Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa
File: ZWbKoJLJllthP3sToyWoNYiKCM0.roa (raw, json)
Hash identifier: KDwUhNw7Z3KtiYvCtC5bKBVM+thEKte690fJe5TVBtE=
Subject key identifier: 65:66:CA:A0:92:C9:96:5B:61:3F:7B:13:A3:25:A8:35:88:8A:08:CD
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 018570671C346562EA7291E408F7DF9255F4
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa
Signing time: Mon 02 Jan 2023 02:54:43 +0000
ROA not before: Mon 02 Jan 2023 02:54:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44090
IP address blocks: 185.169.20.0/23 maxlen: 23
185.169.22.0/23 maxlen: 23
5.202.102.0/24 maxlen: 24
185.169.39.0/24 maxlen: 24
5.202.72.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 04:29:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:67:1c:34:65:62:ea:72:91:e4:08:f7:df:92:55:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Jan 2 02:54:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6566caa092c9965b613f7b13a325a835888a08cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6f:2c:6b:00:30:74:e8:f9:6b:67:99:7d:66:
1f:d5:24:37:cb:7a:b9:28:4e:a2:c1:bc:c3:cb:81:
a9:41:bf:4e:eb:8f:25:4a:50:0b:3e:fc:bd:05:1e:
5d:af:49:6c:eb:4c:b1:55:25:25:55:07:10:b3:42:
3c:6d:5e:50:3e:8f:51:84:f9:21:8a:df:f8:6f:78:
3c:6a:44:b9:a4:61:ae:87:de:d4:3c:43:24:e3:ee:
27:53:1d:2c:7b:1c:e7:6d:c7:50:e5:5f:33:c7:6e:
28:dd:bc:f9:ef:8c:84:ea:b5:13:cf:dc:0f:eb:ea:
14:b2:d7:af:7c:72:bb:1f:0b:94:aa:b5:45:89:b1:
8d:20:bc:17:5f:93:9e:5e:0f:6d:f4:50:5e:9a:48:
f8:3b:be:89:41:96:33:a6:a2:b0:45:a9:5b:d0:74:
aa:5b:5a:5f:b2:fa:0e:60:50:1b:b2:44:4f:cb:d5:
e7:ee:94:9d:53:0c:c0:c5:3b:cd:7a:f1:00:79:dd:
26:77:7d:43:ca:9e:3f:ba:38:5a:6e:88:0e:b7:8e:
ab:d9:2e:8d:34:89:51:e6:d5:62:1f:88:34:1d:cf:
50:46:80:83:9b:cd:a4:de:28:78:15:86:57:65:11:
01:65:59:ed:c1:0d:b4:de:c9:da:93:7c:b0:aa:7d:
a7:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:66:CA:A0:92:C9:96:5B:61:3F:7B:13:A3:25:A8:35:88:8A:08:CD
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/ZWbKoJLJllthP3sToyWoNYiKCM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.202.72.0/22
5.202.102.0/24
185.169.20.0/22
185.169.39.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:da:a6:f4:0b:df:e7:3d:21:9e:78:71:92:43:88:d2:d2:66:
c9:9e:d3:13:79:a0:ba:cd:dc:2c:05:c9:0e:41:8c:81:18:8e:
66:3b:4a:40:8e:83:4a:5a:d4:75:09:39:95:d0:60:9e:50:da:
59:c5:34:65:80:3e:bd:27:bd:62:e7:72:fd:18:96:9e:2b:b0:
25:e7:bb:53:7b:a8:3d:06:e7:d3:5b:50:8c:44:9c:74:b3:ff:
42:a5:0c:f9:b5:82:d5:a2:ef:b9:d9:75:a6:9e:99:8b:71:f0:
ef:de:2c:d0:94:05:67:3e:0c:3a:6b:58:79:86:22:23:f4:d7:
5e:c2:38:a9:a0:0c:17:08:e1:e5:72:31:96:84:a1:f0:e3:e4:
7e:10:3c:ca:2c:49:4c:a9:b0:1c:7a:c9:0a:c0:ad:97:27:aa:
ca:b7:d1:46:5d:7e:7a:3a:ed:33:52:c0:d9:33:ad:51:2d:01:
77:09:8f:7a:51:09:d6:79:4f:54:42:7f:49:0c:43:7f:74:3d:
ce:3c:27:2f:69:29:6c:af:4f:cd:cb:90:9a:65:2d:4a:72:71:
81:15:67:8b:5e:30:4a:f3:fd:2e:34:4a:ba:bb:68:9a:17:c0:
e1:4f:7c:0d:88:c0:1c:b9:f2:e9:15:b2:13:aa:32:eb:b0:a0:
a0:42:57:cb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVwZxw0ZWLqcpHkCPffklX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjMwMTAyMDI1NDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY2Y2FhMDkyYzk5NjViNjEzZjdiMTNhMzI1YTgzNTg4OGEwOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG8sawAwdOj5a2eZfWYf1SQ3y3q5
KE6iwbzDy4GpQb9O648lSlALPvy9BR5dr0ls60yxVSUlVQcQs0I8bV5QPo9RhPkh
it/4b3g8akS5pGGuh97UPEMk4+4nUx0sexznbcdQ5V8zx24o3bz574yE6rUTz9wP
6+oUstevfHK7HwuUqrVFibGNILwXX5OeXg9t9FBemkj4O76JQZYzpqKwRalb0HSq
W1pfsvoOYFAbskRPy9Xn7pSdUwzAxTvNevEAed0md31Dyp4/ujhabogOt46r2S6N
NIlR5tViH4g0Hc9QRoCDm82k3ih4FYZXZREBZVntwQ203snak3ywqn2nXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGVmyqCSyZZbYT97E6MlqDWIigjNMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvWldiS29KTEpsbHRoUDNzVG95V29OWWlLQ00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBcpIAwQA
BcpmAwQCuakUAwQAuaknMA0GCSqGSIb3DQEBCwUAA4IBAQCl2qb0C9/nPSGeeHGS
Q4jS0mbJntMTeaC6zdwsBckOQYyBGI5mO0pAjoNKWtR1CTmV0GCeUNpZxTRlgD69
J71i53L9GJaeK7Al57tTe6g9BufTW1CMRJx0s/9CpQz5tYLVou+52XWmnpmLcfDv
3izQlAVnPgw6a1h5hiIj9NdewjipoAwXCOHlcjGWhKHw4+R+EDzKLElMqbAceskK
wK2XJ6rKt9FGXX56Ou0zUsDZM61RLQF3CY96UQnWeU9UQn9JDEN/dD3OPCcvaSls
r0/Ny5CaZS1KcnGBFWeLXjBK8/0uNEq6u2iaF8DhT3wNiMAcufLpFbITqjLrsKCg
QlfL
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org