Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/ZHFGpFGt78oZlpH1OmEusqYSiUM.roa
File: ZHFGpFGt78oZlpH1OmEusqYSiUM.roa (raw, json)
Hash identifier: WIDwuB0Idp0QTy5UHI59SLrR6FpnSKV5H7ebZaZMNVQ=
Subject key identifier: 64:71:46:A4:51:AD:EF:CA:19:96:91:F5:3A:61:2E:B2:A6:12:89:43
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 018DE2378EEAE18680345717D18467A876CD
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/ZHFGpFGt78oZlpH1OmEusqYSiUM.roa
Signing time: Sun 25 Feb 2024 21:41:48 +0000
ROA not before: Sun 25 Feb 2024 21:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
Validation: Failed, certificate revoked on Tue 12 Mar 2024 09:30:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e2:37:8e:ea:e1:86:80:34:57:17:d1:84:67:a8:76:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Feb 25 21:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=647146a451adefca199691f53a612eb2a6128943
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cc:b6:2e:95:67:bc:4d:76:8c:6c:6a:b6:be:
bc:ff:60:97:74:7b:c4:24:e8:a3:2a:56:3a:e6:1e:
36:71:85:a0:7d:2b:78:d1:eb:e1:d9:79:48:af:e8:
d8:3c:64:a2:cc:66:15:f7:90:09:ed:84:c9:a4:b7:
27:cb:10:63:0d:1e:2a:6f:87:31:12:ba:d2:c6:01:
cb:39:ac:f2:e0:9e:36:e9:ec:3e:b6:17:6d:d2:19:
75:2c:67:1d:b8:b4:3c:45:05:08:48:a0:1a:0c:37:
c7:2c:e3:c3:a4:7b:9d:78:cf:d0:62:6e:7f:ae:60:
20:be:82:53:51:73:fb:4b:f1:32:94:99:32:21:3b:
80:ae:1e:bf:3f:ef:08:5c:fd:d3:b6:e9:7f:90:8a:
c8:fd:53:45:e6:12:e7:7c:1c:f6:5f:ef:aa:49:8d:
ff:c5:0c:50:c0:8e:7e:88:a4:aa:94:e2:fd:1a:aa:
cf:90:4a:be:ae:45:e7:e8:6b:cc:ad:28:64:37:29:
cf:23:f6:d6:b4:7c:16:25:82:bc:8c:7d:fc:43:e4:
dd:e7:08:0a:f5:05:29:9c:17:1d:49:ec:b8:82:98:
13:a5:68:c9:ed:7d:f0:86:10:98:04:87:3c:e6:4a:
fd:f0:a4:3a:1e:da:37:95:a5:83:9d:a1:5b:2b:86:
df:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:71:46:A4:51:AD:EF:CA:19:96:91:F5:3A:61:2E:B2:A6:12:89:43
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/ZHFGpFGt78oZlpH1OmEusqYSiUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
IPv6:
2a14:3f80:8::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
86:d9:2f:81:79:49:b6:32:7c:7c:99:d2:53:e7:6b:75:d4:71:
f2:a9:ec:52:df:da:32:89:87:64:49:bd:c4:17:fe:0a:d1:0c:
fa:9a:02:d0:4c:14:56:6e:b2:32:97:6d:02:dc:a7:0b:22:e2:
43:d2:1b:11:df:5b:1c:f9:eb:54:fa:dc:ea:a3:e9:ac:f8:f2:
7c:62:3d:24:16:e1:41:d6:9d:14:f5:51:a3:95:f5:03:96:c8:
d5:62:18:e3:ae:65:80:a2:5c:ff:8d:c2:b0:c1:a2:3d:ea:9d:
d3:c4:3b:ab:6e:fe:48:0c:65:94:2f:c5:c7:72:53:44:52:9f:
40:39:0f:fc:31:88:72:ee:eb:72:59:e8:64:12:69:9b:87:e2:
56:fa:3b:bc:08:3b:a1:21:49:9e:77:a1:46:5b:2f:7a:0e:2d:
6b:80:88:31:14:0d:43:d1:c6:7d:8a:97:e4:46:f2:59:b9:e5:
07:ca:11:2e:05:0c:a4:64:aa:e4:21:50:5c:82:75:c4:34:9b:
9f:01:96:ce:2f:42:91:52:09:0b:63:03:e3:cc:46:48:0e:9d:
d0:c9:48:c8:b4:b8:5c:90:8c:38:e6:c4:a8:b2:dd:0e:62:d2:
e4:e4:00:16:d4:97:bb:78:e7:80:f6:e2:36:05:dd:3e:32:fe:
f0:40:11:7d
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY3iN47q4YaANFcX0YRnqHbNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjQwMjI1MjE0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDcxNDZhNDUxYWRlZmNhMTk5NjkxZjUzYTYxMmViMmE2MTI4OTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMy2LpVnvE12jGxqtr68/2CXdHvE
JOijKlY65h42cYWgfSt40evh2XlIr+jYPGSizGYV95AJ7YTJpLcnyxBjDR4qb4cx
ErrSxgHLOazy4J426ew+thdt0hl1LGcduLQ8RQUISKAaDDfHLOPDpHudeM/QYm5/
rmAgvoJTUXP7S/EylJkyITuArh6/P+8IXP3Ttul/kIrI/VNF5hLnfBz2X++qSY3/
xQxQwI5+iKSqlOL9GqrPkEq+rkXn6GvMrShkNynPI/bWtHwWJYK8jH38Q+Td5wgK
9QUpnBcdSey4gpgTpWjJ7X3whhCYBIc85kr98KQ6Hto3laWDnaFbK4bf+wIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFGRxRqRRre/KGZaR9TphLrKmEolDMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvWkhGR3BGR3Q3OG9abHBIMU9tRXVzcVlTaVVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAYBAIAATASAwQAueEYAwQA
ueEaAwQAwL2dMBoEAgACMBQwEgMHAyoUP4AACAMHBCoUP4AAIDANBgkqhkiG9w0B
AQsFAAOCAQEAhtkvgXlJtjJ8fJnSU+drddRx8qnsUt/aMomHZEm9xBf+CtEM+poC
0EwUVm6yMpdtAtynCyLiQ9IbEd9bHPnrVPrc6qPprPjyfGI9JBbhQdadFPVRo5X1
A5bI1WIY465lgKJc/43CsMGiPeqd08Q7q27+SAxllC/Fx3JTRFKfQDkP/DGIcu7r
clnoZBJpm4fiVvo7vAg7oSFJnnehRlsveg4ta4CIMRQNQ9HGfYqX5EbyWbnlB8oR
LgUMpGSq5CFQXIJ1xDSbnwGWzi9CkVIJC2MD48xGSA6d0MlIyLS4XJCMOObEqLLd
DmLS5OQAFtSXu3jngPbiNgXdPjL+8EARfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:14 2024 by rpki-client on console-fra.rpki-client.org