Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/z3ZsbUiHVzPooJwpTntHcQRw1RA.roa
File: z3ZsbUiHVzPooJwpTntHcQRw1RA.roa (raw, json)
Hash identifier: TwJkZbziTtGbFml0PnMEFZpTE5x6WNCnFR7qG8lhHjo=
Subject key identifier: CF:76:6C:6D:48:87:57:33:E8:A0:9C:29:4E:7B:47:71:04:70:D5:10
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 018D3CF73A1B85C70E30C9C2FF1F5CA9D1A9
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/z3ZsbUiHVzPooJwpTntHcQRw1RA.roa
Signing time: Wed 24 Jan 2024 19:34:11 +0000
ROA not before: Wed 24 Jan 2024 19:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64200
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
31.132.54.0/23 maxlen: 23
45.67.147.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.136.0/24 maxlen: 24
63.246.139.0/24 maxlen: 24
63.246.142.0/24 maxlen: 24
63.246.145.0/24 maxlen: 24
63.246.146.0/23 maxlen: 23
63.246.148.0/24 maxlen: 24
63.246.149.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.158.0/23 maxlen: 23
63.246.159.0/24 maxlen: 24
185.171.124.0/24 maxlen: 24
185.171.125.0/24 maxlen: 24
185.171.127.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
192.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 Feb 2024 00:36:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:f7:3a:1b:85:c7:0e:30:c9:c2:ff:1f:5c:a9:d1:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jan 24 19:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cf766c6d48875733e8a09c294e7b47710470d510
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f5:4f:4d:3e:c7:c7:79:88:49:b0:c3:1c:42:
fa:a1:e4:fb:eb:cd:e7:4b:7a:97:37:b6:44:87:2b:
14:da:3c:a5:75:9d:71:6c:8e:b8:79:5c:b1:b6:46:
37:49:f3:7a:e6:05:ca:8a:3a:6b:f7:bc:e2:75:f8:
e0:c7:c7:d4:9c:c9:1d:d0:ef:ef:74:b4:f2:b9:e7:
93:db:f0:23:5a:92:cc:80:e1:d4:12:ed:63:7b:90:
29:9b:aa:41:6d:b6:a4:56:2e:34:e6:be:67:5e:7e:
1a:7f:b9:f1:a7:ec:13:e7:4b:c3:7c:e7:95:0a:4b:
b0:c1:f2:6c:ef:1b:4b:61:39:db:18:df:4b:b5:9f:
d8:3f:e7:3a:07:68:85:ba:14:37:c6:60:c8:3e:7d:
ed:a1:b2:09:f9:4c:76:e6:6e:f4:c1:44:93:3d:ef:
c9:8f:2d:7f:28:f0:29:cd:00:72:87:2d:40:c6:c8:
34:a2:4b:c5:be:ae:4e:b8:1e:eb:c7:5b:77:ed:aa:
37:4d:4e:90:f6:34:a3:3d:28:ea:25:27:9c:f3:1b:
62:b4:b0:cf:37:3e:3d:2f:51:76:31:10:cd:2c:67:
53:5e:f8:0c:28:8d:98:d9:b3:fa:63:2b:6d:8b:73:
38:54:49:01:90:76:cf:24:fa:da:ad:05:a2:47:68:
2a:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:76:6C:6D:48:87:57:33:E8:A0:9C:29:4E:7B:47:71:04:70:D5:10
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/z3ZsbUiHVzPooJwpTntHcQRw1RA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/24
5.182.193.0-5.182.195.255
31.132.53.0-31.132.55.255
