Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/5Z3LruKxa2aka5mTgfLiozxMjBo.roa
File: 5Z3LruKxa2aka5mTgfLiozxMjBo.roa (raw, json)
Hash identifier: snbc+UilQvA4ul+87IHio6qvg4o46H7ibBzSJmFvN5c=
Subject key identifier: E5:9D:CB:AE:E2:B1:6B:66:A4:6B:99:93:81:F2:E2:A3:3C:4C:8C:1A
Certificate issuer: /CN=508a9a08abef74dcc51004f4fae0266d620395e3
Certificate serial: 018CC9BB46CA3CA2794FE92DD56A0D86510A
Authority key identifier: 50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/5Z3LruKxa2aka5mTgfLiozxMjBo.roa
Signing time: Tue 02 Jan 2024 10:32:22 +0000
ROA not before: Tue 02 Jan 2024 10:32:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211197
IP address blocks: 185.7.213.0/24 maxlen: 24
193.223.109.0/24 maxlen: 24
2a03:b680::/29 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:46:ca:3c:a2:79:4f:e9:2d:d5:6a:0d:86:51:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=508a9a08abef74dcc51004f4fae0266d620395e3
Validity
Not Before: Jan 2 10:32:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e59dcbaee2b16b66a46b999381f2e2a33c4c8c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:69:6f:57:c6:20:40:8a:7b:9d:44:35:0c:f4:
f1:98:a9:01:d4:f4:ba:6a:5f:1a:02:60:27:72:68:
90:d2:cf:85:5e:89:79:63:ee:78:d5:dc:08:64:a2:
b0:b7:5e:40:1d:a7:57:d2:a3:1f:2f:b8:f1:d6:c0:
de:97:d3:51:4d:42:41:8f:5a:58:a7:76:6b:69:1a:
3b:c0:eb:3d:9a:bf:04:48:27:c7:9d:0e:06:3d:82:
32:c3:93:00:3d:aa:9f:79:35:e8:b2:4a:93:f7:5f:
2e:70:cf:be:10:76:d4:4b:a9:e8:00:8d:c8:a7:50:
7c:cc:24:82:1a:3f:5a:eb:e8:cb:49:7c:96:00:f1:
dd:e3:2b:aa:20:c2:6c:7c:96:1f:3d:6f:94:79:02:
74:71:c1:51:0b:e8:47:60:5a:de:9d:76:37:d7:91:
8b:3b:4f:12:01:79:45:e5:bc:f5:76:28:b7:90:06:
1d:37:f5:04:f5:c2:5b:53:bf:bd:ac:c9:d0:9d:f5:
e5:77:61:3b:48:57:19:bb:6b:23:ef:04:d7:c0:ea:
b6:8b:47:d8:f0:3d:26:6a:2e:51:b8:25:68:fd:64:
a2:46:69:22:9f:37:d2:a1:04:b5:3e:30:fe:5f:70:
b5:0d:38:8c:8b:2f:1b:39:fa:84:a7:d3:ad:5d:11:
86:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9D:CB:AE:E2:B1:6B:66:A4:6B:99:93:81:F2:E2:A3:3C:4C:8C:1A
X509v3 Authority Key Identifier:
keyid:50:8A:9A:08:AB:EF:74:DC:C5:10:04:F4:FA:E0:26:6D:62:03:95:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UIqaCKvvdNzFEAT0-uAmbWIDleM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/5Z3LruKxa2aka5mTgfLiozxMjBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/deca0e-dd4c-44ef-bf77-05dbe3df98f6/1/UIqaCKvvdNzFEAT0-uAmbWIDleM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.213.0/24
193.223.109.0/24
