNOdpJgrtqdYNjYlqLEB2DhMK
dKw2rexkfMqnwH+OHAyK6EEHzzudGTbo9c7zGV+MaAvLFYDGsMKCIaUn4QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFM/HwHZv517LazYF4bDn+GxuimclMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvejhmQWRtX25Yc3RyTmdYaHNPZjRiRzZLWnlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBTBAIAATBNAwQABSf4MAsD
BAEFJ/oDAwMFIDAMAwQFBbJgAwQABbJkMAwDBAMFsmgDBAAFsmoDBAEFsmwDBAMf
wPADBAEtDNgDBAAtDNsDBAK5BSQwDQYJKoZIhvcNAQELBQADggEBALz9MydpWprA
jWr8jIYbacEs9fFd1Lt2IuGGVP6Uo2WgyBAV4ZP1LWIJFU2qZhJpTUn7Yzx0kDOB
d/QwKmNTrLZJTraDgmTl/dI05IEDVgAVUIlqyydq62yNZxZnKhX89tB+laJDNQhT
p32ITdpXW6G+nEJGTcGMDbBBu8XcDmiBysTPfxEAUQQZVrTOTk9HPCysZnYNFD/K
lXGUcXdLrjzZRlbYuuZcU5/29EqEK+HXD30Ny/W/PlqgoZji2ERw7CdemIFNMgNI
SJFj4+FR8z2COt3murXIhL+vbvSQLBNgnwNOMdpwWJBNXLUIy2xJe8Kv0/sE0Ur9
XFFNIjoEhFA=
-----END CERTIFICATE-----
Generated at Thu Jan 11 15:19:11 2024 by rpki-client on console-ams.rpki-client.org