Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/lZRmEpDk4wL4NTqih4SMWDQL64I.roa
File: lZRmEpDk4wL4NTqih4SMWDQL64I.roa (raw, json)
Hash identifier: m9WTE3wqA8my81lsnhAv3XXx3hSjd9qr/dVT0CDSIUc=
Subject key identifier: 95:94:66:12:90:E4:E3:02:F8:35:3A:A2:87:84:8C:58:34:0B:EB:82
Certificate issuer: /CN=495c7427af74da9454f1e287c16f9a5f3a77831f
Certificate serial: 018E841C83B9079985F1C8087F02B320DCAD
Authority key identifier: 49:5C:74:27:AF:74:DA:94:54:F1:E2:87:C1:6F:9A:5F:3A:77:83:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SVx0J6902pRU8eKHwW-aXzp3gx8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/lZRmEpDk4wL4NTqih4SMWDQL64I.roa
Signing time: Thu 28 Mar 2024 08:10:44 +0000
ROA not before: Thu 28 Mar 2024 08:10:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61110
IP address blocks: 185.153.192.0/22 maxlen: 24
185.153.192.0/23 maxlen: 24
2a07:8d80::/29 maxlen: 48
2a07:8d80::/32 maxlen: 48
2a07:8d84::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:84:1c:83:b9:07:99:85:f1:c8:08:7f:02:b3:20:dc:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=495c7427af74da9454f1e287c16f9a5f3a77831f
Validity
Not Before: Mar 28 08:10:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9594661290e4e302f8353aa287848c58340beb82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f6:b3:ce:30:4e:4f:40:a9:01:92:97:80:db:
88:30:5b:e1:1e:38:1c:60:7f:7e:53:52:f4:95:7b:
9a:a1:ff:28:88:7a:d4:29:6f:00:63:64:cf:3f:a4:
86:18:a3:f9:8b:9f:be:6e:2a:46:6e:18:98:fe:41:
ab:92:a3:7e:e5:e9:7d:dc:c6:09:2a:07:62:99:a5:
da:c1:94:84:8e:6a:bb:32:28:de:93:a2:e9:6e:25:
09:84:bf:85:c9:87:ab:49:06:ed:a9:e1:94:0a:8c:
bc:45:20:a5:56:65:bd:be:69:79:67:b7:70:55:5c:
0d:c4:13:2f:87:b5:00:ee:b1:0e:cc:76:06:96:08:
23:d7:a0:5f:06:21:b6:0d:f7:22:92:04:83:d7:a5:
fb:eb:16:2e:c8:53:69:8a:43:bf:69:86:ce:78:be:
8c:62:d7:e1:3b:51:26:01:39:06:c1:b4:d9:db:0e:
03:da:30:44:36:01:88:93:7a:ae:61:fd:cf:af:10:
14:84:56:e3:4d:ae:0d:32:fa:77:84:03:4d:29:02:
90:e2:04:e9:5e:80:38:87:98:9b:48:a9:c7:4e:da:
4c:8f:aa:46:f5:2d:c8:cf:a5:92:56:a1:d4:80:83:
bf:0c:b1:dd:00:51:12:12:1d:72:3b:3a:fc:70:0d:
5f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:94:66:12:90:E4:E3:02:F8:35:3A:A2:87:84:8C:58:34:0B:EB:82
X509v3 Authority Key Identifier:
keyid:49:5C:74:27:AF:74:DA:94:54:F1:E2:87:C1:6F:9A:5F:3A:77:83:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SVx0J6902pRU8eKHwW-aXzp3gx8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/lZRmEpDk4wL4NTqih4SMWDQL64I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/64773f-7c7e-4898-b193-08d8e50fc9c5/1/SVx0J6902pRU8eKHwW-aXzp3gx8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.192.0/22
