Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/jzrlZK5Z_uPRGnGUew9vhV3LV3o.roa
File: jzrlZK5Z_uPRGnGUew9vhV3LV3o.roa (raw, json)
Hash identifier: 1W+SXp7kiTuHC6sZdM38HDGCABM9eXsA+0WxH27tyzk=
Subject key identifier: 8F:3A:E5:64:AE:59:FE:E3:D1:1A:71:94:7B:0F:6F:85:5D:CB:57:7A
Certificate issuer: /CN=0849757e3e35aaab5d57c5186243a437173e4d36
Certificate serial: 018747637AD3A53E366EC6BE196DE29DF5CE
Authority key identifier: 08:49:75:7E:3E:35:AA:AB:5D:57:C5:18:62:43:A4:37:17:3E:4D:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CEl1fj41qqtdV8UYYkOkNxc-TTY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/jzrlZK5Z_uPRGnGUew9vhV3LV3o.roa
Signing time: Mon 03 Apr 2023 13:51:54 +0000
ROA not before: Mon 03 Apr 2023 13:51:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213195
IP address blocks: 46.230.168.0/22 maxlen: 22
5.254.168.0/22 maxlen: 22
46.230.172.0/22 maxlen: 22
5.254.192.0/19 maxlen: 19
178.72.4.0/22 maxlen: 22
92.241.208.0/22 maxlen: 22
92.241.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 01 Jan 2024 22:31:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:47:63:7a:d3:a5:3e:36:6e:c6:be:19:6d:e2:9d:f5:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0849757e3e35aaab5d57c5186243a437173e4d36
Validity
Not Before: Apr 3 13:51:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8f3ae564ae59fee3d11a71947b0f6f855dcb577a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:a5:58:c5:4d:e9:25:63:62:11:3e:53:37:2e:
2d:8b:e7:a7:27:07:65:5c:c6:98:9f:fe:f4:d3:de:
b7:38:6d:d2:36:b8:d6:9d:6b:1a:41:0d:1d:8d:c6:
5a:b4:ba:5f:69:5b:fc:1a:47:17:19:94:bc:71:10:
85:6e:46:5c:18:3c:4f:48:15:c0:2a:06:22:3b:32:
42:e4:4a:42:ea:73:b3:b8:e3:c7:10:b0:45:f0:1e:
bd:8f:24:c7:77:39:49:bf:18:ae:d9:b3:c4:b8:e8:
05:e6:45:ed:5d:d2:9e:83:26:9a:0c:7d:0e:12:38:
59:74:05:3e:0e:0e:b6:c1:2a:79:83:34:31:58:74:
0a:43:cc:ad:28:a3:57:5b:d6:b9:d7:69:6a:98:41:
7a:52:ea:4b:ad:f2:a5:75:51:32:d8:45:96:ce:5b:
30:57:36:db:94:3a:12:7c:b8:cb:e2:37:68:48:df:
fd:a7:10:22:ae:fa:b0:1b:2a:c9:b1:81:3b:3d:4d:
ef:5a:fe:a9:09:99:0d:2e:2f:ef:35:e7:ba:cc:67:
31:2d:7c:26:e2:7b:60:25:d5:1f:18:30:d4:26:18:
bf:91:46:01:81:8b:57:8e:53:34:48:35:e2:43:d2:
dd:a0:fe:3d:9f:58:72:74:38:c0:87:79:9c:6d:c8:
e2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:3A:E5:64:AE:59:FE:E3:D1:1A:71:94:7B:0F:6F:85:5D:CB:57:7A
X509v3 Authority Key Identifier:
keyid:08:49:75:7E:3E:35:AA:AB:5D:57:C5:18:62:43:A4:37:17:3E:4D:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CEl1fj41qqtdV8UYYkOkNxc-TTY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/jzrlZK5Z_uPRGnGUew9vhV3LV3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/fb2401-e470-4c05-99b8-f8eecb425087/1/CEl1fj41qqtdV8UYYkOkNxc-TTY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.254.168.0/22
