Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ZWYwpY8woNHX3ZHbCmNAVIyyltg.roa
File: ZWYwpY8woNHX3ZHbCmNAVIyyltg.roa (raw, json)
Hash identifier: MuZ+kNkOlUqshILCHDmKp4rDHEaRk8waG+fEHUaVLrA=
Subject key identifier: 65:66:30:A5:8F:30:A0:D1:D7:DD:91:DB:0A:63:40:54:8C:B2:96:D8
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018CC9BCED00E164FB86003A2796FA5AAA05
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ZWYwpY8woNHX3ZHbCmNAVIyyltg.roa
Signing time: Tue 02 Jan 2024 10:34:10 +0000
ROA not before: Tue 02 Jan 2024 10:34:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.32.0/22 maxlen: 22
193.221.47.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 09:12:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ed:00:e1:64:fb:86:00:3a:27:96:fa:5a:aa:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Jan 2 10:34:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=656630a58f30a0d1d7dd91db0a6340548cb296d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:c3:0f:23:83:bb:5b:2c:45:8c:e5:98:65:81:
27:ca:bf:53:6d:19:59:04:18:0c:1b:33:2b:c9:ff:
3a:0f:49:8b:e9:8d:c6:20:84:15:27:11:e5:43:3e:
62:89:5f:df:5a:1a:8e:fb:c0:33:04:b1:41:ff:8a:
0d:ea:5d:e7:a2:9b:15:a6:82:c2:d2:56:0a:59:5e:
73:47:ad:72:ef:a4:f0:5f:17:2c:04:a2:d0:a3:dc:
67:24:51:cb:c6:a2:53:ca:33:ca:9f:df:07:e6:5a:
d5:3e:2f:01:42:25:10:c6:eb:88:23:68:9e:05:c9:
0b:ea:e3:56:51:c0:f6:83:8b:cd:a5:c1:2a:fd:67:
e4:7e:1b:68:3e:79:ae:de:73:1d:25:e4:59:51:08:
bc:1b:f2:e5:54:6d:88:38:da:3f:47:24:54:2f:df:
b9:8c:bc:0a:0d:3c:a9:9b:f4:f5:30:25:4c:77:08:
c4:f0:5d:94:d6:88:bd:58:4b:fd:09:55:88:4d:30:
81:2d:ff:e1:c0:cd:18:9c:6b:2b:a5:0a:03:dd:c5:
28:11:e2:ea:7d:fd:76:6d:59:a7:94:9b:2b:35:e1:
dd:2b:66:62:98:a0:b2:00:4f:43:16:96:57:01:b9:
a4:c5:31:26:2e:39:56:f9:52:74:ff:db:e4:5c:2e:
64:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:66:30:A5:8F:30:A0:D1:D7:DD:91:DB:0A:63:40:54:8C:B2:96:D8
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/ZWYwpY8woNHX3ZHbCmNAVIyyltg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.32.0-193.221.38.255
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
15:9c:61:71:b3:aa:b7:98:e6:66:4d:0b:95:26:bb:6b:da:29:
ef:4e:ea:19:09:c5:49:e8:bd:0e:8e:98:99:72:f6:4c:25:25:
ee:c0:8b:9b:ad:b9:74:ec:c5:0f:22:27:82:cf:a2:5b:d8:9c:
f7:ed:bf:a3:4f:17:aa:6b:4c:86:12:cb:95:14:0a:c6:c3:6f:
10:be:8e:fa:a4:a8:89:62:7a:e3:54:4b:5a:f4:df:5d:a3:a9:
2d:9f:c8:64:fb:c6:b1:02:45:41:16:51:8b:a5:e3:6a:a4:2c:
d6:bf:36:4f:48:05:9f:02:a7:7e:e5:01:90:2a:00:8d:28:4f:
7b:41:51:5d:4b:87:16:41:3e:00:c3:1a:c4:e6:84:ca:9c:ad:
08:ec:17:e0:46:06:cf:b5:83:57:c0:d5:75:1a:37:e8:dc:23:
b6:0e:df:d7:74:14:e7:c5:03:49:ce:99:21:83:7c:a1:d8:5d:
a2:51:4d:18:77:2c:46:c2:6e:a2:db:a2:f9:d6:f8:9f:37:71:
66:95:8a:75:11:1f:2a:15:5d:a9:9c:c6:08:a1:3c:71:35:d3:
82:8a:da:58:9c:8f:72:27:ec:d4:67:cc:65:40:64:58:74:45:
8d:f2:17:fc:7e:f5:f0:d4:81:05:c9:f3:10:10:85:fa:40:4f:
0d:5e:5e:cc
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzJvO0A4WT7hgA6J5b6WqoFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQwMTAyMTAzNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY2MzBhNThmMzBhMGQxZDdkZDkxZGIwYTYzNDA1NDhjYjI5NmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8MPI4O7WyxFjOWYZYEnyr9TbRlZ
BBgMGzMryf86D0mL6Y3GIIQVJxHlQz5iiV/fWhqO+8AzBLFB/4oN6l3nopsVpoLC
0lYKWV5zR61y76TwXxcsBKLQo9xnJFHLxqJTyjPKn98H5lrVPi8BQiUQxuuII2ie
BckL6uNWUcD2g4vNpcEq/WfkfhtoPnmu3nMdJeRZUQi8G/LlVG2IONo/RyRUL9+5
jLwKDTypm/T1MCVMdwjE8F2U1oi9WEv9CVWITTCBLf/hwM0YnGsrpQoD3cUoEeLq
ff12bVmnlJsrNeHdK2ZimKCyAE9DFpZXAbmkxTEmLjlW+VJ0/9vkXC5kQQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGVmMKWPMKDR192R2wpjQFSMspbYMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvWldZd3BZOHdvTkhYM1pIYkNtTkFWSXl5bHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDqxmAAwQA
wd0cMAwDBAXB3SADBADB3SYDBADB3S8DBAHB3TQDBADB3TswDQYJKoZIhvcNAQEL
BQADggEBABWcYXGzqreY5mZNC5Umu2vaKe9O6hkJxUnovQ6OmJly9kwlJe7Ai5ut
uXTsxQ8iJ4LPolvYnPftv6NPF6prTIYSy5UUCsbDbxC+jvqkqIlieuNUS1r0312j
qS2fyGT7xrECRUEWUYul42qkLNa/Nk9IBZ8Cp37lAZAqAI0oT3tBUV1LhxZBPgDD
GsTmhMqcrQjsF+BGBs+1g1fA1XUaN+jcI7YO39d0FOfFA0nOmSGDfKHYXaJRTRh3
LEbCbqLbovnW+J83cWaVinURHyoVXamcxgihPHE104KK2licj3In7NRnzGVAZFh0
RY3yF/x+9fDUgQXJ8xAQhfpATw1eXsw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:10:54 2024 by rpki-client on console-ams.rpki-client.org