Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/zmGIWV2G4DUOfIOL8HAHjTtmltk.roa
File: zmGIWV2G4DUOfIOL8HAHjTtmltk.roa (raw, json)
Hash identifier: s/1IvO4wXtnqx2OXDVM0HKyVOZ6VPAuXGzFmz9vyDEI=
Subject key identifier: CE:61:88:59:5D:86:E0:35:0E:7C:83:8B:F0:70:07:8D:3B:66:96:D9
Certificate issuer: /CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Certificate serial: 018CC5010CC6AC76C2CD6FE0072516BDF039
Authority key identifier: 9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/zmGIWV2G4DUOfIOL8HAHjTtmltk.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201841
IP address blocks: 195.146.135.0/24 maxlen: 24
195.146.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0c:c6:ac:76:c2:cd:6f:e0:07:25:16:bd:f0:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5646f7d8afc0a933fb33333f37013d83a04d00
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce6188595d86e0350e7c838bf070078d3b6696d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:0a:6a:5c:20:f3:a9:18:6a:76:d7:8d:ac:2a:
d5:83:67:b6:33:ea:db:bf:bd:a5:f7:23:86:c4:5a:
47:31:d8:68:6d:cd:1e:d1:33:4b:46:aa:43:99:39:
aa:c6:8f:24:44:1f:e8:f8:de:e3:5d:42:ff:3b:92:
43:05:f1:e8:df:72:24:81:8b:fc:68:94:08:ec:02:
15:bd:c8:13:2b:98:bc:24:46:eb:8b:7d:d6:bc:1e:
2d:98:c5:04:13:97:87:d9:e3:8a:e0:b2:6f:89:1e:
5f:29:4a:c8:12:dc:9e:1c:b7:5d:44:b6:fa:85:91:
ba:84:10:47:89:53:60:9f:8a:3b:53:16:af:94:d2:
84:7c:c7:5c:95:9a:29:62:a8:02:f5:1b:13:f1:b7:
c2:48:82:59:f1:7e:a2:fa:b9:8a:81:43:46:f0:19:
e6:57:6d:53:b3:80:e8:26:57:4b:fc:97:14:13:3d:
ac:81:63:45:1f:4a:7a:bf:2e:18:25:8a:16:02:29:
74:f6:15:03:9a:85:cf:ac:85:e5:75:1e:a4:51:ec:
56:88:d4:f7:ff:6a:c2:81:f3:c4:13:52:fa:fe:9f:
78:cf:ed:be:d2:5b:2b:67:db:b0:5a:8b:34:61:43:
26:05:6e:63:8a:1f:50:3c:9a:4e:7c:c1:89:78:e1:
1f:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:61:88:59:5D:86:E0:35:0E:7C:83:8B:F0:70:07:8D:3B:66:96:D9
X509v3 Authority Key Identifier:
keyid:9F:56:46:F7:D8:AF:C0:A9:33:FB:33:33:3F:37:01:3D:83:A0:4D:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1ZG99ivwKkz-zMzPzcBPYOgTQA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/zmGIWV2G4DUOfIOL8HAHjTtmltk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/916917-88c5-4e7b-811e-7d32ca065b66/1/n1ZG99ivwKkz-zMzPzcBPYOgTQA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.135.0/24
195.146.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:2e:e0:28:b7:8e:ca:b7:af:54:5b:dc:cd:cd:31:3f:28:63:
00:2d:22:aa:e7:49:03:26:41:4e:60:3e:d6:8f:8d:88:de:77:
f6:46:20:0c:72:3f:fa:62:24:4e:8d:c8:6e:67:1b:7c:e2:3d:
8c:bd:3b:c8:88:73:d9:ae:d7:35:13:68:d7:8d:7c:49:8f:e3:
84:a2:a2:68:8f:3a:3f:0e:8e:e3:9f:a8:d7:bc:de:ce:d4:c2:
28:b5:fa:42:a7:cd:4b:27:3e:b0:26:60:10:a0:6a:35:84:4d:
35:62:e1:0b:23:f3:1c:b2:64:ae:a5:32:e3:44:f8:6c:f1:a5:
5d:2c:cf:43:ef:ae:65:1b:6d:7f:26:48:f4:a8:ba:ff:3d:59:
fb:ee:69:d0:33:88:a4:f6:aa:bc:2f:91:d6:07:9c:cb:10:a7:
36:5d:94:6c:9b:6f:b1:6a:f1:d7:9c:a4:1b:1f:99:f5:b1:2c:
27:6f:72:a8:d6:51:4c:7a:4a:f6:1a:c8:6a:77:a4:93:51:7e:
6d:19:03:03:5a:86:16:9e:fe:f6:ab:a9:5a:6b:bd:96:9a:84:
73:12:6e:51:90:26:95:30:cf:04:05:b9:23:7b:b9:58:ae:49:
e6:26:b5:a8:49:16:64:7b:fb:ce:4e:95:b5:16:82:21:7c:40:
5f:cf:c1:13
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAQzGrHbCzW/gByUWvfA5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNTY0NmY3ZDhhZmMwYTkzM2ZiMzMzMzNmMzcwMTNkODNh
MDRkMDAwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTYxODg1OTVkODZlMDM1MGU3YzgzOGJmMDcwMDc4ZDNiNjY5NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQpqXCDzqRhqdteNrCrVg2e2M+rb
v72l9yOGxFpHMdhobc0e0TNLRqpDmTmqxo8kRB/o+N7jXUL/O5JDBfHo33IkgYv8
aJQI7AIVvcgTK5i8JEbri33WvB4tmMUEE5eH2eOK4LJviR5fKUrIEtyeHLddRLb6
hZG6hBBHiVNgn4o7UxavlNKEfMdclZopYqgC9RsT8bfCSIJZ8X6i+rmKgUNG8Bnm
V21Ts4DoJldL/JcUEz2sgWNFH0p6vy4YJYoWAil09hUDmoXPrIXldR6kUexWiNT3
/2rCgfPEE1L6/p94z+2+0lsrZ9uwWos0YUMmBW5jih9QPJpOfMGJeOEf6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5hiFldhuA1DnyDi/BwB407ZpbZMB8GA1UdIwQY
MBaAFJ9WRvfYr8CpM/szMz83AT2DoE0AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUt
N2QzMmNhMDY1YjY2LzEvem1HSVdWMkc0RFVPZklPTDhIQUhqVHRtbHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85MTY5MTctODhjNS00ZTdiLTgxMWUtN2QzMmNhMDY1YjY2
LzEvbjFaRzk5aXZ3S2t6LXpNelB6Y0JQWU9nVFFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw5KHAwQA
w5KQMA0GCSqGSIb3DQEBCwUAA4IBAQA+LuAot47Kt69UW9zNzTE/KGMALSKq50kD
JkFOYD7Wj42I3nf2RiAMcj/6YiROjchuZxt84j2MvTvIiHPZrtc1E2jXjXxJj+OE
oqJojzo/Do7jn6jXvN7O1MIotfpCp81LJz6wJmAQoGo1hE01YuELI/McsmSupTLj
RPhs8aVdLM9D765lG21/Jkj0qLr/PVn77mnQM4ik9qq8L5HWB5zLEKc2XZRsm2+x
avHXnKQbH5n1sSwnb3Ko1lFMekr2Gshqd6STUX5tGQMDWoYWnv72q6laa72WmoRz
Em5RkCaVMM8EBbkje7lYrknmJrWoSRZke/vOTpW1FoIhfEBfz8ET
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:59 2025 by rpki-client