Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/Zw5-TSRKgvfVDb1wIKkSkgA_Vuw.roa
File: Zw5-TSRKgvfVDb1wIKkSkgA_Vuw.roa (raw, json)
Hash identifier: bV1wTdgHbm/E9SLpGNwgvWBHWWlHm3YDGkrcmQ6OkBg=
Subject key identifier: 67:0E:7E:4D:24:4A:82:F7:D5:0D:BD:70:20:A9:12:92:00:3F:56:EC
Certificate issuer: /CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Certificate serial: 01902ABAF710256A5FD526C07B635C37FBA3
Authority key identifier: A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/Zw5-TSRKgvfVDb1wIKkSkgA_Vuw.roa
Signing time: Tue 18 Jun 2024 09:43:34 +0000
ROA not before: Tue 18 Jun 2024 09:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197830
IP address blocks: 5.44.32.0/21 maxlen: 21
5.44.32.0/24 maxlen: 24
5.44.33.0/24 maxlen: 24
5.44.34.0/23 maxlen: 23
5.44.36.0/24 maxlen: 24
5.44.38.0/23 maxlen: 23
176.28.80.0/21 maxlen: 21
176.28.81.0/24 maxlen: 24
176.28.83.0/24 maxlen: 24
176.28.84.0/24 maxlen: 24
185.52.128.0/22 maxlen: 22
2a04:c840::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:ba:f7:10:25:6a:5f:d5:26:c0:7b:63:5c:37:fb:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4c93ab364c87832e7776226eee6c131dbe153bb
Validity
Not Before: Jun 18 09:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=670e7e4d244a82f7d50dbd7020a91292003f56ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:83:6a:27:7f:61:a1:9c:e0:48:f3:e3:c2:a8:
da:72:44:8d:d7:16:cc:e3:93:67:72:57:af:de:36:
03:e9:2c:60:0b:aa:79:e9:ab:d9:6e:19:cd:d7:7e:
8c:25:61:ff:e2:24:14:24:f0:5d:50:07:ba:06:ed:
06:ba:8f:aa:25:28:de:38:23:9f:a0:06:5e:28:23:
4c:95:58:0b:a1:45:c9:cf:49:cf:4c:51:4d:2b:3f:
81:90:c6:6e:7d:ce:03:66:30:3c:ce:47:5e:c2:79:
69:3e:5b:73:ef:90:63:71:64:3b:99:41:d6:31:e3:
b0:00:bb:f1:96:fd:a2:d6:7b:1b:25:88:aa:09:53:
45:3d:07:03:8d:80:2e:91:43:7d:75:7d:64:9d:cc:
a9:c6:09:14:58:82:54:b1:d6:a3:e1:e3:84:9f:0d:
da:26:e9:12:45:70:40:fe:36:45:e5:6f:fe:42:22:
72:4c:3e:2c:e8:aa:ae:ed:cc:df:f7:7e:aa:c5:70:
d3:b3:c9:0f:27:2b:1f:b5:5f:24:0d:0b:98:81:9b:
bf:75:76:2d:d7:a7:1a:1d:da:26:30:d6:ba:68:c4:
45:52:71:93:62:70:14:f8:ad:0a:4c:fa:f8:7e:95:
be:be:fb:44:17:c3:0d:f5:e0:48:e5:07:82:c8:f7:
f9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:0E:7E:4D:24:4A:82:F7:D5:0D:BD:70:20:A9:12:92:00:3F:56:EC
X509v3 Authority Key Identifier:
keyid:A4:C9:3A:B3:64:C8:78:32:E7:77:62:26:EE:E6:C1:31:DB:E1:53:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMk6s2TIeDLnd2Im7ubBMdvhU7s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/Zw5-TSRKgvfVDb1wIKkSkgA_Vuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/49dfea-c789-4401-a251-e2533cdd25af/1/pMk6s2TIeDLnd2Im7ubBMdvhU7s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.32.0/21
