Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/Ze5wNivKGfo_v4UYaCOui9_2JvE.roa
File: Ze5wNivKGfo_v4UYaCOui9_2JvE.roa (raw, json)
Hash identifier: HXB6IzsxqgTQH9RMpSTydkZpXCur2DG3RDRauK0zxgk=
Subject key identifier: 65:EE:70:36:2B:CA:19:FA:3F:BF:85:18:68:23:AE:8B:DF:F6:26:F1
Certificate issuer: /CN=2347aaab2206c08128f543730064a145a3effa14
Certificate serial: 018D8CD79674877C7DC51E1D0A072F5E8F32
Authority key identifier: 23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/Ze5wNivKGfo_v4UYaCOui9_2JvE.roa
Signing time: Fri 09 Feb 2024 07:49:15 +0000
ROA not before: Fri 09 Feb 2024 07:49:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33885
IP address blocks: 109.104.0.0/19 maxlen: 19
178.78.192.0/18 maxlen: 18
185.86.100.0/22 maxlen: 22
212.107.128.0/19 maxlen: 19
2a01:3b8:4000::/35 maxlen: 35
Validation: Failed, certificate revoked on Mon 12 Feb 2024 07:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8c:d7:96:74:87:7c:7d:c5:1e:1d:0a:07:2f:5e:8f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2347aaab2206c08128f543730064a145a3effa14
Validity
Not Before: Feb 9 07:49:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65ee70362bca19fa3fbf85186823ae8bdff626f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:b7:43:4e:2b:fa:2c:b3:88:ed:40:07:70:f7:
2b:a6:13:1f:f2:41:9f:65:ff:a3:c0:6f:ee:b4:51:
d2:d7:3b:d0:3b:6c:0c:ae:2f:6b:81:9d:0c:8f:ef:
57:7e:fe:38:8a:c4:f0:cf:85:5a:b6:ab:f6:10:53:
97:73:9c:0d:28:ae:5b:de:6c:62:71:5a:e8:ea:20:
95:b1:63:0e:85:54:48:da:39:b2:8e:1e:2f:f1:0c:
6f:37:f0:80:0a:e9:30:a2:bd:4d:2e:48:66:cc:72:
3b:23:13:4c:28:b7:1d:aa:9f:d7:2e:d4:e3:7b:ea:
2d:ca:f0:0b:c6:97:26:58:95:08:87:2a:7d:7d:d1:
48:cf:12:f8:ac:e9:eb:4d:20:42:22:bd:4b:5c:6a:
02:88:8a:a6:80:c0:c4:a6:60:46:c7:dd:f1:29:fa:
26:ab:7c:4d:6f:f5:7e:71:67:07:0d:47:46:d0:c4:
71:a0:75:71:14:9b:6c:4f:6b:b9:a0:e0:27:4b:07:
73:7c:b4:0b:88:fd:7f:bf:37:91:84:1e:a7:4e:d6:
64:90:db:5b:8d:e1:b8:2a:28:e3:22:ab:21:20:16:
44:d8:ba:55:6f:2c:b6:d8:e9:a6:ea:ed:2f:4d:2c:
c7:45:34:a6:02:49:4c:a5:0d:79:db:52:2d:60:9a:
40:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:EE:70:36:2B:CA:19:FA:3F:BF:85:18:68:23:AE:8B:DF:F6:26:F1
X509v3 Authority Key Identifier:
keyid:23:47:AA:AB:22:06:C0:81:28:F5:43:73:00:64:A1:45:A3:EF:FA:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0eqqyIGwIEo9UNzAGShRaPv-hQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/Ze5wNivKGfo_v4UYaCOui9_2JvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ef9f0d-d840-4371-adc4-75840661eaf5/1/I0eqqyIGwIEo9UNzAGShRaPv-hQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.0.0/19
