Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/zEG20Oh4thNMbsg6qxG6Trb6XCQ.roa
File: zEG20Oh4thNMbsg6qxG6Trb6XCQ.roa (raw, json)
Hash identifier: yu+D1eBe7DTpWQ9sxhbkkaib3yu/4DfIcGUVTjI5Qis=
Subject key identifier: CC:41:B6:D0:E8:78:B6:13:4C:6E:C8:3A:AB:11:BA:4E:B6:FA:5C:24
Certificate issuer: /CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Certificate serial: 018CF3B16EF8F5CED88E55F0F4C26ACF37AD
Authority key identifier: D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/zEG20Oh4thNMbsg6qxG6Trb6XCQ.roa
Signing time: Wed 10 Jan 2024 14:05:40 +0000
ROA not before: Wed 10 Jan 2024 14:05:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57922
IP address blocks: 185.133.124.0/24 maxlen: 24
5.250.253.0/24 maxlen: 24
2a0f:4d00:1::/48 maxlen: 48
2a0f:4d00::/29 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:b1:6e:f8:f5:ce:d8:8e:55:f0:f4:c2:6a:cf:37:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d43b22130aa9a7734254769ec13bfe171fa1e28b
Validity
Not Before: Jan 10 14:05:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc41b6d0e878b6134c6ec83aab11ba4eb6fa5c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9e:96:58:f1:fe:fe:36:2d:3c:3d:c8:36:42:
7e:16:09:22:14:53:83:f5:df:70:72:02:ef:ba:96:
f1:dc:24:f1:b3:4b:93:a5:7f:33:09:94:54:87:bf:
1b:94:62:6c:c4:7d:5e:7d:b9:ea:78:09:be:d6:07:
18:9c:4b:d8:6d:39:ba:76:e7:de:04:75:b9:e7:69:
b0:3a:19:e1:74:db:ad:72:0b:2d:52:ed:44:4a:89:
a7:e9:a8:47:19:e3:64:51:48:0c:02:40:64:76:d2:
04:81:20:44:7e:c1:98:d1:75:2d:2a:b6:ab:bf:02:
c9:62:c0:a4:d5:b9:a2:e4:86:13:e7:7f:ca:12:cd:
2f:ea:f4:29:ec:16:bf:0b:b6:52:d6:33:a1:e5:af:
3a:58:8c:3d:13:9f:35:8e:98:84:90:bd:f4:a5:b1:
e6:b3:fc:c2:8e:b8:45:b2:d1:b9:34:1e:66:e3:d3:
78:0f:f9:a9:3f:15:76:fb:68:98:b9:f6:af:c0:da:
8b:03:01:29:0e:02:da:2c:00:12:0a:b1:ea:ae:69:
c7:ea:62:06:6b:31:5e:95:d2:38:88:72:75:a4:1d:
ee:b6:f9:c5:b2:5d:77:8c:0f:67:8f:67:40:d9:38:
cf:1f:42:63:53:f1:52:db:58:49:af:24:57:99:77:
ea:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:41:B6:D0:E8:78:B6:13:4C:6E:C8:3A:AB:11:BA:4E:B6:FA:5C:24
X509v3 Authority Key Identifier:
keyid:D4:3B:22:13:0A:A9:A7:73:42:54:76:9E:C1:3B:FE:17:1F:A1:E2:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DsiEwqpp3NCVHaewTv-Fx-h4os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/zEG20Oh4thNMbsg6qxG6Trb6XCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/080569-3bb5-46de-82ba-a630c2ea23f9/1/1DsiEwqpp3NCVHaewTv-Fx-h4os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.253.0/24
