Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zlROdkQzo_ID_dhTEovdlIcZiIo.roa
File: zlROdkQzo_ID_dhTEovdlIcZiIo.roa (raw, json)
Hash identifier: c7z4VlqCK+IVKtngL7OGVb3OdYAI/657hxTozoFUsko=
Subject key identifier: CE:54:4E:76:44:33:A3:F2:03:FD:D8:53:12:8B:DD:94:87:19:88:8A
Certificate issuer: /CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Certificate serial: 018D45F42FF29C723119E39B220C8F16CB25
Authority key identifier: 2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zlROdkQzo_ID_dhTEovdlIcZiIo.roa
Signing time: Fri 26 Jan 2024 13:27:27 +0000
ROA not before: Fri 26 Jan 2024 13:27:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50810
IP address blocks: 5.201.128.0/18 maxlen: 18
5.201.128.0/21 maxlen: 21
5.201.138.0/24 maxlen: 24
5.201.142.0/23 maxlen: 23
5.201.144.0/21 maxlen: 21
5.201.144.0/23 maxlen: 23
5.201.152.0/22 maxlen: 22
5.201.156.0/22 maxlen: 22
5.201.160.0/23 maxlen: 23
5.201.162.0/24 maxlen: 24
5.201.168.0/22 maxlen: 22
5.201.174.0/24 maxlen: 24
37.156.16.0/21 maxlen: 21
37.156.24.0/22 maxlen: 22
37.156.30.0/23 maxlen: 23
37.156.31.0/24 maxlen: 24
89.37.0.0/20 maxlen: 20
89.37.0.0/24 maxlen: 24
89.37.8.0/22 maxlen: 22
89.37.8.0/24 maxlen: 24
89.37.12.0/24 maxlen: 24
89.37.14.0/24 maxlen: 24
89.37.15.0/24 maxlen: 24
89.43.0.0/21 maxlen: 21
89.43.4.0/22 maxlen: 22
89.43.8.0/22 maxlen: 22
89.43.10.0/23 maxlen: 23
89.43.12.0/23 maxlen: 23
92.114.16.0/20 maxlen: 24
92.114.20.0/23 maxlen: 23
92.114.20.0/24 maxlen: 24
92.114.21.0/24 maxlen: 24
92.114.22.0/23 maxlen: 23
92.114.24.0/21 maxlen: 21
92.114.25.0/24 maxlen: 24
92.114.28.0/22 maxlen: 22
94.101.128.0/20 maxlen: 24
94.101.128.0/21 maxlen: 21
94.101.136.0/22 maxlen: 22
94.101.139.0/24 maxlen: 24
94.101.140.0/23 maxlen: 23
94.101.142.0/23 maxlen: 23
94.101.142.0/24 maxlen: 24
185.22.30.0/23 maxlen: 23
185.103.84.0/22 maxlen: 22
185.103.84.0/24 maxlen: 24
185.103.85.0/24 maxlen: 24
185.135.228.0/22 maxlen: 22
185.136.100.0/22 maxlen: 22
185.162.40.0/22 maxlen: 22
185.175.76.0/23 maxlen: 23
185.175.78.0/23 maxlen: 23
185.176.32.0/22 maxlen: 22
185.182.220.0/22 maxlen: 22
185.182.220.0/24 maxlen: 24
185.182.221.0/24 maxlen: 24
185.182.222.0/23 maxlen: 23
188.213.64.0/20 maxlen: 21
188.213.72.0/24 maxlen: 24
188.213.73.0/24 maxlen: 24
188.213.74.0/24 maxlen: 24
188.213.75.0/24 maxlen: 24
188.213.76.0/22 maxlen: 22
2a00:5ca0::/29 maxlen: 29
2a00:5ca0::/31 maxlen: 31
