Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Sz4npOb02alyoYtgBpS9GIr5NxQ.roa
File: Sz4npOb02alyoYtgBpS9GIr5NxQ.roa (raw, json)
Hash identifier: 5jUusdOobwKU7f/bTKRFE616D0fIOnPoXQbO9eSYrIo=
Subject key identifier: 4B:3E:27:A4:E6:F4:D9:A9:72:A1:8B:60:06:94:BD:18:8A:F9:37:14
Certificate issuer: /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial: 018570304D2DCEF1E6A02AF1FA86A4F63D38
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Sz4npOb02alyoYtgBpS9GIr5NxQ.roa
Signing time: Mon 02 Jan 2023 01:54:51 +0000
ROA not before: Mon 02 Jan 2023 01:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20495
IP address blocks: 84.244.128.0/18 maxlen: 18
84.244.128.0/19 maxlen: 32
92.48.224.0/20 maxlen: 32
92.48.224.0/19 maxlen: 19
92.48.240.0/20 maxlen: 32
92.48.192.0/20 maxlen: 32
92.48.192.0/19 maxlen: 19
92.48.192.0/18 maxlen: 18
92.48.208.0/20 maxlen: 32
84.244.160.0/19 maxlen: 32
217.148.160.0/20 maxlen: 32
217.148.160.0/19 maxlen: 19
217.148.176.0/20 maxlen: 32
2001:15c8::/32 maxlen: 32
2001:15c8:8000::/33 maxlen: 128
2001:15c8::/33 maxlen: 128
Validation: Failed, certificate revoked on Tue 02 Jan 2024 00:31:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:4d:2d:ce:f1:e6:a0:2a:f1:fa:86:a4:f6:3d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Validity
Not Before: Jan 2 01:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4b3e27a4e6f4d9a972a18b600694bd188af93714
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:75:47:7a:27:ea:bf:2c:b1:2b:34:ad:e0:
03:d0:14:42:98:cd:b7:15:ef:12:91:6a:44:5d:5f:
27:58:97:92:c3:3d:76:36:e6:b6:7f:55:fc:a5:b3:
27:c1:3e:30:f9:e9:cb:a0:5e:3a:02:6b:37:26:74:
be:e4:b0:be:4c:76:bb:44:04:e6:72:54:14:82:08:
82:44:ea:45:7e:8f:d4:3b:3e:c2:48:3c:8f:44:94:
00:68:8e:b7:10:55:3a:50:50:cd:83:55:99:6d:0f:
b1:7f:a2:07:f5:23:39:d0:7b:e7:3c:a3:cc:6e:59:
38:58:a6:4d:b0:45:88:32:8c:18:2a:7d:5e:2e:d5:
a9:2f:a1:75:1b:78:a9:49:20:e6:2f:d9:e6:bb:37:
61:57:b1:93:1b:8d:56:b9:24:ae:9a:0c:83:fd:96:
95:7c:0a:ec:f9:e0:98:5e:3f:6d:0a:df:ff:15:7b:
99:c0:47:f6:c2:ef:81:fd:df:d7:02:99:37:70:c3:
28:3a:b6:7d:9d:d3:b7:c8:cb:b2:8f:79:b0:c1:7d:
21:02:19:12:70:23:e0:1d:52:66:87:99:03:cf:22:
c1:7e:90:74:61:c8:3a:5f:76:9e:04:b0:a9:f1:77:
94:46:67:4c:e3:7b:12:73:27:7e:ee:66:07:81:00:
2d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:3E:27:A4:E6:F4:D9:A9:72:A1:8B:60:06:94:BD:18:8A:F9:37:14
X509v3 Authority Key Identifier:
keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/Sz4npOb02alyoYtgBpS9GIr5NxQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.244.128.0/18
