Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/ebbdda-9571-4ff5-b56e-75220d53a55c/1/zlxaZ-Yj05FnYRpBm2aCjnfyxYA.roa
File: zlxaZ-Yj05FnYRpBm2aCjnfyxYA.roa (raw, json)
Hash identifier: cOldaxFJx66HV6LyZjrjxsHSzQvSx7qkf876T3/lx1o=
Subject key identifier: CE:5C:5A:67:E6:23:D3:91:67:61:1A:41:9B:66:82:8E:77:F2:C5:80
Certificate issuer: /CN=d1f51964ede12b4c03673d23cd44c8375315f45a
Certificate serial: 018ECCAD1EE00C0C3772E8562B53636524D7
Authority key identifier: D1:F5:19:64:ED:E1:2B:4C:03:67:3D:23:CD:44:C8:37:53:15:F4:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0fUZZO3hK0wDZz0jzUTIN1MV9Fo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/ebbdda-9571-4ff5-b56e-75220d53a55c/1/zlxaZ-Yj05FnYRpBm2aCjnfyxYA.roa
Signing time: Thu 11 Apr 2024 10:21:21 +0000
ROA not before: Thu 11 Apr 2024 10:21:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39201
IP address blocks: 45.128.69.0/24 maxlen: 24
45.128.70.0/24 maxlen: 24
45.128.71.0/24 maxlen: 24
84.38.244.0/24 maxlen: 24
185.152.180.0/24 maxlen: 24
185.152.181.0/24 maxlen: 24
185.152.182.0/24 maxlen: 24
185.152.183.0/24 maxlen: 24
2a0b:e5c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:ad:1e:e0:0c:0c:37:72:e8:56:2b:53:63:65:24:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1f51964ede12b4c03673d23cd44c8375315f45a
Validity
Not Before: Apr 11 10:21:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce5c5a67e623d39167611a419b66828e77f2c580
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ba:9a:5a:1b:68:e3:fd:6a:ff:03:29:bf:de:
55:a7:cf:9c:d4:98:af:62:3c:88:59:34:63:57:c6:
4b:41:c3:98:ab:8e:0f:0b:7c:c7:8d:d2:8c:b1:81:
74:bc:94:da:b9:a3:ca:02:ea:db:01:99:0c:46:87:
30:8f:41:a1:74:c6:e1:1b:19:95:3a:d9:ca:de:ef:
09:e9:6a:79:14:2a:a4:c5:7a:9c:1b:17:77:7f:b9:
e4:72:0c:b1:3a:52:6f:93:3b:23:37:00:8a:b3:d8:
95:b3:07:0f:d8:84:3c:2d:24:4d:5f:af:1d:a3:e0:
f6:79:a7:14:67:42:07:68:23:d7:63:76:e5:e1:43:
17:95:42:bf:fb:12:2e:38:0a:76:d8:31:12:5b:8d:
08:bc:12:4f:e8:61:1c:00:7b:f2:87:72:0e:59:64:
74:77:be:63:52:cd:36:89:cc:79:07:e7:c6:3b:7b:
7a:35:3c:db:e6:7f:ce:c3:d5:88:10:f3:16:6e:3b:
97:14:41:c4:8f:17:9a:a5:42:c1:59:2a:d4:2b:cb:
73:a3:d1:b9:ac:d7:e5:6a:b5:d4:de:8a:97:d9:23:
b9:7f:8a:a4:a2:ef:98:58:fa:91:b7:da:42:f4:fd:
00:88:d2:c6:c2:47:a2:d3:3f:55:0c:8d:80:ec:f5:
ef:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5C:5A:67:E6:23:D3:91:67:61:1A:41:9B:66:82:8E:77:F2:C5:80
X509v3 Authority Key Identifier:
keyid:D1:F5:19:64:ED:E1:2B:4C:03:67:3D:23:CD:44:C8:37:53:15:F4:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0fUZZO3hK0wDZz0jzUTIN1MV9Fo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ebbdda-9571-4ff5-b56e-75220d53a55c/1/zlxaZ-Yj05FnYRpBm2aCjnfyxYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/ebbdda-9571-4ff5-b56e-75220d53a55c/1/0fUZZO3hK0wDZz0jzUTIN1MV9Fo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.69.0-45.128.71.255
