Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/ztrSbx4cCnMjO4QD_bCgweEnJc4.roa
File: ztrSbx4cCnMjO4QD_bCgweEnJc4.roa (raw, json)
Hash identifier: LjyjwXWipaWe6HEpiFIlSYqqFm8/JJC/haARv4WFYlE=
Subject key identifier: CE:DA:D2:6F:1E:1C:0A:73:23:3B:84:03:FD:B0:A0:C1:E1:27:25:CE
Certificate issuer: /CN=738fd9467821d05286f4b33be86176651b6aff3e
Certificate serial: 0192F651FDDE8E75B7F755D02B1F1DA3B487
Authority key identifier: 73:8F:D9:46:78:21:D0:52:86:F4:B3:3B:E8:61:76:65:1B:6A:FF:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c4_ZRngh0FKG9LM76GF2ZRtq_z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/ztrSbx4cCnMjO4QD_bCgweEnJc4.roa
Signing time: Mon 04 Nov 2024 08:37:01 +0000
ROA not before: Mon 04 Nov 2024 08:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43633
IP address blocks: 5.180.128.0/22 maxlen: 24
45.128.188.0/22 maxlen: 24
91.195.90.0/23 maxlen: 24
91.195.90.0/24 maxlen: 24
91.195.91.0/24 maxlen: 24
91.213.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 07 Nov 2024 09:58:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:51:fd:de:8e:75:b7:f7:55:d0:2b:1f:1d:a3:b4:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=738fd9467821d05286f4b33be86176651b6aff3e
Validity
Not Before: Nov 4 08:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cedad26f1e1c0a73233b8403fdb0a0c1e12725ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:a5:f9:e5:59:24:08:7c:88:35:42:66:a1:9e:
26:e3:81:11:e5:13:4c:0d:71:73:13:3b:b7:32:ab:
54:de:61:64:b8:95:2e:70:c3:5d:be:36:51:d1:6c:
cf:1c:70:25:a9:cc:33:b9:91:a9:2b:d8:3d:04:7c:
ec:9b:2a:98:c2:72:34:e2:85:13:59:12:32:fb:3a:
70:64:49:38:7d:86:69:4c:ae:3b:9a:f4:e9:70:9c:
e9:04:01:d2:8d:30:ef:9e:24:67:c8:ec:85:73:b5:
01:dc:8d:b3:ee:94:32:83:56:b9:07:4e:7a:fb:7e:
d1:d4:55:e2:e2:50:39:a3:c1:6b:05:b8:7e:0a:76:
6f:2e:7c:50:f2:97:6d:3d:6c:95:0f:00:d3:e4:a1:
96:5e:33:df:5f:06:b8:0e:cc:f0:c9:ec:2f:c6:ce:
c7:cb:54:05:d6:0a:8e:26:0b:c2:7e:16:23:f9:22:
ef:20:31:0d:14:f2:ac:a6:46:16:28:48:77:09:81:
6d:c8:de:56:f6:e7:c0:72:f0:cf:03:9c:29:0f:70:
ab:21:d2:b9:fd:b1:60:55:22:bc:73:49:fe:66:dd:
19:bf:9e:f5:8c:de:06:14:73:96:35:37:80:89:a3:
28:40:94:c3:40:57:d3:95:df:dd:95:ab:df:d6:71:
3c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DA:D2:6F:1E:1C:0A:73:23:3B:84:03:FD:B0:A0:C1:E1:27:25:CE
X509v3 Authority Key Identifier:
keyid:73:8F:D9:46:78:21:D0:52:86:F4:B3:3B:E8:61:76:65:1B:6A:FF:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4_ZRngh0FKG9LM76GF2ZRtq_z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/ztrSbx4cCnMjO4QD_bCgweEnJc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/b7cd91-7e4a-46cf-9498-09fac0697649/1/c4_ZRngh0FKG9LM76GF2ZRtq_z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.128.0/22