185.133.124.0/24
IPv6:
2a0f:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
5a:30:1e:e6:7e:74:13:0b:3a:4c:22:c7:ae:bb:ec:9c:ac:50:
46:be:5f:87:ea:3b:66:2b:21:5b:5e:09:a6:bd:69:f6:e9:b2:
06:85:49:7a:0b:51:17:6c:4a:14:f7:f6:07:ad:42:0e:2d:40:
90:f3:5d:44:4a:ea:96:9d:50:a6:79:b9:cd:0e:07:cc:cc:bf:
c2:a3:6d:1a:a8:2b:2e:5f:8f:d1:7c:32:2e:8a:7b:5d:2c:ce:
16:4d:58:4a:54:c7:e7:48:66:07:76:20:5a:e9:c9:cd:d6:37:
5c:26:a2:d5:96:e3:48:f3:6e:34:4d:13:d8:8f:e7:a6:13:f5:
42:2c:ae:26:9c:a2:fb:b2:18:a0:02:7d:51:3c:53:8c:8d:c0:
90:41:a2:4d:b3:0c:84:56:e2:05:fd:9d:67:82:d7:7c:55:ba:
c2:75:e6:9d:90:94:5d:61:4f:06:25:8e:12:b5:45:78:b0:21:
2d:44:cf:8e:e2:84:c5:55:1b:03:4f:0c:ad:97:e5:28:8c:24:
11:48:56:4a:83:70:cf:76:5a:23:2e:76:4c:92:da:e6:77:fb:
6a:52:4d:ef:4e:7f:4a:52:ff:bc:32:a0:d5:c7:2c:92:12:3e:
2d:a5:52:c7:c8:4d:75:fa:ee:5a:c1:52:91:2d:d6:01:79:1d:
7c:eb:d1:d5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzzsW749c7YjlXw9MJqzzetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0M2IyMjEzMGFhOWE3NzM0MjU0NzY5ZWMxM2JmZTE3MWZh
MWUyOGIwHhcNMjQwMTEwMTQwNTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQxYjZkMGU4NzhiNjEzNGM2ZWM4M2FhYjExYmE0ZWI2ZmE1YzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJ6WWPH+/jYtPD3INkJ+FgkiFFOD
9d9wcgLvupbx3CTxs0uTpX8zCZRUh78blGJsxH1efbnqeAm+1gcYnEvYbTm6dufe
BHW552mwOhnhdNutcgstUu1ESomn6ahHGeNkUUgMAkBkdtIEgSBEfsGY0XUtKrar
vwLJYsCk1bmi5IYT53/KEs0v6vQp7Ba/C7ZS1jOh5a86WIw9E581jpiEkL30pbHm
s/zCjrhFstG5NB5m49N4D/mpPxV2+2iYufavwNqLAwEpDgLaLAASCrHqrmnH6mIG
azFeldI4iHJ1pB3utvnFsl13jA9nj2dA2TjPH0JjU/FS21hJryRXmXfq1wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMxBttDoeLYTTG7IOqsRuk62+lwkMB8GA1UdIwQY
MBaAFNQ7IhMKqadzQlR2nsE7/hcfoeKLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEt
YTYzMGMyZWEyM2Y5LzEvekVHMjBPaDR0aE5NYnNnNnF4RzZUcmI2WENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wODA1NjktM2JiNS00NmRlLTgyYmEtYTYzMGMyZWEyM2Y5
LzEvMURzaUV3cXBwM05DVkhhZXdUdi1GeC1oNG9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQABfr9AwQA
uYV8MA0EAgACMAcDBQMqD00AMA0GCSqGSIb3DQEBCwUAA4IBAQBaMB7mfnQTCzpM
Iseuu+ycrFBGvl+H6jtmKyFbXgmmvWn26bIGhUl6C1EXbEoU9/YHrUIOLUCQ811E
SuqWnVCmebnNDgfMzL/Co20aqCsuX4/RfDIuintdLM4WTVhKVMfnSGYHdiBa6cnN
1jdcJqLVluNI8240TRPYj+emE/VCLK4mnKL7shigAn1RPFOMjcCQQaJNswyEVuIF
/Z1ngtd8VbrCdeadkJRdYU8GJY4StUV4sCEtRM+O4oTFVRsDTwytl+UojCQRSFZK
g3DPdlojLnZMktrmd/tqUk3vTn9KUv+8MqDVxyySEj4tpVLHyE11+u5awVKRLdYB
eR1869HV
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:03 2025 by rpki-client