IPv6:
2a03:b680::/29
Signature Algorithm: sha256WithRSAEncryption
43:28:96:96:70:c4:de:76:31:1d:eb:22:0f:00:77:f8:75:be:
cd:67:cd:c3:d2:fc:48:bf:79:a0:9c:1f:c0:92:52:ae:45:10:
d3:1e:ae:59:ec:e6:33:0c:78:b9:1a:99:66:fe:94:25:70:ba:
ec:bf:a6:bd:2d:4d:a0:75:f8:fd:6d:65:fb:3b:5c:1a:f9:9b:
bc:d4:26:a8:08:29:01:b0:e9:e4:3a:9f:34:49:b4:e7:f8:ab:
52:e4:3e:88:8d:40:02:8f:a9:20:8c:01:bb:50:21:2a:dc:23:
5c:6e:bc:9a:d7:59:8d:21:67:0d:01:97:12:07:fe:44:7f:02:
f7:45:e6:4a:dd:ef:a9:98:77:35:77:5f:b4:1c:6c:bc:db:33:
23:17:25:d3:be:8e:4b:66:9c:c1:59:f7:59:d1:ab:5a:70:f9:
dd:30:1e:aa:55:c5:c1:c5:96:6a:cb:1f:67:92:84:27:6a:19:
4a:ba:c5:b6:6b:79:c1:e4:23:3f:9f:43:4f:5b:14:00:d4:de:
f4:01:27:a0:e0:86:9c:cd:05:33:d1:e1:f1:12:af:75:dc:07:
b6:f5:3e:81:21:87:d2:de:30:c2:a3:44:d4:35:e8:d9:00:9f:
29:3c:d3:66:05:03:29:b2:17:06:15:bf:f6:24:f3:be:15:34:
49:cc:55:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu0bKPKJ5T+kt1WoNhlEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOGE5YTA4YWJlZjc0ZGNjNTEwMDRmNGZhZTAyNjZkNjIw
Mzk1ZTMwHhcNMjQwMTAyMTAzMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTlkY2JhZWUyYjE2YjY2YTQ2Yjk5OTM4MWYyZTJhMzNjNGM4YzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2lvV8YgQIp7nUQ1DPTxmKkB1PS6
al8aAmAncmiQ0s+FXol5Y+541dwIZKKwt15AHadX0qMfL7jx1sDel9NRTUJBj1pY
p3ZraRo7wOs9mr8ESCfHnQ4GPYIyw5MAPaqfeTXoskqT918ucM++EHbUS6noAI3I
p1B8zCSCGj9a6+jLSXyWAPHd4yuqIMJsfJYfPW+UeQJ0ccFRC+hHYFrenXY315GL
O08SAXlF5bz1dii3kAYdN/UE9cJbU7+9rMnQnfXld2E7SFcZu2sj7wTXwOq2i0fY
8D0mai5RuCVo/WSiRmkinzfSoQS1PjD+X3C1DTiMiy8bOfqEp9OtXRGGGQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOWdy67isWtmpGuZk4Hy4qM8TIwaMB8GA1UdIwQY
MBaAFFCKmgir73TcxRAE9PrgJm1iA5XjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzct
MDVkYmUzZGY5OGY2LzEvNVozTHJ1S3hhMmFrYTVtVGdmTGlvenhNakJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9kZWNhMGUtZGQ0Yy00NGVmLWJmNzctMDVkYmUzZGY5OGY2
LzEvVUlxYUNLdnZkTnpGRUFUMC11QW1iV0lEbGVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuQfVAwQA
wd9tMA0EAgACMAcDBQMqA7aAMA0GCSqGSIb3DQEBCwUAA4IBAQBDKJaWcMTedjEd
6yIPAHf4db7NZ83D0vxIv3mgnB/AklKuRRDTHq5Z7OYzDHi5Gplm/pQlcLrsv6a9
LU2gdfj9bWX7O1wa+Zu81CaoCCkBsOnkOp80SbTn+KtS5D6IjUACj6kgjAG7UCEq
3CNcbrya11mNIWcNAZcSB/5EfwL3ReZK3e+pmHc1d1+0HGy82zMjFyXTvo5LZpzB
WfdZ0atacPndMB6qVcXBxZZqyx9nkoQnahlKusW2a3nB5CM/n0NPWxQA1N70ASeg
4IaczQUz0eHxEq913Ae29T6BIYfS3jDCo0TUNejZAJ8pPNNmBQMpshcGFb/2JPO+
FTRJzFWJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:21 2025 by rpki-client