Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dZT3z1fX-BdW-MvU4sRokzKeyk0.roa
File: dZT3z1fX-BdW-MvU4sRokzKeyk0.roa (raw, json)
Hash identifier: GHulWKD5ksSEHNYnHi79C3cDt4WSn672w6xfDi+1tgk=
Subject key identifier: 75:94:F7:CF:57:D7:F8:17:56:F8:CB:D4:E2:C4:68:93:32:9E:CA:4D
Certificate issuer: /CN=152fedb025a6cbd24868419a0cb5629d48635917
Certificate serial: 01856DE677C96663CB9B96950C8BCA2E2C9B
Authority key identifier: 15:2F:ED:B0:25:A6:CB:D2:48:68:41:9A:0C:B5:62:9D:48:63:59:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FS_tsCWmy9JIaEGaDLVinUhjWRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dZT3z1fX-BdW-MvU4sRokzKeyk0.roa
Signing time: Sun 01 Jan 2023 15:14:58 +0000
ROA not before: Sun 01 Jan 2023 15:14:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57958
IP address blocks: 164.138.233.0/24 maxlen: 24
164.138.232.0/24 maxlen: 24
164.138.232.0/21 maxlen: 21
164.138.237.0/24 maxlen: 24
164.138.234.0/24 maxlen: 24
164.138.239.0/24 maxlen: 24
164.138.236.0/24 maxlen: 24
164.138.238.0/24 maxlen: 24
164.138.235.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jan 2024 12:33:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:e6:77:c9:66:63:cb:9b:96:95:0c:8b:ca:2e:2c:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=152fedb025a6cbd24868419a0cb5629d48635917
Validity
Not Before: Jan 1 15:14:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=7594f7cf57d7f81756f8cbd4e2c46893329eca4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:56:43:82:1e:a2:87:f0:7b:4c:ad:0f:a7:01:
18:40:be:4d:33:4f:cd:2b:f7:0a:99:bf:0e:3f:ed:
46:37:c4:6e:22:50:70:5a:f0:09:59:bd:be:5e:ea:
a9:9d:12:ce:d2:d6:0a:62:2a:29:45:1c:fd:43:fb:
33:42:9f:1a:63:27:a1:1b:ef:18:95:24:15:e3:27:
f6:96:38:02:d2:e1:61:37:e2:21:fd:9a:8f:a8:c9:
8a:a8:9b:50:1b:f7:40:1a:51:1d:5a:68:3b:7b:5b:
5a:e2:0d:0f:77:88:e5:bf:a1:74:44:50:b1:a5:5c:
68:3f:92:26:9d:cd:cd:a0:aa:df:5c:01:0e:76:ab:
00:2d:e0:db:b1:4d:53:ad:5a:2e:cb:fc:41:4e:a8:
61:18:dd:06:f4:eb:09:21:0f:d7:1f:a5:02:22:9a:
b4:9d:5b:32:02:7d:0a:b0:b0:3b:df:05:95:52:75:
f2:c3:c8:52:8e:53:60:aa:7a:5d:28:37:c2:ca:9a:
87:59:10:5e:2b:e6:d6:79:4a:84:4c:8a:c5:d6:d8:
8e:9f:58:01:f6:36:d4:cd:cb:3f:19:79:02:76:54:
7d:ac:c0:64:da:f9:ab:37:bf:42:9e:00:92:28:68:
af:83:b3:f7:2d:92:f6:35:91:d9:6b:b6:ab:de:ba:
61:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:94:F7:CF:57:D7:F8:17:56:F8:CB:D4:E2:C4:68:93:32:9E:CA:4D
X509v3 Authority Key Identifier:
keyid:15:2F:ED:B0:25:A6:CB:D2:48:68:41:9A:0C:B5:62:9D:48:63:59:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FS_tsCWmy9JIaEGaDLVinUhjWRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/dZT3z1fX-BdW-MvU4sRokzKeyk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/a59b6d-0239-4211-9bbb-1a21219e9100/1/FS_tsCWmy9JIaEGaDLVinUhjWRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.138.232.0/21
