Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/zRBzZvqIXjp0Ng2GQVAxa772MKE.roa
File: zRBzZvqIXjp0Ng2GQVAxa772MKE.roa (raw, json)
Hash identifier: JkjwTFsu4HcwcSRqoPwJr+PIBfDqCZzNcscvuadA678=
Subject key identifier: CD:10:73:66:FA:88:5E:3A:74:36:0D:86:41:50:31:6B:BE:F6:30:A1
Certificate issuer: /CN=49378660f5f01923946c35d94be5ccd7d2b71051
Certificate serial: 018823C5EC514FCBD852D3D87BB2371565B5
Authority key identifier: 49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/zRBzZvqIXjp0Ng2GQVAxa772MKE.roa
Signing time: Tue 16 May 2023 08:55:53 +0000
ROA not before: Tue 16 May 2023 08:55:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203593
IP address blocks: 185.129.253.0/24 maxlen: 24
185.129.252.0/24 maxlen: 24
185.129.254.0/24 maxlen: 24
185.129.255.0/24 maxlen: 24
213.244.35.0/24 maxlen: 24
213.244.41.0/24 maxlen: 24
157.97.163.0/24 maxlen: 24
213.244.42.0/24 maxlen: 24
213.244.40.0/24 maxlen: 24
193.254.202.0/24 maxlen: 24
193.254.203.0/24 maxlen: 24
2a06:d680::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 26 May 2023 11:30:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:23:c5:ec:51:4f:cb:d8:52:d3:d8:7b:b2:37:15:65:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49378660f5f01923946c35d94be5ccd7d2b71051
Validity
Not Before: May 16 08:55:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cd107366fa885e3a74360d864150316bbef630a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a7:4c:cb:f3:03:15:93:9c:d8:b0:66:b2:02:
5e:04:59:37:6c:c0:86:58:f9:32:6f:ac:14:4f:61:
7f:60:15:6e:99:2b:0f:60:83:67:aa:62:b7:f8:34:
f1:f2:c6:0c:53:f7:c0:8c:13:74:02:af:07:13:89:
45:ce:4f:b3:bd:4e:c6:f9:08:83:d7:0e:ca:61:fd:
3e:af:81:b0:a8:09:bb:8a:18:f5:72:27:d3:98:35:
31:14:51:36:d0:fb:94:f0:e7:03:ce:a6:ec:02:3b:
54:92:72:08:08:b1:30:2c:94:e1:32:b2:10:21:b2:
48:7a:02:92:50:25:ab:ad:05:e0:1b:87:ee:c2:73:
47:57:15:61:a9:47:4c:51:e8:f9:f0:72:4d:8d:ea:
6e:4e:27:42:ec:8f:29:12:9f:b8:52:c1:d4:91:20:
5e:2b:be:71:90:15:fb:d6:08:f9:0b:44:e6:0f:f4:
41:b0:1d:94:4a:1b:3e:7e:ed:de:41:8c:e2:f3:58:
62:a8:c1:88:e7:34:98:3d:48:7f:0e:c2:c7:05:85:
31:f1:0f:67:24:87:b3:e7:b4:b4:cb:cf:6b:9e:8d:
1f:c5:ca:71:92:8a:a8:fd:65:7e:78:64:7c:8f:22:
ca:40:e5:72:26:0b:fb:80:a5:40:fd:b4:81:aa:d9:
e9:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:10:73:66:FA:88:5E:3A:74:36:0D:86:41:50:31:6B:BE:F6:30:A1
X509v3 Authority Key Identifier:
keyid:49:37:86:60:F5:F0:19:23:94:6C:35:D9:4B:E5:CC:D7:D2:B7:10:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/STeGYPXwGSOUbDXZS-XM19K3EFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/zRBzZvqIXjp0Ng2GQVAxa772MKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/07cdcf-8875-4770-8c75-41b745bf53db/1/STeGYPXwGSOUbDXZS-XM19K3EFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.97.163.0/24
