Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/ZYtZ5sHwpx8DnRDwVmIbcSslFVQ.roa
File: ZYtZ5sHwpx8DnRDwVmIbcSslFVQ.roa (raw, json)
Hash identifier: J6B1Evo9CD603gqEjNgtjZGCsZXraD4R/U/XW6uhl6g=
Subject key identifier: 65:8B:59:E6:C1:F0:A7:1F:03:9D:10:F0:56:62:1B:71:2B:25:15:54
Certificate issuer: /CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Certificate serial: 0190DA344CBF035AC36382F68904A6F89B13
Authority key identifier: 4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/ZYtZ5sHwpx8DnRDwVmIbcSslFVQ.roa
Signing time: Mon 22 Jul 2024 11:29:38 +0000
ROA not before: Mon 22 Jul 2024 11:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39605
IP address blocks: 62.182.100.0/24 maxlen: 24
78.40.120.0/21 maxlen: 24
158.58.176.0/21 maxlen: 24
185.60.92.0/22 maxlen: 24
193.84.18.0/24 maxlen: 24
2a02:4b8::/29 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:34:4c:bf:03:5a:c3:63:82:f6:89:04:a6:f8:9b:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d7683d6ea539fef1b6b6dbdd74a31d05e5f0a23
Validity
Not Before: Jul 22 11:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=658b59e6c1f0a71f039d10f056621b712b251554
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:44:17:8b:b6:81:86:82:85:27:27:01:b2:f6:
15:a2:62:14:e1:96:ae:4a:bf:b4:4c:21:c9:76:f1:
43:7f:c0:ea:05:27:ac:8d:ad:39:69:e2:eb:3b:e1:
38:90:49:44:1c:91:58:ac:5d:f5:9a:f9:c0:57:64:
5a:ea:8e:7f:a4:d7:9f:c2:c5:19:65:a2:34:2d:fd:
53:ce:22:d6:3f:ea:dd:d9:9f:25:8b:3b:b7:91:0a:
84:4e:a4:a7:91:1f:69:3b:78:c2:2e:71:69:54:d0:
5b:31:c4:24:b2:e9:c4:3e:94:f7:b7:75:22:85:ef:
de:2d:d6:77:06:e3:ff:5d:37:18:c2:37:aa:05:7f:
36:79:f5:04:64:7a:89:4d:23:c9:18:81:a7:9e:11:
d3:75:24:53:d6:30:2c:34:1a:93:a8:da:4c:45:b4:
5a:3e:8a:e7:ac:f2:04:a7:5a:81:26:63:6b:15:86:
b0:87:cf:74:fb:48:dd:e9:63:bd:f2:72:48:47:12:
34:03:87:70:76:3c:9d:d7:77:2f:b1:92:9f:81:95:
67:a5:3d:4b:93:71:17:e8:1c:a8:89:5b:6d:b2:39:
00:6a:be:c8:88:66:c9:c7:39:1f:ab:22:5f:e8:81:
85:0f:cc:67:50:50:de:5c:e6:3a:c8:e0:d6:6e:b4:
59:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8B:59:E6:C1:F0:A7:1F:03:9D:10:F0:56:62:1B:71:2B:25:15:54
X509v3 Authority Key Identifier:
keyid:4D:76:83:D6:EA:53:9F:EF:1B:6B:6D:BD:D7:4A:31:D0:5E:5F:0A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXaD1upTn-8ba22910ox0F5fCiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/ZYtZ5sHwpx8DnRDwVmIbcSslFVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e5195d-6698-4604-9114-68b3768f50dc/1/TXaD1upTn-8ba22910ox0F5fCiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.182.100.0/24
78.40.120.0/21