176.28.80.0/21
185.52.128.0/22
IPv6:
2a04:c840::/29
Signature Algorithm: sha256WithRSAEncryption
87:ca:2c:46:9a:b5:4e:e4:fe:c1:1d:27:e5:e4:3b:aa:e8:e9:
cf:8e:22:66:d3:6b:00:ab:b7:0e:5a:b9:5e:b0:77:e8:86:8d:
43:e4:cf:a2:d7:3e:39:c3:b6:0b:ee:5b:6e:52:8a:f4:81:be:
7b:36:b9:d0:75:23:20:86:4b:4b:4d:74:c1:ca:be:ad:b3:e4:
31:11:7c:45:8a:ea:51:42:76:f7:36:cc:d4:a7:b0:33:d1:0d:
c1:f5:cd:1d:65:ce:f8:52:24:aa:23:09:c0:29:cf:ba:bc:74:
da:db:1e:6f:b7:6f:8b:cc:62:c5:48:d5:13:68:30:27:4e:2f:
07:3d:55:6f:1c:cf:15:46:08:3d:b0:d1:45:a7:ba:c2:6a:c3:
e3:7f:57:d4:da:e3:61:71:84:db:60:36:34:33:11:00:83:c4:
2e:f1:74:46:d4:84:ad:a8:ea:2c:70:50:39:d7:7f:8b:30:6a:
64:fb:f6:ec:cf:2a:dd:15:5a:70:42:77:42:54:ef:4e:fc:9e:
e2:45:1e:91:44:31:4e:8e:14:cf:fe:ba:14:a1:98:2a:e9:fb:
d8:cf:73:e5:ec:5c:85:b2:44:2e:4f:63:7d:9d:46:b6:d4:d3:
69:dd:6b:0b:af:96:1a:2e:90:87:ea:c6:8a:50:a6:02:1e:fd:
1e:d8:7c:e0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZAquvcQJWpf1SbAe2NcN/ujMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0YzkzYWIzNjRjODc4MzJlNzc3NjIyNmVlZTZjMTMxZGJl
MTUzYmIwHhcNMjQwNjE4MDk0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzBlN2U0ZDI0NGE4MmY3ZDUwZGJkNzAyMGE5MTI5MjAwM2Y1NmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYNqJ39hoZzgSPPjwqjackSN1xbM
45Nnclev3jYD6SxgC6p56avZbhnN136MJWH/4iQUJPBdUAe6Bu0Guo+qJSjeOCOf
oAZeKCNMlVgLoUXJz0nPTFFNKz+BkMZufc4DZjA8zkdewnlpPltz75BjcWQ7mUHW
MeOwALvxlv2i1nsbJYiqCVNFPQcDjYAukUN9dX1kncypxgkUWIJUsdaj4eOEnw3a
JukSRXBA/jZF5W/+QiJyTD4s6Kqu7czf936qxXDTs8kPJysftV8kDQuYgZu/dXYt
16caHdomMNa6aMRFUnGTYnAU+K0KTPr4fpW+vvtEF8MN9eBI5QeCyPf56QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGcOfk0kSoL31Q29cCCpEpIAP1bsMB8GA1UdIwQY
MBaAFKTJOrNkyHgy53diJu7mwTHb4VO7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEt
ZTI1MzNjZGQyNWFmLzEvWnc1LVRTUktndmZWRGIxd0lLa1NrZ0FfVnV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy80OWRmZWEtYzc4OS00NDAxLWEyNTEtZTI1MzNjZGQyNWFm
LzEvcE1rNnMyVEllRExuZDJJbTd1YkJNZHZoVTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBSwgAwQD
sBxQAwQCuTSAMA0EAgACMAcDBQMqBMhAMA0GCSqGSIb3DQEBCwUAA4IBAQCHyixG
mrVO5P7BHSfl5Duq6OnPjiJm02sAq7cOWrlesHfoho1D5M+i1z45w7YL7ltuUor0
gb57NrnQdSMghktLTXTByr6ts+QxEXxFiupRQnb3NszUp7Az0Q3B9c0dZc74UiSq
IwnAKc+6vHTa2x5vt2+LzGLFSNUTaDAnTi8HPVVvHM8VRgg9sNFFp7rCasPjf1fU
2uNhcYTbYDY0MxEAg8Qu8XRG1IStqOoscFA513+LMGpk+/bszyrdFVpwQndCVO9O
/J7iRR6RRDFOjhTP/roUoZgq6fvYz3Pl7FyFskQuT2N9nUa21NNp3WsLr5YaLpCH
6saKUKYCHv0e2Hzg
-----END CERTIFICATE-----
Generated at Mon Apr 21 17:18:37 2025 by rpki-client