Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/zhkYwaS6plkLrphYbPS8pd2d7FY.roa
File: zhkYwaS6plkLrphYbPS8pd2d7FY.roa (raw, json)
Hash identifier: WU0EL6Wv1LtNp+Lij8wGxS4Sro4oDveWrv/HGSpbczs=
Subject key identifier: CE:19:18:C1:A4:BA:A6:59:0B:AE:98:58:6C:F4:BC:A5:DD:9D:EC:56
Certificate issuer: /CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Certificate serial: 018CC8DFA9B80FDE17BD3AC94A04A90567DB
Authority key identifier: A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/zhkYwaS6plkLrphYbPS8pd2d7FY.roa
Signing time: Tue 02 Jan 2024 06:32:30 +0000
ROA not before: Tue 02 Jan 2024 06:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51956
IP address blocks: 185.201.174.160/29 maxlen: 29
185.201.174.176/29 maxlen: 29
185.201.174.240/29 maxlen: 29
185.201.172.0/22 maxlen: 22
185.201.174.224/28 maxlen: 28
185.201.174.192/28 maxlen: 28
92.53.236.0/22 maxlen: 22
92.53.236.0/24 maxlen: 24
92.53.237.0/24 maxlen: 24
92.53.238.0/24 maxlen: 24
92.53.239.0/24 maxlen: 24
185.201.174.184/29 maxlen: 29
185.201.174.64/26 maxlen: 26
Validation: Failed, certificate revoked on Tue 03 Dec 2024 15:28:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a9:b8:0f:de:17:bd:3a:c9:4a:04:a9:05:67:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Validity
Not Before: Jan 2 06:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce1918c1a4baa6590bae98586cf4bca5dd9dec56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:3f:b7:9b:2a:de:36:44:ee:c4:8b:90:88:f5:
a0:e5:ba:e0:5d:e5:09:cd:91:03:5c:de:f7:82:55:
41:78:4d:2c:36:d2:76:6c:4e:46:a8:38:7c:ff:a5:
71:5c:90:98:8c:2a:3f:13:b2:6f:87:42:de:cc:18:
f9:ab:f4:82:37:bb:fc:71:41:05:db:48:ab:b9:bc:
0b:6d:5d:ea:99:dc:e3:a2:90:de:ab:ff:40:ca:91:
60:ed:51:a9:1b:6f:a2:fa:62:72:11:66:37:0e:00:
ca:13:30:2f:f6:bc:82:d8:e4:c9:3d:6e:4a:64:b6:
ac:8e:76:4c:ee:61:e7:5c:08:8a:6c:e6:ba:59:a0:
51:20:59:28:69:f9:36:58:25:ee:61:14:85:e8:79:
fa:ea:25:3a:cb:27:f1:04:12:55:4f:fd:7f:d4:85:
d5:12:1a:26:02:99:44:60:b5:8f:03:19:72:f4:04:
de:7d:20:1e:f1:d4:ad:42:b2:15:5a:35:e9:27:21:
15:6c:f3:79:22:9e:a4:18:ee:13:72:d3:0d:0c:4f:
23:d8:fc:9f:1d:ec:e4:8f:8e:ae:8e:3f:f7:18:46:
b1:ff:d6:af:51:29:cc:58:26:d6:88:78:40:95:e9:
c8:f8:93:a3:55:39:64:0f:24:43:83:c5:1e:79:19:
00:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:19:18:C1:A4:BA:A6:59:0B:AE:98:58:6C:F4:BC:A5:DD:9D:EC:56
X509v3 Authority Key Identifier:
