Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/cZoba5btLjXCv0MNdnDUmvBIvyY.roa
File: cZoba5btLjXCv0MNdnDUmvBIvyY.roa (raw, json)
Hash identifier: 21zQs2nUYAf9nXsXtjgAV4ChXculzyJlabGMRbD3u9U=
Subject key identifier: 71:9A:1B:6B:96:ED:2E:35:C2:BF:43:0D:76:70:D4:9A:F0:48:BF:26
Certificate issuer: /CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Certificate serial: 018CC9BC8831B5A32BB75E69DBCF3A5B3075
Authority key identifier: 7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/cZoba5btLjXCv0MNdnDUmvBIvyY.roa
Signing time: Tue 02 Jan 2024 10:33:45 +0000
ROA not before: Tue 02 Jan 2024 10:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8560
IP address blocks: 82.223.0.0/16 maxlen: 24
217.76.128.0/19 maxlen: 24
185.132.44.0/22 maxlen: 24
94.143.136.0/21 maxlen: 24
93.93.112.0/21 maxlen: 24
62.151.160.0/21 maxlen: 24
62.151.176.0/21 maxlen: 24
2001:ba0::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:88:31:b5:a3:2b:b7:5e:69:db:cf:3a:5b:30:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c6dc7395815af045048f4ce3910d04008ff3a7c
Validity
Not Before: Jan 2 10:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=719a1b6b96ed2e35c2bf430d7670d49af048bf26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:12:48:05:a5:f7:ba:f3:f2:31:de:24:bd:50:
a4:a9:05:0d:9e:dd:f9:14:6f:e8:25:3c:f0:d4:67:
1c:17:3a:04:8d:c1:14:98:53:9e:37:14:b9:2c:9d:
4b:ff:43:53:30:4f:e5:52:1f:4c:4a:b3:d0:a5:08:
68:b7:45:b7:82:98:60:1a:0d:d3:a6:fb:15:8f:bc:
e0:24:cd:58:7d:af:ba:62:17:c7:37:d9:b0:21:bd:
26:0a:5c:47:00:7c:98:50:c0:15:29:a9:8d:1f:70:
45:4d:ce:38:68:d0:8c:a9:fe:72:89:0e:64:c2:e8:
6c:fc:a1:9c:bf:f3:bd:0a:32:d5:be:bc:e9:83:28:
73:9a:ab:98:a0:0b:b0:04:4c:6f:78:95:5e:d9:2d:
b7:79:f8:33:4e:91:6d:bd:46:57:bf:42:b0:6d:ed:
29:96:ce:92:4d:ae:aa:45:42:59:92:a4:5b:df:d3:
1a:1f:19:83:50:f3:72:4e:88:fa:9b:50:a9:5c:9e:
c9:65:ac:99:95:fe:4a:4a:cf:2a:b8:11:45:e3:56:
40:2d:b1:6c:49:29:71:db:36:a4:49:e5:f8:e9:6c:
38:bc:77:43:18:fb:dd:b7:bf:f0:e2:b8:c0:19:60:
24:a3:3f:3a:7a:ff:a4:28:98:44:c0:47:f6:61:f5:
b9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:9A:1B:6B:96:ED:2E:35:C2:BF:43:0D:76:70:D4:9A:F0:48:BF:26
X509v3 Authority Key Identifier:
keyid:7C:6D:C7:39:58:15:AF:04:50:48:F4:CE:39:10:D0:40:08:FF:3A:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fG3HOVgVrwRQSPTOORDQQAj_Onw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/cZoba5btLjXCv0MNdnDUmvBIvyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/54687f-efa5-4620-8619-3155ba8cb74f/1/fG3HOVgVrwRQSPTOORDQQAj_Onw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.151.160.0/21
62.151.176.0/21
