Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ZYaj9LV4LK3dj9dcSIsEEgzb7FY.roa
File: ZYaj9LV4LK3dj9dcSIsEEgzb7FY.roa (raw, json)
Hash identifier: FvC2k+/NMri1VnZNQ1ri0op9iAKw8Cs8YKu102qf3dU=
Subject key identifier: 65:86:A3:F4:B5:78:2C:AD:DD:8F:D7:5C:48:8B:04:12:0C:DB:EC:56
Certificate issuer: /CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Certificate serial: 018CC64B343D11C5CF93BE3E3FB106D61171
Authority key identifier: BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ZYaj9LV4LK3dj9dcSIsEEgzb7FY.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208257
IP address blocks: 185.251.70.0/24 maxlen: 24
151.248.20.0/22 maxlen: 22
151.248.22.0/23 maxlen: 24
2a0f:6a00::/29 maxlen: 29
2a10:aec0::/29 maxlen: 29
2a0f:f200::/29 maxlen: 29
Validation: Failed, certificate revoked on Mon 11 Mar 2024 07:18:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:34:3d:11:c5:cf:93:be:3e:3f:b1:06:d6:11:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf107e07952c069358cd3f82aaeceb4c69483ca9
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6586a3f4b5782caddd8fd75c488b04120cdbec56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:bc:44:fc:46:57:1e:63:bd:f5:0a:5d:b1:70:
2a:f2:52:ec:53:f0:ef:f8:96:f0:c2:05:3d:71:60:
29:a8:5e:20:ac:d5:9c:b1:53:52:42:27:a0:70:22:
9e:0c:19:5b:24:20:f0:cb:e6:08:f7:58:7d:bb:2f:
e3:ac:0d:b0:c1:4b:e2:b5:0c:dd:66:d3:0c:7f:77:
9a:f1:b8:d6:54:79:ff:25:d1:ad:1f:7a:cf:2a:db:
cc:6d:a3:76:5c:a5:a3:8a:d4:e0:e3:93:b9:ac:9c:
2e:df:e0:a7:e1:d5:bc:69:f5:0a:94:7e:db:8b:e6:
e1:33:00:12:c0:6f:be:db:cb:86:8f:11:c5:ac:c2:
cf:95:a7:b3:99:7b:44:da:f3:16:50:d3:f7:3b:20:
e4:19:35:35:27:3b:2b:e9:c6:46:05:85:61:09:61:
f9:b2:61:15:12:a8:b3:d2:ad:4b:28:32:68:5e:1d:
f6:c2:41:db:61:e4:ab:20:bd:c9:f3:b5:5c:f7:12:
d5:90:c5:14:07:e0:33:b7:90:21:b2:80:c8:9f:7f:
63:96:fe:ac:2a:e7:16:9e:36:6e:1b:54:7d:a1:d0:
e4:c1:1f:f0:1d:a2:63:ab:c0:70:72:fd:c0:45:83:
0f:8b:a2:3c:da:bf:f6:5b:ca:d9:cd:44:30:c3:9f:
bf:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:86:A3:F4:B5:78:2C:AD:DD:8F:D7:5C:48:8B:04:12:0C:DB:EC:56
X509v3 Authority Key Identifier:
keyid:BF:10:7E:07:95:2C:06:93:58:CD:3F:82:AA:EC:EB:4C:69:48:3C:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vxB-B5UsBpNYzT-CquzrTGlIPKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/ZYaj9LV4LK3dj9dcSIsEEgzb7FY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7e28ee-c65d-4529-a47b-48633d718590/1/vxB-B5UsBpNYzT-CquzrTGlIPKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.20.0/22
185.251.70.0/24
IPv6:
