Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/RZlysUfKh1Ae8TcdJSUMiG1X2zU.roa
File: RZlysUfKh1Ae8TcdJSUMiG1X2zU.roa (raw, json)
Hash identifier: 9kr8KpsrZJHVl9Cba2SmywHUSPN/AZJ1Co1KQe+x7FE=
Subject key identifier: 45:99:72:B1:47:CA:87:50:1E:F1:37:1D:25:25:0C:88:6D:57:DB:35
Certificate issuer: /CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Certificate serial: 019297C1785D16DBF95B663A42D25A68A390
Authority key identifier: 5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/RZlysUfKh1Ae8TcdJSUMiG1X2zU.roa
Signing time: Wed 16 Oct 2024 23:54:51 +0000
ROA not before: Wed 16 Oct 2024 23:54:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16027
IP address blocks: 193.168.160.0/22 maxlen: 22
193.168.161.0/24 maxlen: 24
217.71.64.0/20 maxlen: 20
217.71.65.0/24 maxlen: 24
217.71.67.0/24 maxlen: 24
217.71.68.0/24 maxlen: 24
217.71.69.0/24 maxlen: 24
217.71.70.0/24 maxlen: 24
217.71.73.0/24 maxlen: 24
217.71.78.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:97:c1:78:5d:16:db:f9:5b:66:3a:42:d2:5a:68:a3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Validity
Not Before: Oct 16 23:54:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=459972b147ca87501ef1371d25250c886d57db35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:61:d5:3d:16:30:57:c2:f8:50:c5:d0:76:ab:
86:d4:e2:e0:7f:f5:2a:92:c5:36:78:7a:41:84:0d:
a4:91:87:23:9b:cd:c0:9a:23:3a:10:52:ae:03:05:
b9:14:e8:66:71:04:10:fc:5f:85:3f:49:0a:59:30:
57:86:69:01:19:5d:31:f0:61:b5:56:46:c0:91:39:
ec:a9:94:bc:1a:96:86:4d:09:64:ca:5b:22:74:e2:
c1:ef:fb:85:65:a6:c2:de:92:78:a1:60:66:a1:18:
d8:60:bf:83:91:ca:4e:b5:2f:ae:ff:ff:31:88:a9:
3f:80:1e:c5:82:a4:9d:df:89:9e:91:fe:e8:60:7f:
a8:ba:d4:ba:a2:07:1a:c7:65:09:d0:c0:22:97:ef:
64:0d:a3:48:41:17:8c:f0:0c:12:5a:96:f7:8b:5a:
63:9d:1a:a8:8c:98:24:07:18:af:60:dc:a4:1b:c8:
8b:52:12:7b:d0:96:68:fa:f3:84:33:54:db:2b:c4:
ed:4c:2f:66:02:75:12:24:a1:07:70:0d:32:0a:c7:
a2:24:6e:e8:b7:5b:ea:44:4d:d3:ab:17:c3:5f:3c:
e9:d9:c3:75:ac:50:19:2c:f7:ad:55:61:87:02:ad:
1c:46:3d:f4:70:38:c5:e0:36:0f:3e:05:4c:b1:3f:
89:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:99:72:B1:47:CA:87:50:1E:F1:37:1D:25:25:0C:88:6D:57:DB:35
X509v3 Authority Key Identifier:
keyid:5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/RZlysUfKh1Ae8TcdJSUMiG1X2zU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.160.0/22
217.71.64.0/20