178.78.192.0/18
185.86.100.0/22
212.107.128.0/19
IPv6:
2a01:3b8:4000::/35
Signature Algorithm: sha256WithRSAEncryption
5d:56:83:72:23:51:00:d8:99:29:05:72:79:62:ee:a4:eb:69:
c2:c4:5e:ac:62:36:ac:f2:30:03:e3:4d:75:0b:ce:51:c9:47:
2c:6d:a8:c9:80:e1:cf:df:e9:17:26:42:33:ea:5a:da:c2:98:
d4:dd:06:5f:bb:78:84:89:fd:5a:1b:1f:e5:b7:3f:03:fb:f8:
28:1d:24:8c:fa:51:fa:9e:46:38:1c:7d:87:02:89:4a:82:15:
76:5b:46:61:0b:2b:c9:9d:be:44:a2:a4:69:68:56:d6:b0:c6:
ed:ff:63:df:dd:21:5c:13:22:5a:af:97:60:c8:62:25:e7:54:
9d:d7:0c:6e:3b:f5:b7:89:12:29:a8:a0:ea:a4:bc:eb:4e:93:
31:20:f7:1f:8b:67:d2:43:ec:68:c0:34:58:f8:db:c2:dc:24:
60:64:ee:70:b3:93:c4:be:c2:a3:53:1c:12:79:42:d0:37:eb:
f5:4d:13:94:12:b6:26:52:f1:94:0d:bc:36:89:10:fe:5f:72:
e2:20:68:91:f2:84:9b:0c:98:d7:80:c5:91:4d:3c:5f:39:8f:
15:9d:22:d3:59:e5:c4:66:88:1e:52:68:65:2d:5e:b3:9f:3f:
1b:9b:ec:eb:f8:26:ab:21:1d:f7:2d:05:65:9a:91:6a:bb:5e:
2f:1f:4d:9f
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY2M15Z0h3x9xR4dCgcvXo8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDdhYWFiMjIwNmMwODEyOGY1NDM3MzAwNjRhMTQ1YTNl
ZmZhMTQwHhcNMjQwMjA5MDc0OTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWVlNzAzNjJiY2ExOWZhM2ZiZjg1MTg2ODIzYWU4YmRmZjYyNmYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgrdDTiv6LLOI7UAHcPcrphMf8kGf
Zf+jwG/utFHS1zvQO2wMri9rgZ0Mj+9Xfv44isTwz4Vatqv2EFOXc5wNKK5b3mxi
cVro6iCVsWMOhVRI2jmyjh4v8QxvN/CACukwor1NLkhmzHI7IxNMKLcdqp/XLtTj
e+otyvALxpcmWJUIhyp9fdFIzxL4rOnrTSBCIr1LXGoCiIqmgMDEpmBGx93xKfom
q3xNb/V+cWcHDUdG0MRxoHVxFJtsT2u5oOAnSwdzfLQLiP1/vzeRhB6nTtZkkNtb
jeG4KijjIqshIBZE2LpVbyy22Omm6u0vTSzHRTSmAklMpQ1521ItYJpAQwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGXucDYryhn6P7+FGGgjrovf9ibxMB8GA1UdIwQY
MBaAFCNHqqsiBsCBKPVDcwBkoUWj7/oUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQt
NzU4NDA2NjFlYWY1LzEvWmU1d05pdktHZm9fdjRVWWFDT3VpOV8ySnZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lZjlmMGQtZDg0MC00MzcxLWFkYzQtNzU4NDA2NjFlYWY1
LzEvSTBlcXF5SUd3SUVvOVVOekFHU2hSYVB2LWhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAeBAIAATAYAwQFbWgAAwQG
sk7AAwQCuVZkAwQF1GuAMA4EAgACMAgDBgUqAQO4QDANBgkqhkiG9w0BAQsFAAOC
AQEAXVaDciNRANiZKQVyeWLupOtpwsRerGI2rPIwA+NNdQvOUclHLG2oyYDhz9/p
FyZCM+pa2sKY1N0GX7t4hIn9Whsf5bc/A/v4KB0kjPpR+p5GOBx9hwKJSoIVdltG
YQsryZ2+RKKkaWhW1rDG7f9j390hXBMiWq+XYMhiJedUndcMbjv1t4kSKaig6qS8
606TMSD3H4tn0kPsaMA0WPjbwtwkYGTucLOTxL7Co1McEnlC0Dfr9U0TlBK2JlLx
lA28NokQ/l9y4iBokfKEmwyY14DFkU08XzmPFZ0i01nlxGaIHlJoZS1es58/G5vs
6/gmqyEd9y0FZZqRarteLx9Nnw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:54 2024 by rpki-client on console-ams.rpki-client.org