2a00:5ca0::/32 maxlen: 32
2a00:5ca2::/31 maxlen: 31
2a00:5ca4::/31 maxlen: 31
Validation: Failed, certificate revoked on Sat 27 Jan 2024 16:37:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:45:f4:2f:f2:9c:72:31:19:e3:9b:22:0c:8f:16:cb:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6a434c4b5d239c4e6e41b7e585c8d58f8995ab
Validity
Not Before: Jan 26 13:27:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce544e764433a3f203fdd853128bdd948719888a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8b:d0:34:66:47:95:5a:25:9b:c4:29:20:4f:
50:b8:e4:78:2f:6c:62:c2:ba:c0:27:60:a5:43:79:
2e:b6:84:c6:d2:63:aa:d2:14:83:eb:4b:65:9d:13:
35:6c:dc:4c:8e:98:63:1a:af:5f:56:5c:de:ef:aa:
bf:4b:5b:c9:84:24:d9:e3:58:10:c2:78:6d:55:b0:
87:40:be:b1:24:ee:40:8c:aa:7e:a2:c5:83:cf:61:
e2:60:a7:bf:61:05:f6:64:0d:a5:9f:20:b8:19:ec:
d5:1b:83:8a:d2:2e:7a:e9:ac:7f:41:f3:0a:ac:20:
58:ef:11:fe:45:72:4c:8d:fc:a6:b9:37:dc:03:dc:
b3:78:6f:78:4f:e6:28:94:d3:d7:e3:ca:34:f5:41:
4a:86:95:30:e6:25:90:bf:28:ca:7a:8f:75:d9:54:
3b:67:64:ca:0a:03:8e:0b:f3:f7:9f:ed:42:e2:6e:
8e:b8:fa:dc:fe:15:3e:60:d5:f7:19:62:ef:54:80:
bd:3a:10:b2:d7:2e:9f:1c:bd:45:53:9f:cb:4c:8f:
1a:31:a0:07:8d:d1:5e:3a:63:f1:2d:e7:f3:2b:2a:
f8:3b:62:36:c6:c5:50:dd:1e:1f:f4:85:ef:f0:9a:
17:58:e6:1e:f6:52:10:f4:df:7d:43:1d:f4:18:71:
e2:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:54:4E:76:44:33:A3:F2:03:FD:D8:53:12:8B:DD:94:87:19:88:8A
X509v3 Authority Key Identifier:
keyid:2F:6A:43:4C:4B:5D:23:9C:4E:6E:41:B7:E5:85:C8:D5:8F:89:95:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L2pDTEtdI5xObkG35YXI1Y-Jlas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/zlROdkQzo_ID_dhTEovdlIcZiIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/98abe5-bd01-464f-96ab-40b6d67fcd94/1/L2pDTEtdI5xObkG35YXI1Y-Jlas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.201.128.0/18
37.156.16.0-37.156.27.255
37.156.30.0/23
89.37.0.0/20
89.43.0.0-89.43.13.255
92.114.16.0/20
94.101.128.0/20
185.22.30.0/23
185.103.84.0/22
185.135.228.0/22
185.136.100.0/22
185.162.40.0/22
185.175.76.0/22
185.176.32.0/22
185.182.220.0/22
188.213.64.0/20
IPv6:
2a00:5ca0::/29
Signature Algorithm: sha256WithRSAEncryption
67:90:d3:58:e1:7f:f7:f9:d6:48:ca:4f:41:85:8c:8d:55:54:
93:99:63:cd:35:fe:87:55:fd:b7:4d:9c:47:9a:19:ac:e9:62:
e6:ed:c0:f2:19:50:1f:19:3d:10:91:bc:d9:30:16:cd:6f:2b:
81:7d:29:4b:78:19:f3:29:48:82:66:7d:25:8c:18:23:ea:aa:
