Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/zv5q8qXq497-wre0fj-tTMwpe8A.roa
File: zv5q8qXq497-wre0fj-tTMwpe8A.roa (raw, json)
Hash identifier: Dg27iWi4tbGyl07i9oA2gT5j9wDkYibvmvFTA8nEDDA=
Subject key identifier: CE:FE:6A:F2:A5:EA:E3:DE:FE:C2:B7:B4:7E:3F:AD:4C:CC:29:7B:C0
Certificate issuer: /CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Certificate serial: 018DE5B432807857F9D16B713E081FDF1BD2
Authority key identifier: 11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/zv5q8qXq497-wre0fj-tTMwpe8A.roa
Signing time: Mon 26 Feb 2024 13:56:48 +0000
ROA not before: Mon 26 Feb 2024 13:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 185.227.64.0/22 maxlen: 22
185.255.208.0/22 maxlen: 22
185.255.208.0/24 maxlen: 24
2a0a:4b80::/30 maxlen: 30
2a0a:4b84::/30 maxlen: 30
Validation: Failed, certificate revoked on Sun 21 Jul 2024 09:49:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e5:b4:32:80:78:57:f9:d1:6b:71:3e:08:1f:df:1b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11bc40bcab5e9053ab6db7d19e2a38df1b6f9a4b
Validity
Not Before: Feb 26 13:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cefe6af2a5eae3defec2b7b47e3fad4ccc297bc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bb:d4:db:84:c1:aa:2f:0c:f1:85:56:d8:44:
43:44:26:25:9b:dc:c0:d0:25:77:3d:bb:16:8e:f6:
2e:4f:38:a2:d1:b7:6f:90:ae:ab:2c:2e:d2:6d:82:
df:96:da:e6:fe:3e:da:b7:0c:cb:94:be:8a:03:9e:
06:73:2d:8a:2d:28:f8:4b:91:d9:fc:6e:4e:e8:1f:
f5:7e:f1:66:25:02:01:a6:ad:85:b9:e5:b9:33:e8:
65:9c:a3:58:7e:fa:85:65:df:43:f6:ca:3d:02:57:
35:5f:4c:22:7f:38:2d:c0:ea:55:23:40:36:ca:39:
b2:27:ff:2a:ac:d8:a2:af:df:aa:57:33:cc:8d:8c:
4b:91:d2:d0:07:70:82:a7:d7:24:7c:03:5e:7a:f6:
fa:90:f5:a3:7f:e1:b4:1e:4f:bd:63:91:de:a2:5e:
34:f8:20:c5:27:51:29:f9:20:fe:97:e8:21:40:e3:
1c:79:0d:ce:6b:07:c6:ed:c2:1c:59:43:fa:28:e5:
ff:a8:79:34:2d:53:cb:e2:b8:ac:4b:91:d8:9a:dd:
3a:19:68:c5:52:21:15:de:47:28:28:98:6f:27:81:
09:d0:16:84:1e:f7:c7:a5:ee:7e:4c:2a:48:9c:55:
c0:e5:fc:50:d7:19:23:6a:c3:b2:86:99:c2:2f:b8:
13:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:FE:6A:F2:A5:EA:E3:DE:FE:C2:B7:B4:7E:3F:AD:4C:CC:29:7B:C0
X509v3 Authority Key Identifier:
keyid:11:BC:40:BC:AB:5E:90:53:AB:6D:B7:D1:9E:2A:38:DF:1B:6F:9A:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbxAvKtekFOrbbfRnio43xtvmks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/zv5q8qXq497-wre0fj-tTMwpe8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/daffb6-8bdf-411d-b6c4-ae4f84e16ca1/1/EbxAvKtekFOrbbfRnio43xtvmks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.64.0/22