82.223.0.0/16
93.93.112.0/21
94.143.136.0/21
185.132.44.0/22
217.76.128.0/19
IPv6:
2001:ba0::/32
Signature Algorithm: sha256WithRSAEncryption
56:48:08:6e:f7:0a:a2:fc:3c:4e:73:16:b7:1e:95:4f:72:cc:
f6:33:0f:95:6c:23:26:97:ac:43:75:88:cd:2f:96:91:26:57:
77:d8:df:95:3a:1e:d8:46:4d:6d:9a:0c:e1:d3:da:3e:50:e9:
d8:93:08:69:7e:52:c7:71:ea:c2:2e:ac:56:a0:7b:0b:8e:ad:
8a:10:34:a0:12:61:5e:d7:7d:a3:f2:7d:bb:fd:64:8b:75:09:
2c:fe:80:18:05:94:b3:c2:23:af:80:69:8c:6d:ac:d5:0b:32:
10:43:85:de:42:99:c4:49:9f:8c:83:5f:76:76:9f:f8:9c:e9:
a7:86:68:f8:c2:6e:97:0c:65:c6:7a:8e:47:9a:0d:81:c9:ac:
83:2e:b3:f0:0e:48:17:9a:ab:a6:b1:76:24:63:c3:88:a8:52:
b4:63:fa:66:43:bd:a8:a4:71:09:69:f6:eb:83:da:7f:52:bd:
92:5b:ae:4b:94:9d:e9:20:94:0b:27:35:06:d4:16:ed:f0:cd:
70:44:25:b6:cf:e0:29:d9:20:8f:5d:e4:dd:16:c4:e9:7c:96:
2b:0d:9f:27:02:fa:89:80:dd:f2:93:69:0e:ce:00:38:54:b1:
b7:37:14:33:93:2b:6f:24:68:d3:a8:4c:41:e4:81:5d:8a:c6:
dc:6c:2d:ef
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYzJvIgxtaMrt15p2886WzB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjNmRjNzM5NTgxNWFmMDQ1MDQ4ZjRjZTM5MTBkMDQwMDhm
ZjNhN2MwHhcNMjQwMTAyMTAzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTlhMWI2Yjk2ZWQyZTM1YzJiZjQzMGQ3NjcwZDQ5YWYwNDhiZjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRJIBaX3uvPyMd4kvVCkqQUNnt35
FG/oJTzw1GccFzoEjcEUmFOeNxS5LJ1L/0NTME/lUh9MSrPQpQhot0W3gphgGg3T
pvsVj7zgJM1Yfa+6YhfHN9mwIb0mClxHAHyYUMAVKamNH3BFTc44aNCMqf5yiQ5k
wuhs/KGcv/O9CjLVvrzpgyhzmquYoAuwBExveJVe2S23efgzTpFtvUZXv0Kwbe0p
ls6STa6qRUJZkqRb39MaHxmDUPNyToj6m1CpXJ7JZayZlf5KSs8quBFF41ZALbFs
SSlx2zakSeX46Ww4vHdDGPvdt7/w4rjAGWAkoz86ev+kKJhEwEf2YfW56QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFHGaG2uW7S41wr9DDXZw1JrwSL8mMB8GA1UdIwQY
MBaAFHxtxzlYFa8EUEj0zjkQ0EAI/zp8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTkt
MzE1NWJhOGNiNzRmLzEvY1pvYmE1YnRMalhDdjBNTmRuRFVtdkJJdnlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC81NDY4N2YtZWZhNS00NjIwLTg2MTktMzE1NWJhOGNiNzRm
LzEvZkczSE9WZ1Zyd1JRU1BUT09SRFFRQWpfT253LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQDPpegAwQD
PpewAwMAUt8DBANdXXADBANej4gDBAK5hCwDBAXZTIAwDQQCAAIwBwMFACABC6Aw
DQYJKoZIhvcNAQELBQADggEBAFZICG73CqL8PE5zFrcelU9yzPYzD5VsIyaXrEN1
iM0vlpEmV3fY35U6HthGTW2aDOHT2j5Q6diTCGl+Usdx6sIurFagewuOrYoQNKAS
YV7XfaPyfbv9ZIt1CSz+gBgFlLPCI6+AaYxtrNULMhBDhd5CmcRJn4yDX3Z2n/ic
6aeGaPjCbpcMZcZ6jkeaDYHJrIMus/AOSBeaq6axdiRjw4ioUrRj+mZDvaikcQlp
9uuD2n9SvZJbrkuUnekglAsnNQbUFu3wzXBEJbbP4CnZII9d5N0WxOl8lisNnycC
+omA3fKTaQ7OADhUsbc3FDOTK28kaNOoTEHkgV2KxtxsLe8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:45:29 2025 by rpki-client