92.48.192.0/18
217.148.160.0/19
IPv6:
2001:15c8::/32
Signature Algorithm: sha256WithRSAEncryption
5c:c4:37:bd:71:f5:6b:fa:06:3e:a5:5e:97:a9:65:3d:85:e9:
97:b3:96:dc:47:66:1b:10:43:23:1c:26:c3:24:dc:77:b4:34:
34:70:1a:cb:6e:c9:7b:8f:a3:3f:ad:86:a3:01:30:25:62:aa:
42:00:85:b8:ac:59:ed:7f:4a:4f:c7:5b:ae:6a:ec:ec:8b:ca:
81:4a:7e:84:79:48:65:11:ea:ed:6b:2d:bb:d3:7a:de:11:c6:
71:9e:35:06:9c:cc:14:08:5e:c8:9f:da:fb:15:87:38:ef:fe:
7d:65:be:67:3a:03:89:b2:f1:20:e3:fc:99:10:d1:6b:2d:dc:
72:cf:8f:4d:33:7d:f0:4b:4c:1c:4c:b9:d0:5a:37:eb:65:49:
d6:1a:36:4e:17:6e:20:7e:c4:34:2d:42:94:57:9f:31:37:65:
c8:e7:d9:80:62:0b:da:45:c0:97:8a:3f:12:da:cb:a9:c9:b7:
17:62:b5:d0:2f:c4:e2:10:28:27:bc:fa:fc:d7:80:bd:c6:f8:
b1:af:fd:13:bf:22:89:c7:6d:ee:bc:bc:3c:3d:f8:7c:ba:ea:
a7:49:98:ac:4b:12:a0:38:63:03:55:0d:df:ea:c5:f1:a0:6b:
d2:c2:ac:26:7d:64:da:b5:1a:98:fd:2c:98:d2:3b:6c:4c:ba:
41:d1:2f:73
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVwME0tzvHmoCrx+oak9j04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTFjZTVlMmY1M2I3YmI4Y2FjOGYzOWUyOTRlODlhNDVi
MjAwMjkwHhcNMjMwMTAyMDE1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjNlMjdhNGU2ZjRkOWE5NzJhMThiNjAwNjk0YmQxODhhZjkzNzE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmaF1R3on6r8ssSs0reAD0BRCmM23
Fe8SkWpEXV8nWJeSwz12Nua2f1X8pbMnwT4w+enLoF46Ams3JnS+5LC+THa7RATm
clQUggiCROpFfo/UOz7CSDyPRJQAaI63EFU6UFDNg1WZbQ+xf6IH9SM50HvnPKPM
blk4WKZNsEWIMowYKn1eLtWpL6F1G3ipSSDmL9nmuzdhV7GTG41WuSSumgyD/ZaV
fArs+eCYXj9tCt//FXuZwEf2wu+B/d/XApk3cMMoOrZ9ndO3yMuyj3mwwX0hAhkS
cCPgHVJmh5kDzyLBfpB0Ycg6X3aeBLCp8XeURmdM43sScyd+7mYHgQAtUwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEs+J6Tm9NmpcqGLYAaUvRiK+TcUMB8GA1UdIwQY
MBaAFGURzl4vU7e7jKyPOeKU6JpFsgApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYt
NWNiOTM0YTU1YjBkLzEvU3o0bnBPYjAyYWx5b1l0Z0JwUzlHSXI1TnhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYtNWNiOTM0YTU1YjBk
LzEvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGVPSAAwQG
XDDAAwQF2ZSgMA0EAgACMAcDBQAgARXIMA0GCSqGSIb3DQEBCwUAA4IBAQBcxDe9
cfVr+gY+pV6XqWU9hemXs5bcR2YbEEMjHCbDJNx3tDQ0cBrLbsl7j6M/rYajATAl
YqpCAIW4rFntf0pPx1uuauzsi8qBSn6EeUhlEertay2703reEcZxnjUGnMwUCF7I
n9r7FYc47/59Zb5nOgOJsvEg4/yZENFrLdxyz49NM33wS0wcTLnQWjfrZUnWGjZO
F24gfsQ0LUKUV58xN2XI59mAYgvaRcCXij8S2supybcXYrXQL8TiECgnvPr814C9
xvixr/0TvyKJx23uvLw8Pfh8uuqnSZisSxKgOGMDVQ3f6sXxoGvSwqwmfWTatRqY
/SyY0jtsTLpB0S9z
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:23 2024 by rpki-client on console-ams.rpki-client.org