keyid:A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/zhkYwaS6plkLrphYbPS8pd2d7FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.236.0/22
185.201.172.0/22
Signature Algorithm: sha256WithRSAEncryption
84:c5:94:78:20:3d:f1:83:0f:32:7c:7c:9b:94:cd:92:24:b8:
18:fb:96:13:e7:e2:bf:a5:16:c5:3c:a9:72:a8:73:d5:4f:e4:
9f:89:a2:83:d3:d0:94:cc:4e:d5:db:91:7c:1d:e7:f1:e9:e6:
f8:93:40:23:df:07:db:af:e8:b5:cb:eb:f2:ad:28:6c:88:c7:
10:2d:49:df:ec:64:49:6b:7a:1b:60:cf:f1:96:b6:3d:43:68:
13:34:78:10:dd:f4:91:8a:8e:93:64:34:77:43:9b:e5:5b:0f:
09:4c:e0:e5:9e:c1:f4:b7:1d:fa:a2:40:55:f5:0a:fa:a2:a5:
19:db:a0:1a:71:f2:a5:e7:9d:3e:c7:bd:70:d3:9e:16:0a:a2:
6b:98:e5:78:c3:3f:b3:4d:fb:0a:4b:f4:10:30:2e:d4:8d:cf:
52:c3:82:d1:31:65:ae:e6:03:55:1d:fe:4b:2d:61:5e:ab:79:
97:a5:a6:af:49:30:43:3a:bb:cd:23:21:4f:e0:f6:6c:63:38:
35:5e:51:36:06:b3:72:06:77:57:19:16:79:7e:89:74:8e:03:
04:f0:10:8c:76:b0:27:7c:44:32:8e:bb:04:50:87:2f:c7:67:
f5:de:bf:8c:f3:b6:00:33:bf:2a:d1:e7:03:97:aa:22:9a:6f:
4d:26:92:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI36m4D94XvTrJSgSpBWfbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZGZmMDFmNTZlMzQxOWQwMjdiZTc1OTFjZWVmNjI4NTFj
ZTBmNmIwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE5MThjMWE0YmFhNjU5MGJhZTk4NTg2Y2Y0YmNhNWRkOWRlYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgD+3myreNkTuxIuQiPWg5brgXeUJ
zZEDXN73glVBeE0sNtJ2bE5GqDh8/6VxXJCYjCo/E7Jvh0LezBj5q/SCN7v8cUEF
20irubwLbV3qmdzjopDeq/9AypFg7VGpG2+i+mJyEWY3DgDKEzAv9ryC2OTJPW5K
ZLasjnZM7mHnXAiKbOa6WaBRIFkoafk2WCXuYRSF6Hn66iU6yyfxBBJVT/1/1IXV
EhomAplEYLWPAxly9ATefSAe8dStQrIVWjXpJyEVbPN5Ip6kGO4TctMNDE8j2Pyf
Hezkj46ujj/3GEax/9avUSnMWCbWiHhAlenI+JOjVTlkDyRDg8UeeRkAkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM4ZGMGkuqZZC66YWGz0vKXdnexWMB8GA1UdIwQY
MBaAFKjf8B9W40GdAnvnWRzu9ihRzg9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUt
ODgyYzQ0OGUyZWY2LzEvemhrWXdhUzZwbGtMcnBoWWJQUzhwZDJkN0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUtODgyYzQ0OGUyZWY2
LzEvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDXsAwQC
ucmsMA0GCSqGSIb3DQEBCwUAA4IBAQCExZR4ID3xgw8yfHyblM2SJLgY+5YT5+K/
pRbFPKlyqHPVT+SfiaKD09CUzE7V25F8Hefx6eb4k0Aj3wfbr+i1y+vyrShsiMcQ
LUnf7GRJa3obYM/xlrY9Q2gTNHgQ3fSRio6TZDR3Q5vlWw8JTODlnsH0tx36okBV
9Qr6oqUZ26AacfKl550+x71w054WCqJrmOV4wz+zTfsKS/QQMC7Ujc9Sw4LRMWWu
5gNVHf5LLWFeq3mXpaavSTBDOrvNIyFP4PZsYzg1XlE2BrNyBndXGRZ5fol0jgME
8BCMdrAnfEQyjrsEUIcvx2f13r+M87YAM78q0ecDl6oimm9NJpJu
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:02:30 2025 by rpki-client