Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/DZyNrUPUnpuTaAvqCyIv5xTyTBE.roa
File: DZyNrUPUnpuTaAvqCyIv5xTyTBE.roa (raw, json)
Hash identifier: SRkLgikG1SbRzNOLZPKpx64XGwPOOnlANtzncJZr7EU=
Subject key identifier: 0D:9C:8D:AD:43:D4:9E:9B:93:68:0B:EA:0B:22:2F:E7:14:F2:4C:11
Certificate issuer: /CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Certificate serial: 018DDB53568E5E51CCC05A0429E3118DC635
Authority key identifier: 3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/DZyNrUPUnpuTaAvqCyIv5xTyTBE.roa
Signing time: Sat 24 Feb 2024 13:34:48 +0000
ROA not before: Sat 24 Feb 2024 13:34:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212602
IP address blocks: 5.133.114.0/24 maxlen: 24
5.180.112.0/24 maxlen: 24
5.180.113.0/24 maxlen: 24
185.194.208.0/22 maxlen: 22
2a10:7040::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 24 Feb 2024 15:12:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:db:53:56:8e:5e:51:cc:c0:5a:04:29:e3:11:8d:c6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fffcbec888c1047f221d7cf9396bf1412abaf9b
Validity
Not Before: Feb 24 13:34:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d9c8dad43d49e9b93680bea0b222fe714f24c11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8f:9f:63:4c:1c:30:ca:00:f9:47:f5:3d:8e:
df:f2:63:6a:a1:1e:ba:7c:fa:37:dd:0b:21:6b:ad:
6a:65:16:6a:36:13:f7:6c:92:fe:c0:22:91:f3:e4:
45:03:12:0d:b9:d2:20:b8:00:d6:fd:9c:80:68:a9:
74:c6:3d:9e:66:f5:f7:99:f7:37:78:5e:fb:1a:9f:
d0:12:c4:26:5a:59:87:be:61:33:f9:9b:d4:e0:82:
5e:58:97:43:e5:42:f7:1e:bb:24:12:b8:39:f9:53:
13:ed:52:ed:13:20:ca:5c:a9:43:47:9a:60:b2:59:
15:c9:2a:6f:58:01:d2:ac:d7:be:4a:f2:92:18:56:
88:eb:d2:ae:30:e2:d4:20:e7:1c:54:23:7f:74:49:
1d:12:9e:0c:10:cc:a9:8c:3a:b6:8d:ed:13:de:08:
4c:d4:dc:ef:bf:d1:17:7f:f9:de:28:b4:9c:89:4e:
af:2c:bb:e1:8f:cc:b4:9e:a9:6b:88:c0:d4:13:c2:
09:d7:e8:f7:f9:13:fe:b5:01:e4:47:ed:a4:1f:ed:
da:3e:e4:0b:9c:5a:09:fd:6c:3d:81:62:e8:19:ca:
ef:13:d5:20:75:64:98:18:2e:1a:46:ee:9e:b7:d2:
63:64:00:0a:db:19:c4:a0:8c:0d:68:ac:e8:95:55:
ad:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:9C:8D:AD:43:D4:9E:9B:93:68:0B:EA:0B:22:2F:E7:14:F2:4C:11
X509v3 Authority Key Identifier:
keyid:3F:FF:CB:EC:88:8C:10:47:F2:21:D7:CF:93:96:BF:14:12:AB:AF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P__L7IiMEEfyIdfPk5a_FBKrr5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/DZyNrUPUnpuTaAvqCyIv5xTyTBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/bbb7b6-3ee5-46d9-b37b-61667c7691b2/1/P__L7IiMEEfyIdfPk5a_FBKrr5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.114.0/24
