Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/z1-XaaIA3l2Mi4HP3fdsNsqY45c.roa
File: z1-XaaIA3l2Mi4HP3fdsNsqY45c.roa (raw, json)
Hash identifier: IP7l/XkNq6s3fqsWSRYhwhzvmr20RSJzwVcs/Wu9AoM=
Subject key identifier: CF:5F:97:69:A2:00:DE:5D:8C:8B:81:CF:DD:F7:6C:36:CA:98:E3:97
Certificate issuer: /CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Certificate serial: 018DAC57A61B3F333EC81B60EDB034D8C496
Authority key identifier: 6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/z1-XaaIA3l2Mi4HP3fdsNsqY45c.roa
Signing time: Thu 15 Feb 2024 10:37:21 +0000
ROA not before: Thu 15 Feb 2024 10:37:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57293
IP address blocks: 5.197.0.0/16 maxlen: 21
5.197.0.0/17 maxlen: 17
5.197.116.0/22 maxlen: 22
5.197.128.0/17 maxlen: 17
5.197.128.0/20 maxlen: 20
5.197.128.0/21 maxlen: 21
5.197.136.0/21 maxlen: 21
5.197.144.0/20 maxlen: 20
5.197.160.0/20 maxlen: 20
5.197.176.0/20 maxlen: 20
5.197.176.0/21 maxlen: 21
5.197.184.0/21 maxlen: 21
5.197.192.0/20 maxlen: 20
5.197.192.0/21 maxlen: 21
5.197.200.0/21 maxlen: 21
5.197.208.0/20 maxlen: 20
5.197.208.0/21 maxlen: 21
5.197.216.0/21 maxlen: 21
5.197.224.0/20 maxlen: 20
5.197.224.0/21 maxlen: 21
5.197.232.0/21 maxlen: 21
5.197.240.0/20 maxlen: 20
5.197.240.0/21 maxlen: 21
5.197.248.0/21 maxlen: 21
149.255.144.0/20 maxlen: 20
149.255.144.0/21 maxlen: 21
149.255.152.0/21 maxlen: 21
149.255.152.0/24 maxlen: 24
185.146.112.0/22 maxlen: 23
Validation: Failed, certificate revoked on Tue 02 Apr 2024 06:04:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ac:57:a6:1b:3f:33:3e:c8:1b:60:ed:b0:34:d8:c4:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b20818b186b0b9cb09af5420d1e5ae334fe3974
Validity
Not Before: Feb 15 10:37:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf5f9769a200de5d8c8b81cfddf76c36ca98e397
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:e1:20:ad:18:69:c1:13:33:6b:2b:73:41:b9:
09:47:85:04:13:86:7e:d9:2a:8a:4e:d0:83:02:1d:
61:6c:c2:17:0b:72:48:8e:70:2b:8e:8c:0c:c2:eb:
74:7d:85:5b:9b:cf:41:73:5a:9f:34:67:d8:2d:1c:
2b:2e:7b:90:1b:66:c6:82:c5:b0:8c:ac:06:dc:56:
a3:52:81:50:e3:7e:df:52:46:15:80:20:1a:aa:7a:
92:87:f9:b6:43:68:d7:7b:59:fa:4e:11:2d:93:38:
d8:95:96:f5:cc:89:91:d5:da:df:09:a9:e6:6e:4f:
be:08:3f:5f:86:cf:f0:c2:67:58:92:92:74:71:e7:
dc:61:82:0e:ff:80:4d:c4:d2:0a:80:b7:77:4e:c8:
b1:e3:2f:80:44:8e:db:e7:8c:64:09:3b:9e:97:7a:
ed:03:3e:1a:5d:d5:15:dc:48:36:50:c9:f8:b8:3e:
72:d9:75:27:f7:07:49:7b:c8:0f:91:52:4a:03:bf:
db:81:29:b6:03:34:69:64:08:8d:c2:e1:db:58:dc:
20:8f:28:a2:bd:85:41:dc:50:9b:04:28:8c:9f:f6:
7d:67:ef:ba:8d:04:72:78:18:16:43:ea:77:2a:84:
f2:80:39:7f:8c:1a:40:4e:5f:54:ab:da:9b:cf:ed:
ab:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:5F:97:69:A2:00:DE:5D:8C:8B:81:CF:DD:F7:6C:36:CA:98:E3:97
X509v3 Authority Key Identifier:
keyid:6B:20:81:8B:18:6B:0B:9C:B0:9A:F5:42:0D:1E:5A:E3:34:FE:39:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayCBixhrC5ywmvVCDR5a4zT-OXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/z1-XaaIA3l2Mi4HP3fdsNsqY45c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/02f95e-5fe5-4c9a-84d7-e5c9c2e8e9bf/1/ayCBixhrC5ywmvVCDR5a4zT-OXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.197.0.0/16
149.255.144.0/20
185.146.112.0/22
Signature Algorithm: sha256WithRSAEncryption
19:4b:c9:01:90:28:88:90:f5:4e:40:5e:7d:c3:8a:ba:df:d0:
32:48:75:48:26:ea:1b:d5:a5:b3:3e:cc:2a:35:8f:9c:e3:5b:
1e:be:7c:da:73:85:29:33:f9:19:90:7d:c6:b0:10:ce:b6:b3:
38:e2:71:4e:7b:5a:5e:7a:4c:3f:8e:be:56:d9:6e:57:04:80:
51:b8:d7:63:41:03:ef:30:d4:1f:1f:81:f9:55:ae:d8:00:40:
14:8e:49:e0:c5:2b:e4:f5:ba:9b:46:b6:b6:4b:08:23:9f:6b:
80:bb:7c:02:d2:4b:8c:ff:ef:fe:57:48:61:09:c3:6c:70:ac:
d6:d3:92:75:40:73:8e:f9:39:9f:6d:02:b3:11:d7:8c:10:9c:
5f:a1:65:5e:7c:4f:e6:95:5c:c9:e5:92:1a:a4:c3:dc:56:ae:
f8:dc:da:02:2f:d3:cf:e7:62:f0:12:70:d1:40:76:1d:9b:97:
1b:a7:69:ec:45:34:d2:bc:04:36:53:aa:4a:47:9d:62:84:ab:
82:d7:b3:39:f0:47:3f:f0:81:10:1b:8c:ea:23:cc:7f:d4:4b:
df:c6:38:e2:fe:03:a5:5b:c4:ad:82:ee:d6:c7:27:83:98:68:
a9:a0:5f:75:a0:9f:03:21:a8:a1:0b:e7:59:37:82:73:ea:57:
89:1c:da:c9
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAY2sV6YbPzM+yBtg7bA02MSWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjA4MThiMTg2YjBiOWNiMDlhZjU0MjBkMWU1YWUzMzRm
ZTM5NzQwHhcNMjQwMjE1MTAzNzIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjVmOTc2OWEyMDBkZTVkOGM4YjgxY2ZkZGY3NmMzNmNhOThlMzk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1uEgrRhpwRMzaytzQbkJR4UEE4Z+
2SqKTtCDAh1hbMIXC3JIjnArjowMwut0fYVbm89Bc1qfNGfYLRwrLnuQG2bGgsWw
jKwG3FajUoFQ437fUkYVgCAaqnqSh/m2Q2jXe1n6ThEtkzjYlZb1zImR1drfCanm
bk++CD9fhs/wwmdYkpJ0cefcYYIO/4BNxNIKgLd3Tsix4y+ARI7b54xkCTuel3rt
Az4aXdUV3Eg2UMn4uD5y2XUn9wdJe8gPkVJKA7/bgSm2AzRpZAiNwuHbWNwgjyii
vYVB3FCbBCiMn/Z9Z++6jQRyeBgWQ+p3KoTygDl/jBpATl9Uq9qbz+2roQIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFM9fl2miAN5djIuBz933bDbKmOOXMB8GA1UdIwQY
MBaAFGsggYsYawucsJr1Qg0eWuM0/jl0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDct
ZTVjOWMyZThlOWJmLzEvejEtWGFhSUEzbDJNaTRIUDNmZHNOc3FZNDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8wMmY5NWUtNWZlNS00YzlhLTg0ZDctZTVjOWMyZThlOWJm
LzEvYXlDQml4aHJDNXl3bXZWQ0RSNWE0elQtT1hRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMABcUDBASV
/5ADBAK5knAwDQYJKoZIhvcNAQELBQADggEBABlLyQGQKIiQ9U5AXn3Dirrf0DJI
dUgm6hvVpbM+zCo1j5zjWx6+fNpzhSkz+RmQfcawEM62szjicU57Wl56TD+OvlbZ
blcEgFG412NBA+8w1B8fgflVrtgAQBSOSeDFK+T1uptGtrZLCCOfa4C7fALSS4z/
7/5XSGEJw2xwrNbTknVAc475OZ9tArMR14wQnF+hZV58T+aVXMnlkhqkw9xWrvjc
2gIv08/nYvAScNFAdh2blxunaexFNNK8BDZTqkpHnWKEq4LXsznwRz/wgRAbjOoj
zH/US9/GOOL+A6VbxK2C7tbHJ4OYaKmgX3WgnwMhqKEL51k3gnPqV4kc2sk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:40:31 2024 by rpki-client on console-fra.rpki-client.org