Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/3zLAuIkh8sCSSUeos0Thd3RyzAM.roa
File: 3zLAuIkh8sCSSUeos0Thd3RyzAM.roa (raw, json)
Hash identifier: rsx3R0aBOzvDb3qghsPDB4yAgmkcJkzXi9aAXJmbLoA=
Subject key identifier: DF:32:C0:B8:89:21:F2:C0:92:49:47:A8:B3:44:E1:77:74:72:CC:03
Certificate issuer: /CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Certificate serial: 0194232ED55379C8D55BE892900689CC7788
Authority key identifier: 4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/3zLAuIkh8sCSSUeos0Thd3RyzAM.roa
Signing time: Wed 01 Jan 2025 18:44:19 +0000
ROA not before: Wed 01 Jan 2025 18:44:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206873
IP address blocks: 185.173.176.0/24 maxlen: 24
185.173.177.0/24 maxlen: 24
185.173.178.0/24 maxlen: 24
185.173.179.0/24 maxlen: 24
194.150.215.0/24 maxlen: 24
194.150.234.0/24 maxlen: 24
194.150.235.0/24 maxlen: 24
2a0b:6900::/48 maxlen: 48
2a0b:6900:1::/48 maxlen: 48
2a0b:6900:2::/48 maxlen: 48
2a0b:6900:3::/48 maxlen: 48
2a0b:6900:4::/48 maxlen: 48
2a0b:6900:5::/48 maxlen: 48
2a0b:6900:7::/48 maxlen: 48
2a0b:6900:8::/48 maxlen: 48
2a0b:6900:9::/48 maxlen: 48
2a0b:6900:10::/48 maxlen: 48
2a0b:6900:daf::/48 maxlen: 48
2a0b:6900:185d::/48 maxlen: 48
2a0b:6901:1::/48 maxlen: 48
2a0b:6903::/48 maxlen: 48
2a0b:6903:fdb::/48 maxlen: 48
Validation: Failed, certificate revoked on Sun 19 Jan 2025 14:55:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:2e:d5:53:79:c8:d5:5b:e8:92:90:06:89:cc:77:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4eef6aae6fba5c61a61739afcab55a62266e89ee
Validity
Not Before: Jan 1 18:44:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df32c0b88921f2c0924947a8b344e1777472cc03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:37:3e:b5:ca:0f:d4:a7:87:60:56:d9:e0:20:
db:a7:a7:d3:5c:45:4a:9b:90:b2:38:88:1d:ff:6f:
ac:37:07:cc:b8:d0:d4:e5:8c:7c:f2:f3:41:53:3c:
bb:3f:c7:0a:45:f4:99:83:5e:0f:02:56:55:3a:bc:
cd:a0:0d:95:c9:bc:18:0e:05:f8:d6:4a:64:c6:3d:
13:67:b4:ee:4b:3f:cb:61:3b:c9:a0:49:02:cb:0c:
39:20:e0:2a:ce:79:03:58:c9:f1:bd:57:d2:ce:14:
f3:68:e9:e2:38:3e:0b:46:4f:d6:68:96:5f:af:e1:
77:eb:d3:99:cf:00:df:9e:0d:20:ae:a5:4a:af:06:
b9:38:cc:fa:5a:cf:58:80:6a:f8:2e:77:b3:9b:af:
2b:96:8e:c0:2d:a1:d8:56:34:30:80:39:3c:7e:a4:
66:1d:ba:0a:4c:77:4a:fc:9f:10:65:ea:6c:43:51:
f4:9f:6d:07:67:36:a7:5b:af:48:d7:4c:d8:90:57:
ff:95:30:35:90:57:24:33:9c:21:14:a0:94:02:52:
6f:92:87:b5:74:24:d5:fc:86:7d:4a:2d:64:aa:c7:
ac:2f:ff:b6:44:b9:79:6b:e5:d7:78:79:36:5e:bb:
0f:b3:dc:f6:0f:15:9a:d5:20:db:aa:ea:6c:e1:1d:
e9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:32:C0:B8:89:21:F2:C0:92:49:47:A8:B3:44:E1:77:74:72:CC:03
X509v3 Authority Key Identifier:
keyid:4E:EF:6A:AE:6F:BA:5C:61:A6:17:39:AF:CA:B5:5A:62:26:6E:89:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tu9qrm-6XGGmFzmvyrVaYiZuie4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/3zLAuIkh8sCSSUeos0Thd3RyzAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/b8e5c4-38eb-445f-b036-c37790e6d482/1/Tu9qrm-6XGGmFzmvyrVaYiZuie4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.176.0/22
