Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/ZUtwiDmwG9tiirmR5g3BcAMAt_U.roa
File: ZUtwiDmwG9tiirmR5g3BcAMAt_U.roa (raw, json)
Hash identifier: hW4K+pa/VTvd0TfWIizyh7AEoHmblxQV13EsTozDOlY=
Subject key identifier: 65:4B:70:88:39:B0:1B:DB:62:8A:B9:91:E6:0D:C1:70:03:00:B7:F5
Certificate issuer: /CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Certificate serial: 0186D63C7AF15F556C2E3EC1B80FF1CCFF74
Authority key identifier: 4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/ZUtwiDmwG9tiirmR5g3BcAMAt_U.roa
Signing time: Sun 12 Mar 2023 14:32:13 +0000
ROA not before: Sun 12 Mar 2023 14:32:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48197
IP address blocks: 94.127.152.128/25 maxlen: 25
94.127.152.0/24 maxlen: 25
94.127.152.0/23 maxlen: 25
94.127.152.0/25 maxlen: 25
94.127.157.0/24 maxlen: 25
94.127.156.128/25 maxlen: 25
94.127.157.0/25 maxlen: 25
94.127.156.0/22 maxlen: 25
94.127.153.0/24 maxlen: 25
94.127.153.0/25 maxlen: 25
94.127.153.128/25 maxlen: 25
94.127.154.0/23 maxlen: 25
94.127.154.128/25 maxlen: 25
94.127.154.0/25 maxlen: 25
94.127.154.0/24 maxlen: 25
94.127.155.0/24 maxlen: 25
94.127.155.0/25 maxlen: 25
94.127.155.128/25 maxlen: 25
94.127.156.0/24 maxlen: 25
94.127.156.0/23 maxlen: 25
94.127.156.0/25 maxlen: 25
94.127.158.128/25 maxlen: 25
94.127.159.0/24 maxlen: 25
94.127.159.0/25 maxlen: 25
94.127.157.128/25 maxlen: 25
94.127.158.0/24 maxlen: 25
94.127.158.0/25 maxlen: 25
94.127.159.128/25 maxlen: 25
Validation: Failed, certificate revoked on Tue 02 Jan 2024 10:33:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:d6:3c:7a:f1:5f:55:6c:2e:3e:c1:b8:0f:f1:cc:ff:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e426c87dfbcc552dc790fec3ed1cde7a8f886e9
Validity
Not Before: Mar 12 14:32:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=654b708839b01bdb628ab991e60dc1700300b7f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:33:6b:8c:d3:79:2d:be:14:dd:9c:e3:67:b7:
6d:a9:4e:20:53:24:76:96:66:ee:26:3b:f6:fb:f4:
3e:bc:77:db:25:d1:9e:65:65:1f:35:dd:fa:75:6c:
e8:32:57:ea:92:58:09:13:88:65:57:d6:6e:97:61:
43:7e:34:a1:62:02:3a:8b:90:14:de:88:ed:71:65:
1e:82:ac:99:8b:d0:a8:fd:b1:b3:46:f6:01:85:b5:
27:cb:84:da:78:f6:19:d2:a4:36:11:8d:77:6a:f9:
23:3c:28:50:71:23:60:ab:2c:5b:d8:c3:37:ea:b1:
e4:98:a6:48:7f:47:16:cb:af:89:d9:3e:87:40:ff:
75:a2:47:e4:e0:44:d0:46:ca:f9:d5:81:f0:54:78:
10:b7:e7:85:50:23:30:76:82:58:a5:13:1c:76:1a:
8d:eb:f4:b7:06:73:ef:b4:9a:95:b5:93:32:0a:8b:
af:01:af:14:de:97:1b:f5:db:ea:e7:14:6b:18:29:
67:1e:82:de:56:86:70:f5:f2:53:a6:8c:45:f7:74:
53:d8:19:c7:65:9d:e6:3c:bc:fd:f4:31:35:74:01:
09:41:b7:30:3d:e4:ef:40:3e:10:5b:5e:3c:fc:83:
60:17:09:d0:91:8d:f1:ee:34:c5:14:e7:eb:14:5e:
0b:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:4B:70:88:39:B0:1B:DB:62:8A:B9:91:E6:0D:C1:70:03:00:B7:F5
X509v3 Authority Key Identifier:
keyid:4E:42:6C:87:DF:BC:C5:52:DC:79:0F:EC:3E:D1:CD:E7:A8:F8:86:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TkJsh9-8xVLceQ_sPtHN56j4huk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/ZUtwiDmwG9tiirmR5g3BcAMAt_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/e5bdc7-eb06-4626-84d7-13da74cd35a4/1/TkJsh9-8xVLceQ_sPtHN56j4huk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.152.0/21
Signature Algorithm: sha256WithRSAEncryption
5c:5e:74:c9:72:d1:b6:a6:56:af:a8:29:62:1d:8b:73:fe:41:
b9:25:f9:9d:cc:9a:23:92:36:83:a8:51:18:70:1f:e7:a7:80:
bc:c7:72:07:b3:ff:99:fc:9c:50:96:2d:5f:66:ee:a6:64:b2:
38:ea:c8:8b:bb:19:d4:08:74:69:0f:e3:85:c3:e3:08:e1:2c:
98:f7:3e:f4:9f:8c:8d:86:13:03:54:e2:a7:06:ea:c4:65:ae:
b9:60:af:a8:71:8b:60:51:c5:08:e9:67:cc:68:a2:5b:0c:ec:
13:fe:ad:e2:d0:25:54:e3:44:54:a2:43:e0:1d:93:86:d8:18:
2e:c0:b9:73:e0:29:df:41:c5:63:91:44:6b:ba:77:37:84:92:
86:73:0f:3d:a8:47:a5:74:92:d7:42:bb:25:d9:59:db:f3:75:
29:92:eb:48:25:01:39:61:94:fb:8b:86:6f:e9:43:05:5f:19:
cb:dc:d9:15:c6:af:3e:b8:ad:ae:61:45:ae:65:be:c5:e6:73:
e0:80:26:c7:62:f9:48:b3:81:4a:fa:8b:dd:35:24:da:e1:ff:
65:b4:08:ec:f8:ba:3b:12:7b:d2:ed:10:5d:4f:96:da:e4:5f:
c0:e1:17:66:69:f8:35:e4:4f:3f:8d:b2:61:8e:b0:70:45:ac:
22:3f:eb:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbWPHrxX1VsLj7BuA/xzP90MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNDI2Yzg3ZGZiY2M1NTJkYzc5MGZlYzNlZDFjZGU3YThm
ODg2ZTkwHhcNMjMwMzEyMTQzMjEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTRiNzA4ODM5YjAxYmRiNjI4YWI5OTFlNjBkYzE3MDAzMDBiN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3jNrjNN5Lb4U3ZzjZ7dtqU4gUyR2
lmbuJjv2+/Q+vHfbJdGeZWUfNd36dWzoMlfqklgJE4hlV9Zul2FDfjShYgI6i5AU
3ojtcWUegqyZi9Co/bGzRvYBhbUny4TaePYZ0qQ2EY13avkjPChQcSNgqyxb2MM3
6rHkmKZIf0cWy6+J2T6HQP91okfk4ETQRsr51YHwVHgQt+eFUCMwdoJYpRMcdhqN
6/S3BnPvtJqVtZMyCouvAa8U3pcb9dvq5xRrGClnHoLeVoZw9fJTpoxF93RT2BnH
ZZ3mPLz99DE1dAEJQbcwPeTvQD4QW148/INgFwnQkY3x7jTFFOfrFF4LiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGVLcIg5sBvbYoq5keYNwXADALf1MB8GA1UdIwQY
MBaAFE5CbIffvMVS3HkP7D7Rzeeo+IbpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDct
MTNkYTc0Y2QzNWE0LzEvWlV0d2lEbXdHOXRpaXJtUjVnM0JjQU1BdF9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS9lNWJkYzctZWIwNi00NjI2LTg0ZDctMTNkYTc0Y2QzNWE0
LzEvVGtKc2g5LTh4VkxjZVFfc1B0SE41Nmo0aHVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXn+YMA0G
CSqGSIb3DQEBCwUAA4IBAQBcXnTJctG2plavqCliHYtz/kG5JfmdzJojkjaDqFEY
cB/np4C8x3IHs/+Z/JxQli1fZu6mZLI46siLuxnUCHRpD+OFw+MI4SyY9z70n4yN
hhMDVOKnBurEZa65YK+ocYtgUcUI6WfMaKJbDOwT/q3i0CVU40RUokPgHZOG2Bgu
wLlz4CnfQcVjkURrunc3hJKGcw89qEeldJLXQrsl2Vnb83UpkutIJQE5YZT7i4Zv
6UMFXxnL3NkVxq8+uK2uYUWuZb7F5nPggCbHYvlIs4FK+ovdNSTa4f9ltAjs+Lo7
EnvS7RBdT5ba5F/A4Rdmafg15E8/jbJhjrBwRawiP+sR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:03 2024 by rpki-client on console-fra.rpki-client.org