2a0f:6a00::/29
2a0f:f200::/29
2a10:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
71:d2:b5:4d:94:cd:83:8a:9f:e8:6f:9d:da:11:28:4d:cc:2b:
de:67:43:44:dd:63:95:4a:d2:03:d2:66:7c:02:ca:aa:eb:3b:
3a:b6:4b:6b:cd:47:07:98:b5:35:5d:07:ed:53:39:c9:61:dc:
ec:07:a7:c2:a0:72:c4:8b:22:66:bb:e4:e7:3d:1e:b5:37:7f:
c1:44:8f:36:f3:5e:f1:ea:3a:7a:af:b7:27:47:40:a9:01:d2:
bc:92:f1:68:7b:2f:4a:36:36:2e:54:67:8d:f0:e7:49:30:87:
ae:87:86:fc:c4:86:9d:ee:34:b4:d1:f9:78:1e:d1:dd:5c:45:
78:8b:c2:ea:8f:ee:42:e1:fa:9d:9b:d1:b2:7b:8a:df:fc:90:
74:90:3c:dc:f9:5a:d0:93:49:dd:dc:aa:15:6e:86:48:a7:80:
88:2a:c4:7c:7f:ba:b1:cc:e7:7d:8c:4d:96:63:a4:86:90:8e:
e0:a1:d4:1d:91:d3:8d:a9:19:69:80:7d:2d:3c:6d:06:0c:2e:
33:75:12:cf:ef:1c:6a:b1:95:78:8f:d6:3a:87:7f:8e:5b:7f:
41:57:8e:d2:dc:5f:9a:2d:85:ee:93:46:3e:76:aa:ee:f1:66:
d4:de:4f:d7:f1:b0:54:42:f9:48:7e:ea:12:27:e7:c2:c1:a5:
a6:5e:4f:70
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzGSzQ9EcXPk74+P7EG1hFxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMTA3ZTA3OTUyYzA2OTM1OGNkM2Y4MmFhZWNlYjRjNjk0
ODNjYTkwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg2YTNmNGI1NzgyY2FkZGQ4ZmQ3NWM0ODhiMDQxMjBjZGJlYzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrxE/EZXHmO99QpdsXAq8lLsU/Dv
+JbwwgU9cWApqF4grNWcsVNSQiegcCKeDBlbJCDwy+YI91h9uy/jrA2wwUvitQzd
ZtMMf3ea8bjWVHn/JdGtH3rPKtvMbaN2XKWjitTg45O5rJwu3+Cn4dW8afUKlH7b
i+bhMwASwG++28uGjxHFrMLPlaezmXtE2vMWUNP3OyDkGTU1Jzsr6cZGBYVhCWH5
smEVEqiz0q1LKDJoXh32wkHbYeSrIL3J87Vc9xLVkMUUB+Azt5AhsoDIn39jlv6s
KucWnjZuG1R9odDkwR/wHaJjq8Bwcv3ARYMPi6I82r/2W8rZzUQww5+/iQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGWGo/S1eCyt3Y/XXEiLBBIM2+xWMB8GA1UdIwQY
MBaAFL8QfgeVLAaTWM0/gqrs60xpSDypMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2It
NDg2MzNkNzE4NTkwLzEvWllhajlMVjRMSzNkajlkY1NJc0VFZ3piN0ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83ZTI4ZWUtYzY1ZC00NTI5LWE0N2ItNDg2MzNkNzE4NTkw
LzEvdnhCLUI1VXNCcE5ZelQtQ3F1enJUR2xJUEtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTASBAIAATAMAwQCl/gUAwQA
uftGMBsEAgACMBUDBQMqD2oAAwUDKg/yAAMFAyoQrsAwDQYJKoZIhvcNAQELBQAD
ggEBAHHStU2UzYOKn+hvndoRKE3MK95nQ0TdY5VK0gPSZnwCyqrrOzq2S2vNRweY
tTVdB+1TOclh3OwHp8KgcsSLIma75Oc9HrU3f8FEjzbzXvHqOnqvtydHQKkB0ryS
8Wh7L0o2Ni5UZ43w50kwh66HhvzEhp3uNLTR+Xge0d1cRXiLwuqP7kLh+p2b0bJ7
it/8kHSQPNz5WtCTSd3cqhVuhkingIgqxHx/urHM532MTZZjpIaQjuCh1B2R042p
GWmAfS08bQYMLjN1Es/vHGqxlXiP1jqHf45bf0FXjtLcX5othe6TRj52qu7xZtTe
T9fxsFRC+Uh+6hIn58LBpaZeT3A=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:54 2025 by rpki-client