194.150.215.0/24
194.150.234.0/23
IPv6:
2a0b:6900::-2a0b:6900:5:ffff:ffff:ffff:ffff:ffff
2a0b:6900:7::-2a0b:6900:9:ffff:ffff:ffff:ffff:ffff
2a0b:6900:10::/48
2a0b:6900:daf::/48
2a0b:6900:185d::/48
2a0b:6901:1::/48
2a0b:6903::/48
2a0b:6903:fdb::/48
Signature Algorithm: sha256WithRSAEncryption
04:f9:5a:7a:4b:04:a2:ad:b5:aa:f3:4b:20:6b:e9:b3:58:1c:
85:f7:12:a2:6c:90:a8:9e:0f:1e:f5:84:48:57:90:77:6f:eb:
88:3d:56:85:95:0a:80:05:b8:b0:de:18:b4:75:89:22:9b:1a:
61:28:6c:45:3f:d0:6e:4b:7d:db:cd:e9:87:2c:98:63:09:a2:
b4:4e:0b:83:fd:f0:c5:2c:df:09:9a:d6:d4:9b:e1:c4:a4:a0:
8a:a8:d1:1a:f6:bc:24:1d:3f:da:35:78:43:38:59:77:99:dd:
35:c4:07:1f:a4:27:d6:a6:ba:3f:72:1b:e4:71:71:00:f1:ff:
53:f7:5f:4b:08:00:3b:c0:81:03:2b:5b:35:f2:89:7b:9e:4e:
a7:da:c7:b5:b0:5e:43:43:37:60:af:00:a1:0f:75:9d:f1:6f:
12:c7:b1:a6:91:60:d2:c7:dd:ba:5d:0c:ed:d9:7a:d5:a3:d6:
46:d1:88:71:c6:6b:f7:2f:8b:11:2b:2f:1e:c7:dc:76:a5:d5:
01:62:19:a7:78:33:35:41:e3:65:cb:cc:0c:0e:2b:10:f2:70:
95:ef:5d:98:79:3f:90:e7:38:89:55:d7:93:52:d3:4f:c2:a3:
1d:88:8d:35:32:b8:2b:08:2d:42:57:c1:ca:84:da:02:b0:a6:
34:68:28:6b
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZQjLtVTecjVW+iSkAaJzHeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZWY2YWFlNmZiYTVjNjFhNjE3MzlhZmNhYjU1YTYyMjY2
ZTg5ZWUwHhcNMjUwMTAxMTg0NDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjMyYzBiODg5MjFmMmMwOTI0OTQ3YThiMzQ0ZTE3Nzc0NzJjYzAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDc+tcoP1KeHYFbZ4CDbp6fTXEVK
m5CyOIgd/2+sNwfMuNDU5Yx88vNBUzy7P8cKRfSZg14PAlZVOrzNoA2VybwYDgX4
1kpkxj0TZ7TuSz/LYTvJoEkCyww5IOAqznkDWMnxvVfSzhTzaOniOD4LRk/WaJZf
r+F369OZzwDfng0grqVKrwa5OMz6Ws9YgGr4Lnezm68rlo7ALaHYVjQwgDk8fqRm
HboKTHdK/J8QZepsQ1H0n20HZzanW69I10zYkFf/lTA1kFckM5whFKCUAlJvkoe1
dCTV/IZ9Si1kqsesL/+2RLl5a+XXeHk2XrsPs9z2DxWa1SDbqups4R3pkQIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFN8ywLiJIfLAkklHqLNE4Xd0cswDMB8GA1UdIwQY
MBaAFE7vaq5vulxhphc5r8q1WmImbonuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYt
YzM3NzkwZTZkNDgyLzEvM3pMQXVJa2g4c0NTU1Vlb3MwVGhkM1J5ekFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iOGU1YzQtMzhlYi00NDVmLWIwMzYtYzM3NzkwZTZkNDgy
LzEvVHU5cXJtLTZYR0dtRnptdnlyVmFZaVp1aWU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wGAQCAAEwEgMEArmtsAME
AMKW1wMEAcKW6jBhBAIAAjBbMA8DBAAqC2kDBwEqC2kAAAQwEgMHACoLaQAABwMH
ASoLaQAACAMHACoLaQAAEAMHACoLaQANrwMHACoLaQAYXQMHACoLaQEAAQMHACoL
aQMAAAMHACoLaQMP2zANBgkqhkiG9w0BAQsFAAOCAQEABPlaeksEoq21qvNLIGvp
s1gchfcSomyQqJ4PHvWESFeQd2/riD1WhZUKgAW4sN4YtHWJIpsaYShsRT/Qbkt9
283phyyYYwmitE4Lg/3wxSzfCZrW1JvhxKSgiqjRGva8JB0/2jV4QzhZd5ndNcQH
H6Qn1qa6P3Ib5HFxAPH/U/dfSwgAO8CBAytbNfKJe55Op9rHtbBeQ0M3YK8AoQ91
nfFvEsexppFg0sfdul0M7dl61aPWRtGIccZr9y+LESsvHsfcdqXVAWIZp3gzNUHj
ZcvMDA4rEPJwle9dmHk/kOc4iVXXk1LTT8KjHYiNNTK4KwgtQlfByoTaArCmNGgo
aw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 14:57:48 2025 by rpki-client