Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/zxFAkvTFlooty5g1QbZklXRoiMQ.roa
File: zxFAkvTFlooty5g1QbZklXRoiMQ.roa (raw, json)
Hash identifier: GmW+OnLhClY7rPsE7l7p/A234dnu0yaIlx080ERkxGU=
Subject key identifier: CF:11:40:92:F4:C5:96:8A:2D:CB:98:35:41:B6:64:95:74:68:88:C4
Certificate issuer: /CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Certificate serial: 018CC5DCD313CC52C29091BF0E610FB127A9
Authority key identifier: DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/zxFAkvTFlooty5g1QbZklXRoiMQ.roa
Signing time: Mon 01 Jan 2024 16:30:32 +0000
ROA not before: Mon 01 Jan 2024 16:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205330
IP address blocks: 37.130.216.0/24 maxlen: 24
37.130.217.0/24 maxlen: 24
37.130.218.0/24 maxlen: 24
37.130.219.0/24 maxlen: 24
37.130.216.0/22 maxlen: 22
37.130.216.0/21 maxlen: 21
37.130.222.0/24 maxlen: 24
37.130.223.0/24 maxlen: 24
37.130.220.0/22 maxlen: 22
37.130.220.0/24 maxlen: 24
37.130.221.0/24 maxlen: 24
185.109.56.0/24 maxlen: 24
185.109.57.0/24 maxlen: 24
185.109.58.0/24 maxlen: 24
185.109.56.0/22 maxlen: 22
185.109.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 11:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:d3:13:cc:52:c2:90:91:bf:0e:61:0f:b1:27:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc5facca14de08174ef5c96c91f1e7825f42d07b
Validity
Not Before: Jan 1 16:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf114092f4c5968a2dcb983541b66495746888c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3b:44:6c:73:d4:d2:3e:c2:b9:53:61:7f:1d:
a3:d0:db:66:fd:06:ac:b0:00:25:d2:fc:0c:bc:5e:
d2:c9:4c:8e:42:8b:23:e1:88:46:3b:77:e7:f9:8e:
6e:cf:e2:f9:3b:ec:c8:0d:6e:20:95:3d:70:96:20:
73:92:33:1a:e8:74:65:2d:01:6d:61:22:4d:95:70:
fd:71:5c:5f:1a:70:d9:8b:43:93:44:e8:e3:d0:e7:
55:e0:36:ea:0b:b9:bf:63:ea:46:c5:33:a1:02:93:
ee:a5:ee:cb:24:cf:63:2a:df:b4:df:1e:ed:e4:7d:
83:15:2b:7c:6e:92:63:63:80:fe:45:d5:e3:4c:c1:
11:26:70:68:42:b2:6a:c1:1d:a8:12:d7:9b:4a:4b:
6e:8a:83:3d:b3:d0:e7:5f:cc:17:f4:03:1f:0e:eb:
cf:d9:6b:b3:c7:25:6f:d4:9f:c7:74:15:63:78:96:
6d:80:9f:97:f5:a1:5b:70:85:8b:3a:1e:64:bb:02:
ba:a4:17:6b:70:8e:bb:73:23:fc:a8:0d:1b:d6:fc:
43:8b:f1:2d:48:c1:3e:04:7a:fa:10:2a:a2:f9:2e:
b0:5c:2e:21:13:01:d2:a2:98:83:57:6b:df:ec:3b:
38:b9:55:17:59:76:15:ee:02:ee:62:11:39:1a:e3:
06:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:11:40:92:F4:C5:96:8A:2D:CB:98:35:41:B6:64:95:74:68:88:C4
X509v3 Authority Key Identifier:
keyid:DC:5F:AC:CA:14:DE:08:17:4E:F5:C9:6C:91:F1:E7:82:5F:42:D0:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3F-syhTeCBdO9clskfHngl9C0Hs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/zxFAkvTFlooty5g1QbZklXRoiMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/0893f1-ffb4-46b3-bf27-a7016980c86f/1/3F-syhTeCBdO9clskfHngl9C0Hs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.216.0/21
185.109.56.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:e6:60:4f:4f:15:71:53:3a:df:30:53:c0:47:7c:35:45:ee:
93:8a:48:3f:7e:95:0f:33:e3:87:4d:ef:2e:00:6d:44:06:7c:
0a:ee:6d:df:17:c7:76:8c:d7:d6:5b:fa:51:27:24:00:6f:36:
a6:73:c3:41:40:e3:cd:27:a7:62:d8:4d:6e:2d:98:51:84:c6:
4e:dd:5d:70:82:6b:b9:ca:26:f3:3b:0d:4f:9e:5f:51:6d:7e:
9a:a8:24:30:58:58:35:ed:ac:ba:22:8f:cf:a7:85:14:89:fd:
21:8e:c7:76:46:cf:b9:2f:6f:97:61:eb:dc:d5:c2:1f:c6:be:
d9:55:d8:21:5e:b2:9b:f0:cd:8a:92:37:8e:92:4c:48:1d:04:
22:c4:3c:46:c3:76:ee:d5:d1:b2:91:29:35:1b:c0:eb:e8:e3:
1c:2d:2e:59:57:dd:44:c4:7b:4b:8b:1f:24:2b:08:df:b0:8e:
67:fc:8c:f9:d9:89:1f:56:0c:59:9c:71:43:3c:78:ad:03:4f:
f0:44:3d:61:f9:16:d8:b2:88:ac:5a:28:1c:70:31:c6:9c:9f:
d0:3b:cb:40:5c:fa:f1:73:b8:05:1b:20:3d:c2:4e:75:df:77:
ea:9b:0a:5d:78:2b:77:bc:6b:b0:72:fd:9e:0a:92:99:0d:97:
36:a8:f4:2e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3NMTzFLCkJG/DmEPsSepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNWZhY2NhMTRkZTA4MTc0ZWY1Yzk2YzkxZjFlNzgyNWY0
MmQwN2IwHhcNMjQwMTAxMTYzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjExNDA5MmY0YzU5NjhhMmRjYjk4MzU0MWI2NjQ5NTc0Njg4OGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDtEbHPU0j7CuVNhfx2j0Ntm/Qas
sAAl0vwMvF7SyUyOQosj4YhGO3fn+Y5uz+L5O+zIDW4glT1wliBzkjMa6HRlLQFt
YSJNlXD9cVxfGnDZi0OTROjj0OdV4DbqC7m/Y+pGxTOhApPupe7LJM9jKt+03x7t
5H2DFSt8bpJjY4D+RdXjTMERJnBoQrJqwR2oEtebSktuioM9s9DnX8wX9AMfDuvP
2WuzxyVv1J/HdBVjeJZtgJ+X9aFbcIWLOh5kuwK6pBdrcI67cyP8qA0b1vxDi/Et
SME+BHr6ECqi+S6wXC4hEwHSopiDV2vf7Ds4uVUXWXYV7gLuYhE5GuMGdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM8RQJL0xZaKLcuYNUG2ZJV0aIjEMB8GA1UdIwQY
MBaAFNxfrMoU3ggXTvXJbJHx54JfQtB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjct
YTcwMTY5ODBjODZmLzEvenhGQWt2VEZsb290eTVnMVFiWmtsWFJvaU1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8wODkzZjEtZmZiNC00NmIzLWJmMjctYTcwMTY5ODBjODZm
LzEvM0Ytc3loVGVDQmRPOWNsc2tmSG5nbDlDMEhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJYLYAwQC
uW04MA0GCSqGSIb3DQEBCwUAA4IBAQBq5mBPTxVxUzrfMFPAR3w1Re6Tikg/fpUP
M+OHTe8uAG1EBnwK7m3fF8d2jNfWW/pRJyQAbzamc8NBQOPNJ6di2E1uLZhRhMZO
3V1wgmu5yibzOw1Pnl9RbX6aqCQwWFg17ay6Io/Pp4UUif0hjsd2Rs+5L2+XYevc
1cIfxr7ZVdghXrKb8M2KkjeOkkxIHQQixDxGw3bu1dGykSk1G8Dr6OMcLS5ZV91E
xHtLix8kKwjfsI5n/Iz52YkfVgxZnHFDPHitA0/wRD1h+RbYsoisWigccDHGnJ/Q
O8tAXPrxc7gFGyA9wk5133fqmwpdeCt3vGuwcv2eCpKZDZc2qPQu
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:17 2025 by rpki-client