Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JZd5N2Z2oz5wfEoqe0UQlOU_lzY.roa
File: JZd5N2Z2oz5wfEoqe0UQlOU_lzY.roa (raw, json)
Hash identifier: AXtVnIOcQb3vCIfKtss6zxi4+dGYE9x77b5zn1Grt7U=
Subject key identifier: 25:97:79:37:66:76:A3:3E:70:7C:4A:2A:7B:45:10:94:E5:3F:97:36
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E483571F3EFCE6487E326E99A81BF007C
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JZd5N2Z2oz5wfEoqe0UQlOU_lzY.roa
Signing time: Sat 16 Mar 2024 17:00:45 +0000
ROA not before: Sat 16 Mar 2024 17:00:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198427
IP address blocks: 5.182.112.0/24 maxlen: 24
83.137.153.0/24 maxlen: 24
88.209.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 07:45:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:48:35:71:f3:ef:ce:64:87:e3:26:e9:9a:81:bf:00:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 16 17:00:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=259779376676a33e707c4a2a7b451094e53f9736
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:48:5b:67:80:89:4f:dd:25:66:73:76:6e:7c:
1a:b6:40:dc:10:13:ab:83:18:ac:11:5c:0f:b8:e0:
df:b9:d4:a6:1e:49:30:61:fb:6f:aa:27:e0:29:da:
5e:d5:ed:10:f4:3d:ef:78:32:83:12:07:08:1c:4d:
79:76:c2:0f:5a:5c:3e:05:a2:0b:49:1b:d1:28:64:
3c:e3:cb:26:6a:86:9d:6b:35:2a:be:ca:56:b0:54:
97:ac:31:cd:ff:c9:ee:a9:09:fe:ee:da:50:d6:41:
52:ab:48:68:cd:62:25:dc:fd:57:b6:cf:72:51:9c:
71:bb:92:21:05:e7:9c:1a:18:21:9a:d7:5a:16:51:
e3:8c:a8:fe:96:0c:f8:90:97:bb:64:5d:56:8b:ed:
03:a0:0e:84:e9:f5:56:d2:dc:62:74:f5:60:0a:f1:
3d:28:b7:62:1b:08:e9:c3:11:0c:54:c1:62:b1:f1:
59:a4:ff:81:82:05:6f:3b:a3:fc:b8:21:ee:18:5f:
01:5c:7a:5c:06:af:8c:32:c0:80:65:03:c5:d2:28:
3f:f2:ee:ef:12:a4:43:76:b3:b4:42:5f:08:39:6c:
06:4b:55:85:ab:d4:88:f4:29:13:c6:fc:b0:78:f8:
28:6d:5f:f4:fc:b1:a0:8b:aa:66:c4:e2:4e:1e:0d:
7d:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:97:79:37:66:76:A3:3E:70:7C:4A:2A:7B:45:10:94:E5:3F:97:36
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/JZd5N2Z2oz5wfEoqe0UQlOU_lzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
83.137.153.0/24
88.209.205.0/24
Signature Algorithm: sha256WithRSAEncryption
74:fb:93:e8:13:19:bf:38:4d:7b:6d:e6:00:38:e7:7c:86:90:
b5:32:98:f5:57:d9:1d:15:eb:39:4c:a3:43:d4:00:cc:d7:17:
47:fa:39:0f:b0:97:37:64:6c:df:eb:37:db:b8:c2:ec:fb:d3:
a7:cc:5f:77:27:54:a2:a1:ef:58:b9:72:63:da:87:36:86:fa:
1c:a9:86:dd:cf:24:26:d0:01:2b:a3:ba:e4:6b:a7:fe:e2:83:
f1:c8:8a:69:2c:65:77:28:7b:a4:76:8d:72:26:5d:6f:36:29:
77:04:24:a3:1d:93:14:b0:71:1c:b5:37:d0:bf:6d:e7:2b:0f:
c2:65:3d:a8:cd:72:73:c7:d5:b2:6d:c4:74:fc:78:e7:e2:9f:
44:8c:39:ee:62:87:22:89:b6:e3:b7:9f:b5:b1:15:e5:8c:55:
08:fd:52:f0:3c:79:21:c8:bd:e8:a9:25:2d:e3:1f:3a:79:b8:
8a:2c:8b:a5:a6:4b:57:6b:a4:35:53:a7:87:98:e4:f3:79:33:
bb:53:37:58:e9:a4:91:d6:90:50:3f:6c:63:0b:3f:d0:b9:6e:
f3:71:b1:86:2c:d3:d6:db:c7:12:fa:67:7a:83:40:21:64:47:
42:30:03:34:d4:b5:92:0d:45:08:a8:8d:1f:94:fb:a2:7a:9c:
76:f5:49:03
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5INXHz785kh+Mm6ZqBvwB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzE2MTcwMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTk3NzkzNzY2NzZhMzNlNzA3YzRhMmE3YjQ1MTA5NGU1M2Y5NzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUhbZ4CJT90lZnN2bnwatkDcEBOr
gxisEVwPuODfudSmHkkwYftvqifgKdpe1e0Q9D3veDKDEgcIHE15dsIPWlw+BaIL
SRvRKGQ848smaoadazUqvspWsFSXrDHN/8nuqQn+7tpQ1kFSq0hozWIl3P1Xts9y
UZxxu5IhBeecGhghmtdaFlHjjKj+lgz4kJe7ZF1Wi+0DoA6E6fVW0txidPVgCvE9
KLdiGwjpwxEMVMFisfFZpP+BggVvO6P8uCHuGF8BXHpcBq+MMsCAZQPF0ig/8u7v
EqRDdrO0Ql8IOWwGS1WFq9SI9CkTxvywePgobV/0/LGgi6pmxOJOHg191wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCWXeTdmdqM+cHxKKntFEJTlP5c2MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSlpkNU4yWjJvejV3ZkVvcWUwVVFsT1VfbHpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbZwAwQA
U4mZAwQAWNHNMA0GCSqGSIb3DQEBCwUAA4IBAQB0+5PoExm/OE17beYAOOd8hpC1
Mpj1V9kdFes5TKND1ADM1xdH+jkPsJc3ZGzf6zfbuMLs+9OnzF93J1Sioe9YuXJj
2oc2hvocqYbdzyQm0AEro7rka6f+4oPxyIppLGV3KHukdo1yJl1vNil3BCSjHZMU
sHEctTfQv23nKw/CZT2ozXJzx9WybcR0/Hjn4p9EjDnuYociibbjt5+1sRXljFUI
/VLwPHkhyL3oqSUt4x86ebiKLIulpktXa6Q1U6eHmOTzeTO7UzdY6aSR1pBQP2xj
Cz/QuW7zcbGGLNPW28cS+md6g0AhZEdCMAM01LWSDUUIqI0flPuiepx29UkD
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org