Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/z-5xwmTfRER-1KiOrfhsOHgUajI.roa
File: z-5xwmTfRER-1KiOrfhsOHgUajI.roa (raw, json)
Hash identifier: jx8bKT+oL56LfeoM446o7Z8uj7bGcjqG0HiGI2CwHao=
Subject key identifier: CF:EE:71:C2:64:DF:44:44:7E:D4:A8:8E:AD:F8:6C:38:78:14:6A:32
Certificate issuer: /CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Certificate serial: 018F61AA874F04AC4E21E7967A0E4E66F772
Authority key identifier: 1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/z-5xwmTfRER-1KiOrfhsOHgUajI.roa
Signing time: Fri 10 May 2024 08:41:56 +0000
ROA not before: Fri 10 May 2024 08:41:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39728
IP address blocks: 91.217.4.0/23 maxlen: 23
91.217.4.0/24 maxlen: 24
91.217.5.0/24 maxlen: 24
176.113.224.0/19 maxlen: 19
178.214.160.0/19 maxlen: 19
178.216.232.0/21 maxlen: 21
185.149.196.0/22 maxlen: 22
185.178.245.0/24 maxlen: 24
194.31.152.0/22 maxlen: 22
2a07:6900::/48 maxlen: 48
2a07:6900:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 May 2024 06:40:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:aa:87:4f:04:ac:4e:21:e7:96:7a:0e:4e:66:f7:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e95a069669ed5a766eee8ebdc32e39fb148410b
Validity
Not Before: May 10 08:41:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfee71c264df44447ed4a88eadf86c3878146a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:3d:29:ff:aa:09:c7:1e:8a:f1:aa:08:02:d6:
05:d4:97:79:ee:be:d8:74:80:26:73:ba:30:90:29:
53:8f:b9:21:7f:30:aa:f3:d0:99:4b:3d:1c:f8:21:
67:3f:65:f3:68:14:79:c7:a6:3f:70:76:0a:e4:25:
65:8b:1a:d1:65:0d:c6:fb:c2:9b:9b:86:d2:c7:21:
cf:44:26:7d:3a:d0:64:7e:c8:61:a7:f8:b0:9c:e0:
02:ff:e1:d1:d9:6f:7e:f6:cd:e5:17:df:ba:e0:e6:
80:ae:0a:b2:95:4d:d5:9b:64:33:cc:2e:5d:3a:73:
8f:cc:bc:37:8c:9a:d2:3d:70:fc:ef:83:0e:19:9d:
27:57:c8:aa:2f:f5:d5:ea:76:6d:62:3e:e7:35:a9:
6c:16:48:b4:73:bb:51:3d:aa:15:8e:fe:cb:bd:ce:
97:df:6a:3a:ef:2c:95:31:cc:45:d0:03:56:b9:79:
bd:d7:f8:25:18:02:cf:5a:04:72:ef:8d:9d:86:9e:
c4:54:ba:24:f1:03:5e:fd:57:1a:a7:97:2d:69:0a:
45:84:2f:3a:72:13:4a:b3:58:1d:b2:56:bc:f7:7f:
3c:47:58:d1:6f:a8:01:3c:81:60:9c:ec:f3:b7:2b:
df:5a:6a:37:89:c2:e1:9a:ab:c8:ea:da:12:b7:23:
5e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:EE:71:C2:64:DF:44:44:7E:D4:A8:8E:AD:F8:6C:38:78:14:6A:32
X509v3 Authority Key Identifier:
keyid:1E:95:A0:69:66:9E:D5:A7:66:EE:E8:EB:DC:32:E3:9F:B1:48:41:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpWgaWae1adm7ujr3DLjn7FIQQs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/z-5xwmTfRER-1KiOrfhsOHgUajI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/107456-df53-424d-9320-933bfa592b1d/1/HpWgaWae1adm7ujr3DLjn7FIQQs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.4.0/23
