Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/ztTZA6ZUXfLdGYRwClgFXFo4UfM.roa
File: ztTZA6ZUXfLdGYRwClgFXFo4UfM.roa (raw, json)
Hash identifier: Tm9D1bNLNuiuaj7fU4+2D+AVZgpZfIJpKgKZ6217zfc=
Subject key identifier: CE:D4:D9:03:A6:54:5D:F2:DD:19:84:70:0A:58:05:5C:5A:38:51:F3
Certificate issuer: /CN=8d8f7eb4d2548f9ccbf3cb38e702a190c11742f5
Certificate serial: 018CC3B70E3CAEEA910C109B8F3DD8E5F602
Authority key identifier: 8D:8F:7E:B4:D2:54:8F:9C:CB:F3:CB:38:E7:02:A1:90:C1:17:42:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jY9-tNJUj5zL88s45wKhkMEXQvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/ztTZA6ZUXfLdGYRwClgFXFo4UfM.roa
Signing time: Mon 01 Jan 2024 06:30:02 +0000
ROA not before: Mon 01 Jan 2024 06:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205071
IP address blocks: 185.231.96.0/22 maxlen: 22
195.140.232.0/22 maxlen: 22
193.138.108.0/24 maxlen: 24
2a0c:5100::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0e:3c:ae:ea:91:0c:10:9b:8f:3d:d8:e5:f6:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d8f7eb4d2548f9ccbf3cb38e702a190c11742f5
Validity
Not Before: Jan 1 06:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ced4d903a6545df2dd1984700a58055c5a3851f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:2a:f5:a6:8b:e3:86:c0:e4:a1:20:93:a5:d9:
21:73:39:1a:7e:b9:79:12:fc:13:4a:56:17:4c:32:
cb:4b:95:0f:d0:99:6a:e5:31:7a:13:ce:d1:75:16:
28:d6:18:e1:b9:03:0d:18:58:75:d3:1e:11:2e:83:
7d:85:fe:47:0a:de:a5:50:87:fa:62:68:a1:f4:55:
32:11:e4:a3:9b:bc:72:d7:86:7d:1a:2b:e2:ca:76:
36:e8:a0:c6:b9:7d:83:9e:f3:37:75:85:ed:80:d4:
ac:7a:8a:e5:37:b0:6a:87:a4:46:20:2d:14:ea:af:
37:74:60:83:f1:9d:7b:5f:15:c6:08:a4:19:ec:f2:
95:64:dd:0e:35:49:62:5d:a4:66:14:71:b5:f9:9d:
b3:ed:11:77:79:fd:37:56:8c:1f:f7:a9:93:44:db:
a7:5a:80:d5:9e:4f:88:9d:0c:ab:dd:67:14:52:16:
f0:a8:aa:4d:46:fc:b3:01:3b:4d:d2:bb:72:45:4c:
90:bb:9a:1a:48:c9:47:33:c8:ca:81:99:a9:fe:87:
9f:d6:38:27:80:76:2a:42:10:47:11:43:a7:fd:89:
75:82:f6:aa:a9:b7:af:d2:0c:be:4b:d8:30:8a:0c:
d1:df:b2:f0:87:ce:fa:a4:4e:ed:bf:c0:e6:65:4c:
0a:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D4:D9:03:A6:54:5D:F2:DD:19:84:70:0A:58:05:5C:5A:38:51:F3
X509v3 Authority Key Identifier:
keyid:8D:8F:7E:B4:D2:54:8F:9C:CB:F3:CB:38:E7:02:A1:90:C1:17:42:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jY9-tNJUj5zL88s45wKhkMEXQvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/ztTZA6ZUXfLdGYRwClgFXFo4UfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/c261eb-c7cd-454d-84a6-afd272dd0fb5/1/jY9-tNJUj5zL88s45wKhkMEXQvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.231.96.0/22
193.138.108.0/24
