Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/zpzqSmBr2tfeE9S3mcI73q4nreE.roa
File: zpzqSmBr2tfeE9S3mcI73q4nreE.roa (raw, json)
Hash identifier: b1zDBC1hvXwg3fm+DVcJZ7Z2laiJJloKeD+CZXc1zY0=
Subject key identifier: CE:9C:EA:4A:60:6B:DA:D7:DE:13:D4:B7:99:C2:3B:DE:AE:27:AD:E1
Certificate issuer: /CN=607c0e942bf80a7d57490cc7bb04285b02aeff7a
Certificate serial: 018DE4651CF70C669B65F5892AD33E5295BA
Authority key identifier: 60:7C:0E:94:2B:F8:0A:7D:57:49:0C:C7:BB:04:28:5B:02:AE:FF:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/zpzqSmBr2tfeE9S3mcI73q4nreE.roa
Signing time: Mon 26 Feb 2024 07:50:48 +0000
ROA not before: Mon 26 Feb 2024 07:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198761
IP address blocks: 91.242.223.0/24 maxlen: 24
91.243.64.0/23 maxlen: 24
185.25.228.0/22 maxlen: 24
185.222.100.0/22 maxlen: 24
213.5.236.0/23 maxlen: 24
2a04:3380::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:65:1c:f7:0c:66:9b:65:f5:89:2a:d3:3e:52:95:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=607c0e942bf80a7d57490cc7bb04285b02aeff7a
Validity
Not Before: Feb 26 07:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce9cea4a606bdad7de13d4b799c23bdeae27ade1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:71:f5:fc:01:5a:21:b7:28:d6:b5:5a:3a:71:
4b:59:44:12:40:a8:f6:a8:fe:41:2e:53:41:2c:75:
e4:a3:ec:9d:c0:0e:b3:2c:ac:9c:12:f6:b3:75:40:
f6:c8:0a:53:43:ee:1f:9b:27:2a:8a:db:2b:f8:1a:
ee:e1:3b:5f:c8:4c:0c:03:53:20:77:12:30:68:ae:
20:f0:10:f2:b6:80:75:69:07:67:27:cf:06:48:7d:
9b:12:0d:6b:e5:45:19:40:93:9a:92:9b:61:e1:77:
a3:61:1a:fd:92:53:02:9d:49:c7:ed:67:67:c7:a7:
79:08:b1:9f:c2:e7:fb:ce:d4:77:8d:57:c1:45:92:
55:ca:e3:97:60:49:c7:c0:e1:64:9b:d7:c6:42:37:
5a:32:81:ee:91:01:c4:f2:c7:d4:0f:b5:13:50:c2:
21:b9:ce:38:a5:f9:bd:fd:e1:7c:5f:b1:45:98:ec:
8f:d0:97:c3:cc:0a:59:71:24:99:5e:5d:a5:c2:a7:
f8:c8:43:bc:2d:23:83:6e:ce:7d:b4:e2:90:5d:53:
52:58:5f:b2:46:66:c4:5f:18:81:c3:c2:b2:50:f1:
57:fd:81:c9:e1:65:33:a0:f7:d8:80:9c:17:26:f7:
23:35:2f:36:fb:86:db:56:5b:e2:40:d6:21:48:22:
4b:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:9C:EA:4A:60:6B:DA:D7:DE:13:D4:B7:99:C2:3B:DE:AE:27:AD:E1
X509v3 Authority Key Identifier:
keyid:60:7C:0E:94:2B:F8:0A:7D:57:49:0C:C7:BB:04:28:5B:02:AE:FF:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/zpzqSmBr2tfeE9S3mcI73q4nreE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/df1512-3fa4-40fc-8dca-6437acd8a3cf/1/YHwOlCv4Cn1XSQzHuwQoWwKu_3o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.242.223.0/24
91.243.64.0/23
185.25.228.0/22
185.222.100.0/22
213.5.236.0/23
IPv6:
2a04:3380::/29