45.67.147.0/24
63.246.129.0/24
63.246.136.0/24
63.246.139.0/24
63.246.142.0/24
63.246.145.0-63.246.149.255
63.246.152.0/24
63.246.158.0/23
185.171.124.0/23
185.171.127.0/24
185.201.41.0/24
185.201.43.0/24
185.205.206.0/24
192.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:a5:16:5f:3f:10:82:fd:5c:a8:f1:00:4b:1c:d4:1d:3f:40:
eb:de:65:6d:9b:27:e9:4a:cd:b6:8a:fc:b5:42:dc:01:f4:9d:
70:23:a6:3e:60:7c:09:ea:56:22:5c:ec:16:4b:b8:27:10:63:
0c:b7:98:fa:40:8e:37:0f:72:e6:00:94:db:7c:4f:04:db:4a:
a9:5f:28:8c:c9:97:9b:c7:32:3e:ff:a1:f7:b3:d2:50:d0:33:
c6:c7:4e:5e:c2:c8:9d:41:b7:ac:32:cd:12:74:d1:c8:64:24:
0b:3b:fd:f4:71:70:13:b1:ee:10:ee:3f:fc:df:42:9a:ea:1a:
28:ca:bd:c2:c7:97:5e:7b:45:c1:a8:85:bc:ac:a6:eb:c1:b4:
4a:08:20:1f:4b:6b:9c:cf:50:f7:02:f7:21:5f:5e:0e:3f:d6:
3e:cf:d1:3d:67:7c:09:46:3d:09:0d:c9:38:e0:3b:36:ff:23:
37:ea:41:25:40:e9:fa:99:b4:59:65:0b:e4:3a:c9:a2:b3:e0:
e8:d3:f9:03:3c:04:1d:9d:25:a4:a6:fa:c4:1b:01:81:28:92:
44:a3:d5:b7:7e:b2:d3:29:e7:4c:bc:66:87:92:25:fd:9a:87:
ec:03:04:77:cd:bf:9a:8b:17:db:85:aa:13:b2:01:ae:a4:b3:
1d:44:b1:4f
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAY089zobhccOMMnC/x9cqdGpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjQwMTI0MTkzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjc2NmM2ZDQ4ODc1NzMzZThhMDljMjk0ZTdiNDc3MTA0NzBkNTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPVPTT7Hx3mISbDDHEL6oeT7683n
S3qXN7ZEhysU2jyldZ1xbI64eVyxtkY3SfN65gXKijpr97zidfjgx8fUnMkd0O/v
dLTyueeT2/AjWpLMgOHUEu1je5Apm6pBbbakVi405r5nXn4af7nxp+wT50vDfOeV
CkuwwfJs7xtLYTnbGN9LtZ/YP+c6B2iFuhQ3xmDIPn3tobIJ+Ux25m70wUSTPe/J
jy1/KPApzQByhy1Axsg0okvFvq5OuB7rx1t37ao3TU6Q9jSjPSjqJSec8xtitLDP
Nz49L1F2MRDNLGdTXvgMKI2Y2bP6Yytti3M4VEkBkHbPJPrarQWiR2gq7QIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFM92bG1Ih1cz6KCcKU57R3EEcNUQMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvejNac2JVaUhWelBvb0p3cFRudEhjUVJ3MVJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEAAW2
ujAMAwQABbbBAwQCBbbAMAwDBAAfhDUDBAMfhDADBAAtQ5MDBAA/9oEDBAA/9ogD
BAA/9osDBAA/9o4wDAMEAD/2kQMEAT/2lAMEAD/2mAMEAT/2ngMEAbmrfAMEALmr
fwMEALnJKQMEALnJKwMEALnNzgMEAMCRRDANBgkqhkiG9w0BAQsFAAOCAQEAaqUW
Xz8Qgv1cqPEASxzUHT9A695lbZsn6UrNtor8tULcAfSdcCOmPmB8CepWIlzsFku4
JxBjDLeY+kCONw9y5gCU23xPBNtKqV8ojMmXm8cyPv+h97PSUNAzxsdOXsLInUG3
rDLNEnTRyGQkCzv99HFwE7HuEO4//N9CmuoaKMq9wseXXntFwaiFvKym68G0Sggg
H0trnM9Q9wL3IV9eDj/WPs/RPWd8CUY9CQ3JOOA7Nv8jN+pBJUDp+pm0WWUL5DrJ
orPg6NP5AzwEHZ0lpKb6xBsBgSiSRKPVt36y0ynnTLxmh5Il/ZqH7AMEd82/mosX
24WqE7IBrqSzHUSxTw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:17 2024 by rpki-client on console-ams.rpki-client.org