Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/ZWJVuMTrumYj7f_ROgc1QkefLpw.roa
File: ZWJVuMTrumYj7f_ROgc1QkefLpw.roa (raw, json)
Hash identifier: /u/NVpq6cs+ukMQs7m5aNjM5WJswH50CjUmj00RCjMo=
Subject key identifier: 65:62:55:B8:C4:EB:BA:66:23:ED:FF:D1:3A:07:35:42:47:9F:2E:9C
Certificate issuer: /CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Certificate serial: 01859C7FEE66B58864619924C7E469335F25
Authority key identifier: 5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/ZWJVuMTrumYj7f_ROgc1QkefLpw.roa
Signing time: Tue 10 Jan 2023 16:25:07 +0000
ROA not before: Tue 10 Jan 2023 16:25:07 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48348
IP address blocks: 89.248.96.0/20 maxlen: 20
185.80.4.0/22 maxlen: 22
93.174.0.0/21 maxlen: 21
185.15.76.0/22 maxlen: 22
2a05:7900::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 01 Jan 2024 14:29:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:9c:7f:ee:66:b5:88:64:61:99:24:c7:e4:69:33:5f:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eb42ab8de98be1c771f0a9868582fcf95dc4ac6
Validity
Not Before: Jan 10 16:25:07 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=656255b8c4ebba6623edffd13a073542479f2e9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:4c:d5:eb:45:d1:50:82:0a:54:96:92:76:21:
ab:e5:90:56:20:11:ed:c8:1b:bc:5b:15:25:a6:83:
a6:48:7d:cf:78:fc:2b:f4:1f:78:48:79:4c:8b:a6:
ec:53:99:f6:75:9f:f8:88:a1:f6:09:f3:60:f5:dd:
8d:8c:d4:c1:7d:f6:ed:f2:2d:31:d4:4e:00:1c:6e:
21:8b:4f:f1:47:46:0d:df:12:77:93:6a:0f:22:79:
89:fe:a3:0e:29:19:07:76:77:9c:b0:db:da:0c:64:
43:f7:e7:31:74:66:e6:84:77:ad:f5:cb:8e:b8:b1:
2d:cf:85:ae:db:75:58:66:83:14:2d:08:07:8f:4d:
54:d7:09:94:7d:82:4b:da:bd:48:2b:10:dc:cc:08:
60:e1:7e:f2:d0:ee:f1:df:14:98:8e:8c:98:db:f0:
f9:58:4e:e4:cb:ed:84:fe:f2:31:9f:93:38:a2:69:
df:e5:5f:63:6e:b0:c2:a1:42:51:f9:fe:18:33:74:
4f:a5:f3:52:01:36:92:35:c2:7e:9a:c6:73:bc:ca:
4f:56:80:4b:d7:e6:97:93:a7:38:0b:42:ca:a1:b4:
6a:3e:f3:83:26:22:6f:a8:2f:fb:8b:09:31:6b:90:
45:1c:63:2a:88:45:2c:9a:87:26:28:49:bf:a5:1a:
b2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:62:55:B8:C4:EB:BA:66:23:ED:FF:D1:3A:07:35:42:47:9F:2E:9C
X509v3 Authority Key Identifier:
keyid:5E:B4:2A:B8:DE:98:BE:1C:77:1F:0A:98:68:58:2F:CF:95:DC:4A:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrQquN6Yvhx3HwqYaFgvz5XcSsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/ZWJVuMTrumYj7f_ROgc1QkefLpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/a84e7e-c616-4ab1-a494-773c0b3c8935/1/XrQquN6Yvhx3HwqYaFgvz5XcSsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.248.96.0/20
