Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/zNMEn9pIIHTETU-kmzQ1RFpZiPY.roa
File: zNMEn9pIIHTETU-kmzQ1RFpZiPY.roa (raw, json)
Hash identifier: 9MzbDm0sxH4RTqaT7WPuLCuU5ALnK2r6CYmtUPX4rx8=
Subject key identifier: CC:D3:04:9F:DA:48:20:74:C4:4D:4F:A4:9B:34:35:44:5A:59:88:F6
Certificate issuer: /CN=19b390b62d09950d500cd6bbbd78d0390560ec42
Certificate serial: 018EF727DACD1C6588E41929BB6112063CA8
Authority key identifier: 19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/zNMEn9pIIHTETU-kmzQ1RFpZiPY.roa
Signing time: Fri 19 Apr 2024 16:19:27 +0000
ROA not before: Fri 19 Apr 2024 16:19:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200474
IP address blocks: 185.133.240.0/22 maxlen: 24
2a05:fbe0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 13 Nov 2024 01:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f7:27:da:cd:1c:65:88:e4:19:29:bb:61:12:06:3c:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19b390b62d09950d500cd6bbbd78d0390560ec42
Validity
Not Before: Apr 19 16:19:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ccd3049fda482074c44d4fa49b3435445a5988f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9d:42:17:2b:f6:fd:9e:5d:88:8d:0d:2c:e9:
f1:0f:c7:97:10:d5:5a:49:e8:0b:f8:53:96:33:21:
3e:f1:8f:ce:ef:16:34:ed:fc:c1:47:0f:4d:f6:06:
28:13:5a:be:a1:4c:db:39:40:60:fd:4c:da:81:a7:
c9:bd:1d:47:9f:49:87:9c:c1:35:e9:f5:1e:91:97:
1a:a4:22:99:46:7a:54:06:5d:74:96:f5:52:89:80:
15:d8:0c:00:e5:5f:4b:ef:32:5a:d5:bc:2c:fb:5b:
ac:1e:db:42:33:2f:09:b7:2d:fb:4f:91:2d:b9:c5:
c5:b5:0e:3b:3f:f3:e8:a4:78:77:ea:da:92:c1:cd:
8f:58:d3:db:cf:71:2e:ab:e6:0d:22:d1:07:f4:43:
6a:83:62:07:33:c3:51:4f:ba:76:72:f2:08:80:8c:
25:d8:21:32:c4:44:ce:db:6f:61:8e:af:df:91:7e:
99:47:61:e8:99:2b:37:e4:ab:3a:22:2f:28:8f:f6:
49:9d:24:e6:62:70:4f:62:33:4f:ca:17:1e:77:0a:
56:db:01:81:12:8e:b9:e9:e3:e0:32:80:57:0c:4b:
f4:bb:50:37:fa:ba:ea:cb:7a:a3:c1:db:ac:ac:3d:
bb:8f:e0:5c:06:6e:42:6d:2a:d5:79:b9:4e:e3:2d:
3d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:D3:04:9F:DA:48:20:74:C4:4D:4F:A4:9B:34:35:44:5A:59:88:F6
X509v3 Authority Key Identifier:
keyid:19:B3:90:B6:2D:09:95:0D:50:0C:D6:BB:BD:78:D0:39:05:60:EC:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbOQti0JlQ1QDNa7vXjQOQVg7EI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/zNMEn9pIIHTETU-kmzQ1RFpZiPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/b31586-3566-47b0-95cc-144d7473ea59/1/GbOQti0JlQ1QDNa7vXjQOQVg7EI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.240.0/22
