Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/ZCIYbveBzPwOtAOjTbp-pW8S2KQ.roa
File: ZCIYbveBzPwOtAOjTbp-pW8S2KQ.roa (raw, json)
Hash identifier: QF0nml+XaqUmTK70dWtkILMYckm8sags1g3iwl+elNw=
Subject key identifier: 64:22:18:6E:F7:81:CC:FC:0E:B4:03:A3:4D:BA:7E:A5:6F:12:D8:A4
Certificate issuer: /CN=15ffa042114301368b4069abd68a1efbac47fdce
Certificate serial: 018CCA29F8ED09E75E52449F793288622CC2
Authority key identifier: 15:FF:A0:42:11:43:01:36:8B:40:69:AB:D6:8A:1E:FB:AC:47:FD:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ff-gQhFDATaLQGmr1ooe-6xH_c4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/ZCIYbveBzPwOtAOjTbp-pW8S2KQ.roa
Signing time: Tue 02 Jan 2024 12:33:17 +0000
ROA not before: Tue 02 Jan 2024 12:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43852
IP address blocks: 62.215.221.0/24 maxlen: 24
185.95.6.0/24 maxlen: 24
62.215.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:f8:ed:09:e7:5e:52:44:9f:79:32:88:62:2c:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15ffa042114301368b4069abd68a1efbac47fdce
Validity
Not Before: Jan 2 12:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6422186ef781ccfc0eb403a34dba7ea56f12d8a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:76:12:aa:3f:32:46:1f:0e:bd:6a:5b:6b:75:
af:b5:e3:3f:87:0c:17:69:8a:3c:fc:ad:89:a2:4e:
09:67:db:5f:38:bb:fc:a0:eb:ac:0c:ef:f1:45:60:
87:88:6c:da:02:bd:78:bf:b7:4e:ab:f1:81:8d:9b:
17:69:f0:ae:8b:26:92:4e:fd:b8:37:00:8f:1b:dd:
95:4a:b1:50:20:b2:02:63:ff:d3:89:15:ef:f2:64:
3a:3e:7a:55:3d:fc:ad:50:a4:c1:9c:7b:07:a3:1a:
66:a3:72:42:51:43:2d:33:ff:20:c4:47:14:7b:7f:
2d:d5:6e:34:3d:4d:9e:59:da:b0:8c:dd:77:2a:81:
4a:dd:a4:a2:88:2c:6b:9b:0c:be:cf:57:12:8c:a7:
7b:18:5a:ee:82:62:66:e0:e8:f5:78:ad:ec:42:64:
32:d1:0c:60:6d:c3:1d:d8:51:b2:56:96:b0:2b:5a:
1a:be:96:ef:b9:61:be:af:c8:13:98:de:b9:ad:ae:
9f:bd:34:c7:9f:2a:7a:8d:ad:e2:a8:3f:8a:f1:1c:
ca:32:79:d8:72:ed:57:02:4a:20:81:9b:54:09:ed:
96:9f:4c:c0:a5:52:db:f8:35:5f:b9:c3:fd:3c:00:
05:4e:e8:69:30:31:d1:60:73:e8:26:5d:d7:d2:8b:
95:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:22:18:6E:F7:81:CC:FC:0E:B4:03:A3:4D:BA:7E:A5:6F:12:D8:A4
X509v3 Authority Key Identifier:
keyid:15:FF:A0:42:11:43:01:36:8B:40:69:AB:D6:8A:1E:FB:AC:47:FD:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ff-gQhFDATaLQGmr1ooe-6xH_c4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/ZCIYbveBzPwOtAOjTbp-pW8S2KQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/149bc5-51aa-4e7b-8f03-b73a36d939b2/1/Ff-gQhFDATaLQGmr1ooe-6xH_c4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.215.174.0/24