f2:d8:ec:b0:87:0a:89:2d:69:bd:59:98:66:a4:5e:05:98:a0:
71:c7:1b:23:8c:c6:fa:c4:02:88:7e:7c:27:77:ad:99:56:c9:
a4:0a:5b:81:5e:ce:d1:6a:4a:f2:b3:5b:da:9c:0e:01:de:99:
4d:69:95:a5:a6:0f:34:c3:48:61:a7:4c:b8:01:57:b2:67:37:
5d:2a:4a:25:7f:15:38:52:8d:bf:d2:58:7d:3c:05:f6:8f:15:
00:b8:1c:50:f9:ac:53:a0:70:dc:7a:b8:d1:14:ad:18:67:8e:
a7:ea:d2:cf:f2:44:f5:b7:c0:cf:79:cb:40:77:8c:45:44:b4:
57:d0:ff:f4:98:dc:49:10:79:68:7b:62:2b:e3:6a:35:c3:ab:
c4:0b:ee:4f:3a:be:38:50:92:d2:44:1d:e2:41:e2:e5:f2:f6:
eb:35:9d:77:06:11:d8:e1:d4:3f:d6:9a:c7:f3:fb:44:1f:72:
c2:f5:60:6b
-----BEGIN CERTIFICATE-----
MIIFeDCCBGCgAwIBAgISAY1F9C/ynHIxGeObIgyPFsslMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmE0MzRjNGI1ZDIzOWM0ZTZlNDFiN2U1ODVjOGQ1OGY4
OTk1YWIwHhcNMjQwMTI2MTMyNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTU0NGU3NjQ0MzNhM2YyMDNmZGQ4NTMxMjhiZGQ5NDg3MTk4ODhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIvQNGZHlVolm8QpIE9QuOR4L2xi
wrrAJ2ClQ3kutoTG0mOq0hSD60tlnRM1bNxMjphjGq9fVlze76q/S1vJhCTZ41gQ
wnhtVbCHQL6xJO5AjKp+osWDz2HiYKe/YQX2ZA2lnyC4GezVG4OK0i566ax/QfMK
rCBY7xH+RXJMjfymuTfcA9yzeG94T+YolNPX48o09UFKhpUw5iWQvyjKeo912VQ7
Z2TKCgOOC/P3n+1C4m6OuPrc/hU+YNX3GWLvVIC9OhCy1y6fHL1FU5/LTI8aMaAH
jdFeOmPxLefzKyr4O2I2xsVQ3R4f9IXv8JoXWOYe9lIQ9N99Qx30GHHiYQIDAQAB
o4IChDCCAoAwHQYDVR0OBBYEFM5UTnZEM6PyA/3YUxKL3ZSHGYiKMB8GA1UdIwQY
MBaAFC9qQ0xLXSOcTm5Bt+WFyNWPiZWrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWIt
NDBiNmQ2N2ZjZDk0LzEvemxST2RrUXpvX0lEX2RoVEVvdmRsSWNaaUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85OGFiZTUtYmQwMS00NjRmLTk2YWItNDBiNmQ2N2ZjZDk0
LzEvTDJwRFRFdGRJNXhPYmtHMzVZWEkxWS1KbGFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGZBggrBgEFBQcBBwEB/wSBiTCBhjB1BAIAATBvAwQGBcmA
MAwDBAQlnBADBAIlnBgDBAElnB4DBARZJQAwCwMDAFkrAwQBWSsMAwQEXHIQAwQE
XmWAAwQBuRYeAwQCuWdUAwQCuYfkAwQCuYhkAwQCuaIoAwQCua9MAwQCubAgAwQC
ubbcAwQEvNVAMA0EAgACMAcDBQMqAFygMA0GCSqGSIb3DQEBCwUAA4IBAQBnkNNY
4X/3+dZIyk9BhYyNVVSTmWPNNf6HVf23TZxHmhms6WLm7cDyGVAfGT0QkbzZMBbN
byuBfSlLeBnzKUiCZn0ljBgj6qry2OywhwqJLWm9WZhmpF4FmKBxxxsjjMb6xAKI
fnwnd62ZVsmkCluBXs7Rakrys1vanA4B3plNaZWlpg80w0hhp0y4AVeyZzddKkol
fxU4Uo2/0lh9PAX2jxUAuBxQ+axToHDcerjRFK0YZ46n6tLP8kT1t8DPectAd4xF
RLRX0P/0mNxJEHloe2Ir42o1w6vEC+5POr44UJLSRB3iQeLl8vbrNZ13BhHY4dQ/
1prH8/tEH3LC9WBr
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:20 2024 by rpki-client on console-ams.rpki-client.org