IPv6:
2a05:fbe0::/32
Signature Algorithm: sha256WithRSAEncryption
86:91:60:a8:4b:74:c3:4a:92:2d:6d:94:49:f0:31:90:b6:10:
c9:8a:9d:67:e3:ba:9c:a2:54:92:c2:ef:50:6b:60:3d:a7:4e:
37:9e:07:8a:5a:28:81:79:45:c4:c0:f8:d1:54:0f:50:d3:39:
04:e6:6e:bb:4f:37:9e:b8:4e:18:b7:40:92:bb:7c:68:aa:f6:
40:0c:70:d9:79:14:d3:c7:e8:c3:d7:c8:5a:1c:99:82:90:79:
54:0c:7d:50:81:7c:76:b7:be:83:3c:bf:1a:a0:99:95:14:d5:
13:31:cd:e6:ed:d9:11:dc:71:f0:99:7a:f4:57:1f:2c:f2:03:
28:d7:0e:1c:0b:0f:95:80:38:40:16:aa:16:26:ff:d1:85:b7:
a3:0f:38:a0:5a:ca:00:e9:c5:0b:92:51:03:88:ab:43:10:19:
99:54:89:9f:6f:0a:59:8c:26:11:60:6e:4f:23:6a:90:93:ed:
b4:8d:1e:a2:e0:d3:af:1f:f6:54:da:c0:ee:01:3c:32:f2:40:
fe:5c:84:e7:c5:43:6f:db:38:2d:39:d6:fb:b7:f9:81:26:9e:
02:dd:07:26:16:21:eb:5f:ba:56:ee:9d:99:3d:28:b8:e9:4f:
76:99:29:ec:7d:84:a1:83:31:f5:50:61:c2:7b:ad:3c:04:40:
94:8f:ff:b8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY73J9rNHGWI5Bkpu2ESBjyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YjM5MGI2MmQwOTk1MGQ1MDBjZDZiYmJkNzhkMDM5MDU2
MGVjNDIwHhcNMjQwNDE5MTYxOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2QzMDQ5ZmRhNDgyMDc0YzQ0ZDRmYTQ5YjM0MzU0NDVhNTk4OGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApp1CFyv2/Z5diI0NLOnxD8eXENVa
SegL+FOWMyE+8Y/O7xY07fzBRw9N9gYoE1q+oUzbOUBg/UzagafJvR1Hn0mHnME1
6fUekZcapCKZRnpUBl10lvVSiYAV2AwA5V9L7zJa1bws+1usHttCMy8Jty37T5Et
ucXFtQ47P/PopHh36tqSwc2PWNPbz3Euq+YNItEH9ENqg2IHM8NRT7p2cvIIgIwl
2CEyxETO229hjq/fkX6ZR2HomSs35Ks6Ii8oj/ZJnSTmYnBPYjNPyhcedwpW2wGB
Eo656ePgMoBXDEv0u1A3+rrqy3qjwdusrD27j+BcBm5CbSrVeblO4y096QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMzTBJ/aSCB0xE1PpJs0NURaWYj2MB8GA1UdIwQY
MBaAFBmzkLYtCZUNUAzWu7140DkFYOxCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2Mt
MTQ0ZDc0NzNlYTU5LzEvek5NRW45cElJSFRFVFUta216UTFSRnBaaVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9iMzE1ODYtMzU2Ni00N2IwLTk1Y2MtMTQ0ZDc0NzNlYTU5
LzEvR2JPUXRpMEpsUTFRRE5hN3ZYalFPUVZnN0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYXwMA0E
AgACMAcDBQAqBfvgMA0GCSqGSIb3DQEBCwUAA4IBAQCGkWCoS3TDSpItbZRJ8DGQ
thDJip1n47qcolSSwu9Qa2A9p043ngeKWiiBeUXEwPjRVA9Q0zkE5m67TzeeuE4Y
t0CSu3xoqvZADHDZeRTTx+jD18haHJmCkHlUDH1QgXx2t76DPL8aoJmVFNUTMc3m
7dkR3HHwmXr0Vx8s8gMo1w4cCw+VgDhAFqoWJv/RhbejDzigWsoA6cULklEDiKtD
EBmZVImfbwpZjCYRYG5PI2qQk+20jR6i4NOvH/ZU2sDuATwy8kD+XITnxUNv2zgt
Odb7t/mBJp4C3QcmFiHrX7pW7p2ZPSi46U92mSnsfYShgzH1UGHCe608BECUj/+4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:57:30 2025 by rpki-client