Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/zY3sKUWPig7GWql2H0Hp1dcDz0w.roa
File: zY3sKUWPig7GWql2H0Hp1dcDz0w.roa (raw, json)
Hash identifier: DbELxZGEWocma2+1n9GXb6BFwIetRnbjuF6AUSiVFv4=
Subject key identifier: CD:8D:EC:29:45:8F:8A:0E:C6:5A:A9:76:1F:41:E9:D5:D7:03:CF:4C
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 018CC2DB66ED522ED816231518E5D77FBF07
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/zY3sKUWPig7GWql2H0Hp1dcDz0w.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199487
IP address blocks: 185.9.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:66:ed:52:2e:d8:16:23:15:18:e5:d7:7f:bf:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd8dec29458f8a0ec65aa9761f41e9d5d703cf4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3f:08:91:12:fd:c0:53:b1:3b:b2:56:ea:da:
c9:77:f9:b2:dc:2b:25:de:1f:97:30:45:ab:64:b3:
33:77:72:c8:c0:fe:cb:44:5a:cc:66:8f:54:03:8c:
b7:0e:bd:6b:90:48:e1:02:27:ce:da:35:a3:d4:ce:
82:8a:15:8d:3d:35:20:6f:75:0c:ab:25:2a:bd:d1:
a9:28:f2:8e:95:39:06:53:2d:2d:1d:d5:3c:5f:be:
f0:44:69:75:36:40:ab:f4:ba:f9:97:c1:17:3f:8f:
cd:6d:5b:a2:26:43:b5:7e:1e:7c:ce:66:8c:2d:5d:
89:e4:9a:97:76:7b:40:2e:c2:2c:96:f4:bb:14:58:
5a:be:db:90:1d:44:91:b4:81:05:9b:00:5a:35:e8:
e7:ca:b6:01:e6:84:7b:2d:2e:18:35:f4:47:e9:f6:
96:e5:fd:6b:b5:e2:a4:a1:1a:55:1b:5b:0e:1b:91:
dd:4f:f2:f4:90:72:65:88:8c:74:a8:fc:7d:23:8c:
e2:73:f9:a9:35:a8:03:bb:63:f7:c3:c9:a9:b5:0a:
cd:4c:b2:bb:97:d9:f7:3e:24:a2:b0:8d:54:64:f1:
9c:97:e0:d7:75:a2:e5:ee:f9:a5:4e:ca:95:c3:bc:
55:10:99:24:6f:64:62:9e:db:aa:df:19:af:d5:ad:
51:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8D:EC:29:45:8F:8A:0E:C6:5A:A9:76:1F:41:E9:D5:D7:03:CF:4C
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/zY3sKUWPig7GWql2H0Hp1dcDz0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.21.0/24
Signature Algorithm: sha256WithRSAEncryption
34:20:6e:87:c7:49:00:66:2a:1a:2f:90:9c:72:0f:7f:d9:e3:
05:e5:93:f1:84:5a:be:06:c9:4d:9a:2c:09:9e:06:4e:bc:28:
55:24:e9:59:85:50:a7:7f:b7:53:44:c3:25:59:28:a1:42:8e:
a2:f9:bb:0e:f2:18:28:c4:51:9a:9d:86:72:16:06:fc:f7:e1:
e7:b3:83:ab:a3:1a:b3:d1:b1:77:2a:ec:8b:89:2c:db:1c:02:
a4:6d:b4:7a:17:2e:05:c0:cd:a4:57:5e:51:80:a6:ed:b3:20:
ee:78:9e:ea:3d:f6:ec:8a:62:43:fa:7d:80:9f:ef:f5:d3:97:
f9:50:33:70:4d:0b:45:2b:66:7d:30:7d:9d:ee:e3:97:70:38:
42:09:8e:62:ae:35:15:5a:e9:61:16:7d:db:06:35:94:b2:97:
b4:2a:c5:f9:86:93:5b:84:13:45:07:a7:35:b9:18:8d:49:99:
72:a1:4a:dc:96:32:2f:3e:99:19:e6:a6:09:0f:15:e7:12:3f:
56:02:ef:5e:88:ed:7a:96:dd:f5:5a:68:07:91:e4:b9:35:0a:
4a:61:2f:de:25:04:b8:0b:93:bb:eb:6b:b8:71:34:0b:0d:03:
da:ad:ba:5f:d4:02:57:17:04:0c:40:1c:f6:81:66:1c:b1:a5:
e7:d4:8c:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22btUi7YFiMVGOXXf78HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhkZWMyOTQ1OGY4YTBlYzY1YWE5NzYxZjQxZTlkNWQ3MDNjZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD8IkRL9wFOxO7JW6trJd/my3Csl
3h+XMEWrZLMzd3LIwP7LRFrMZo9UA4y3Dr1rkEjhAifO2jWj1M6CihWNPTUgb3UM
qyUqvdGpKPKOlTkGUy0tHdU8X77wRGl1NkCr9Lr5l8EXP4/NbVuiJkO1fh58zmaM
LV2J5JqXdntALsIslvS7FFhavtuQHUSRtIEFmwBaNejnyrYB5oR7LS4YNfRH6faW
5f1rteKkoRpVG1sOG5HdT/L0kHJliIx0qPx9I4zic/mpNagDu2P3w8mptQrNTLK7
l9n3PiSisI1UZPGcl+DXdaLl7vmlTsqVw7xVEJkkb2Rintuq3xmv1a1R8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2N7ClFj4oOxlqpdh9B6dXXA89MMB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvelkzc0tVV1BpZzdHV3FsMkgwSHAxZGNEejB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQkVMA0G
CSqGSIb3DQEBCwUAA4IBAQA0IG6Hx0kAZioaL5Cccg9/2eMF5ZPxhFq+BslNmiwJ
ngZOvChVJOlZhVCnf7dTRMMlWSihQo6i+bsO8hgoxFGanYZyFgb89+Hns4Oroxqz
0bF3KuyLiSzbHAKkbbR6Fy4FwM2kV15RgKbtsyDueJ7qPfbsimJD+n2An+/105f5
UDNwTQtFK2Z9MH2d7uOXcDhCCY5irjUVWulhFn3bBjWUspe0KsX5hpNbhBNFB6c1
uRiNSZlyoUrcljIvPpkZ5qYJDxXnEj9WAu9eiO16lt31WmgHkeS5NQpKYS/eJQS4
C5O762u4cTQLDQParbpf1AJXFwQMQBz2gWYcsaXn1IzA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:54 2025 by rpki-client