45.128.188.0/22
91.195.90.0/23
91.213.59.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:c6:8a:e8:32:c9:a6:c2:16:87:d9:fd:9b:8b:cd:95:9e:4b:
4c:7c:e7:0f:25:39:cc:ce:54:e0:fd:08:11:87:06:26:81:cc:
f6:e2:02:6c:e1:85:31:62:f0:bc:27:e6:e2:e1:38:a2:2a:27:
c2:2a:5e:c6:62:a9:af:e9:cd:37:d2:69:30:29:15:a5:a1:db:
36:72:9b:e1:15:0d:fb:7f:88:27:36:17:2a:da:28:79:d2:86:
78:95:f5:08:8e:8e:a6:f6:7a:b6:8f:75:a3:49:0c:2c:1c:ef:
9d:10:57:cc:80:ba:61:fd:e5:5b:b6:c1:3c:be:c9:48:da:24:
cc:a6:7c:6d:91:7e:29:6c:32:dc:3f:35:92:80:98:b4:9f:1a:
76:45:4d:5f:6d:37:2e:2c:39:df:49:55:0d:f5:97:13:c6:a0:
e9:01:64:f2:44:df:c4:74:0a:77:a0:a7:f4:f4:86:a3:3a:9c:
7a:ca:fa:9a:39:65:e1:d2:44:73:32:ce:88:76:1a:46:18:93:
5e:ed:ed:4a:7a:85:22:47:74:1d:88:38:df:5a:7d:59:c8:72:
f5:10:d7:61:86:38:5b:b8:17:ea:de:dd:81:90:84:41:5c:54:
71:8f:c9:b6:76:6f:99:1f:3d:2b:91:d2:75:64:14:4b:6b:cd:
c9:3d:87:09
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZL2Uf3ejnW391XQKx8do7SHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczOGZkOTQ2NzgyMWQwNTI4NmY0YjMzYmU4NjE3NjY1MWI2
YWZmM2UwHhcNMjQxMTA0MDgzNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWRhZDI2ZjFlMWMwYTczMjMzYjg0MDNmZGIwYTBjMWUxMjcyNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6X55VkkCHyINUJmoZ4m44ER5RNM
DXFzEzu3MqtU3mFkuJUucMNdvjZR0WzPHHAlqcwzuZGpK9g9BHzsmyqYwnI04oUT
WRIy+zpwZEk4fYZpTK47mvTpcJzpBAHSjTDvniRnyOyFc7UB3I2z7pQyg1a5B056
+37R1FXi4lA5o8FrBbh+CnZvLnxQ8pdtPWyVDwDT5KGWXjPfXwa4Dszwyewvxs7H
y1QF1gqOJgvCfhYj+SLvIDENFPKspkYWKEh3CYFtyN5W9ufAcvDPA5wpD3CrIdK5
/bFgVSK8c0n+Zt0Zv571jN4GFHOWNTeAiaMoQJTDQFfTld/dlavf1nE8dwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM7a0m8eHApzIzuEA/2woMHhJyXOMB8GA1UdIwQY
MBaAFHOP2UZ4IdBShvSzO+hhdmUbav8+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzRfWlJuZ2gwRktHOUxNNzZHRjJaUnRxX3o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iN2NkOTEtN2U0YS00NmNmLTk0OTgt
MDlmYWMwNjk3NjQ5LzEvenRyU2J4NGNDbk1qTzRRRF9iQ2d3ZUVuSmM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iN2NkOTEtN2U0YS00NmNmLTk0OTgtMDlmYWMwNjk3NjQ5
LzEvYzRfWlJuZ2gwRktHOUxNNzZHRjJaUnRxX3o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbSAAwQC
LYC8AwQBW8NaAwQAW9U7MA0GCSqGSIb3DQEBCwUAA4IBAQBvxoroMsmmwhaH2f2b
i82VnktMfOcPJTnMzlTg/QgRhwYmgcz24gJs4YUxYvC8J+bi4TiiKifCKl7GYqmv
6c030mkwKRWlods2cpvhFQ37f4gnNhcq2ih50oZ4lfUIjo6m9nq2j3WjSQwsHO+d
EFfMgLph/eVbtsE8vslI2iTMpnxtkX4pbDLcPzWSgJi0nxp2RU1fbTcuLDnfSVUN
9ZcTxqDpAWTyRN/EdAp3oKf09IajOpx6yvqaOWXh0kRzMs6IdhpGGJNe7e1KeoUi
R3QdiDjfWn1ZyHL1ENdhhjhbuBfq3t2BkIRBXFRxj8m2dm+ZHz0rkdJ1ZBRLa83J
PYcJ
-----END CERTIFICATE-----
Generated at Thu Nov 7 14:04:43 2024 by rpki-client on console-ams.rpki-client.org