Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/ZhWMlg_6_j5gArUHWdhav0VQsu4.roa
File: ZhWMlg_6_j5gArUHWdhav0VQsu4.roa (raw, json)
Hash identifier: Yo40uE9cakv2GmJO32nAe8Jtl0NFx0h1TFS4YdmyA0U=
Subject key identifier: 66:15:8C:96:0F:FA:FE:3E:60:02:B5:07:59:D8:5A:BF:45:50:B2:EE
Certificate issuer: /CN=c20e65caddbecd48d2f87787993113842bdfce5d
Certificate serial: 018CC5001764CBBF3FEA3CACB4BE066472E2
Authority key identifier: C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/ZhWMlg_6_j5gArUHWdhav0VQsu4.roa
Signing time: Mon 01 Jan 2024 12:29:26 +0000
ROA not before: Mon 01 Jan 2024 12:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197726
IP address blocks: 195.88.242.0/23 maxlen: 23
91.231.84.0/23 maxlen: 23
91.231.86.0/23 maxlen: 23
195.64.154.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 06 Feb 2024 16:08:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:17:64:cb:bf:3f:ea:3c:ac:b4:be:06:64:72:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c20e65caddbecd48d2f87787993113842bdfce5d
Validity
Not Before: Jan 1 12:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66158c960ffafe3e6002b50759d85abf4550b2ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:d9:9f:e9:05:07:a3:de:38:f6:97:d9:70:4a:
d3:6f:ca:19:a4:ce:b1:c3:15:89:9c:64:2b:2d:8f:
fd:57:33:85:4c:1e:c9:30:d0:88:4f:c2:d0:dc:da:
aa:62:a8:b5:45:70:31:dc:ff:11:42:0f:33:a7:e6:
50:95:7f:ab:c1:0d:41:7a:fb:86:73:19:5d:23:c6:
78:4d:86:fd:99:f1:b4:e1:a2:16:d8:75:79:1c:30:
f9:47:7c:1c:87:d2:7e:50:f0:31:c9:12:4d:f0:79:
d6:a3:d3:d5:10:a8:f0:43:e4:5f:2d:1b:db:a7:b8:
5f:11:1d:78:a7:ce:52:1b:53:09:5c:67:ba:f9:d0:
32:6f:d7:b1:99:e7:21:e1:c1:e3:2c:a6:75:51:3a:
b2:09:f2:c5:f8:95:fe:b2:9b:12:be:d4:67:c8:ba:
4d:83:7c:a6:af:d7:ec:22:16:67:82:6d:17:9c:fe:
3e:90:77:b8:ac:39:54:8e:b0:ec:c1:99:9d:29:54:
4a:de:ec:21:bc:ea:6d:e4:8b:9f:4d:60:87:fc:19:
12:8e:f6:a4:01:1f:28:db:cd:f8:5e:5f:95:03:92:
57:35:d5:d6:45:1b:f9:7d:3e:47:99:94:53:ec:7c:
c4:8a:84:d6:a2:71:5f:51:b6:da:a4:14:f7:94:65:
0c:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:15:8C:96:0F:FA:FE:3E:60:02:B5:07:59:D8:5A:BF:45:50:B2:EE
X509v3 Authority Key Identifier:
keyid:C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/ZhWMlg_6_j5gArUHWdhav0VQsu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.84.0/22
195.64.154.0/23
195.88.242.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:67:33:0e:f4:1d:23:f0:35:82:37:91:3d:ed:04:42:a0:db:
e0:a3:4d:ec:3f:e4:68:f8:1d:a2:e8:d6:a2:29:63:62:61:5a:
7d:ea:69:e9:bf:d6:26:fa:d0:d0:94:e5:0b:6c:a6:df:61:76:
9e:4a:01:4f:ef:a2:23:c5:9e:31:31:bc:19:6e:3a:a2:b9:f4:
0b:d6:2a:06:b5:8b:8a:8c:d6:7d:f7:9d:d0:5e:82:11:c1:4e:
ab:2b:75:05:ed:52:15:2b:ba:57:03:ea:71:2c:b2:5a:f1:a7:
c7:8c:1e:13:69:36:04:a5:0b:89:ad:0e:aa:9f:2e:5f:a2:ec:
88:bd:7b:3a:44:6d:01:80:3e:d0:c6:07:62:71:14:db:cb:c8:
5e:38:9c:3c:fd:a2:cd:49:31:94:6f:81:ff:dc:a0:e1:cc:2f:
43:88:26:15:92:f9:d8:f1:5a:99:51:aa:ca:44:09:40:67:7c:
45:a5:75:14:0e:c7:9e:b7:32:97:1f:f7:5e:aa:54:55:70:d2:
04:01:15:f9:5c:e3:7c:7b:9a:6c:4c:66:d6:8d:a7:f3:be:da:
fb:fd:1a:bb:12:50:69:e9:e3:72:e0:a8:bc:39:61:79:12:93:
fb:28:b4:ee:6d:60:45:5e:32:66:85:71:3d:44:f6:e9:7e:e4:
f8:a4:7e:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFABdky78/6jystL4GZHLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMGU2NWNhZGRiZWNkNDhkMmY4Nzc4Nzk5MzExMzg0MmJk
ZmNlNWQwHhcNMjQwMTAxMTIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjE1OGM5NjBmZmFmZTNlNjAwMmI1MDc1OWQ4NWFiZjQ1NTBiMmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjdmf6QUHo9449pfZcErTb8oZpM6x
wxWJnGQrLY/9VzOFTB7JMNCIT8LQ3NqqYqi1RXAx3P8RQg8zp+ZQlX+rwQ1BevuG
cxldI8Z4TYb9mfG04aIW2HV5HDD5R3wch9J+UPAxyRJN8HnWo9PVEKjwQ+RfLRvb
p7hfER14p85SG1MJXGe6+dAyb9exmech4cHjLKZ1UTqyCfLF+JX+spsSvtRnyLpN
g3ymr9fsIhZngm0XnP4+kHe4rDlUjrDswZmdKVRK3uwhvOpt5IufTWCH/BkSjvak
AR8o2834Xl+VA5JXNdXWRRv5fT5HmZRT7HzEioTWonFfUbbapBT3lGUMsQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGYVjJYP+v4+YAK1B1nYWr9FULLuMB8GA1UdIwQY
MBaAFMIOZcrdvs1I0vh3h5kxE4Qr385dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2It
N2VmYWE0YTc0Zjk3LzEvWmhXTWxnXzZfajVnQXJVSFdkaGF2MFZRc3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2ItN2VmYWE0YTc0Zjk3
LzEvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+dUAwQB
w0CaAwQBw1jyMA0GCSqGSIb3DQEBCwUAA4IBAQAeZzMO9B0j8DWCN5E97QRCoNvg
o03sP+Ro+B2i6NaiKWNiYVp96mnpv9Ym+tDQlOULbKbfYXaeSgFP76IjxZ4xMbwZ
bjqiufQL1ioGtYuKjNZ9953QXoIRwU6rK3UF7VIVK7pXA+pxLLJa8afHjB4TaTYE
pQuJrQ6qny5fouyIvXs6RG0BgD7QxgdicRTby8heOJw8/aLNSTGUb4H/3KDhzC9D
iCYVkvnY8VqZUarKRAlAZ3xFpXUUDseetzKXH/deqlRVcNIEARX5XON8e5psTGbW
jafzvtr7/Rq7ElBp6eNy4Ki8OWF5EpP7KLTubWBFXjJmhXE9RPbpfuT4pH5l
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:41 2025 by rpki-client