Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/gZLkYZ8aiRx123JTbwEL6nzLVXQ.roa
File: gZLkYZ8aiRx123JTbwEL6nzLVXQ.roa (raw, json)
Hash identifier: WYiDB1Zccnbu5rZbT4fWY5UTJlhER13SuEAyQcLErjk=
Subject key identifier: 81:92:E4:61:9F:1A:89:1C:75:DB:72:53:6F:01:0B:EA:7C:CB:55:74
Certificate issuer: /CN=64e7553292af595426ee1d7dc919a2104894752b
Certificate serial: 018CC3B6CF02A0C1BD5D4234777E9A6B69FF
Authority key identifier: 64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/gZLkYZ8aiRx123JTbwEL6nzLVXQ.roa
Signing time: Mon 01 Jan 2024 06:29:46 +0000
ROA not before: Mon 01 Jan 2024 06:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205209
IP address blocks: 185.223.0.0/22 maxlen: 22
141.226.250.0/23 maxlen: 23
2a0d:2800::/29 maxlen: 29
Validation: Failed, certificate revoked on Sun 18 Aug 2024 02:40:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:cf:02:a0:c1:bd:5d:42:34:77:7e:9a:6b:69:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64e7553292af595426ee1d7dc919a2104894752b
Validity
Not Before: Jan 1 06:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8192e4619f1a891c75db72536f010bea7ccb5574
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:3f:b8:23:65:f8:b2:af:e4:23:8b:e7:bd:11:
32:87:bd:a0:a3:e6:05:dc:ac:ea:e2:e6:4e:93:e8:
7d:00:1e:be:4b:12:74:c4:ac:db:f8:af:bd:4c:21:
89:a6:8f:c1:74:eb:9a:98:6c:44:6a:73:0c:bd:fd:
2e:ff:fa:33:ed:01:60:00:5c:12:a1:3d:d6:38:0d:
4f:0d:dd:79:ad:a7:ab:65:93:7b:08:72:74:2b:12:
23:47:cf:48:29:60:5b:9c:48:fb:56:45:93:81:67:
84:d0:66:c1:a7:9a:4f:1b:02:05:9c:46:13:a0:19:
2f:4d:97:ca:cf:82:95:b9:d7:e5:3a:f0:68:6e:f5:
38:0e:e0:aa:9e:70:3c:53:44:92:60:a5:6d:10:e9:
50:5e:c8:a0:24:fa:9b:02:21:b7:a0:c0:c0:0e:41:
d0:e3:e9:b7:46:b2:4d:55:7b:49:7c:15:ff:58:ec:
18:1d:39:d3:08:c0:4d:d5:b0:4a:93:f1:2f:af:ea:
8c:ed:05:12:84:63:1c:76:dd:c8:fe:3a:8b:5a:a6:
01:22:58:d6:68:53:2e:fe:89:30:2f:8b:ad:53:b5:
e4:bd:46:a5:91:22:46:99:03:c7:54:45:80:19:76:
b9:bc:ca:04:8a:39:6b:ed:92:dd:f0:5f:5a:01:a7:
f0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:92:E4:61:9F:1A:89:1C:75:DB:72:53:6F:01:0B:EA:7C:CB:55:74
X509v3 Authority Key Identifier:
keyid:64:E7:55:32:92:AF:59:54:26:EE:1D:7D:C9:19:A2:10:48:94:75:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZOdVMpKvWVQm7h19yRmiEEiUdSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/gZLkYZ8aiRx123JTbwEL6nzLVXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e66a57-65ef-4644-8f50-c14faf43be14/1/ZOdVMpKvWVQm7h19yRmiEEiUdSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.250.0/23
