Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/z--XBesbwqFEiq-qxAVdzp0vZ7M.roa
File: z--XBesbwqFEiq-qxAVdzp0vZ7M.roa (raw, json)
Hash identifier: 07G0t+hOaqU/FUkzlREn6OdxCaqRdcNTaMe7ZyZGgeg=
Subject key identifier: CF:EF:97:05:EB:1B:C2:A1:44:8A:AF:AA:C4:05:5D:CE:9D:2F:67:B3
Certificate issuer: /CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Certificate serial: 0190FD6F8D2F345057179F52B7F9D74271D4
Authority key identifier: 87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/z--XBesbwqFEiq-qxAVdzp0vZ7M.roa
Signing time: Mon 29 Jul 2024 07:41:04 +0000
ROA not before: Mon 29 Jul 2024 07:41:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396982
IP address blocks: 185.197.213.0/24 maxlen: 24
185.197.215.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fd:6f:8d:2f:34:50:57:17:9f:52:b7:f9:d7:42:71:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=87ed9cb8340ac2095a4cb0528e5ea2f738cea672
Validity
Not Before: Jul 29 07:41:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cfef9705eb1bc2a1448aafaac4055dce9d2f67b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:17:b3:66:94:97:df:19:56:26:4e:94:cc:e7:
e3:10:33:7f:cc:77:23:cd:4b:30:77:ab:d0:dc:6d:
fc:27:7b:2e:8c:f2:a4:83:38:dc:ac:bf:d4:56:ef:
ba:c1:27:df:59:1f:13:ea:f0:a4:b0:95:65:60:92:
ad:dc:6c:84:65:2f:f5:95:27:55:22:fa:0c:a9:a3:
8b:b1:77:93:69:1c:e4:8e:15:15:72:40:57:a6:01:
ec:f3:f1:bc:84:d5:f3:91:5f:e6:e6:ad:6c:53:a3:
4b:4a:c8:0e:f8:a0:5d:72:19:d2:d3:ab:bd:f9:29:
68:c1:42:84:2e:98:6c:db:aa:c6:36:8d:9a:10:4e:
c8:f5:43:69:88:55:7c:3f:1c:9d:d8:f1:f5:aa:c5:
56:f3:42:bf:93:f8:14:e2:82:f3:67:bd:7f:02:9d:
bc:c0:36:ea:21:f1:d8:52:49:22:21:1e:03:0c:d2:
31:b9:81:d1:ae:f3:a7:a2:1d:17:04:96:9b:54:66:
76:72:e0:27:a7:ae:71:dc:01:13:53:70:89:79:bb:
56:78:d3:06:bb:de:68:90:7c:5e:ab:bf:89:1e:b6:
f7:b5:c8:aa:29:4b:34:d2:d1:67:24:5b:ae:12:76:
ac:aa:99:db:78:96:f0:b8:0c:65:9f:d3:e5:89:7d:
ea:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:EF:97:05:EB:1B:C2:A1:44:8A:AF:AA:C4:05:5D:CE:9D:2F:67:B3
X509v3 Authority Key Identifier:
keyid:87:ED:9C:B8:34:0A:C2:09:5A:4C:B0:52:8E:5E:A2:F7:38:CE:A6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h-2cuDQKwglaTLBSjl6i9zjOpnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/z--XBesbwqFEiq-qxAVdzp0vZ7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/6381d3-5d01-4abc-bed7-7b21bf303ccc/1/h-2cuDQKwglaTLBSjl6i9zjOpnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.213.0/24
