Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ZmdKPZitqde_a22dneHqOv7d9sE.roa
File: ZmdKPZitqde_a22dneHqOv7d9sE.roa (raw, json)
Hash identifier: 8De/Rx3fsxc088ItBl1n9R0cjNG6WOiQL4xmOGNPJDY=
Subject key identifier: 66:67:4A:3D:98:AD:A9:D7:BF:6B:6D:9D:9D:E1:EA:3A:FE:DD:F6:C1
Certificate issuer: /CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Certificate serial: 0190DAA4E9711165A5290CCF2995A22B016E
Authority key identifier: 1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ZmdKPZitqde_a22dneHqOv7d9sE.roa
Signing time: Mon 22 Jul 2024 13:32:38 +0000
ROA not before: Mon 22 Jul 2024 13:32:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216234
IP address blocks: 109.120.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:da:a4:e9:71:11:65:a5:29:0c:cf:29:95:a2:2b:01:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b2c219f3c297b775880c3b651a2003f9be6de5e
Validity
Not Before: Jul 22 13:32:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66674a3d98ada9d7bf6b6d9d9de1ea3afeddf6c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f3:18:39:05:88:56:d1:b0:44:29:6d:56:1c:
4f:e7:dc:53:25:9e:7b:fb:59:19:e5:ee:85:e5:5e:
a3:e2:a0:d3:e2:22:a8:ec:70:6e:75:8b:33:0d:23:
7d:fc:5f:79:7e:90:68:a7:8b:19:ac:8f:a9:e1:e8:
f2:ca:06:15:20:ee:aa:e4:d0:3f:69:af:54:26:ba:
ea:b6:47:83:47:52:8b:48:ea:09:f1:8f:64:0c:ec:
cc:59:25:7d:be:de:f2:69:6a:48:84:ad:18:e0:6b:
9b:ac:c2:f1:59:4c:09:e5:b7:4a:8e:1b:51:41:1b:
59:ff:24:42:dd:33:30:bf:03:3d:24:82:d4:4f:b7:
62:88:cd:41:09:af:ca:a4:90:c7:47:bb:f4:ba:63:
8b:e7:b3:d9:54:fe:ae:9b:71:e2:89:38:a9:63:c2:
e7:cd:0a:2d:08:2b:61:a6:2c:76:b7:a4:5b:0a:1f:
2b:1e:a8:71:bd:12:19:7a:ac:37:2e:5f:2f:28:fe:
53:b4:63:25:7b:46:11:e8:86:6d:4d:83:cf:ea:55:
cf:87:f8:dc:28:56:62:8f:82:37:d5:39:30:de:68:
53:a8:93:f0:21:d5:48:00:04:6a:5e:75:75:dc:8a:
2b:f4:44:21:bb:74:d5:cf:78:6c:96:e3:99:55:20:
8f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:67:4A:3D:98:AD:A9:D7:BF:6B:6D:9D:9D:E1:EA:3A:FE:DD:F6:C1
X509v3 Authority Key Identifier:
keyid:1B:2C:21:9F:3C:29:7B:77:58:80:C3:B6:51:A2:00:3F:9B:E6:DE:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gywhnzwpe3dYgMO2UaIAP5vm3l4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/ZmdKPZitqde_a22dneHqOv7d9sE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6f/b11a40-48e9-4e06-bf11-92c81f22e712/1/Gywhnzwpe3dYgMO2UaIAP5vm3l4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.144.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:a9:42:ca:08:3b:93:39:78:dd:f7:8f:f6:c0:12:ba:70:f2:
