Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/0zcfXJJ4t-CGJg3SbZh6kBLbCcs.roa
File: 0zcfXJJ4t-CGJg3SbZh6kBLbCcs.roa (raw, json)
Hash identifier: vj3DhmUsA429TDwpr5C/GfvbZAqknJgwCoKIyMdIjJM=
Subject key identifier: D3:37:1F:5C:92:78:B7:E0:86:26:0D:D2:6D:98:7A:90:12:DB:09:CB
Certificate issuer: /CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Certificate serial: 018CC348EADAE9751C703DFF81E7B65B9ACB
Authority key identifier: E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/0zcfXJJ4t-CGJg3SbZh6kBLbCcs.roa
Signing time: Mon 01 Jan 2024 04:29:44 +0000
ROA not before: Mon 01 Jan 2024 04:29:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57871
IP address blocks: 176.110.133.0/24 maxlen: 24
176.110.136.0/23 maxlen: 23
176.110.134.0/23 maxlen: 23
176.110.138.0/23 maxlen: 23
176.110.140.0/23 maxlen: 23
176.110.142.0/23 maxlen: 23
176.110.130.0/24 maxlen: 24
176.110.129.0/24 maxlen: 24
176.110.132.0/24 maxlen: 24
176.110.128.0/24 maxlen: 24
176.110.131.0/24 maxlen: 24
176.110.128.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ea:da:e9:75:1c:70:3d:ff:81:e7:b6:5b:9a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e242c2b74d7575a228a7e64f0406f3a397c7ae56
Validity
Not Before: Jan 1 04:29:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3371f5c9278b7e086260dd26d987a9012db09cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ea:43:42:6f:85:fa:76:47:42:9a:08:44:e0:
f1:66:5c:9c:87:b9:71:cb:c9:04:46:1a:c6:26:1a:
65:e6:bf:82:d9:a5:b9:87:13:ec:48:6e:f4:5c:8c:
05:d5:4c:eb:2c:06:17:0f:c0:a1:6a:f9:a1:21:66:
71:a0:fa:0d:9e:12:94:bb:af:4a:81:18:99:45:08:
e2:8a:74:36:a5:24:24:0f:48:e0:d4:d9:2d:4f:e6:
63:39:02:41:ae:4a:b7:23:b1:55:42:b6:ee:1c:ee:
69:eb:b2:e4:21:1d:d0:0c:db:96:dd:45:cc:85:bb:
32:3a:8e:b7:34:2b:a1:66:7a:06:00:7a:0b:cf:a4:
1d:41:3b:1d:0f:64:5b:85:21:60:59:a8:3f:ca:de:
11:61:05:ee:36:1c:62:10:8f:23:64:a1:07:1d:34:
38:12:21:63:4c:88:ba:5e:a6:9f:72:87:b0:e1:8b:
80:d7:c1:78:f8:7b:1e:bf:9b:57:42:bb:fa:d3:b2:
2f:18:9b:ed:fb:62:69:42:6b:10:67:4c:66:08:44:
e0:57:af:e3:31:8a:2d:96:40:73:42:5c:de:af:e0:
d5:81:fd:38:83:c1:c5:ba:18:e6:b5:70:8c:87:f1:
9b:9f:4e:75:80:9a:8c:c1:40:3d:df:12:9d:b8:59:
b7:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:37:1F:5C:92:78:B7:E0:86:26:0D:D2:6D:98:7A:90:12:DB:09:CB
X509v3 Authority Key Identifier:
keyid:E2:42:C2:B7:4D:75:75:A2:28:A7:E6:4F:04:06:F3:A3:97:C7:AE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4kLCt011daIop-ZPBAbzo5fHrlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/0zcfXJJ4t-CGJg3SbZh6kBLbCcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/7e3025-8caf-402c-b54f-cbb8cfee6e3c/1/4kLCt011daIop-ZPBAbzo5fHrlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.128.0/20
