Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/zEjuPW9wFsL2caub-KR2AppiH-8.roa
File: zEjuPW9wFsL2caub-KR2AppiH-8.roa (raw, json)
Hash identifier: Im8ddq/vgzOALu8MwXCxE96/eYyGZ2Chre8igl4hwHc=
Subject key identifier: CC:48:EE:3D:6F:70:16:C2:F6:71:AB:9B:F8:A4:76:02:9A:62:1F:EF
Certificate issuer: /CN=4b529a4d22faef23135d6eff8912266623c49255
Certificate serial: 018570797AE871417B810010E84B1836E1A0
Authority key identifier: 4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/zEjuPW9wFsL2caub-KR2AppiH-8.roa
Signing time: Mon 02 Jan 2023 03:14:47 +0000
ROA not before: Mon 02 Jan 2023 03:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42705
IP address blocks: 80.251.0.0/20 maxlen: 20
80.251.10.0/24 maxlen: 24
80.251.11.0/24 maxlen: 24
85.31.64.0/19 maxlen: 24
5.11.16.0/24 maxlen: 24
5.11.17.0/24 maxlen: 24
5.11.16.0/22 maxlen: 22
5.11.24.0/24 maxlen: 24
5.11.24.0/23 maxlen: 23
5.11.24.0/21 maxlen: 21
5.11.26.0/23 maxlen: 23
5.11.25.0/24 maxlen: 24
5.11.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Jul 2023 12:31:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:79:7a:e8:71:41:7b:81:00:10:e8:4b:18:36:e1:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b529a4d22faef23135d6eff8912266623c49255
Validity
Not Before: Jan 2 03:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=cc48ee3d6f7016c2f671ab9bf8a476029a621fef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:09:2b:09:fd:cb:52:c1:db:92:85:c5:0b:70:
c4:22:54:17:25:7c:9c:3b:b8:eb:7f:7b:b2:64:c5:
60:99:fc:73:e7:7a:75:e0:75:29:92:67:eb:c7:cc:
85:b2:ae:69:8c:0f:c2:b1:66:80:00:cd:54:39:d3:
49:b8:15:dc:17:eb:db:e1:00:ba:e0:11:98:ad:75:
fb:40:7c:45:4d:bd:71:9e:3f:dc:d6:e0:f2:8d:8d:
f7:53:ac:5c:e1:8d:a2:9a:eb:cc:70:8e:bc:21:ca:
3c:f8:61:1c:f5:86:e5:77:84:6c:1c:6f:9e:51:ae:
0e:f1:34:bc:1f:6f:48:2c:fd:79:20:20:d2:92:b4:
13:a4:27:b6:f9:1c:1e:3b:be:f3:74:60:63:df:91:
42:7e:bc:27:d0:ed:00:82:a3:5a:69:2b:41:ca:ef:
c0:6e:5b:c6:bd:6b:72:cc:8c:50:87:75:70:91:3b:
f3:94:7a:5e:08:e3:4f:aa:95:8f:e9:d1:10:b9:a2:
de:54:68:e9:61:4e:31:6d:d1:cd:29:fc:7c:65:9f:
6e:12:94:58:92:1a:36:bc:cc:b4:d5:93:f1:15:41:
75:d8:ce:a6:7e:7f:fb:0f:75:56:95:a3:e9:77:2b:
f2:51:ab:60:c8:ec:b3:84:be:4e:41:d0:4b:40:92:
cf:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:48:EE:3D:6F:70:16:C2:F6:71:AB:9B:F8:A4:76:02:9A:62:1F:EF
X509v3 Authority Key Identifier:
keyid:4B:52:9A:4D:22:FA:EF:23:13:5D:6E:FF:89:12:26:66:23:C4:92:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S1KaTSL67yMTXW7_iRImZiPEklU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/zEjuPW9wFsL2caub-KR2AppiH-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/1d9b05-ec61-4c33-a097-36ae76ee983e/1/S1KaTSL67yMTXW7_iRImZiPEklU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.16.0/22