1b:e0:71:3e:d5:0d:69:c9:9c:a4:39:0b:29:9a:52:67:c6:75:
6b:fc:fa:dc:81:18:ec:8f:b3:0a:00:0a:84:68:7c:8a:a6:60:
1f:45:51:f8:ed:52:06:c5:e7:d9:35:d0:7b:b5:e9:28:c9:34:
58:f5:91:a4:07:19:d0:7e:f4:79:73:ce:6a:a0:27:bd:75:47:
f9:66:34:a3:cd:9c:86:4a:75:18:97:9f:02:a2:f7:62:e7:1d:
ee:18:eb:03:83:d0:e8:28:4f:fa:1c:26:41:e2:c8:12:7b:86:
48:36:2f:03:4f:81:4b:d3:e3:75:11:bb:7d:01:71:30:d6:29:
b3:b9:8b:87:0c:a5:ad:35:88:c9:0d:4f:cc:be:52:84:cc:b8:
8a:07:e7:df:42:de:37:d0:53:e9:75:9c:b3:0f:d1:30:fb:a1:
a9:f1:ab:c0:e8:f4:89:15:bc:13:04:bb:52:02:56:d0:29:32:
3c:a0:84:35:4e:5e:60:82:60:6b:73:cd:45:22:3c:3f:b9:0d:
d8:d5:56:57:99:3e:45:c9:b9:9b:4f:7f:9d:95:e9:e8:ba:d9:
2f:19:cd:ed:d6:67:a2:97:c1:62:38:e4:2e:a0:bb:ad:d9:75:
a2:b2:a2:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDapOlxEWWlKQzPKZWiKwFuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMmMyMTlmM2MyOTdiNzc1ODgwYzNiNjUxYTIwMDNmOWJl
NmRlNWUwHhcNMjQwNzIyMTMzMjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjY3NGEzZDk4YWRhOWQ3YmY2YjZkOWQ5ZGUxZWEzYWZlZGRmNmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPMYOQWIVtGwRCltVhxP59xTJZ57
+1kZ5e6F5V6j4qDT4iKo7HBudYszDSN9/F95fpBop4sZrI+p4ejyygYVIO6q5NA/
aa9UJrrqtkeDR1KLSOoJ8Y9kDOzMWSV9vt7yaWpIhK0Y4GubrMLxWUwJ5bdKjhtR
QRtZ/yRC3TMwvwM9JILUT7diiM1BCa/KpJDHR7v0umOL57PZVP6um3HiiTipY8Ln
zQotCCthpix2t6RbCh8rHqhxvRIZeqw3Ll8vKP5TtGMle0YR6IZtTYPP6lXPh/jc
KFZij4I31Tkw3mhTqJPwIdVIAARqXnV13Ior9EQhu3TVz3hsluOZVSCPMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGZnSj2YranXv2ttnZ3h6jr+3fbBMB8GA1UdIwQY
MBaAFBssIZ88KXt3WIDDtlGiAD+b5t5eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEt
OTJjODFmMjJlNzEyLzEvWm1kS1BaaXRxZGVfYTIyZG5lSHFPdjdkOXNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Zi9iMTFhNDAtNDhlOS00ZTA2LWJmMTEtOTJjODFmMjJlNzEy
LzEvR3l3aG56d3BlM2RZZ01PMlVhSUFQNXZtM2w0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXiQMA0G
CSqGSIb3DQEBCwUAA4IBAQCNqULKCDuTOXjd94/2wBK6cPIb4HE+1Q1pyZykOQsp
mlJnxnVr/PrcgRjsj7MKAAqEaHyKpmAfRVH47VIGxefZNdB7tekoyTRY9ZGkBxnQ
fvR5c85qoCe9dUf5ZjSjzZyGSnUYl58Covdi5x3uGOsDg9DoKE/6HCZB4sgSe4ZI
Ni8DT4FL0+N1Ebt9AXEw1imzuYuHDKWtNYjJDU/MvlKEzLiKB+ffQt430FPpdZyz
D9Ew+6Gp8avA6PSJFbwTBLtSAlbQKTI8oIQ1Tl5ggmBrc81FIjw/uQ3Y1VZXmT5F
ybmbT3+dlenoutkvGc3t1meil8FiOOQuoLut2XWisqLk
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:01:08 2025 by rpki-client