5.180.112.0/23
185.194.208.0/22
IPv6:
2a10:7040::/29
Signature Algorithm: sha256WithRSAEncryption
4b:07:6a:b1:e8:67:f5:7f:19:4b:18:48:7a:ba:03:65:7e:d3:
b6:83:bd:de:1b:f6:c1:5e:d9:d4:4d:2d:33:04:9f:ba:36:49:
b7:d6:cb:dd:2e:ac:10:56:66:20:60:2c:ae:cd:a9:7b:0f:22:
f0:b9:5c:7f:04:c1:2d:eb:19:36:93:50:b2:46:37:e7:9e:eb:
22:7e:a9:a0:85:dd:cf:ef:02:21:c2:43:37:fb:0a:d5:92:81:
8c:0b:3b:19:d7:96:57:db:fd:fb:6e:33:da:c6:59:6f:1b:76:
da:7b:16:eb:4d:7d:95:c1:16:62:00:7d:77:19:84:95:eb:3e:
b5:d4:ca:24:c2:9a:ea:93:56:05:1d:ca:90:d4:82:b2:48:de:
5e:04:ad:01:c0:ca:d2:98:14:35:16:00:53:bd:8b:3f:f4:ca:
eb:1a:93:40:54:8a:49:28:9a:4a:17:02:ef:8c:69:a5:6b:3a:
b7:6e:32:39:10:ef:59:d9:b4:99:ce:39:99:0a:ba:e0:0b:9d:
83:84:7d:a8:ba:12:e3:86:8d:fc:db:0c:ec:45:23:4a:36:8a:
3b:ea:7b:2b:a2:09:cd:6a:3d:2d:f6:4c:da:ca:52:5e:c5:82:
b2:7d:80:c0:4b:12:e5:80:62:65:64:ba:51:06:5b:66:cd:51:
d0:93:36:30
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY3bU1aOXlHMwFoEKeMRjcY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZmZjYmVjODg4YzEwNDdmMjIxZDdjZjkzOTZiZjE0MTJh
YmFmOWIwHhcNMjQwMjI0MTMzNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDljOGRhZDQzZDQ5ZTliOTM2ODBiZWEwYjIyMmZlNzE0ZjI0YzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY+fY0wcMMoA+Uf1PY7f8mNqoR66
fPo33Qsha61qZRZqNhP3bJL+wCKR8+RFAxINudIguADW/ZyAaKl0xj2eZvX3mfc3
eF77Gp/QEsQmWlmHvmEz+ZvU4IJeWJdD5UL3HrskErg5+VMT7VLtEyDKXKlDR5pg
slkVySpvWAHSrNe+SvKSGFaI69KuMOLUIOccVCN/dEkdEp4MEMypjDq2je0T3ghM
1Nzvv9EXf/neKLSciU6vLLvhj8y0nqlriMDUE8IJ1+j3+RP+tQHkR+2kH+3aPuQL
nFoJ/Ww9gWLoGcrvE9UgdWSYGC4aRu6et9JjZAAK2xnEoIwNaKzolVWt+wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFA2cja1D1J6bk2gL6gsiL+cU8kwRMB8GA1UdIwQY
MBaAFD//y+yIjBBH8iHXz5OWvxQSq6+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2It
NjE2NjdjNzY5MWIyLzEvRFp5TnJVUFVucHVUYUF2cUN5SXY1eFR5VEJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9iYmI3YjYtM2VlNS00NmQ5LWIzN2ItNjE2NjdjNzY5MWIy
LzEvUF9fTDdJaU1FRWZ5SWRmUGs1YV9GQktycjVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABYVyAwQB
BbRwAwQCucLQMA0EAgACMAcDBQMqEHBAMA0GCSqGSIb3DQEBCwUAA4IBAQBLB2qx
6Gf1fxlLGEh6ugNlftO2g73eG/bBXtnUTS0zBJ+6Nkm31svdLqwQVmYgYCyuzal7
DyLwuVx/BMEt6xk2k1CyRjfnnusifqmghd3P7wIhwkM3+wrVkoGMCzsZ15ZX2/37
bjPaxllvG3baexbrTX2VwRZiAH13GYSV6z611Mokwprqk1YFHcqQ1IKySN5eBK0B
wMrSmBQ1FgBTvYs/9MrrGpNAVIpJKJpKFwLvjGmlazq3bjI5EO9Z2bSZzjmZCrrg
C52DhH2ouhLjho382wzsRSNKNoo76nsrognNaj0t9kzaylJexYKyfYDASxLlgGJl
ZLpRBltmzVHQkzYw
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:33:28 2024 by rpki-client on console-fra.rpki-client.org