158.58.176.0/21
185.60.92.0/22
193.84.18.0/24
IPv6:
2a02:4b8::/29
Signature Algorithm: sha256WithRSAEncryption
1e:ff:f6:ca:83:b5:4f:c4:1e:e0:62:1f:b6:a1:58:cb:15:c6:
d9:0d:30:be:5e:21:42:30:d8:56:e3:d5:35:3d:24:a2:b4:c9:
e2:82:6e:0e:f9:15:c6:11:f8:9b:69:8b:7c:92:cc:b3:e1:fc:
2f:dc:79:14:a4:61:cb:f4:80:20:f7:3b:f8:f2:f8:56:c3:5f:
e8:dc:7d:d8:90:c3:0b:bf:85:88:f2:38:f4:79:71:58:60:03:
9d:70:d5:12:bd:73:41:34:03:c9:08:ec:47:dd:e7:29:99:28:
c5:37:f7:c8:32:4f:0b:3d:5c:48:c6:72:19:8e:16:de:be:c1:
67:31:e9:ce:95:81:21:d2:ac:b6:e8:c0:67:f0:2f:b9:6f:76:
66:e7:da:ba:ad:f3:5d:30:00:94:1a:7e:13:c5:1d:d8:e3:ac:
51:ab:f1:7f:56:22:47:73:9c:10:9c:85:08:a5:e1:34:91:c7:
9b:12:e5:64:68:e1:ca:0f:70:09:b8:9b:0a:2b:24:ca:cf:f2:
04:9c:28:ad:5d:a0:58:94:b1:0b:83:f0:7e:0c:55:7c:6b:9c:
5a:0d:f1:5e:2b:48:5e:99:1a:14:af:bc:3a:aa:43:14:7f:33:
12:5e:f4:55:e1:e7:ae:15:be:18:41:8c:10:e0:ca:5a:b2:51:
94:b5:dc:28
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZDaNEy/A1rDY4L2iQSm+JsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkNzY4M2Q2ZWE1MzlmZWYxYjZiNmRiZGQ3NGEzMWQwNWU1
ZjBhMjMwHhcNMjQwNzIyMTEyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThiNTllNmMxZjBhNzFmMDM5ZDEwZjA1NjYyMWI3MTJiMjUxNTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvEQXi7aBhoKFJycBsvYVomIU4Zau
Sr+0TCHJdvFDf8DqBSesja05aeLrO+E4kElEHJFYrF31mvnAV2Ra6o5/pNefwsUZ
ZaI0Lf1TziLWP+rd2Z8lizu3kQqETqSnkR9pO3jCLnFpVNBbMcQksunEPpT3t3Ui
he/eLdZ3BuP/XTcYwjeqBX82efUEZHqJTSPJGIGnnhHTdSRT1jAsNBqTqNpMRbRa
PornrPIEp1qBJmNrFYawh890+0jd6WO98nJIRxI0A4dwdjyd13cvsZKfgZVnpT1L
k3EX6ByoiVttsjkAar7IiGbJxzkfqyJf6IGFD8xnUFDeXOY6yODWbrRZpwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGWLWebB8KcfA50Q8FZiG3ErJRVUMB8GA1UdIwQY
MBaAFE12g9bqU5/vG2ttvddKMdBeXwojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQt
NjhiMzc2OGY1MGRjLzEvWll0WjVzSHdweDhEblJEd1ZtSWJjU3NsRlZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNTE5NWQtNjY5OC00NjA0LTkxMTQtNjhiMzc2OGY1MGRj
LzEvVFhhRDF1cFRuLThiYTIyOTEwb3gwRjVmQ2lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAPrZkAwQD
Tih4AwQDnjqwAwQCuTxcAwQAwVQSMA0EAgACMAcDBQMqAgS4MA0GCSqGSIb3DQEB
CwUAA4IBAQAe//bKg7VPxB7gYh+2oVjLFcbZDTC+XiFCMNhW49U1PSSitMnigm4O
+RXGEfibaYt8ksyz4fwv3HkUpGHL9IAg9zv48vhWw1/o3H3YkMMLv4WI8jj0eXFY
YAOdcNUSvXNBNAPJCOxH3ecpmSjFN/fIMk8LPVxIxnIZjhbevsFnMenOlYEh0qy2
6MBn8C+5b3Zm59q6rfNdMACUGn4TxR3Y46xRq/F/ViJHc5wQnIUIpeE0kcebEuVk
aOHKD3AJuJsKKyTKz/IEnCitXaBYlLELg/B+DFV8a5xaDfFeK0hemRoUr7w6qkMU
fzMSXvRV4eeuFb4YQYwQ4MpaslGUtdwo
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:32:51 2025 by rpki-client