IPv6:
2a07:8d80::/29
Signature Algorithm: sha256WithRSAEncryption
99:02:86:cc:c0:83:d5:18:83:35:b1:5b:4a:2f:f8:c4:3e:3e:
96:96:f0:87:96:3b:fc:bd:ff:61:e0:e8:e6:c6:ee:52:9d:23:
eb:93:4f:60:83:1f:57:7b:00:3e:6d:c2:bd:74:94:5c:08:cb:
21:3f:17:8f:d4:11:35:67:fc:d2:db:7e:68:61:50:59:bd:cb:
bc:5d:c6:e1:4b:35:1f:43:54:b9:17:8e:48:3a:ad:e7:4b:ad:
28:3e:18:89:e2:49:ca:0c:f0:31:c6:41:3b:62:5e:07:8c:d0:
d3:e1:6b:74:9a:07:03:c1:64:a3:87:d8:20:cd:3c:41:eb:d2:
b0:3c:d4:e4:cc:88:30:c8:6d:37:76:41:6d:ba:9d:a1:ac:fa:
73:54:46:3b:07:88:b3:98:95:e6:2c:a3:1a:8b:e8:0b:8b:2d:
5c:f3:ef:39:26:db:91:c3:a8:1a:e8:6b:1d:49:8c:ee:2d:d2:
54:bd:69:aa:9f:93:c5:48:03:24:46:cd:c7:0b:72:81:80:98:
4e:db:54:18:7a:9c:88:1f:5f:ac:4a:61:f2:c3:e8:b1:7c:67:
99:78:15:60:47:0c:3e:3b:25:fc:74:66:61:10:fe:18:dd:04:
11:09:4b:f3:36:33:a5:a5:bf:e3:21:bd:4b:39:34:90:09:da:
0e:a4:bb:fc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6EHIO5B5mF8cgIfwKzINytMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NWM3NDI3YWY3NGRhOTQ1NGYxZTI4N2MxNmY5YTVmM2E3
NzgzMWYwHhcNMjQwMzI4MDgxMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTk0NjYxMjkwZTRlMzAyZjgzNTNhYTI4Nzg0OGM1ODM0MGJlYjgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPazzjBOT0CpAZKXgNuIMFvhHjgc
YH9+U1L0lXuaof8oiHrUKW8AY2TPP6SGGKP5i5++bipGbhiY/kGrkqN+5el93MYJ
KgdimaXawZSEjmq7Mijek6LpbiUJhL+FyYerSQbtqeGUCoy8RSClVmW9vml5Z7dw
VVwNxBMvh7UA7rEOzHYGlggj16BfBiG2DfcikgSD16X76xYuyFNpikO/aYbOeL6M
YtfhO1EmATkGwbTZ2w4D2jBENgGIk3quYf3PrxAUhFbjTa4NMvp3hANNKQKQ4gTp
XoA4h5ibSKnHTtpMj6pG9S3Iz6WSVqHUgIO/DLHdAFESEh1yOzr8cA1fVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJWUZhKQ5OMC+DU6ooeEjFg0C+uCMB8GA1UdIwQY
MBaAFElcdCevdNqUVPHih8Fvml86d4MfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1Z4MEo2OTAycFJVOGVLSHdXLWFYenAzZ3g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC82NDc3M2YtN2M3ZS00ODk4LWIxOTMt
MDhkOGU1MGZjOWM1LzEvbFpSbUVwRGs0d0w0TlRxaWg0U01XRFFMNjRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC82NDc3M2YtN2M3ZS00ODk4LWIxOTMtMDhkOGU1MGZjOWM1
LzEvU1Z4MEo2OTAycFJVOGVLSHdXLWFYenAzZ3g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZnAMA0E
AgACMAcDBQMqB42AMA0GCSqGSIb3DQEBCwUAA4IBAQCZAobMwIPVGIM1sVtKL/jE
Pj6WlvCHljv8vf9h4Ojmxu5SnSPrk09ggx9XewA+bcK9dJRcCMshPxeP1BE1Z/zS
235oYVBZvcu8XcbhSzUfQ1S5F45IOq3nS60oPhiJ4knKDPAxxkE7Yl4HjNDT4Wt0
mgcDwWSjh9ggzTxB69KwPNTkzIgwyG03dkFtup2hrPpzVEY7B4izmJXmLKMai+gL
iy1c8+85JtuRw6ga6GsdSYzuLdJUvWmqn5PFSAMkRs3HC3KBgJhO21QYepyIH1+s
SmHyw+ixfGeZeBVgRww+OyX8dGZhEP4Y3QQRCUvzNjOlpb/jIb1LOTSQCdoOpLv8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:16:44 2025 by rpki-client