Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/ZG6Qv-Ee-vfzy7ieSCLaEW5TVgg.roa
File: ZG6Qv-Ee-vfzy7ieSCLaEW5TVgg.roa (raw, json)
Hash identifier: QNW7XukrJcDdZbJREiHpX1NrelMOrzegHwzSMihfmbc=
Subject key identifier: 64:6E:90:BF:E1:1E:FA:F7:F3:CB:B8:9E:48:22:DA:11:6E:53:56:08
Certificate issuer: /CN=5ad9f5beb6933484541ce56282c989ed6e8bdba3
Certificate serial: 01939B12A26281DDCA2F6779AEEDAE8C0250
Authority key identifier: 5A:D9:F5:BE:B6:93:34:84:54:1C:E5:62:82:C9:89:ED:6E:8B:DB:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wtn1vraTNIRUHOVigsmJ7W6L26M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/ZG6Qv-Ee-vfzy7ieSCLaEW5TVgg.roa
Signing time: Fri 06 Dec 2024 08:25:09 +0000
ROA not before: Fri 06 Dec 2024 08:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39217
IP address blocks: 185.53.148.0/22 maxlen: 22
185.53.148.0/24 maxlen: 24
185.132.168.0/22 maxlen: 22
185.173.244.0/24 maxlen: 24
194.79.56.0/22 maxlen: 22
2a00:4760::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 11 Dec 2024 08:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:12:a2:62:81:dd:ca:2f:67:79:ae:ed:ae:8c:02:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad9f5beb6933484541ce56282c989ed6e8bdba3
Validity
Not Before: Dec 6 08:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=646e90bfe11efaf7f3cbb89e4822da116e535608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:16:17:82:47:58:ba:c3:f2:d4:e9:f7:c2:4c:
6f:53:4e:a3:c2:8c:be:7a:7c:51:b6:4a:ab:db:2a:
cf:9e:e9:54:fc:d9:ce:1c:7b:6c:79:1a:b7:04:fe:
0b:45:c1:7e:89:5d:a9:a0:91:26:f2:63:2e:19:09:
1a:7f:15:0c:99:7a:08:a0:ff:73:0d:8c:6b:13:86:
58:d4:fb:1d:6f:6b:71:8b:ee:b5:7b:bc:a4:6f:f8:
49:89:0a:a2:db:a3:d2:c9:bf:12:d6:eb:e8:ec:b8:
0c:36:12:67:50:09:80:4d:18:ac:3c:d5:ec:71:91:
dd:73:33:39:1c:f5:cd:fe:36:ff:e2:c2:ee:31:17:
87:fb:dc:6b:2b:cb:16:67:3a:9d:fd:98:f4:7b:bb:
0b:48:47:40:d3:25:fa:32:04:45:43:74:43:29:82:
67:2d:95:1c:05:f7:91:0e:c3:39:69:51:da:73:86:
9f:10:1b:8e:0d:a0:91:79:76:81:40:2e:25:30:ce:
e2:70:1d:8f:3e:01:f3:e0:8a:d7:69:bc:db:43:2b:
6a:e5:57:37:50:26:1c:d4:af:5a:3e:72:41:52:f0:
4c:06:b8:a7:9d:b1:88:df:d2:d8:d3:66:28:b6:b9:
d3:17:80:37:93:18:ed:f1:4f:32:9f:14:de:df:9a:
53:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6E:90:BF:E1:1E:FA:F7:F3:CB:B8:9E:48:22:DA:11:6E:53:56:08
X509v3 Authority Key Identifier:
keyid:5A:D9:F5:BE:B6:93:34:84:54:1C:E5:62:82:C9:89:ED:6E:8B:DB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wtn1vraTNIRUHOVigsmJ7W6L26M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/ZG6Qv-Ee-vfzy7ieSCLaEW5TVgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/Wtn1vraTNIRUHOVigsmJ7W6L26M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.148.0/22