185.223.0.0/22
IPv6:
2a0d:2800::/29
Signature Algorithm: sha256WithRSAEncryption
61:bf:cc:48:32:92:1f:71:d8:84:e5:7c:49:c5:22:cb:c8:33:
a7:22:98:28:f2:c3:29:28:48:4a:38:ad:b2:0d:11:a8:7e:6e:
83:1f:ea:4e:52:ab:05:d0:26:0c:0d:28:ff:ff:61:61:02:ae:
63:0a:14:87:30:2a:2b:83:fb:17:b5:d6:72:f6:89:f9:27:3c:
70:bc:f8:22:ec:61:45:50:d7:1e:21:fd:13:c3:ea:81:51:19:
93:6c:8e:6d:b3:eb:49:03:58:17:4e:50:fc:af:cf:90:82:cb:
a7:02:58:cf:88:6b:b7:7f:21:b0:9b:0f:93:51:cf:1f:16:65:
c0:da:e9:49:b3:43:1e:5e:08:39:0d:c9:03:cf:2e:9c:f5:fe:
82:04:79:57:85:35:11:93:03:9a:80:ae:7e:d5:24:2d:c2:c5:
1c:69:f1:93:4b:64:4b:51:c1:0c:b7:ab:e2:aa:29:ae:9a:5c:
3d:e6:1a:f4:b6:de:4b:9c:49:c4:ff:cb:76:55:fe:56:a2:61:
85:d3:e4:9d:2a:a3:ca:26:96:c3:1f:b6:35:37:89:a7:01:45:
32:e6:42:24:0d:2d:12:d1:88:8b:96:c0:73:5d:5d:be:90:ee:
b4:f1:76:3d:b7:af:93:f2:54:3b:39:52:66:0c:d8:73:53:82:
56:74:6f:1c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDts8CoMG9XUI0d36aa2n/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZTc1NTMyOTJhZjU5NTQyNmVlMWQ3ZGM5MTlhMjEwNDg5
NDc1MmIwHhcNMjQwMTAxMDYyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MTkyZTQ2MTlmMWE4OTFjNzVkYjcyNTM2ZjAxMGJlYTdjY2I1NTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhD+4I2X4sq/kI4vnvREyh72go+YF
3Kzq4uZOk+h9AB6+SxJ0xKzb+K+9TCGJpo/BdOuamGxEanMMvf0u//oz7QFgAFwS
oT3WOA1PDd15raerZZN7CHJ0KxIjR89IKWBbnEj7VkWTgWeE0GbBp5pPGwIFnEYT
oBkvTZfKz4KVudflOvBobvU4DuCqnnA8U0SSYKVtEOlQXsigJPqbAiG3oMDADkHQ
4+m3RrJNVXtJfBX/WOwYHTnTCMBN1bBKk/Evr+qM7QUShGMcdt3I/jqLWqYBIljW
aFMu/okwL4utU7XkvUalkSJGmQPHVEWAGXa5vMoEijlr7ZLd8F9aAafw+QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIGS5GGfGokcddtyU28BC+p8y1V0MB8GA1UdIwQY
MBaAFGTnVTKSr1lUJu4dfckZohBIlHUrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAt
YzE0ZmFmNDNiZTE0LzEvZ1pMa1laOGFpUngxMjNKVGJ3RUw2bnpMVlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lNjZhNTctNjVlZi00NjQ0LThmNTAtYzE0ZmFmNDNiZTE0
LzEvWk9kVk1wS3ZXVlFtN2gxOXlSbWlFRWlVZFNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBjeL6AwQC
ud8AMA0EAgACMAcDBQMqDSgAMA0GCSqGSIb3DQEBCwUAA4IBAQBhv8xIMpIfcdiE
5XxJxSLLyDOnIpgo8sMpKEhKOK2yDRGofm6DH+pOUqsF0CYMDSj//2FhAq5jChSH
MCorg/sXtdZy9on5JzxwvPgi7GFFUNceIf0Tw+qBURmTbI5ts+tJA1gXTlD8r8+Q
gsunAljPiGu3fyGwmw+TUc8fFmXA2ulJs0MeXgg5DckDzy6c9f6CBHlXhTURkwOa
gK5+1SQtwsUcafGTS2RLUcEMt6viqimumlw95hr0tt5LnEnE/8t2Vf5WomGF0+Sd
KqPKJpbDH7Y1N4mnAUUy5kIkDS0S0YiLlsBzXV2+kO608XY9t6+T8lQ7OVJmDNhz
U4JWdG8c
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:18:43 2025 by rpki-client