Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Z6ic-H4GGL0S9Bkcpm4BBOJGox0.roa
File: Z6ic-H4GGL0S9Bkcpm4BBOJGox0.roa (raw, json)
Hash identifier: fNXOJBgbaXSNec7ILwauDAwwyPKsVdHpyo5PMhsTzQo=
Subject key identifier: 67:A8:9C:F8:7E:06:18:BD:12:F4:19:1C:A6:6E:01:04:E2:46:A3:1D
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 018DEDFF0FAFB1A549CD99522460F7EE195F
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Z6ic-H4GGL0S9Bkcpm4BBOJGox0.roa
Signing time: Wed 28 Feb 2024 04:35:32 +0000
ROA not before: Wed 28 Feb 2024 04:35:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211183
IP address blocks: 5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 21 Mar 2024 15:58:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:ed:ff:0f:af:b1:a5:49:cd:99:52:24:60:f7:ee:19:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Feb 28 04:35:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67a89cf87e0618bd12f4191ca66e0104e246a31d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:d1:ea:f4:98:64:25:fa:be:cd:79:7f:04:85:
c9:df:b1:a0:6b:88:2e:80:b4:76:ef:a2:e5:9a:b9:
5d:c6:37:92:ee:fa:83:32:a6:b7:cd:df:7e:fd:f8:
e2:8d:ab:e0:d6:4c:5c:61:9f:35:e9:c7:d4:88:0a:
f5:d8:c7:5e:55:f8:ac:b6:53:34:53:d5:1f:a2:56:
38:1a:64:b2:fc:07:39:00:bc:ef:42:e9:d0:f3:8c:
72:ed:3c:9f:4b:d6:08:64:60:42:b4:69:38:0f:08:
a2:3c:35:1f:3b:30:4a:ab:d0:eb:a7:a1:62:ee:ed:
a4:6a:05:0f:eb:b4:54:77:d9:ed:6e:3e:52:54:c1:
5e:a5:35:c6:c2:73:dd:ce:50:f2:13:1d:45:d4:6a:
7a:ce:5d:cc:1b:fd:17:1d:9f:2e:37:8f:24:6a:d3:
83:fd:3a:65:1a:c9:59:27:ca:5d:df:c1:39:8a:25:
5d:a9:75:ba:39:aa:25:a4:0d:49:ea:d6:b8:f6:63:
98:e0:af:33:6d:07:dc:16:d4:96:94:f3:71:ed:a5:
78:e6:5d:a9:59:62:e6:4f:f9:b8:b8:7c:e4:75:bc:
8b:c5:e9:07:02:a2:42:5a:19:f4:f6:b0:7d:d5:72:
e8:0c:f2:3b:92:57:86:bd:b8:c1:40:13:1f:d8:f7:
b5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:A8:9C:F8:7E:06:18:BD:12:F4:19:1C:A6:6E:01:04:E2:46:A3:1D
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/Z6ic-H4GGL0S9Bkcpm4BBOJGox0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
91.200.84.0/24
94.154.11.0/24
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
Signature Algorithm: sha256WithRSAEncryption
49:b4:52:df:72:36:68:e7:15:66:57:33:2d:f9:6d:1d:68:78:
cf:67:19:66:cd:7c:5a:97:2c:03:51:c4:f6:e7:58:11:16:8a:
a0:a2:b5:b6:69:4f:38:78:ef:59:e7:ba:24:9f:66:4c:3a:90:
ac:6a:30:cc:c8:84:b7:9a:6f:9e:dc:77:89:cb:8d:15:8a:fd:
f9:d9:6a:97:a5:4a:68:c6:ab:09:91:31:b5:ab:95:15:b1:8a:
a6:31:fe:f5:cb:d6:6e:00:ea:d0:d3:b4:ec:e3:6d:2c:76:5c:
63:49:f9:b1:0e:2d:68:f3:c6:38:6c:30:97:fd:09:7f:03:21:
90:66:01:ee:f8:d5:19:ea:95:39:f0:50:c6:38:06:9b:46:45:
77:fd:d3:92:74:8f:e2:44:c8:3a:8e:a0:42:53:6f:69:75:29:
5d:7f:a3:d7:db:cd:af:4e:e6:32:0b:be:e9:1c:10:4e:d9:31:
f0:b6:10:f0:5f:f6:44:98:7d:2c:6a:ba:03:83:ed:8d:8a:82:
8f:05:71:f4:4e:4d:a0:7a:39:a4:aa:e7:66:c6:17:4a:0e:82:
4a:5e:bc:1e:5e:a7:0e:f1:d2:57:74:18:9b:e3:94:1a:15:02:
d5:f3:6e:a5:0b:2f:3a:fe:07:8c:ce:ad:d4:90:a4:57:48:94:
25:e8:18:c8
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAY3t/w+vsaVJzZlSJGD37hlfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjQwMjI4MDQzNTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2E4OWNmODdlMDYxOGJkMTJmNDE5MWNhNjZlMDEwNGUyNDZhMzFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyNHq9JhkJfq+zXl/BIXJ37Gga4gu
gLR276LlmrldxjeS7vqDMqa3zd9+/fjijavg1kxcYZ816cfUiAr12MdeVfistlM0
U9UfolY4GmSy/Ac5ALzvQunQ84xy7TyfS9YIZGBCtGk4DwiiPDUfOzBKq9Drp6Fi
7u2kagUP67RUd9ntbj5SVMFepTXGwnPdzlDyEx1F1Gp6zl3MG/0XHZ8uN48katOD
/TplGslZJ8pd38E5iiVdqXW6OaolpA1J6ta49mOY4K8zbQfcFtSWlPNx7aV45l2p
WWLmT/m4uHzkdbyLxekHAqJCWhn09rB91XLoDPI7kleGvbjBQBMf2Pe1FwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFGeonPh+Bhi9EvQZHKZuAQTiRqMdMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEvWjZpYy1INEdHTDBTOUJrY3BtNEJCT0pHb3gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQABf0+AwQA
JYzxAwQALYDMMAwDBABPhbUDBANPhbADBABbyFQDBABemgsDBAC58GcDBAC59DMD
BAC5+iwDBAG5+i4DBADBu2AwDQYJKoZIhvcNAQELBQADggEBAEm0Ut9yNmjnFWZX
My35bR1oeM9nGWbNfFqXLANRxPbnWBEWiqCitbZpTzh471nnuiSfZkw6kKxqMMzI
hLeab57cd4nLjRWK/fnZapelSmjGqwmRMbWrlRWxiqYx/vXL1m4A6tDTtOzjbSx2
XGNJ+bEOLWjzxjhsMJf9CX8DIZBmAe741RnqlTnwUMY4BptGRXf905J0j+JEyDqO
oEJTb2l1KV1/o9fbza9O5jILvukcEE7ZMfC2EPBf9kSYfSxqugOD7Y2Kgo8FcfRO
TaB6OaSq52bGF0oOgkpevB5epw7x0ld0GJvjlBoVAtXzbqULLzr+B4zOrdSQpFdI
lCXoGMg=
-----END CERTIFICATE-----
Generated at Thu Mar 21 20:35:49 2024 by rpki-client on console-fra.rpki-client.org