185.197.215.0/24
Signature Algorithm: sha256WithRSAEncryption
60:96:85:8a:d5:cf:ff:e3:66:50:9e:d5:c4:30:0e:33:3a:69:
45:12:f8:d6:cd:c3:1f:ce:d1:ed:f5:63:d1:11:98:98:2f:71:
a0:99:09:35:8d:70:6d:07:17:f4:5e:08:1d:5e:05:57:10:19:
1e:8e:4e:2c:cd:85:d3:48:7e:34:6a:6d:b7:4e:6e:68:26:eb:
74:23:07:9d:8d:61:09:03:ae:a8:2f:ca:bb:76:c7:c5:1b:4c:
c5:24:4d:a4:bf:d7:14:17:c0:1b:25:e8:b0:82:f4:45:0d:cd:
80:13:80:b1:a9:ab:c2:b2:9b:0c:96:1c:d9:b4:54:74:4a:61:
ae:a0:07:30:22:00:75:75:a8:fb:f6:4d:fc:90:a7:89:9a:c6:
69:8f:f6:e2:4e:45:77:5c:68:44:e4:14:47:7b:95:53:7d:17:
d2:dc:f7:ed:f5:03:72:e8:6a:fe:84:bf:0a:0e:24:5a:03:78:
48:70:c3:d7:a2:16:43:b3:8b:b5:e9:49:e7:c1:a7:2b:c6:f9:
13:95:41:de:32:5c:f7:52:d3:46:6f:82:e3:83:c6:67:a5:6a:
65:02:e6:18:d8:66:00:2c:61:c9:e0:cd:6e:cc:fb:9c:a7:d4:
e1:e0:19:10:1f:f3:18:8d:f2:62:1f:0c:eb:ce:0d:19:c9:3a:
f6:23:3a:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZD9b40vNFBXF59St/nXQnHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3ZWQ5Y2I4MzQwYWMyMDk1YTRjYjA1MjhlNWVhMmY3Mzhj
ZWE2NzIwHhcNMjQwNzI5MDc0MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmVmOTcwNWViMWJjMmExNDQ4YWFmYWFjNDA1NWRjZTlkMmY2N2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5hezZpSX3xlWJk6UzOfjEDN/zHcj
zUswd6vQ3G38J3sujPKkgzjcrL/UVu+6wSffWR8T6vCksJVlYJKt3GyEZS/1lSdV
IvoMqaOLsXeTaRzkjhUVckBXpgHs8/G8hNXzkV/m5q1sU6NLSsgO+KBdchnS06u9
+SlowUKELphs26rGNo2aEE7I9UNpiFV8Pxyd2PH1qsVW80K/k/gU4oLzZ71/Ap28
wDbqIfHYUkkiIR4DDNIxuYHRrvOnoh0XBJabVGZ2cuAnp65x3AETU3CJebtWeNMG
u95okHxeq7+JHrb3tciqKUs00tFnJFuuEnasqpnbeJbwuAxln9PliX3qFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM/vlwXrG8KhRIqvqsQFXc6dL2ezMB8GA1UdIwQY
MBaAFIftnLg0CsIJWkywUo5eovc4zqZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDct
N2IyMWJmMzAzY2NjLzEvei0tWEJlc2J3cUZFaXEtcXhBVmR6cDB2WjdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi82MzgxZDMtNWQwMS00YWJjLWJlZDctN2IyMWJmMzAzY2Nj
LzEvaC0yY3VEUUt3Z2xhVExCU2psNmk5empPcG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucXVAwQA
ucXXMA0GCSqGSIb3DQEBCwUAA4IBAQBgloWK1c//42ZQntXEMA4zOmlFEvjWzcMf
ztHt9WPREZiYL3GgmQk1jXBtBxf0XggdXgVXEBkejk4szYXTSH40am23Tm5oJut0
IwedjWEJA66oL8q7dsfFG0zFJE2kv9cUF8AbJeiwgvRFDc2AE4CxqavCspsMlhzZ
tFR0SmGuoAcwIgB1daj79k38kKeJmsZpj/biTkV3XGhE5BRHe5VTfRfS3Pft9QNy
6Gr+hL8KDiRaA3hIcMPXohZDs4u16UnnwacrxvkTlUHeMlz3UtNGb4Ljg8ZnpWpl
AuYY2GYALGHJ4M1uzPucp9Th4BkQH/MYjfJiHwzrzg0ZyTr2IzqY
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:14 2025 by rpki-client