195.140.232.0/22
IPv6:
2a0c:5100::/29
Signature Algorithm: sha256WithRSAEncryption
21:4c:bb:80:6b:ea:ec:7c:2a:8f:e6:52:73:91:d0:67:19:f9:
3c:7d:dd:ee:e9:bc:59:69:9a:2a:7b:29:d3:49:76:aa:8f:1e:
d7:ee:23:4f:15:f2:8c:b3:d1:dd:70:6f:a2:96:60:81:69:18:
e5:39:b4:f6:a2:52:2a:6e:50:b5:f5:26:06:2e:73:d1:4d:a4:
af:b8:36:cc:d1:36:63:8e:46:14:99:dd:73:88:05:ff:f4:18:
4d:1b:c4:46:2b:ea:c8:da:33:ba:a1:62:aa:26:7c:61:38:65:
13:dd:ad:89:8a:9c:b4:fb:b0:05:b0:ec:63:cd:b7:f2:df:31:
ca:fc:13:c7:54:77:57:01:af:52:4d:08:f7:fb:3a:fc:df:d8:
98:ed:29:e0:3e:be:5b:fe:9b:89:b3:b8:9d:07:49:cd:74:f1:
67:f9:d0:4c:fb:1b:09:bd:bc:03:b3:5f:f4:a1:f4:e4:10:83:
9e:fa:07:1f:2d:f3:67:8d:68:0d:f3:7b:0f:51:b9:8b:79:d8:
bd:3b:ea:0a:ce:a5:a4:92:7b:e8:77:ba:2b:3a:a9:88:da:db:
91:5d:52:51:16:e3:ab:9a:5f:f9:0b:44:24:f5:15:ee:6f:f1:
4d:6f:4c:6f:88:02:83:bf:66:b3:65:84:c7:31:32:4c:c0:97:
71:5e:84:ce
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzDtw48ruqRDBCbjz3Y5fYCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkOGY3ZWI0ZDI1NDhmOWNjYmYzY2IzOGU3MDJhMTkwYzEx
NzQyZjUwHhcNMjQwMTAxMDYzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQ0ZDkwM2E2NTQ1ZGYyZGQxOTg0NzAwYTU4MDU1YzVhMzg1MWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiCr1povjhsDkoSCTpdkhczkafrl5
EvwTSlYXTDLLS5UP0Jlq5TF6E87RdRYo1hjhuQMNGFh10x4RLoN9hf5HCt6lUIf6
Ymih9FUyEeSjm7xy14Z9GiviynY26KDGuX2DnvM3dYXtgNSseorlN7Bqh6RGIC0U
6q83dGCD8Z17XxXGCKQZ7PKVZN0ONUliXaRmFHG1+Z2z7RF3ef03Vowf96mTRNun
WoDVnk+InQyr3WcUUhbwqKpNRvyzATtN0rtyRUyQu5oaSMlHM8jKgZmp/oef1jgn
gHYqQhBHEUOn/Yl1gvaqqbev0gy+S9gwigzR37Lwh876pE7tv8DmZUwKpQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM7U2QOmVF3y3RmEcApYBVxaOFHzMB8GA1UdIwQY
MBaAFI2PfrTSVI+cy/PLOOcCoZDBF0L1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalk5LXROSlVqNXpMODhzNDV3S2hrTUVYUXZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9jMjYxZWItYzdjZC00NTRkLTg0YTYt
YWZkMjcyZGQwZmI1LzEvenRUWkE2WlVYZkxkR1lSd0NsZ0ZYRm80VWZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9jMjYxZWItYzdjZC00NTRkLTg0YTYtYWZkMjcyZGQwZmI1
LzEvalk5LXROSlVqNXpMODhzNDV3S2hrTUVYUXZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuedgAwQA
wYpsAwQCw4zoMA0EAgACMAcDBQMqDFEAMA0GCSqGSIb3DQEBCwUAA4IBAQAhTLuA
a+rsfCqP5lJzkdBnGfk8fd3u6bxZaZoqeynTSXaqjx7X7iNPFfKMs9HdcG+ilmCB
aRjlObT2olIqblC19SYGLnPRTaSvuDbM0TZjjkYUmd1ziAX/9BhNG8RGK+rI2jO6
oWKqJnxhOGUT3a2Jipy0+7AFsOxjzbfy3zHK/BPHVHdXAa9STQj3+zr839iY7Sng
Pr5b/puJs7idB0nNdPFn+dBM+xsJvbwDs1/0ofTkEIOe+gcfLfNnjWgN83sPUbmL
edi9O+oKzqWkknvod7orOqmI2tuRXVJRFuOrml/5C0Qk9RXub/FNb0xviAKDv2az
ZYTHMTJMwJdxXoTO
-----END CERTIFICATE-----
Generated at Fri Apr 18 20:12:10 2025 by rpki-client