Signature Algorithm: sha256WithRSAEncryption
47:7d:b9:22:da:82:ab:e3:86:56:f3:29:2b:12:34:3b:2d:9d:
30:fa:07:35:15:b8:fe:e1:c1:f6:21:20:29:e9:19:95:98:4e:
8b:b3:2d:15:5d:69:3c:d3:55:c8:26:9f:21:8d:02:8d:db:8c:
b6:d6:37:24:51:8f:26:51:ba:24:76:eb:53:28:a8:27:06:e8:
89:06:33:27:83:5b:f6:93:5b:7e:81:31:c9:89:29:eb:ff:20:
fd:d7:fe:30:92:ab:7f:d7:de:d7:bd:d6:b7:79:67:1f:fe:a0:
fb:d5:ab:1f:53:db:25:ff:a4:65:96:88:ca:99:f3:e2:08:20:
98:51:c7:f3:0b:6d:d4:9f:6d:76:e1:b0:9a:a8:8b:31:ea:1b:
08:ef:f3:51:26:21:b8:2a:9b:c5:f4:5d:c1:4f:5e:63:99:d6:
55:96:0a:aa:4e:e3:aa:bf:fc:65:89:1b:c6:09:cb:ed:e4:71:
c3:70:b1:46:b7:3f:3d:55:54:d9:ad:55:60:10:14:c9:22:2e:
0c:af:30:7c:78:ae:19:8b:5c:30:85:12:32:dc:f8:36:47:fb:
d7:88:b1:ea:81:b3:f2:ff:64:eb:09:e9:44:08:d0:b0:d9:42:
5e:b2:5c:34:1d:3c:13:42:1f:79:83:bc:bc:9f:b1:43:ac:52:
4d:b7:ab:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSOra6XUccD3/gee2W5rLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyNDJjMmI3NGQ3NTc1YTIyOGE3ZTY0ZjA0MDZmM2EzOTdj
N2FlNTYwHhcNMjQwMTAxMDQyOTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzM3MWY1YzkyNzhiN2UwODYyNjBkZDI2ZDk4N2E5MDEyZGIwOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOpDQm+F+nZHQpoIRODxZlych7lx
y8kERhrGJhpl5r+C2aW5hxPsSG70XIwF1UzrLAYXD8ChavmhIWZxoPoNnhKUu69K
gRiZRQjiinQ2pSQkD0jg1NktT+ZjOQJBrkq3I7FVQrbuHO5p67LkIR3QDNuW3UXM
hbsyOo63NCuhZnoGAHoLz6QdQTsdD2RbhSFgWag/yt4RYQXuNhxiEI8jZKEHHTQ4
EiFjTIi6Xqafcoew4YuA18F4+Hsev5tXQrv607IvGJvt+2JpQmsQZ0xmCETgV6/j
MYotlkBzQlzer+DVgf04g8HFuhjmtXCMh/Gbn051gJqMwUA93xKduFm3PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNM3H1ySeLfghiYN0m2YepAS2wnLMB8GA1UdIwQY
MBaAFOJCwrdNdXWiKKfmTwQG86OXx65WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYt
Y2JiOGNmZWU2ZTNjLzEvMHpjZlhKSjR0LUNHSmczU2JaaDZrQkxiQ2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS83ZTMwMjUtOGNhZi00MDJjLWI1NGYtY2JiOGNmZWU2ZTNj
LzEvNGtMQ3QwMTFkYUlvcC1aUEJBYnpvNWZIcmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEsG6AMA0G
CSqGSIb3DQEBCwUAA4IBAQBHfbki2oKr44ZW8ykrEjQ7LZ0w+gc1Fbj+4cH2ISAp
6RmVmE6Lsy0VXWk801XIJp8hjQKN24y21jckUY8mUbokdutTKKgnBuiJBjMng1v2
k1t+gTHJiSnr/yD91/4wkqt/197Xvda3eWcf/qD71asfU9sl/6RllojKmfPiCCCY
UcfzC23Un2124bCaqIsx6hsI7/NRJiG4KpvF9F3BT15jmdZVlgqqTuOqv/xliRvG
Ccvt5HHDcLFGtz89VVTZrVVgEBTJIi4MrzB8eK4Zi1wwhRIy3Pg2R/vXiLHqgbPy
/2TrCelECNCw2UJeslw0HTwTQh95g7y8n7FDrFJNt6vN
-----END CERTIFICATE-----
Generated at Sat Apr 19 16:01:40 2025 by rpki-client