Signature Algorithm: sha256WithRSAEncryption
db:9f:e5:3b:19:55:97:63:23:88:d2:c8:39:e1:af:bf:d9:05:
25:0b:35:69:07:cf:c2:57:44:70:7b:4b:29:6f:8d:da:99:5e:
30:5c:ad:5a:a2:a1:36:66:f7:71:f4:66:5b:c8:bf:ef:73:f8:
43:f8:49:37:65:d0:00:38:43:fd:c1:d5:fb:d7:7a:d8:dd:9d:
c2:12:51:92:08:d5:c7:ee:fa:b8:85:62:a5:eb:6d:77:0b:7e:
81:a9:4c:48:be:7e:ca:63:63:32:00:9a:0a:f1:4c:00:2a:e0:
7e:24:b5:a7:ec:01:62:f1:6a:50:b3:fb:06:61:79:3d:1e:34:
da:40:e1:97:95:5f:c7:b1:ff:be:4d:a9:f5:65:a6:67:0f:3a:
26:75:57:5e:a1:5d:b5:45:e7:7e:03:0c:b9:b9:1e:8d:a7:1f:
8d:b1:ba:a7:9b:72:1a:e8:ba:34:20:6e:e9:d0:d9:b7:32:70:
59:cd:ae:8f:1c:bb:cf:04:57:4a:71:b2:8b:b5:30:23:d0:f9:
68:51:a9:30:cc:51:ed:80:96:44:0d:c6:fd:f0:cb:93:ca:74:
07:d8:50:f4:d5:8a:6f:7d:2a:d8:86:fe:03:26:8b:0a:ba:23:
c4:56:45:ef:63:ec:c0:30:e0:6b:fc:f2:18:c6:1d:8f:18:bb:
6e:c9:fa:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKXwXhdFtv5W2Y6QtJaaKOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmE1N2UxNzA3ZTQzYjJmYTk3ZmNlYjA3OGE1ZDQ2MGU1
NmMxYmYwHhcNMjQxMDE2MjM1NDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk5NzJiMTQ3Y2E4NzUwMWVmMTM3MWQyNTI1MGM4ODZkNTdkYjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWHVPRYwV8L4UMXQdquG1OLgf/Uq
ksU2eHpBhA2kkYcjm83AmiM6EFKuAwW5FOhmcQQQ/F+FP0kKWTBXhmkBGV0x8GG1
VkbAkTnsqZS8GpaGTQlkylsidOLB7/uFZabC3pJ4oWBmoRjYYL+DkcpOtS+u//8x
iKk/gB7FgqSd34mekf7oYH+outS6ogcax2UJ0MAil+9kDaNIQReM8AwSWpb3i1pj
nRqojJgkBxivYNykG8iLUhJ70JZo+vOEM1TbK8TtTC9mAnUSJKEHcA0yCseiJG7o
t1vqRE3TqxfDXzzp2cN1rFAZLPetVWGHAq0cRj30cDjF4DYPPgVMsT+J9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEWZcrFHyodQHvE3HSUlDIhtV9s1MB8GA1UdIwQY
MBaAFF66V+FwfkOy+pf86weKXUYOVsG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2Mt
YjU5NzI3MDliYjAyLzEvUlpseXNVZktoMUFlOFRjZEpTVU1pRzFYMnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2MtYjU5NzI3MDliYjAy
LzEvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaigAwQE
2UdAMA0GCSqGSIb3DQEBCwUAA4IBAQDbn+U7GVWXYyOI0sg54a+/2QUlCzVpB8/C
V0Rwe0spb43amV4wXK1aoqE2Zvdx9GZbyL/vc/hD+Ek3ZdAAOEP9wdX713rY3Z3C
ElGSCNXH7vq4hWKl6213C36BqUxIvn7KY2MyAJoK8UwAKuB+JLWn7AFi8WpQs/sG
YXk9HjTaQOGXlV/Hsf++Tan1ZaZnDzomdVdeoV21Red+Awy5uR6Npx+Nsbqnm3Ia
6Lo0IG7p0Nm3MnBZza6PHLvPBFdKcbKLtTAj0PloUakwzFHtgJZEDcb98MuTynQH
2FD01YpvfSrYhv4DJosKuiPEVkXvY+zAMOBr/PIYxh2PGLtuyfqR
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:18 2025 by rpki-client