185.129.252.0/22
193.254.202.0/23
213.244.35.0/24
213.244.40.0-213.244.42.255
IPv6:
2a06:d680::/29
Signature Algorithm: sha256WithRSAEncryption
94:a1:b1:8e:01:06:a2:da:2b:1d:ec:e1:d8:bb:23:90:89:8d:
7f:0b:ae:94:9b:6b:01:fc:5f:65:cf:ea:84:8e:92:aa:14:38:
1a:d6:f2:0d:02:0b:e0:6d:0b:79:b4:ca:b7:ab:84:78:3c:37:
36:ba:b2:34:f3:72:89:bb:3c:a2:b6:94:5e:2b:7b:6c:05:03:
47:fb:12:57:06:63:e3:67:4f:7a:cc:25:08:4f:26:57:79:92:
a6:76:05:e2:21:15:04:d0:c3:97:95:46:37:af:c0:fb:47:9a:
19:1f:be:2e:f6:7c:6d:cb:34:bb:12:3f:69:66:04:a5:e5:ec:
f8:50:73:03:20:73:83:14:bc:6c:3b:5c:09:33:0f:78:ae:6c:
dd:51:e9:c4:b5:97:78:82:ed:8b:87:39:5b:32:be:b6:83:2e:
b5:7a:d4:82:42:c1:b4:8c:18:ae:98:5b:b9:e3:6a:c1:19:23:
b8:a2:5c:5f:fb:97:f1:94:76:e5:1f:46:c1:10:e8:b4:3b:b2:
0b:f5:fe:b9:1a:51:45:fa:d3:5e:14:5f:4e:3b:aa:5c:1a:f7:
3d:65:83:bc:dd:cc:5b:17:c3:6e:05:3d:47:1a:9f:6a:0a:71:
94:36:96:61:cd:39:0d:4d:68:47:2c:b6:54:a2:57:a8:fe:44:
15:a5:a6:da
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAYgjxexRT8vYUtPYe7I3FWW1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5Mzc4NjYwZjVmMDE5MjM5NDZjMzVkOTRiZTVjY2Q3ZDJi
NzEwNTEwHhcNMjMwNTE2MDg1NTUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDEwNzM2NmZhODg1ZTNhNzQzNjBkODY0MTUwMzE2YmJlZjYzMGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6dMy/MDFZOc2LBmsgJeBFk3bMCG
WPkyb6wUT2F/YBVumSsPYINnqmK3+DTx8sYMU/fAjBN0Aq8HE4lFzk+zvU7G+QiD
1w7KYf0+r4GwqAm7ihj1cifTmDUxFFE20PuU8OcDzqbsAjtUknIICLEwLJThMrIQ
IbJIegKSUCWrrQXgG4fuwnNHVxVhqUdMUej58HJNjepuTidC7I8pEp+4UsHUkSBe
K75xkBX71gj5C0TmD/RBsB2UShs+fu3eQYzi81hiqMGI5zSYPUh/DsLHBYUx8Q9n
JIez57S0y89rno0fxcpxkoqo/WV+eGR8jyLKQOVyJgv7gKVA/bSBqtnpowIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFM0Qc2b6iF46dDYNhkFQMWu+9jChMB8GA1UdIwQY
MBaAFEk3hmD18BkjlGw12UvlzNfStxBRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUt
NDFiNzQ1YmY1M2RiLzEvelJCelp2cUlYanAwTmcyR1FWQXhhNzcyTUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8wN2NkY2YtODg3NS00NzcwLThjNzUtNDFiNzQ1YmY1M2Ri
LzEvU1RlR1lQWHdHU09VYkRYWlMtWE0xOUszRUZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAsBAIAATAmAwQAnWGjAwQC
uYH8AwQBwf7KAwQA1fQjMAwDBAPV9CgDBADV9CowDQQCAAIwBwMFAyoG1oAwDQYJ
KoZIhvcNAQELBQADggEBAJShsY4BBqLaKx3s4di7I5CJjX8LrpSbawH8X2XP6oSO
kqoUOBrW8g0CC+BtC3m0yrerhHg8Nza6sjTzcom7PKK2lF4re2wFA0f7ElcGY+Nn
T3rMJQhPJld5kqZ2BeIhFQTQw5eVRjevwPtHmhkfvi72fG3LNLsSP2lmBKXl7PhQ
cwMgc4MUvGw7XAkzD3iubN1R6cS1l3iC7YuHOVsyvraDLrV61IJCwbSMGK6YW7nj
asEZI7iiXF/7l/GUduUfRsEQ6LQ7sgv1/rkaUUX6014UX047qlwa9z1lg7zdzFsX
w24FPUcan2oKcZQ2lmHNOQ1NaEcstlSiV6j+RBWlpto=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:52 2024 by rpki-client on console-fra.rpki-client.org