185.255.208.0/22
IPv6:
2a0a:4b80::/29
Signature Algorithm: sha256WithRSAEncryption
7c:ff:ee:fe:59:73:fb:a3:7f:f0:f4:5f:50:60:2b:ca:1d:a0:
a9:ce:33:23:5c:82:91:55:93:45:04:9d:da:b4:fc:e5:8d:ed:
ee:58:f5:a8:31:01:c8:26:73:44:b4:38:2e:31:3e:f5:07:86:
ff:0e:91:f9:b8:c1:5f:21:f2:c1:df:91:c2:ea:37:19:2a:bc:
9f:fb:ec:17:3b:c2:c6:aa:b5:f8:b8:1b:5a:5e:bc:58:b8:39:
61:2c:21:1e:96:dd:21:dd:e3:4a:ed:fe:64:5d:6c:15:41:e8:
cd:4f:40:10:30:78:55:51:b1:2b:58:30:cf:c8:f8:8d:14:38:
c6:57:d8:c6:03:c5:51:49:0f:1a:82:92:3c:7b:8b:6c:da:4d:
12:88:0c:12:e0:0b:0c:85:f4:f5:72:59:65:45:a3:ea:7c:17:
d0:92:dc:8a:51:64:47:ef:7a:81:e7:d2:a7:4f:20:4c:b4:e1:
76:ee:d9:36:2b:f4:65:c4:26:ad:67:62:c3:f2:b5:cd:c0:be:
6d:d1:c1:ea:7a:81:14:dd:c7:dd:d3:37:80:03:05:fb:ac:d0:
f1:76:c3:43:df:a7:1d:4f:04:37:58:28:26:58:40:2d:f7:cd:
84:9e:0f:b3:17:79:d8:76:65:b2:b6:dc:1f:27:7f:f1:4f:c7:
bc:38:d3:d1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY3ltDKAeFf50WtxPggf3xvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYmM0MGJjYWI1ZTkwNTNhYjZkYjdkMTllMmEzOGRmMWI2
ZjlhNGIwHhcNMjQwMjI2MTM1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWZlNmFmMmE1ZWFlM2RlZmVjMmI3YjQ3ZTNmYWQ0Y2NjMjk3YmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7vU24TBqi8M8YVW2ERDRCYlm9zA
0CV3PbsWjvYuTzii0bdvkK6rLC7SbYLfltrm/j7atwzLlL6KA54Gcy2KLSj4S5HZ
/G5O6B/1fvFmJQIBpq2FueW5M+hlnKNYfvqFZd9D9so9Alc1X0wifzgtwOpVI0A2
yjmyJ/8qrNiir9+qVzPMjYxLkdLQB3CCp9ckfANeevb6kPWjf+G0Hk+9Y5Heol40
+CDFJ1Ep+SD+l+ghQOMceQ3OawfG7cIcWUP6KOX/qHk0LVPL4risS5HYmt06GWjF
UiEV3kcoKJhvJ4EJ0BaEHvfHpe5+TCpInFXA5fxQ1xkjasOyhpnCL7gT/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM7+avKl6uPe/sK3tH4/rUzMKXvAMB8GA1UdIwQY
MBaAFBG8QLyrXpBTq2230Z4qON8bb5pLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQt
YWU0Zjg0ZTE2Y2ExLzEvenY1cThxWHE0OTctd3JlMGZqLXRUTXdwZThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYWZmYjYtOGJkZi00MTFkLWI2YzQtYWU0Zjg0ZTE2Y2Ex
LzEvRWJ4QXZLdGVrRk9yYmJmUm5pbzQzeHR2bWtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCueNAAwQC
uf/QMA0EAgACMAcDBQMqCkuAMA0GCSqGSIb3DQEBCwUAA4IBAQB8/+7+WXP7o3/w
9F9QYCvKHaCpzjMjXIKRVZNFBJ3atPzlje3uWPWoMQHIJnNEtDguMT71B4b/DpH5
uMFfIfLB35HC6jcZKryf++wXO8LGqrX4uBtaXrxYuDlhLCEelt0h3eNK7f5kXWwV
QejNT0AQMHhVUbErWDDPyPiNFDjGV9jGA8VRSQ8agpI8e4ts2k0SiAwS4AsMhfT1
clllRaPqfBfQktyKUWRH73qB59KnTyBMtOF27tk2K/RlxCatZ2LD8rXNwL5t0cHq
eoEU3cfd0zeAAwX7rNDxdsND36cdTwQ3WCgmWEAt982Eng+zF3nYdmWyttwfJ3/x
T8e8ONPR
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:10 2025 by rpki-client