Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZSbMBkg5xp7_TVR7KyMk1DXg_q4.roa
File: ZSbMBkg5xp7_TVR7KyMk1DXg_q4.roa (raw, json)
Hash identifier: BzkiSkwbhKimfBpKKS8Vu4nKfdMTWPwiDw1JwR5MD0w=
Subject key identifier: 65:26:CC:06:48:39:C6:9E:FF:4D:54:7B:2B:23:24:D4:35:E0:FE:AE
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0192D7770ED862A051CF6C0780E7ED2565FE
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZSbMBkg5xp7_TVR7KyMk1DXg_q4.roa
Signing time: Tue 29 Oct 2024 08:49:16 +0000
ROA not before: Tue 29 Oct 2024 08:49:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25467
IP address blocks: 45.153.126.0/24 maxlen: 24
46.183.184.0/24 maxlen: 24
46.183.185.0/24 maxlen: 24
92.243.65.0/24 maxlen: 24
185.193.50.0/24 maxlen: 24
2a03:f80:385::/48 maxlen: 48
2a03:f80:389::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d7:77:0e:d8:62:a0:51:cf:6c:07:80:e7:ed:25:65:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 29 08:49:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6526cc064839c69eff4d547b2b2324d435e0feae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:32:85:f1:78:7d:c0:18:f1:a3:a0:c8:de:d4:
57:cc:4c:56:4c:c5:8c:50:d5:13:bb:4d:0f:a4:da:
8f:0c:3f:cc:9d:19:b5:6d:39:0b:93:7d:c8:07:0e:
37:d9:98:7b:59:af:3c:ae:d8:04:9d:ef:7b:9c:5b:
c2:2a:d7:35:e5:be:5c:00:17:13:d7:97:3c:77:d6:
d4:41:d3:77:82:23:af:04:1b:f1:37:9c:f1:5e:1f:
0b:ed:72:4f:e8:96:0b:01:4b:79:16:f7:35:f1:3f:
b7:42:04:57:6c:11:fa:6d:b5:1e:5d:56:9b:01:ab:
55:54:f2:74:3c:26:a1:9f:95:b2:7d:c3:35:0d:89:
1c:b0:46:bc:87:bf:80:6f:fe:8b:70:86:01:69:5b:
ca:b3:44:0e:54:5b:ad:20:be:19:26:46:b7:15:3f:
12:26:8d:f9:7f:d0:17:0e:6a:09:13:3a:56:bf:ce:
c6:36:f4:56:38:d8:b3:8d:97:ea:f0:2c:b9:a5:5d:
ce:87:b3:c3:e7:ba:dd:79:4f:3a:3a:17:e7:d1:48:
d0:ed:f6:d8:ed:36:22:c4:2d:1a:d1:44:5a:f4:44:
8e:6d:66:9b:cc:9b:4a:27:9d:bf:96:26:39:28:0d:
47:9c:7c:08:39:1e:46:c9:d6:f6:20:9d:b5:bb:fa:
92:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:26:CC:06:48:39:C6:9E:FF:4D:54:7B:2B:23:24:D4:35:E0:FE:AE
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/ZSbMBkg5xp7_TVR7KyMk1DXg_q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.126.0/24
46.183.184.0/23
92.243.65.0/24
185.193.50.0/24
IPv6:
2a03:f80:385::/48
2a03:f80:389::/48
Signature Algorithm: sha256WithRSAEncryption
a5:b2:79:07:a9:7a:cc:de:0c:68:e6:9b:3a:71:04:34:bd:99:
2b:14:57:7b:3f:58:5f:ab:6d:f1:bf:2d:a6:3e:a7:59:4e:2c:
68:4f:d6:19:93:64:ae:50:9f:54:3c:29:c4:19:92:3b:c1:54:
8a:5b:60:b1:bb:5e:c8:20:20:6e:2c:a5:fe:08:55:cc:09:a2:
74:fa:1e:d9:cf:82:9d:16:0f:31:87:45:03:03:db:b9:be:de:
b7:17:fa:12:6b:d1:a4:07:cb:31:e3:bb:7f:ed:2e:43:a2:64:
f0:e7:a8:7b:50:de:e8:eb:aa:9a:5a:9a:cc:a4:ea:b2:dd:cf:
32:de:3c:d9:e9:d0:b5:18:f4:2b:5d:42:0b:dd:6e:9d:8d:c2:
e7:a0:ad:3d:60:db:e1:54:ba:48:ce:48:9d:67:06:96:5f:57:
45:90:fd:51:06:48:10:ad:c6:1c:79:18:ca:41:71:8a:75:c1:
c1:61:fc:27:91:66:42:20:6e:8c:6c:6f:ef:9e:2f:a9:7a:f3:
a5:0c:58:4b:ea:99:05:a3:66:ea:38:85:ae:18:55:94:a7:9d:
25:d5:f4:d1:43:f9:9e:be:2a:54:2a:fb:c7:97:51:24:74:e7:
ee:d6:c8:a1:6a:ce:f1:eb:8a:a8:96:93:b3:63:30:82:84:58:
ee:fe:c1:fd
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZLXdw7YYqBRz2wHgOftJWX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMDI5MDg0OTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTI2Y2MwNjQ4MzljNjllZmY0ZDU0N2IyYjIzMjRkNDM1ZTBmZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTKF8Xh9wBjxo6DI3tRXzExWTMWM
UNUTu00PpNqPDD/MnRm1bTkLk33IBw432Zh7Wa88rtgEne97nFvCKtc15b5cABcT
15c8d9bUQdN3giOvBBvxN5zxXh8L7XJP6JYLAUt5Fvc18T+3QgRXbBH6bbUeXVab
AatVVPJ0PCahn5WyfcM1DYkcsEa8h7+Ab/6LcIYBaVvKs0QOVFutIL4ZJka3FT8S
Jo35f9AXDmoJEzpWv87GNvRWONizjZfq8Cy5pV3Oh7PD57rdeU86Ohfn0UjQ7fbY
7TYixC0a0URa9ESObWabzJtKJ52/liY5KA1HnHwIOR5Gydb2IJ21u/qS7QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGUmzAZIOcae/01UeysjJNQ14P6uMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvWlNiTUJrZzV4cDdfVFZSN0t5TWsxRFhnX3E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQALZl+AwQB
Lre4AwQAXPNBAwQAucEyMBgEAgACMBIDBwAqAw+AA4UDBwAqAw+AA4kwDQYJKoZI
hvcNAQELBQADggEBAKWyeQepeszeDGjmmzpxBDS9mSsUV3s/WF+rbfG/LaY+p1lO
LGhP1hmTZK5Qn1Q8KcQZkjvBVIpbYLG7XsggIG4spf4IVcwJonT6HtnPgp0WDzGH
RQMD27m+3rcX+hJr0aQHyzHju3/tLkOiZPDnqHtQ3ujrqppamsyk6rLdzzLePNnp
0LUY9CtdQgvdbp2NwuegrT1g2+FUukjOSJ1nBpZfV0WQ/VEGSBCtxhx5GMpBcYp1
wcFh/CeRZkIgboxsb++eL6l686UMWEvqmQWjZuo4ha4YVZSnnSXV9NFD+Z6+KlQq
+8eXUSR05+7WyKFqzvHriqiWk7NjMIKEWO7+wf0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:00:38 2025 by rpki-client