Signature Algorithm: sha256WithRSAEncryption
09:52:61:a9:75:72:8d:fb:45:30:40:aa:c1:4d:16:db:16:39:
2a:71:27:e0:99:5c:41:e2:84:60:b2:48:d1:d3:13:25:bd:a3:
bd:8f:05:d9:bf:bb:ac:89:67:cb:11:e8:6e:68:aa:b2:06:53:
b0:96:85:03:18:73:ca:60:8f:1f:2d:68:a5:48:9d:30:f8:e9:
d3:32:5f:13:f1:96:27:c0:cb:b2:7f:6e:21:8f:f6:26:f7:07:
f6:07:5b:92:4b:2f:db:f2:69:94:2f:23:c4:41:82:3e:f5:2c:
71:68:06:2c:8b:eb:a0:b2:66:17:dd:30:69:16:4e:35:0f:74:
b0:11:6a:1f:8d:3f:f8:4c:9f:1a:1c:08:03:21:68:12:34:3c:
c0:81:a2:e3:7c:d8:e5:a8:dd:1d:c3:79:bb:6e:94:4a:66:07:
e0:5c:06:08:1b:d5:1f:38:40:b5:39:32:ef:9c:02:a4:cd:e1:
78:e9:43:28:7f:96:58:77:9e:26:3e:75:be:6e:42:83:d2:2c:
a3:d2:97:d2:50:d7:56:55:2b:23:0a:13:15:5b:1c:ad:fa:22:
a7:ee:26:b0:ba:3c:49:5b:7f:59:67:18:d8:4c:e1:e2:fc:62:
2c:0e:e3:03:c3:1f:75:18:0e:00:02:20:99:f3:e5:c7:6d:e0:
63:29:98:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt5nfJZmPLm5aVDIvKLiybMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MmZlZGIwMjVhNmNiZDI0ODY4NDE5YTBjYjU2MjlkNDg2
MzU5MTcwHhcNMjMwMTAxMTUxNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk0ZjdjZjU3ZDdmODE3NTZmOGNiZDRlMmM0Njg5MzMyOWVjYTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1ZDgh6ih/B7TK0PpwEYQL5NM0/N
K/cKmb8OP+1GN8RuIlBwWvAJWb2+XuqpnRLO0tYKYiopRRz9Q/szQp8aYyehG+8Y
lSQV4yf2ljgC0uFhN+Ih/ZqPqMmKqJtQG/dAGlEdWmg7e1ta4g0Pd4jlv6F0RFCx
pVxoP5Imnc3NoKrfXAEOdqsALeDbsU1TrVouy/xBTqhhGN0G9OsJIQ/XH6UCIpq0
nVsyAn0KsLA73wWVUnXyw8hSjlNgqnpdKDfCypqHWRBeK+bWeUqETIrF1tiOn1gB
9jbUzcs/GXkCdlR9rMBk2vmrN79CngCSKGivg7P3LZL2NZHZa7ar3rphwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHWU989X1/gXVvjL1OLEaJMynspNMB8GA1UdIwQY
MBaAFBUv7bAlpsvSSGhBmgy1Yp1IY1kXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlNfdHNDV215OUpJYUVHYURMVmluVWhqV1JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9hNTliNmQtMDIzOS00MjExLTliYmIt
MWEyMTIxOWU5MTAwLzEvZFpUM3oxZlgtQmRXLU12VTRzUm9rektleWswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9hNTliNmQtMDIzOS00MjExLTliYmItMWEyMTIxOWU5MTAw
LzEvRlNfdHNDV215OUpJYUVHYURMVmluVWhqV1JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDpIroMA0G
CSqGSIb3DQEBCwUAA4IBAQAJUmGpdXKN+0UwQKrBTRbbFjkqcSfgmVxB4oRgskjR
0xMlvaO9jwXZv7usiWfLEehuaKqyBlOwloUDGHPKYI8fLWilSJ0w+OnTMl8T8ZYn
wMuyf24hj/Ym9wf2B1uSSy/b8mmULyPEQYI+9SxxaAYsi+ugsmYX3TBpFk41D3Sw
EWofjT/4TJ8aHAgDIWgSNDzAgaLjfNjlqN0dw3m7bpRKZgfgXAYIG9UfOEC1OTLv
nAKkzeF46UMof5ZYd54mPnW+bkKD0iyj0pfSUNdWVSsjChMVWxyt+iKn7iawujxJ
W39ZZxjYTOHi/GIsDuMDwx91GA4AAiCZ8+XHbeBjKZhA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:13 2024 by rpki-client on console-fra.rpki-client.org