Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/zSzB-LvG1FrsbClHhG4CnOiYuWY.roa
File: zSzB-LvG1FrsbClHhG4CnOiYuWY.roa (raw, json)
Hash identifier: 7i+8I/FbypnSjHKAX+AwaaevjMtenIa8S+1QNaCojqw=
Subject key identifier: CD:2C:C1:F8:BB:C6:D4:5A:EC:6C:29:47:84:6E:02:9C:E8:98:B9:66
Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial: 018EA29B377A3DAFA769FD957F29CEDB53C9
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/zSzB-LvG1FrsbClHhG4CnOiYuWY.roa
Signing time: Wed 03 Apr 2024 06:17:45 +0000
ROA not before: Wed 03 Apr 2024 06:17:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5400
IP address blocks: 62.5.0.0/17 maxlen: 17
62.102.0.0/17 maxlen: 17
62.173.192.0/18 maxlen: 18
62.180.0.0/16 maxlen: 16
82.150.0.0/19 maxlen: 19
185.94.0.0/22 maxlen: 22
194.213.64.0/19 maxlen: 19
195.90.64.0/19 maxlen: 19
195.100.0.0/16 maxlen: 16
195.163.0.0/16 maxlen: 16
195.182.96.0/19 maxlen: 19
212.8.160.0/19 maxlen: 19
212.21.192.0/19 maxlen: 19
212.41.128.0/19 maxlen: 19
212.108.0.0/19 maxlen: 19
212.127.0.0/19 maxlen: 19
212.162.192.0/18 maxlen: 18
213.15.0.0/16 maxlen: 16
213.137.160.0/19 maxlen: 19
213.194.0.0/18 maxlen: 18
213.236.64.0/18 maxlen: 18
2001:740::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 03 Apr 2024 08:02:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a2:9b:37:7a:3d:af:a7:69:fd:95:7f:29:ce:db:53:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Validity
Not Before: Apr 3 06:17:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd2cc1f8bbc6d45aec6c2947846e029ce898b966
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:21:1f:f0:01:12:12:d6:b2:8b:2c:e4:f7:51:
a0:9a:db:d3:8a:96:54:ff:5f:fb:ee:97:3d:ed:9d:
32:07:a7:c0:26:19:8a:05:8a:17:8e:52:89:49:0e:
47:9b:7f:07:0c:79:29:99:a8:c8:42:6f:1a:b2:d5:
f3:ef:9b:47:70:60:67:7c:68:3f:a5:1a:f1:bc:58:
94:68:09:f3:cd:0c:f6:b0:bc:46:f5:b3:d0:42:b6:
6f:3b:b5:ec:df:f8:41:d5:42:bf:8a:f8:59:78:c7:
b6:d6:9b:d1:da:42:8b:2e:da:09:3c:78:72:bb:d7:
05:50:35:4c:ba:1c:3a:59:8a:61:44:23:8a:87:cb:
ee:46:06:d1:eb:bf:00:6d:7e:6c:18:50:9d:86:3a:
b8:09:e8:2e:5f:af:81:4e:44:f0:92:12:14:85:5b:
6f:54:57:6e:f2:a4:2e:37:d7:2f:bb:47:fb:c5:cf:
16:c0:b5:fa:83:78:0a:20:00:cc:39:8a:30:95:56:
78:4e:8b:ec:2e:1a:36:94:5e:84:95:4b:c2:d9:f8:
23:be:16:13:a7:5b:9a:d1:fc:86:d1:6f:88:a5:21:
1b:b4:3c:c1:3a:43:b3:36:c2:cd:ca:0c:be:25:eb:
e5:0e:de:fa:16:e4:5d:9b:18:67:5c:7b:52:8e:ac:
fc:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2C:C1:F8:BB:C6:D4:5A:EC:6C:29:47:84:6E:02:9C:E8:98:B9:66
X509v3 Authority Key Identifier:
keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/zSzB-LvG1FrsbClHhG4CnOiYuWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.5.0.0/17
62.102.0.0/17