5.254.192.0/19
46.230.168.0/21
92.241.208.0/21
178.72.4.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:ad:a8:33:2c:38:88:06:c3:4a:51:a7:bd:ba:63:5f:e1:fd:
83:21:09:4a:59:61:e0:5b:10:0f:34:29:e9:5e:a3:38:c9:14:
e9:3a:3d:ab:5f:83:9c:7e:d1:4f:a1:4e:0a:25:79:e9:ea:88:
1d:58:7e:fe:48:09:f6:a8:98:08:63:4c:07:3c:bf:98:57:17:
95:d4:7e:d7:1c:8c:ad:ca:be:ad:46:82:d3:57:55:12:ec:18:
fe:62:b1:6d:47:4a:31:b0:23:20:98:5d:e1:30:74:d5:c0:d1:
95:be:67:c3:41:55:38:1f:6a:94:a1:6b:7e:43:23:8c:49:2a:
23:b9:a4:ad:95:a5:db:94:1c:2a:b4:f1:7c:2a:08:ef:cd:f8:
f6:43:04:62:76:16:2a:d2:27:be:d4:05:f8:7e:d7:c2:21:d5:
c1:4f:6e:9e:b2:2b:6b:2d:59:a6:ea:f8:9e:cc:6f:ff:ba:83:
f5:f2:06:19:9d:73:8c:5f:3c:ef:d5:eb:3a:04:d6:c4:a0:da:
b0:37:d1:94:96:6c:15:90:32:c9:b1:cb:d9:92:83:4c:3d:48:
84:40:b8:e3:9c:20:83:bd:69:a8:c8:ed:11:f8:47:1c:e3:91:
f9:46:b5:dc:c3:44:58:64:32:47:3c:f9:bb:64:cd:9c:97:1b:
02:68:17:e6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYdHY3rTpT42bsa+GW3infXOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4NDk3NTdlM2UzNWFhYWI1ZDU3YzUxODYyNDNhNDM3MTcz
ZTRkMzYwHhcNMjMwNDAzMTM1MTU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjNhZTU2NGFlNTlmZWUzZDExYTcxOTQ3YjBmNmY4NTVkY2I1NzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkaVYxU3pJWNiET5TNy4ti+enJwdl
XMaYn/700963OG3SNrjWnWsaQQ0djcZatLpfaVv8GkcXGZS8cRCFbkZcGDxPSBXA
KgYiOzJC5EpC6nOzuOPHELBF8B69jyTHdzlJvxiu2bPEuOgF5kXtXdKegyaaDH0O
EjhZdAU+Dg62wSp5gzQxWHQKQ8ytKKNXW9a512lqmEF6UupLrfKldVEy2EWWzlsw
VzbblDoSfLjL4jdoSN/9pxAirvqwGyrJsYE7PU3vWv6pCZkNLi/vNee6zGcxLXwm
4ntgJdUfGDDUJhi/kUYBgYtXjlM0SDXiQ9LdoP49n1hydDjAh3mcbcjiDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFI865WSuWf7j0RpxlHsPb4Vdy1d6MB8GA1UdIwQY
MBaAFAhJdX4+NaqrXVfFGGJDpDcXPk02MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0VsMWZqNDFxcXRkVjhVWVlrT2tOeGMtVFRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9mYjI0MDEtZTQ3MC00YzA1LTk5Yjgt
ZjhlZWNiNDI1MDg3LzEvanpybFpLNVpfdVBSR25HVWV3OXZoVjNMVjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9mYjI0MDEtZTQ3MC00YzA1LTk5YjgtZjhlZWNiNDI1MDg3
LzEvQ0VsMWZqNDFxcXRkVjhVWVlrT2tOeGMtVFRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBf6oAwQF
Bf7AAwQDLuaoAwQDXPHQAwQCskgEMA0GCSqGSIb3DQEBCwUAA4IBAQCsragzLDiI
BsNKUae9umNf4f2DIQlKWWHgWxAPNCnpXqM4yRTpOj2rX4OcftFPoU4KJXnp6ogd
WH7+SAn2qJgIY0wHPL+YVxeV1H7XHIytyr6tRoLTV1US7Bj+YrFtR0oxsCMgmF3h
MHTVwNGVvmfDQVU4H2qUoWt+QyOMSSojuaStlaXblBwqtPF8Kgjvzfj2QwRidhYq
0ie+1AX4ftfCIdXBT26esitrLVmm6viezG//uoP18gYZnXOMXzzv1es6BNbEoNqw
N9GUlmwVkDLJscvZkoNMPUiEQLjjnCCDvWmoyO0R+Ecc45H5RrXcw0RYZDJHPPm7
ZM2clxsCaBfm
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org