176.113.224.0/19
178.214.160.0/19
178.216.232.0/21
185.149.196.0/22
185.178.245.0/24
194.31.152.0/22
IPv6:
2a07:6900::/47
Signature Algorithm: sha256WithRSAEncryption
92:c6:4b:36:19:11:65:fd:fa:b0:b6:7f:10:53:77:13:55:65:
62:c3:d0:ff:96:05:54:49:a7:bb:67:48:c1:0e:c8:c4:bd:fc:
26:3f:38:5f:07:1a:c0:8c:55:32:6e:5e:29:48:e2:94:e0:ef:
09:38:96:52:d3:35:15:b6:fb:af:84:b7:fc:7b:1c:d8:78:f6:
6f:65:62:c4:cc:58:4f:1a:3f:02:70:8e:e9:e4:1a:39:1e:5e:
01:cb:92:5a:a0:d6:e5:37:50:a8:f9:2a:bc:05:bd:c6:34:99:
c6:d2:4e:51:a8:7f:95:72:3c:4c:15:91:09:74:1f:d8:ed:41:
c2:d0:ca:bb:a8:86:80:51:6f:84:e7:00:ba:79:78:ac:ef:09:
a7:41:6a:82:15:8a:a5:57:1a:80:b4:1b:65:4e:34:57:be:20:
70:14:da:47:aa:8a:b2:41:61:ef:c3:6f:8b:7f:f5:0c:cb:c0:
5b:be:38:61:48:19:6d:91:ca:4b:f8:77:78:03:54:39:0b:f5:
54:6d:7d:21:10:17:8b:67:30:77:1a:26:b1:ff:4a:d3:8e:c7:
79:11:e3:9a:53:a3:15:c8:e5:f1:22:45:d6:ec:57:10:9d:32:
f8:15:7d:52:4d:5b:16:ba:49:9a:3f:ea:7f:4c:93:b9:d2:35:
da:04:84:07
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAY9hqodPBKxOIeeWeg5OZvdyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOTVhMDY5NjY5ZWQ1YTc2NmVlZThlYmRjMzJlMzlmYjE0
ODQxMGIwHhcNMjQwNTEwMDg0MTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVlNzFjMjY0ZGY0NDQ0N2VkNGE4OGVhZGY4NmMzODc4MTQ2YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnj0p/6oJxx6K8aoIAtYF1Jd57r7Y
dIAmc7owkClTj7khfzCq89CZSz0c+CFnP2XzaBR5x6Y/cHYK5CVlixrRZQ3G+8Kb
m4bSxyHPRCZ9OtBkfshhp/iwnOAC/+HR2W9+9s3lF9+64OaArgqylU3Vm2QzzC5d
OnOPzLw3jJrSPXD874MOGZ0nV8iqL/XV6nZtYj7nNalsFki0c7tRPaoVjv7Lvc6X
32o67yyVMcxF0ANWuXm91/glGALPWgRy742dhp7EVLok8QNe/Vcap5ctaQpFhC86
chNKs1gdsla89388R1jRb6gBPIFgnOzztyvfWmo3icLhmqvI6toStyNe8wIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFM/uccJk30REftSojq34bDh4FGoyMB8GA1UdIwQY
MBaAFB6VoGlmntWnZu7o69wy45+xSEELMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAt
OTMzYmZhNTkyYjFkLzEvei01eHdtVGZSRVItMUtpT3JmaHNPSGdVYWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8xMDc0NTYtZGY1My00MjRkLTkzMjAtOTMzYmZhNTkyYjFk
LzEvSHBXZ2FXYWUxYWRtN3VqcjNETGpuN0ZJUVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQBW9kEAwQF
sHHgAwQFstagAwQDstjoAwQCuZXEAwQAubL1AwQCwh+YMA8EAgACMAkDBwEqB2kA
AAAwDQYJKoZIhvcNAQELBQADggEBAJLGSzYZEWX9+rC2fxBTdxNVZWLD0P+WBVRJ
p7tnSMEOyMS9/CY/OF8HGsCMVTJuXilI4pTg7wk4llLTNRW2+6+Et/x7HNh49m9l
YsTMWE8aPwJwjunkGjkeXgHLklqg1uU3UKj5KrwFvcY0mcbSTlGof5VyPEwVkQl0
H9jtQcLQyruohoBRb4TnALp5eKzvCadBaoIViqVXGoC0G2VONFe+IHAU2keqirJB
Ye/Db4t/9QzLwFu+OGFIGW2Rykv4d3gDVDkL9VRtfSEQF4tnMHcaJrH/StOOx3kR
45pToxXI5fEiRdbsVxCdMvgVfVJNWxa6SZo/6n9Mk7nSNdoEhAc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:22 2024 by rpki-client on console-ams.rpki-client.org