Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/EzipyGA6LeMYlbK1gUtdGg51zkY.roa
File: EzipyGA6LeMYlbK1gUtdGg51zkY.roa (raw, json)
Hash identifier: Dwx0WsP9uNGq7l0BJw6Z2li1FQNc59Aa2DKyDxXe0Xw=
Subject key identifier: 13:38:A9:C8:60:3A:2D:E3:18:95:B2:B5:81:4B:5D:1A:0E:75:CE:46
Certificate issuer: /CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Certificate serial: 01857255889CAB0666A7A8F5F1B5A46464A7
Authority key identifier: 4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/EzipyGA6LeMYlbK1gUtdGg51zkY.roa
Signing time: Mon 02 Jan 2023 11:54:46 +0000
ROA not before: Mon 02 Jan 2023 11:54:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50923
IP address blocks: 5.129.232.0/21 maxlen: 21
5.129.240.0/20 maxlen: 20
5.129.240.0/21 maxlen: 21
5.129.248.0/21 maxlen: 21
5.129.192.0/19 maxlen: 19
5.129.192.0/21 maxlen: 21
5.129.192.0/20 maxlen: 20
5.129.200.0/21 maxlen: 21
5.129.208.0/20 maxlen: 20
5.129.208.0/21 maxlen: 21
5.129.216.0/21 maxlen: 21
5.129.0.0/16 maxlen: 16
5.129.224.0/21 maxlen: 21
5.129.224.0/20 maxlen: 20
5.129.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 01 Jan 2024 20:29:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:55:88:9c:ab:06:66:a7:a8:f5:f1:b5:a4:64:64:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddb3dcdf5e6bee09825c37bf3b8bdf28b6fb593
Validity
Not Before: Jan 2 11:54:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1338a9c8603a2de31895b2b5814b5d1a0e75ce46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:88:a4:07:12:e3:93:f0:43:cc:1a:88:c1:d9:
8c:ab:58:41:b8:59:c7:bf:50:a6:19:c6:b4:50:0e:
ed:f8:1a:b3:9a:34:4f:e9:b4:88:fa:2a:a4:71:81:
23:38:bb:2a:53:17:df:02:5e:bc:9c:cb:ad:25:18:
59:bd:39:aa:0c:7d:fd:83:0a:2f:7b:b3:b5:b9:fa:
04:cd:e6:95:97:db:5d:77:36:e1:ec:ba:67:9d:ac:
b8:89:69:41:13:c8:34:7a:1e:0e:50:3f:7e:f3:58:
7d:17:8d:27:53:81:38:ce:a8:bc:b7:bd:ee:79:87:
18:6d:be:90:d0:6b:c2:c9:2e:7e:10:2f:d7:a3:c8:
54:7d:54:09:f5:d4:80:b8:6e:1e:40:38:7b:89:5b:
7e:51:d7:a2:15:b1:32:7a:0a:ef:93:e7:18:ec:1a:
29:44:1d:f2:8e:a4:f6:0f:38:5c:78:fe:c1:03:bd:
68:21:78:95:56:ba:ea:1b:ee:39:17:6e:38:dc:13:
4c:0f:18:4c:22:cc:8a:69:bb:b5:77:92:8c:b4:49:
e8:2f:5a:5e:9f:06:36:9e:b3:66:b4:af:37:d8:6d:
f8:df:43:41:3f:ce:86:45:86:29:7e:14:69:17:d4:
10:9a:2b:5e:47:9f:ba:ea:0e:36:00:11:0c:fb:ce:
7f:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:38:A9:C8:60:3A:2D:E3:18:95:B2:B5:81:4B:5D:1A:0E:75:CE:46
X509v3 Authority Key Identifier:
keyid:4D:DB:3D:CD:F5:E6:BE:E0:98:25:C3:7B:F3:B8:BD:F2:8B:6F:B5:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tds9zfXmvuCYJcN787i98otvtZM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/EzipyGA6LeMYlbK1gUtdGg51zkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/790cee-d54e-4598-8bc1-2170c5c1d3ed/1/Tds9zfXmvuCYJcN787i98otvtZM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.129.0.0/16