93.174.0.0/21
185.15.76.0/22
185.80.4.0/22
IPv6:
2a05:7900::/29
Signature Algorithm: sha256WithRSAEncryption
34:0e:5b:ee:bb:e6:23:13:4d:91:46:3d:34:b3:2c:5e:3d:a6:
54:4a:b9:ab:25:ea:22:96:88:61:f1:5f:09:7d:e9:38:34:05:
5a:06:aa:ed:48:9b:da:74:73:50:2d:6b:c4:60:e5:b3:a2:2a:
f5:29:7a:3a:1e:aa:fb:66:7a:6f:93:f1:8b:23:66:2d:68:55:
43:38:81:1b:54:30:46:4c:3b:05:f6:4d:ad:35:06:34:b1:4e:
2f:f4:51:31:97:09:81:0b:e1:93:4b:9b:8d:19:67:2d:3a:41:
a5:5f:24:3e:49:7b:c0:e0:a2:44:f3:1a:2f:59:1c:d0:eb:5b:
5e:d9:12:8b:4f:05:8c:7c:8a:01:68:57:f9:26:32:42:d2:7c:
e2:af:04:6e:1e:32:58:bb:cf:47:0d:69:c8:c3:34:98:f0:2a:
22:47:c9:4a:c1:31:f5:b9:88:7a:f4:85:c2:d6:02:1f:8c:68:
7d:d7:d4:38:a9:9c:4a:7e:af:ed:f3:d3:0b:0e:32:1c:b0:2a:
04:e8:b0:56:2c:da:9d:e3:d2:45:c3:6e:02:3e:7a:e1:05:59:
0b:20:ee:d8:c4:6e:ae:b8:5e:0e:ed:df:2b:b4:97:6b:a1:48:
ec:1c:2c:71:e7:6b:10:a7:e8:a9:3c:a0:bd:72:bb:a8:15:f1:
e7:c0:ee:b7
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYWcf+5mtYhkYZkkx+RpM18lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYjQyYWI4ZGU5OGJlMWM3NzFmMGE5ODY4NTgyZmNmOTVk
YzRhYzYwHhcNMjMwMTEwMTYyNTA3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTYyNTViOGM0ZWJiYTY2MjNlZGZmZDEzYTA3MzU0MjQ3OWYyZTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20zV60XRUIIKVJaSdiGr5ZBWIBHt
yBu8WxUlpoOmSH3PePwr9B94SHlMi6bsU5n2dZ/4iKH2CfNg9d2NjNTBffbt8i0x
1E4AHG4hi0/xR0YN3xJ3k2oPInmJ/qMOKRkHdnecsNvaDGRD9+cxdGbmhHet9cuO
uLEtz4Wu23VYZoMULQgHj01U1wmUfYJL2r1IKxDczAhg4X7y0O7x3xSYjoyY2/D5
WE7ky+2E/vIxn5M4omnf5V9jbrDCoUJR+f4YM3RPpfNSATaSNcJ+msZzvMpPVoBL
1+aXk6c4C0LKobRqPvODJiJvqC/7iwkxa5BFHGMqiEUsmocmKEm/pRqylwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGViVbjE67pmI+3/0ToHNUJHny6cMB8GA1UdIwQY
MBaAFF60KrjemL4cdx8KmGhYL8+V3ErGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQt
NzczYzBiM2M4OTM1LzEvWldKVnVNVHJ1bVlqN2ZfUk9nYzFRa2VmTHB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9hODRlN2UtYzYxNi00YWIxLWE0OTQtNzczYzBiM2M4OTM1
LzEvWHJRcXVONll2aHgzSHdxWWFGZ3Z6NVhjU3NZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWfhgAwQD
Xa4AAwQCuQ9MAwQCuVAEMA0EAgACMAcDBQMqBXkAMA0GCSqGSIb3DQEBCwUAA4IB
AQA0Dlvuu+YjE02RRj00syxePaZUSrmrJeoilohh8V8Jfek4NAVaBqrtSJvadHNQ
LWvEYOWzoir1KXo6Hqr7Znpvk/GLI2YtaFVDOIEbVDBGTDsF9k2tNQY0sU4v9FEx
lwmBC+GTS5uNGWctOkGlXyQ+SXvA4KJE8xovWRzQ61te2RKLTwWMfIoBaFf5JjJC
0nzirwRuHjJYu89HDWnIwzSY8CoiR8lKwTH1uYh69IXC1gIfjGh919Q4qZxKfq/t
89MLDjIcsCoE6LBWLNqd49JFw24CPnrhBVkLIO7YxG6uuF4O7d8rtJdroUjsHCxx
52sQp+ipPKC9cruoFfHnwO63
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:05 2024 by rpki-client on console-fra.rpki-client.org