Signature Algorithm: sha256WithRSAEncryption
65:35:51:73:c9:5b:9c:d6:5f:d8:16:21:67:1a:4c:10:7b:f2:
fd:af:ae:18:ed:3b:3a:a3:92:cf:ec:95:a7:cd:de:79:e6:df:
ea:e2:81:0a:85:ca:5e:46:fb:c4:ec:45:4e:28:66:bc:0f:fe:
88:5d:29:9c:2d:bf:f1:4b:3e:75:d0:2c:64:6d:7b:2d:79:8b:
35:9c:58:b6:62:98:8e:ca:fd:54:6e:f8:7b:45:02:aa:90:d4:
6c:e6:48:25:7a:59:bc:2c:67:89:bf:0d:13:fb:a8:91:bd:24:
4a:06:04:3f:17:9f:28:d6:16:1b:43:ae:ff:f8:89:70:9e:10:
25:f9:bd:d8:fe:3d:52:34:b2:a3:b4:ba:15:7f:a5:36:a3:56:
77:a6:a8:18:fe:44:6a:79:e5:42:97:7f:04:8d:65:df:9e:70:
d8:f3:a6:16:f6:90:e3:29:58:62:e4:9c:1c:fa:1d:6b:d0:fb:
fe:e9:9c:62:0c:17:00:75:3b:12:a3:77:a1:28:92:e3:34:06:
a9:15:4b:e1:47:75:f3:d8:08:f6:bb:af:6d:9b:fa:d1:7f:39:
dc:13:2b:03:28:f3:9c:82:28:5e:5f:f1:fd:d3:ed:ff:72:08:
78:25:3a:9f:8b:9b:49:38:a0:ad:76:96:50:03:91:6f:cc:fc:
6f:27:66:3f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY3kZRz3DGabZfWJKtM+UpW6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwN2MwZTk0MmJmODBhN2Q1NzQ5MGNjN2JiMDQyODViMDJh
ZWZmN2EwHhcNMjQwMjI2MDc1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTljZWE0YTYwNmJkYWQ3ZGUxM2Q0Yjc5OWMyM2JkZWFlMjdhZGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXH1/AFaIbco1rVaOnFLWUQSQKj2
qP5BLlNBLHXko+ydwA6zLKycEvazdUD2yApTQ+4fmycqitsr+Bru4TtfyEwMA1Mg
dxIwaK4g8BDytoB1aQdnJ88GSH2bEg1r5UUZQJOakpth4XejYRr9klMCnUnH7Wdn
x6d5CLGfwuf7ztR3jVfBRZJVyuOXYEnHwOFkm9fGQjdaMoHukQHE8sfUD7UTUMIh
uc44pfm9/eF8X7FFmOyP0JfDzApZcSSZXl2lwqf4yEO8LSODbs59tOKQXVNSWF+y
RmbEXxiBw8KyUPFX/YHJ4WUzoPfYgJwXJvcjNS82+4bbVlviQNYhSCJLawIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM6c6kpga9rX3hPUt5nCO96uJ63hMB8GA1UdIwQY
MBaAFGB8DpQr+Ap9V0kMx7sEKFsCrv96MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUh3T2xDdjRDbjFYU1F6SHV3UW9Xd0t1XzNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9kZjE1MTItM2ZhNC00MGZjLThkY2Et
NjQzN2FjZDhhM2NmLzEvenB6cVNtQnIydGZlRTlTM21jSTczcTRucmVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9kZjE1MTItM2ZhNC00MGZjLThkY2EtNjQzN2FjZDhhM2Nm
LzEvWUh3T2xDdjRDbjFYU1F6SHV3UW9Xd0t1XzNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAW/LfAwQB
W/NAAwQCuRnkAwQCud5kAwQB1QXsMA0EAgACMAcDBQMqBDOAMA0GCSqGSIb3DQEB
CwUAA4IBAQBlNVFzyVuc1l/YFiFnGkwQe/L9r64Y7Ts6o5LP7JWnzd555t/q4oEK
hcpeRvvE7EVOKGa8D/6IXSmcLb/xSz510CxkbXsteYs1nFi2YpiOyv1Ubvh7RQKq
kNRs5kglelm8LGeJvw0T+6iRvSRKBgQ/F58o1hYbQ67/+IlwnhAl+b3Y/j1SNLKj
tLoVf6U2o1Z3pqgY/kRqeeVCl38EjWXfnnDY86YW9pDjKVhi5Jwc+h1r0Pv+6Zxi
DBcAdTsSo3ehKJLjNAapFUvhR3Xz2Aj2u69tm/rRfzncEysDKPOcgiheX/H90+3/
cgh4JTqfi5tJOKCtdpZQA5FvzPxvJ2Y/
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:37:56 2025 by rpki-client