Signature Algorithm: sha256WithRSAEncryption
79:64:89:57:3d:9d:16:00:fb:75:4a:b6:1d:64:fd:2c:e6:22:
82:d5:83:62:58:4a:ff:24:97:4b:64:85:cf:62:c3:e8:1c:ec:
f7:ea:4b:2f:b7:ea:8e:7b:75:b2:22:e5:11:e0:85:e7:46:e5:
b5:e1:a1:94:41:22:fa:3c:07:b1:57:b9:74:5f:ed:fb:65:32:
16:b0:02:14:cc:7b:23:b8:9d:fd:01:81:52:c3:8e:7e:ae:42:
d2:9c:a1:0c:8b:46:da:ae:1a:9c:34:d4:7c:c0:48:a4:53:89:
43:d5:9b:6f:95:e3:5a:d5:53:02:9f:50:57:97:b0:40:c6:d3:
09:d7:4f:a3:7a:12:39:ee:db:b9:3a:1d:7e:cf:9e:45:7d:ca:
df:b1:ca:83:a3:a5:94:88:27:6c:37:a5:39:a7:79:62:6d:f8:
81:ec:ca:2a:78:6c:53:58:47:3f:71:73:c9:97:b0:51:e8:9d:
fb:b7:d6:07:22:ad:da:49:0f:a9:15:25:c8:7d:fb:90:71:6b:
c3:9b:4f:78:3f:34:91:4a:1d:2b:2a:93:5d:a2:e6:09:a4:15:
0f:c8:ea:e4:40:56:84:04:fb:fc:81:1c:fa:be:30:29:3f:bf:
c4:1c:96:73:92:75:8c:8c:85:76:03:55:40:5a:13:fc:3b:80:
d9:3f:84:a2
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYVyVYicqwZmp6j18bWkZGSnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGIzZGNkZjVlNmJlZTA5ODI1YzM3YmYzYjhiZGYyOGI2
ZmI1OTMwHhcNMjMwMTAyMTE1NDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzM4YTljODYwM2EyZGUzMTg5NWIyYjU4MTRiNWQxYTBlNzVjZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIikBxLjk/BDzBqIwdmMq1hBuFnH
v1CmGca0UA7t+BqzmjRP6bSI+iqkcYEjOLsqUxffAl68nMutJRhZvTmqDH39gwov
e7O1ufoEzeaVl9tddzbh7Lpnnay4iWlBE8g0eh4OUD9+81h9F40nU4E4zqi8t73u
eYcYbb6Q0GvCyS5+EC/Xo8hUfVQJ9dSAuG4eQDh7iVt+UdeiFbEyegrvk+cY7Bop
RB3yjqT2DzhceP7BA71oIXiVVrrqG+45F2443BNMDxhMIsyKabu1d5KMtEnoL1pe
nwY2nrNmtK832G3430NBP86GRYYpfhRpF9QQmiteR5+66g42ABEM+85/oQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBM4qchgOi3jGJWytYFLXRoOdc5GMB8GA1UdIwQY
MBaAFE3bPc315r7gmCXDe/O4vfKLb7WTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEt
MjE3MGM1YzFkM2VkLzEvRXppcHlHQTZMZU1ZbGJLMWdVdGRHZzUxemtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83OTBjZWUtZDU0ZS00NTk4LThiYzEtMjE3MGM1YzFkM2Vk
LzEvVGRzOXpmWG12dUNZSmNONzg3aTk4b3R2dFpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMABYEwDQYJ
KoZIhvcNAQELBQADggEBAHlkiVc9nRYA+3VKth1k/SzmIoLVg2JYSv8kl0tkhc9i
w+gc7PfqSy+36o57dbIi5RHghedG5bXhoZRBIvo8B7FXuXRf7ftlMhawAhTMeyO4
nf0BgVLDjn6uQtKcoQyLRtquGpw01HzASKRTiUPVm2+V41rVUwKfUFeXsEDG0wnX
T6N6Ejnu27k6HX7PnkV9yt+xyoOjpZSIJ2w3pTmneWJt+IHsyip4bFNYRz9xc8mX
sFHonfu31gcirdpJD6kVJch9+5Bxa8ObT3g/NJFKHSsqk12i5gmkFQ/I6uRAVoQE
+/yBHPq+MCk/v8QclnOSdYyMhXYDVUBaE/w7gNk/hKI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:37 2024 by rpki-client on console-fra.rpki-client.org