Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/zhQLAl5MaVoV6UGPpX7YmuW4IyY.roa
File: zhQLAl5MaVoV6UGPpX7YmuW4IyY.roa (raw, json)
Hash identifier: NbydhXB3kg0Y905GLTy3hSp2PlYNomxmYjqI5Z6zM7o=
Subject key identifier: CE:14:0B:02:5E:4C:69:5A:15:E9:41:8F:A5:7E:D8:9A:E5:B8:23:26
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 018F344CA1103FBB2E2BE12F2B8D7EBA6406
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/zhQLAl5MaVoV6UGPpX7YmuW4IyY.roa
Signing time: Wed 01 May 2024 13:16:28 +0000
ROA not before: Wed 01 May 2024 13:16:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.133.68.0/22 maxlen: 24
2a05:2440::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 21 Nov 2024 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:4c:a1:10:3f:bb:2e:2b:e1:2f:2b:8d:7e:ba:64:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: May 1 13:16:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce140b025e4c695a15e9418fa57ed89ae5b82326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:3b:ae:38:72:b2:1e:0c:c2:ba:b5:07:ce:76:
63:8f:e3:c9:09:77:aa:3f:44:28:f8:cf:39:e7:e5:
22:0e:eb:80:fb:4b:ff:e1:75:d5:cf:7c:b6:0c:ea:
20:bf:e5:69:b7:28:b4:cc:9b:de:d7:0f:45:e9:95:
d4:cf:55:21:7d:15:94:67:77:5b:01:ba:59:b0:cb:
d1:ad:b0:b6:6c:4b:ca:02:b3:53:7c:c9:e9:87:38:
ff:c2:40:ba:ae:94:00:c0:dc:6c:26:97:91:47:e6:
cd:79:f1:ec:f8:e5:77:79:bc:27:fb:da:3a:96:06:
2b:89:ec:34:4a:bc:8b:c4:c2:25:cc:a7:3f:ef:ab:
74:f5:56:00:7b:0f:bd:f0:d8:5d:35:b5:44:c1:8d:
25:19:f2:91:a0:db:51:29:03:1a:56:01:ab:34:01:
02:16:0b:06:15:ee:04:b2:a5:d9:bf:53:04:ea:af:
29:71:e1:45:55:8a:c4:01:3e:c2:57:be:f6:0d:08:
28:69:0d:f3:cc:51:88:fa:75:8e:1e:e4:3f:47:82:
ee:34:d1:41:6b:2e:ec:38:d6:4b:1b:44:75:34:bb:
6c:f6:f3:6b:91:f3:66:e6:70:4c:d5:f2:00:49:28:
8c:6a:86:d4:b7:8f:ce:27:b8:e5:cd:88:02:f0:0f:
2a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:14:0B:02:5E:4C:69:5A:15:E9:41:8F:A5:7E:D8:9A:E5:B8:23:26
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/zhQLAl5MaVoV6UGPpX7YmuW4IyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
IPv6:
2a05:2440::/29
Signature Algorithm: sha256WithRSAEncryption
5a:37:8e:c2:52:bd:73:db:d8:02:e1:98:a8:d9:97:e1:0a:e7:
c1:f8:5e:ce:98:21:1f:80:7f:b4:bb:62:6c:75:85:9b:b1:c5:
bd:dc:9e:e0:6e:7e:de:86:55:c5:d6:3a:08:e3:21:f9:b4:b1:
38:6a:d1:03:99:63:2f:6e:fb:05:67:6d:89:1b:51:a7:e1:e8:
2f:69:e7:cc:44:9f:66:1b:9d:c4:03:7b:33:2a:02:f3:9f:f5:
14:d7:9a:35:4f:8a:c7:b0:70:f4:f0:ee:61:b2:b4:ae:93:d7:
66:92:6f:e6:32:67:ea:88:8a:5a:51:fa:7e:f5:cc:cf:84:f2:
3c:8e:3a:e3:df:b7:0c:e2:a2:7b:43:38:44:ad:e1:b3:48:9b:
ba:e2:38:7e:e4:fb:96:65:31:b2:28:65:a7:4d:e4:f3:08:a9:
fa:1b:86:80:7e:73:d0:cd:12:25:38:a8:cf:80:cd:69:fc:01:
2c:d8:32:5f:bf:97:51:be:37:59:61:b4:e2:3a:92:5f:ce:bb:
97:1d:00:ce:4d:3f:b6:41:0d:8e:24:cc:d7:d4:00:f4:d7:b3:
2f:ea:ac:d3:3c:b9:93:c9:f1:4e:65:4f:67:a2:a2:1e:8f:5e:
4f:4b:ae:50:f9:29:13:d0:23:0f:23:17:bd:6d:87:ed:5d:87:
e8:77:7b:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY80TKEQP7suK+EvK41+umQGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmUzODgxZjNjNDQ3NzRmNTFjYzc1ZWU3ZTZmOTFjNTU2
NWE2MDYwHhcNMjQwNTAxMTMxNjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE0MGIwMjVlNGM2OTVhMTVlOTQxOGZhNTdlZDg5YWU1YjgyMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuzuuOHKyHgzCurUHznZjj+PJCXeq
P0Qo+M855+UiDuuA+0v/4XXVz3y2DOogv+Vptyi0zJve1w9F6ZXUz1UhfRWUZ3db
AbpZsMvRrbC2bEvKArNTfMnphzj/wkC6rpQAwNxsJpeRR+bNefHs+OV3ebwn+9o6
lgYriew0SryLxMIlzKc/76t09VYAew+98NhdNbVEwY0lGfKRoNtRKQMaVgGrNAEC
FgsGFe4EsqXZv1ME6q8pceFFVYrEAT7CV772DQgoaQ3zzFGI+nWOHuQ/R4LuNNFB
ay7sONZLG0R1NLts9vNrkfNm5nBM1fIASSiMaobUt4/OJ7jlzYgC8A8qyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM4UCwJeTGlaFelBj6V+2JrluCMmMB8GA1UdIwQY
MBaAFFz+OIHzxEd09RzHXufm+RxVZaYGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYt
N2M5OTgwNzlhNmE5LzEvemhRTEFsNU1hVm9WNlVHUHBYN1ltdVc0SXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81MjYwZDAtMTg1NS00ZjMwLWI4ZWYtN2M5OTgwNzlhNmE5
LzEvWFA0NGdmUEVSM1QxSE1kZTUtYjVIRlZscGdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYVEMA0E
AgACMAcDBQMqBSRAMA0GCSqGSIb3DQEBCwUAA4IBAQBaN47CUr1z29gC4Zio2Zfh
CufB+F7OmCEfgH+0u2JsdYWbscW93J7gbn7ehlXF1joI4yH5tLE4atEDmWMvbvsF
Z22JG1Gn4egvaefMRJ9mG53EA3szKgLzn/UU15o1T4rHsHD08O5hsrSuk9dmkm/m
MmfqiIpaUfp+9czPhPI8jjrj37cM4qJ7QzhEreGzSJu64jh+5PuWZTGyKGWnTeTz
CKn6G4aAfnPQzRIlOKjPgM1p/AEs2DJfv5dRvjdZYbTiOpJfzruXHQDOTT+2QQ2O
JMzX1AD017Mv6qzTPLmTyfFOZU9noqIej15PS65Q+SkT0CMPIxe9bYftXYfod3vo
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:58:32 2024 by rpki-client on console-ams.rpki-client.org