84.38.244.0/24
185.152.180.0/22
IPv6:
2a0b:e5c0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:a0:9f:3f:99:8c:0f:b5:87:44:1f:a7:28:d5:95:3f:78:f4:
aa:82:e9:c2:fe:a2:59:22:45:06:80:72:03:1b:af:a0:b7:a4:
33:02:91:11:11:5e:ed:89:56:54:35:1f:96:92:02:8a:96:5b:
9d:98:2c:47:c1:27:5d:18:08:62:66:65:f3:0e:e1:cd:ea:21:
d1:28:ef:d9:de:9f:d9:cf:7c:57:ae:93:6e:ff:ea:ee:d3:d4:
65:24:ca:91:2e:ad:8a:d5:27:f6:1d:7e:47:ca:ed:77:e8:8a:
07:10:dd:0d:bd:2f:ae:14:99:c9:cc:ea:e4:07:78:bc:84:e7:
70:0f:68:fa:46:a4:f3:2c:70:1c:55:98:a9:dd:b5:ab:65:69:
da:79:e9:f1:d4:4e:bb:36:6a:90:c4:1f:14:8a:cc:85:d6:05:
d9:54:00:be:f8:12:f9:81:0e:bf:f0:3a:51:a3:16:43:0e:07:
d6:a3:ff:55:77:84:69:59:96:85:ee:14:e8:e3:90:56:33:fc:
ce:f4:8d:db:d0:0b:24:39:96:f2:02:a1:69:22:8f:53:86:4a:
d8:ed:ae:fc:83:c2:ea:f0:e6:69:66:dd:f3:24:e5:60:05:5c:
43:31:75:70:9a:2e:4b:b6:37:f2:87:3a:e8:a3:ee:ce:e9:bb:
14:c1:e6:e8
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAY7MrR7gDAw3cuhWK1NjZSTXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZjUxOTY0ZWRlMTJiNGMwMzY3M2QyM2NkNDRjODM3NTMx
NWY0NWEwHhcNMjQwNDExMTAyMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVjNWE2N2U2MjNkMzkxNjc2MTFhNDE5YjY2ODI4ZTc3ZjJjNTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbqaWhto4/1q/wMpv95Vp8+c1Jiv
YjyIWTRjV8ZLQcOYq44PC3zHjdKMsYF0vJTauaPKAurbAZkMRocwj0GhdMbhGxmV
OtnK3u8J6Wp5FCqkxXqcGxd3f7nkcgyxOlJvkzsjNwCKs9iVswcP2IQ8LSRNX68d
o+D2eacUZ0IHaCPXY3bl4UMXlUK/+xIuOAp22DESW40IvBJP6GEcAHvyh3IOWWR0
d75jUs02icx5B+fGO3t6NTzb5n/Ow9WIEPMWbjuXFEHEjxeapULBWSrUK8tzo9G5
rNflarXU3oqX2SO5f4qkou+YWPqRt9pC9P0AiNLGwkei0z9VDI2A7PXvmQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFM5cWmfmI9ORZ2EaQZtmgo538sWAMB8GA1UdIwQY
MBaAFNH1GWTt4StMA2c9I81EyDdTFfRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGZVWlpPM2hLMHdEWnowanpVVElOMU1WOUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9lYmJkZGEtOTU3MS00ZmY1LWI1NmUt
NzUyMjBkNTNhNTVjLzEvemx4YVotWWowNUZuWVJwQm0yYUNqbmZ5eFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9lYmJkZGEtOTU3MS00ZmY1LWI1NmUtNzUyMjBkNTNhNTVj
LzEvMGZVWlpPM2hLMHdEWnowanpVVElOMU1WOUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAAtgEUD
BAMtgEADBABUJvQDBAK5mLQwDQQCAAIwBwMFAyoL5cAwDQYJKoZIhvcNAQELBQAD
ggEBACygnz+ZjA+1h0QfpyjVlT949KqC6cL+olkiRQaAcgMbr6C3pDMCkRERXu2J
VlQ1H5aSAoqWW52YLEfBJ10YCGJmZfMO4c3qIdEo79nen9nPfFeuk27/6u7T1GUk
ypEurYrVJ/YdfkfK7XfoigcQ3Q29L64UmcnM6uQHeLyE53APaPpGpPMscBxVmKnd
tatladp56fHUTrs2apDEHxSKzIXWBdlUAL74EvmBDr/wOlGjFkMOB9aj/1V3hGlZ
loXuFOjjkFYz/M70jdvQCyQ5lvICoWkij1OGStjtrvyDwurw5mlm3fMk5WAFXEMx
dXCaLku2N/KHOuij7s7puxTB5ug=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:13 2025 by rpki-client