5.11.24.0/21
80.251.0.0/20
85.31.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6b:7c:89:8a:f4:59:6f:1e:15:8c:ae:b1:f4:d6:88:c3:91:4c:
4e:7f:11:1f:9f:db:11:74:9e:1a:28:54:c6:e0:76:85:8f:d9:
fc:17:2b:9a:be:f6:71:f1:79:d0:2c:0d:63:46:93:13:a1:39:
27:a6:d0:c9:b0:99:59:13:36:b1:2b:a5:fa:26:18:ab:4e:d8:
40:36:90:25:39:de:f8:a1:ca:82:62:88:07:b7:f3:7f:0b:e6:
43:ad:9c:c3:33:da:9b:74:aa:92:1b:4b:4c:77:17:fb:43:5a:
46:85:99:34:b2:36:ba:cd:7b:2e:82:09:75:e0:30:27:17:f7:
bf:49:56:b0:98:03:bb:d3:f3:d7:d8:30:4c:87:c9:7d:b3:2b:
b6:3c:0b:fe:c4:c0:13:40:73:85:87:4e:23:17:ab:29:d0:56:
16:f0:c4:b5:d1:29:33:78:08:ed:a6:44:21:5b:f4:0d:a4:f4:
03:9a:0c:ca:c7:18:99:50:ad:08:61:49:2f:d6:69:65:58:cf:
1a:87:2a:83:18:d2:6e:9b:fc:a2:72:96:37:dd:b1:d4:bd:cf:
ca:b6:e2:7f:2e:a1:ba:69:89:f3:b7:66:70:fe:af:8f:d9:e9:
61:a6:54:fc:49:06:1c:52:fa:d4:33:51:44:29:cb:dc:c4:43:
b2:0f:d1:9c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVweXrocUF7gQAQ6EsYNuGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNTI5YTRkMjJmYWVmMjMxMzVkNmVmZjg5MTIyNjY2MjNj
NDkyNTUwHhcNMjMwMTAyMDMxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ4ZWUzZDZmNzAxNmMyZjY3MWFiOWJmOGE0NzYwMjlhNjIxZmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAkrCf3LUsHbkoXFC3DEIlQXJXyc
O7jrf3uyZMVgmfxz53p14HUpkmfrx8yFsq5pjA/CsWaAAM1UOdNJuBXcF+vb4QC6
4BGYrXX7QHxFTb1xnj/c1uDyjY33U6xc4Y2imuvMcI68Ico8+GEc9Ybld4RsHG+e
Ua4O8TS8H29ILP15ICDSkrQTpCe2+RweO77zdGBj35FCfrwn0O0AgqNaaStByu/A
blvGvWtyzIxQh3VwkTvzlHpeCONPqpWP6dEQuaLeVGjpYU4xbdHNKfx8ZZ9uEpRY
kho2vMy01ZPxFUF12M6mfn/7D3VWlaPpdyvyUatgyOyzhL5OQdBLQJLP6wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMxI7j1vcBbC9nGrm/ikdgKaYh/vMB8GA1UdIwQY
MBaAFEtSmk0i+u8jE11u/4kSJmYjxJJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTct
MzZhZTc2ZWU5ODNlLzEvekVqdVBXOXdGc0wyY2F1Yi1LUjJBcHBpSC04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xZDliMDUtZWM2MS00YzMzLWEwOTctMzZhZTc2ZWU5ODNl
LzEvUzFLYVRTTDY3eU1UWFc3X2lSSW1aaVBFa2xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBQsQAwQD
BQsYAwQEUPsAAwQFVR9AMA0GCSqGSIb3DQEBCwUAA4IBAQBrfImK9FlvHhWMrrH0
1ojDkUxOfxEfn9sRdJ4aKFTG4HaFj9n8FyuavvZx8XnQLA1jRpMToTknptDJsJlZ
EzaxK6X6JhirTthANpAlOd74ocqCYogHt/N/C+ZDrZzDM9qbdKqSG0tMdxf7Q1pG
hZk0sja6zXsuggl14DAnF/e/SVawmAO70/PX2DBMh8l9syu2PAv+xMATQHOFh04j
F6sp0FYW8MS10SkzeAjtpkQhW/QNpPQDmgzKxxiZUK0IYUkv1mllWM8ahyqDGNJu
m/yicpY33bHUvc/KtuJ/LqG6aYnzt2Zw/q+P2elhplT8SQYcUvrUM1FEKcvcxEOy
D9Gc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:02 2024 by rpki-client on console-ams.rpki-client.org