62.215.221.0/24
185.95.6.0/24
Signature Algorithm: sha256WithRSAEncryption
20:f1:9b:e6:fb:a5:45:7e:b6:71:e1:c1:3f:dc:b7:c2:fd:28:
a8:ec:3a:ca:b5:ee:eb:7d:92:ec:9e:f8:fe:19:60:4e:01:22:
62:d3:74:ce:9c:4d:a9:34:12:67:71:ab:d0:72:0c:27:8e:ad:
75:6c:21:7f:20:97:81:c5:8d:a5:81:95:67:5c:a9:f3:dd:c0:
34:06:20:b5:7c:13:84:a2:c8:78:99:6d:6b:e1:d4:c5:3f:ee:
8b:07:4c:0d:d3:02:d6:09:fd:2e:36:d0:c6:5b:98:9a:8e:2a:
f9:85:d3:d3:36:cf:b6:59:64:69:0d:91:78:30:c7:09:d6:a3:
41:45:cc:8e:4c:d5:d8:d7:3e:fa:fb:9c:42:13:c1:89:4c:7b:
ff:d4:7f:1e:0d:b1:46:47:3f:57:68:47:cb:d0:82:30:83:51:
2d:7c:cb:ff:87:df:8c:4a:73:17:b8:36:f2:f8:71:21:56:c6:
ea:d0:d7:cd:71:5c:7c:5f:99:3e:dc:fe:d7:2d:aa:d7:16:59:
49:1f:84:d8:23:ce:95:a1:f2:d8:99:03:b2:93:89:6c:b2:99:
5e:7d:b7:b8:72:3f:96:af:b3:ff:65:de:d8:8b:e9:0e:57:ff:
ca:23:fc:a4:9f:2d:24:9a:21:f8:6e:72:2a:e2:48:40:bc:da:
17:4a:73:4c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKKfjtCedeUkSfeTKIYizCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZmZhMDQyMTE0MzAxMzY4YjQwNjlhYmQ2OGExZWZiYWM0
N2ZkY2UwHhcNMjQwMTAyMTIzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIyMTg2ZWY3ODFjY2ZjMGViNDAzYTM0ZGJhN2VhNTZmMTJkOGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3YSqj8yRh8OvWpba3WvteM/hwwX
aYo8/K2Jok4JZ9tfOLv8oOusDO/xRWCHiGzaAr14v7dOq/GBjZsXafCuiyaSTv24
NwCPG92VSrFQILICY//TiRXv8mQ6PnpVPfytUKTBnHsHoxpmo3JCUUMtM/8gxEcU
e38t1W40PU2eWdqwjN13KoFK3aSiiCxrmwy+z1cSjKd7GFrugmJm4Oj1eK3sQmQy
0QxgbcMd2FGyVpawK1oavpbvuWG+r8gTmN65ra6fvTTHnyp6ja3iqD+K8RzKMnnY
cu1XAkoggZtUCe2Wn0zApVLb+DVfucP9PAAFTuhpMDHRYHPoJl3X0ouV6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGQiGG73gcz8DrQDo026fqVvEtikMB8GA1UdIwQY
MBaAFBX/oEIRQwE2i0Bpq9aKHvusR/3OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmYtZ1FoRkRBVGFMUUdtcjFvb2UtNnhIX2M0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi8xNDliYzUtNTFhYS00ZTdiLThmMDMt
YjczYTM2ZDkzOWIyLzEvWkNJWWJ2ZUJ6UHdPdEFPalRicC1wVzhTMktRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi8xNDliYzUtNTFhYS00ZTdiLThmMDMtYjczYTM2ZDkzOWIy
LzEvRmYtZ1FoRkRBVGFMUUdtcjFvb2UtNnhIX2M0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAPteuAwQA
PtfdAwQAuV8GMA0GCSqGSIb3DQEBCwUAA4IBAQAg8Zvm+6VFfrZx4cE/3LfC/Sio
7DrKte7rfZLsnvj+GWBOASJi03TOnE2pNBJncavQcgwnjq11bCF/IJeBxY2lgZVn
XKnz3cA0BiC1fBOEosh4mW1r4dTFP+6LB0wN0wLWCf0uNtDGW5iajir5hdPTNs+2
WWRpDZF4MMcJ1qNBRcyOTNXY1z76+5xCE8GJTHv/1H8eDbFGRz9XaEfL0IIwg1Et
fMv/h9+MSnMXuDby+HEhVsbq0NfNcVx8X5k+3P7XLarXFllJH4TYI86VofLYmQOy
k4lssplefbe4cj+Wr7P/Zd7Yi+kOV//KI/ykny0kmiH4bnIq4khAvNoXSnNM
-----END CERTIFICATE-----
Generated at Sun Apr 20 19:18:09 2025 by rpki-client