62.173.192.0/18
62.180.0.0/16
82.150.0.0/19
185.94.0.0/22
194.213.64.0/19
195.90.64.0/19
195.100.0.0/16
195.163.0.0/16
195.182.96.0/19
212.8.160.0/19
212.21.192.0/19
212.41.128.0/19
212.108.0.0/19
212.127.0.0/19
212.162.192.0/18
213.15.0.0/16
213.137.160.0/19
213.194.0.0/18
213.236.64.0/18
IPv6:
2001:740::/32
Signature Algorithm: sha256WithRSAEncryption
b8:86:3c:6f:29:19:5e:f3:51:47:54:fc:c7:7c:c2:16:be:fb:
49:c7:15:77:41:ca:42:65:ca:75:5b:d9:1d:cc:1a:41:bb:af:
92:97:05:40:f0:af:e9:41:f0:04:1c:b8:38:ce:70:1d:f7:9c:
10:71:0a:c1:ce:f7:ef:d0:5a:35:0f:f5:b5:68:df:bf:0a:a4:
08:c0:7f:c4:a4:b0:94:c5:c8:9f:80:97:d0:2c:3e:4c:08:ac:
14:60:04:a5:b7:8d:47:e6:b2:b6:ed:b3:e0:e6:e6:77:93:1d:
84:c9:1a:84:a8:b7:8b:a1:a0:bf:de:a2:e9:4b:76:21:13:59:
3e:2d:ab:e0:fd:50:21:30:95:96:65:88:0a:f1:8f:1c:19:9d:
f7:b5:b4:93:af:29:92:4d:f9:39:2c:1b:0e:93:25:4a:f1:ea:
25:54:35:92:79:0a:23:2b:2d:19:5f:62:c0:70:a5:07:8f:ca:
a7:a7:e6:4d:68:2f:17:b9:fb:f3:e9:90:26:8d:f9:03:18:f8:
79:63:4f:70:47:e5:ba:0d:85:d2:a6:0b:a6:8c:79:90:b7:4f:
f9:70:d5:d9:4e:98:95:07:2a:c3:5b:e3:4e:6c:4d:06:28:0f:
a6:7c:ee:d3:ba:47:0d:a3:ee:e2:ff:22:51:11:11:25:86:7f:
26:be:1b:f3
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAY6imzd6Pa+naf2VfynO21PJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjQwNDAzMDYxNzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJjYzFmOGJiYzZkNDVhZWM2YzI5NDc4NDZlMDI5Y2U4OThiOTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8yEf8AESEtayiyzk91GgmtvTipZU
/1/77pc97Z0yB6fAJhmKBYoXjlKJSQ5Hm38HDHkpmajIQm8astXz75tHcGBnfGg/
pRrxvFiUaAnzzQz2sLxG9bPQQrZvO7Xs3/hB1UK/ivhZeMe21pvR2kKLLtoJPHhy
u9cFUDVMuhw6WYphRCOKh8vuRgbR678AbX5sGFCdhjq4CeguX6+BTkTwkhIUhVtv
VFdu8qQuN9cvu0f7xc8WwLX6g3gKIADMOYowlVZ4TovsLho2lF6ElUvC2fgjvhYT
p1ua0fyG0W+IpSEbtDzBOkOzNsLNygy+JevlDt76FuRdmxhnXHtSjqz8RQIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFM0swfi7xtRa7GwpR4RuApzomLlmMB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvelN6Qi1MdkcxRnJzYkNsSGhHNENuT2lZdVdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEBz4F
AAMEBz5mAAMEBj6twAMDAD60AwQFUpYAAwQCuV4AAwQFwtVAAwQFw1pAAwMAw2QD
AwDDowMEBcO2YAMEBdQIoAMEBdQVwAMEBdQpgAMEBdRsAAMEBdR/AAMEBtSiwAMD
ANUPAwQF1YmgAwQG1cIAAwQG1exAMA0EAgACMAcDBQAgAQdAMA0GCSqGSIb3DQEB
CwUAA4IBAQC4hjxvKRle81FHVPzHfMIWvvtJxxV3QcpCZcp1W9kdzBpBu6+SlwVA
8K/pQfAEHLg4znAd95wQcQrBzvfv0Fo1D/W1aN+/CqQIwH/EpLCUxcifgJfQLD5M
CKwUYASlt41H5rK27bPg5uZ3kx2EyRqEqLeLoaC/3qLpS3YhE1k+Lavg/VAhMJWW
ZYgK8Y8cGZ33tbSTrymSTfk5LBsOkyVK8eolVDWSeQojKy0ZX2LAcKUHj8qnp+ZN
aC8Xufvz6ZAmjfkDGPh5Y09wR+W6DYXSpgumjHmQt0/5cNXZTpiVByrDW+NObE0G
KA+mfO7TukcNo+7i/yJRERElhn8mvhvz
-----END CERTIFICATE-----
Generated at Wed Apr 3 11:52:08 2024 by rpki-client on console-fra.rpki-client.org