185.132.168.0/22
185.173.244.0/24
194.79.56.0/22
IPv6:
2a00:4760::/32
Signature Algorithm: sha256WithRSAEncryption
62:fc:cd:77:a4:46:61:4c:aa:02:11:50:52:88:ef:5b:db:0c:
f2:ec:3b:76:5f:76:4a:68:10:10:62:1f:cf:50:27:dd:77:9f:
70:81:82:b9:14:e5:8d:c4:a7:39:56:bf:e5:69:8a:27:53:d1:
10:a8:4f:51:a6:06:3f:06:7e:3a:56:13:f5:da:49:46:a0:02:
a7:af:77:f3:f7:f3:06:64:11:9e:97:c7:79:2f:0f:2e:17:60:
d7:03:b4:f3:9a:db:bb:b4:89:3b:41:c3:ec:01:dd:89:93:d5:
46:46:75:ed:09:6b:af:6b:bf:38:8e:4b:e2:9e:2b:bd:5b:cd:
fe:4a:61:d4:c3:5e:b3:9a:2b:0d:b1:99:46:14:5f:ba:25:35:
9c:00:ea:f9:d4:e4:21:1c:be:9e:72:3a:e2:60:1d:29:05:62:
c4:10:0c:23:24:ad:7f:7f:3f:4e:dc:71:ae:75:a3:80:a1:dc:
a2:87:72:42:25:aa:9d:d9:75:1e:ac:1a:20:a5:7c:9d:43:fc:
25:8e:c4:87:62:62:6a:76:d9:8f:bb:50:73:65:07:05:61:05:
eb:62:2b:85:98:05:d7:7a:66:32:74:3b:ec:f9:b2:18:63:31:
a8:9c:eb:4a:fc:df:1b:0f:81:77:e2:35:ca:22:1a:4d:a9:3e:
66:06:99:b0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZObEqJigd3KL2d5ru2ujAJQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDlmNWJlYjY5MzM0ODQ1NDFjZTU2MjgyYzk4OWVkNmU4
YmRiYTMwHhcNMjQxMjA2MDgyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZlOTBiZmUxMWVmYWY3ZjNjYmI4OWU0ODIyZGExMTZlNTM1NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyBYXgkdYusPy1On3wkxvU06jwoy+
enxRtkqr2yrPnulU/NnOHHtseRq3BP4LRcF+iV2poJEm8mMuGQkafxUMmXoIoP9z
DYxrE4ZY1Psdb2txi+61e7ykb/hJiQqi26PSyb8S1uvo7LgMNhJnUAmATRisPNXs
cZHdczM5HPXN/jb/4sLuMReH+9xrK8sWZzqd/Zj0e7sLSEdA0yX6MgRFQ3RDKYJn
LZUcBfeRDsM5aVHac4afEBuODaCReXaBQC4lMM7icB2PPgHz4IrXabzbQytq5Vc3
UCYc1K9aPnJBUvBMBrinnbGI39LY02YotrnTF4A3kxjt8U8ynxTe35pT2QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGRukL/hHvr388u4nkgi2hFuU1YIMB8GA1UdIwQY
MBaAFFrZ9b62kzSEVBzlYoLJie1ui9ujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RuMXZyYVROSVJVSE9WaWdzbUo3VzZMMjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kYWM3MGYtZjE3Mi00NGNlLTliZTUt
NWFmODllNmNkMDU1LzEvWkc2UXYtRWUtdmZ6eTdpZVNDTGFFVzVUVmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kYWM3MGYtZjE3Mi00NGNlLTliZTUtNWFmODllNmNkMDU1
LzEvV3RuMXZyYVROSVJVSE9WaWdzbUo3VzZMMjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuTWUAwQC
uYSoAwQAua30AwQCwk84MA0EAgACMAcDBQAqAEdgMA0GCSqGSIb3DQEBCwUAA4IB
AQBi/M13pEZhTKoCEVBSiO9b2wzy7Dt2X3ZKaBAQYh/PUCfdd59wgYK5FOWNxKc5
Vr/laYonU9EQqE9RpgY/Bn46VhP12klGoAKnr3fz9/MGZBGel8d5Lw8uF2DXA7Tz
mtu7tIk7QcPsAd2Jk9VGRnXtCWuva784jkviniu9W83+SmHUw16zmisNsZlGFF+6
JTWcAOr51OQhHL6ecjriYB0pBWLEEAwjJK1/fz9O3HGudaOAodyih3JCJaqd2XUe
rBogpXydQ/wljsSHYmJqdtmPu1BzZQcFYQXrYiuFmAXXemYydDvs+bIYYzGonOtK
/N8bD4F34jXKIhpNqT5mBpmw
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:08:18 2025 by rpki-client