Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/zpNMMXDzWPGccBSTLLcds3b31-Y.roa
File: zpNMMXDzWPGccBSTLLcds3b31-Y.roa (raw, json)
Hash identifier: wmlFuaLXAb9+rTF+4l3tgWVjkpUgutcR1hFK6hpuTG0=
Subject key identifier: CE:93:4C:31:70:F3:58:F1:9C:70:14:93:2C:B7:1D:B3:76:F7:D7:E6
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0194FEA87E75088E69AFE55DB38F2DD2F7B4
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/zpNMMXDzWPGccBSTLLcds3b31-Y.roa
Signing time: Thu 13 Feb 2025 09:34:02 +0000
ROA not before: Thu 13 Feb 2025 09:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 109.236.48.0/24 maxlen: 24
109.236.49.0/24 maxlen: 24
109.236.50.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.86.6.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
194.62.54.0/24 maxlen: 24
194.62.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Feb 2025 16:07:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fe:a8:7e:75:08:8e:69:af:e5:5d:b3:8f:2d:d2:f7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Feb 13 09:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce934c3170f358f19c7014932cb71db376f7d7e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:c2:71:14:e7:56:c1:6d:84:6c:ad:52:39:d6:
f1:61:6a:f2:35:0a:9a:de:a9:44:e8:c5:61:4b:5b:
56:f3:1e:88:05:53:a5:33:0b:54:fd:ad:88:db:2b:
4a:bd:88:f6:b2:a2:54:f4:1b:25:d6:51:bb:7b:fa:
12:a3:4b:64:2b:23:b1:21:4a:61:04:d6:0b:c7:28:
3b:e8:2a:47:43:fb:58:37:ec:cd:f1:6c:59:b0:3c:
19:22:8f:45:21:bd:ad:17:0a:f3:aa:03:89:d5:fa:
ac:ed:a7:66:1d:a5:ee:4e:0e:6d:bd:9f:5c:a6:fe:
d8:d4:db:ef:ed:f2:25:74:72:b1:3b:af:91:8b:02:
98:22:c3:fc:ef:46:66:2c:d6:ec:8a:78:1e:ee:e7:
b8:c6:e2:22:19:a5:8d:1b:eb:bb:3f:d0:be:95:cd:
ed:93:87:ef:8d:47:2e:74:1b:81:cf:d6:05:a7:10:
d8:6e:f8:b7:6d:b4:4f:43:59:35:34:e9:0f:c1:c4:
11:8f:92:07:ce:90:01:7f:32:b7:69:36:ac:75:f6:
e0:9d:32:f3:98:c2:cb:b6:d5:32:78:f5:21:da:b5:
b5:26:ac:1d:27:5b:28:3d:5a:55:75:15:5f:32:73:
22:65:02:df:9c:26:96:11:35:f3:f9:40:d2:c8:05:
98:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:93:4C:31:70:F3:58:F1:9C:70:14:93:2C:B7:1D:B3:76:F7:D7:E6
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/zpNMMXDzWPGccBSTLLcds3b31-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/22
185.86.6.0/24
185.254.28.0/23
193.35.152.0/24
193.35.155.0/24
194.62.54.0/23
Signature Algorithm: sha256WithRSAEncryption
78:c2:13:fd:ae:1a:43:93:98:93:c3:e8:57:f6:4f:90:e1:11:
6b:75:6a:2e:e4:56:6b:9c:32:67:55:6d:1e:85:0e:50:48:b2:
2f:1f:62:3c:53:7e:b3:d8:a5:7b:84:57:1e:8c:bd:a7:30:86:
c4:55:c4:8d:a1:60:17:2d:32:67:93:53:7f:e7:63:df:35:c2:
b5:a0:67:58:f9:a6:5c:00:79:66:79:0b:53:9f:2a:f4:43:49:
2a:93:6b:e2:d9:c3:4c:09:bd:d4:1f:96:6b:21:f8:53:a6:37:
be:9f:45:fd:ab:fc:a5:c9:be:6e:ad:39:34:8b:3d:1f:51:ad:
ed:ba:32:a4:86:d1:99:c3:e1:0a:10:95:11:20:83:74:4c:90:
07:19:d3:b1:7a:7b:a8:63:7d:f8:02:1e:c1:ac:ad:e5:f0:a1:
0c:86:27:07:d0:b2:a9:e0:a5:9c:a8:c1:94:83:08:ef:cf:37:
52:ba:16:66:df:1c:bf:2d:c8:f7:13:2f:c6:4a:22:35:a8:72:
18:18:ff:d2:94:b3:d8:ee:06:5c:ac:b0:04:a2:86:43:c0:ec:
09:40:2c:9b:ea:7c:76:76:99:ff:3c:6e:a1:f6:0e:94:45:4c:
2f:48:8f:af:c0:55:88:67:fb:22:df:f1:87:8c:a2:e8:f2:62:
84:81:7d:d4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZT+qH51CI5pr+Vds48t0ve0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwMjEzMDkzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTkzNGMzMTcwZjM1OGYxOWM3MDE0OTMyY2I3MWRiMzc2ZjdkN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7sJxFOdWwW2EbK1SOdbxYWryNQqa
3qlE6MVhS1tW8x6IBVOlMwtU/a2I2ytKvYj2sqJU9Bsl1lG7e/oSo0tkKyOxIUph
BNYLxyg76CpHQ/tYN+zN8WxZsDwZIo9FIb2tFwrzqgOJ1fqs7admHaXuTg5tvZ9c
pv7Y1Nvv7fIldHKxO6+RiwKYIsP870ZmLNbsinge7ue4xuIiGaWNG+u7P9C+lc3t
k4fvjUcudBuBz9YFpxDYbvi3bbRPQ1k1NOkPwcQRj5IHzpABfzK3aTasdfbgnTLz
mMLLttUyePUh2rW1JqwdJ1soPVpVdRVfMnMiZQLfnCaWETXz+UDSyAWY6QIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM6TTDFw81jxnHAUkyy3HbN299fmMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvenBOTU1YRHpXUEdjY0JTVExMY2RzM2IzMS1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCbewwAwQA
uVYGAwQBuf4cAwQAwSOYAwQAwSObAwQBwj42MA0GCSqGSIb3DQEBCwUAA4IBAQB4
whP9rhpDk5iTw+hX9k+Q4RFrdWou5FZrnDJnVW0ehQ5QSLIvH2I8U36z2KV7hFce
jL2nMIbEVcSNoWAXLTJnk1N/52PfNcK1oGdY+aZcAHlmeQtTnyr0Q0kqk2vi2cNM
Cb3UH5ZrIfhTpje+n0X9q/ylyb5urTk0iz0fUa3tujKkhtGZw+EKEJURIIN0TJAH
GdOxenuoY334Ah7BrK3l8KEMhicH0LKp4KWcqMGUgwjvzzdSuhZm3xy/Lcj3Ey/G
SiI1qHIYGP/SlLPY7gZcrLAEooZDwOwJQCyb6nx2dpn/PG6h9g6URUwvSI+vwFWI
Z/si3/GHjKLo8mKEgX3U
-----END CERTIFICATE-----
Generated at Sun Apr 6 08:35:36 2025 by rpki-client