Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/ZHImF-B5Sz4-EH3Tv9Pu4aIt2LU.roa
File: ZHImF-B5Sz4-EH3Tv9Pu4aIt2LU.roa (raw, json)
Hash identifier: bbmMuLEsuQWALmNa+/Rq1d3BU0Yw7jUL+QEr1IQ/luM=
Subject key identifier: 64:72:26:17:E0:79:4B:3E:3E:10:7D:D3:BF:D3:EE:E1:A2:2D:D8:B5
Certificate issuer: /CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Certificate serial: 019424B3BED5F3AFCD44215280B2C1B9A767
Authority key identifier: 2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/ZHImF-B5Sz4-EH3Tv9Pu4aIt2LU.roa
Signing time: Thu 02 Jan 2025 01:49:07 +0000
ROA not before: Thu 02 Jan 2025 01:49:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 185.14.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 08:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:be:d5:f3:af:cd:44:21:52:80:b2:c1:b9:a7:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc81d24c45ddaa345f9064de29fbca7b129a52c
Validity
Not Before: Jan 2 01:49:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64722617e0794b3e3e107dd3bfd3eee1a22dd8b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:c3:df:4b:93:80:bf:cc:95:3e:47:f1:16:fe:
ed:8d:4b:6d:0f:db:9b:8d:e4:20:f3:d8:98:14:a2:
4c:e6:da:7c:a4:f3:9e:f1:61:e2:ca:05:0d:8b:86:
74:71:37:ee:b2:4b:d8:33:53:ec:da:11:57:b7:30:
3c:3a:b0:ff:d4:19:8e:14:d7:0a:74:bd:ba:46:f6:
56:04:41:65:96:21:00:2d:48:77:bd:2a:76:0e:41:
c4:aa:2d:fb:cc:c9:03:da:e9:0d:2c:e4:69:99:3c:
1e:0a:a3:5a:fe:9b:d0:38:a5:eb:b1:8a:07:ea:5f:
ae:3d:b2:18:4c:3b:7b:21:5a:40:12:e9:bc:09:9f:
a3:f2:a7:77:bc:f0:45:ea:0a:28:92:ba:18:06:06:
46:56:3d:16:61:06:6a:45:c1:65:72:c4:bb:ea:d2:
fa:89:a1:70:95:e1:e3:33:08:09:15:b4:bb:8f:76:
3a:7d:0c:75:f7:9e:72:7d:66:8c:ab:14:0e:d6:0c:
7d:03:37:3f:18:8f:05:23:65:70:d5:65:3a:a0:40:
52:71:d0:a4:49:e6:64:f1:1d:85:91:56:5b:af:f7:
a8:68:59:b1:70:17:fd:ba:11:fe:cb:ff:10:df:51:
f3:88:b3:5b:0b:a6:cd:65:0b:47:61:dc:cf:9f:18:
3f:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:72:26:17:E0:79:4B:3E:3E:10:7D:D3:BF:D3:EE:E1:A2:2D:D8:B5
X509v3 Authority Key Identifier:
keyid:2D:C8:1D:24:C4:5D:DA:A3:45:F9:06:4D:E2:9F:BC:A7:B1:29:A5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcgdJMRd2qNF-QZN4p-8p7EppSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/ZHImF-B5Sz4-EH3Tv9Pu4aIt2LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/bf3db5-a33f-4311-acd9-2fcc0b749b32/1/LcgdJMRd2qNF-QZN4p-8p7EppSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.236.0/24
Signature Algorithm: sha256WithRSAEncryption
16:9d:7a:5c:aa:d0:c9:a5:e9:ae:6a:50:bc:93:52:15:6c:0b:
4f:d3:14:c1:bb:3b:e2:67:b8:16:43:1c:24:c3:fc:a0:11:75:
bb:8e:b3:d0:1b:07:8c:4a:5d:c4:c8:56:ab:09:a2:01:ea:c1:
9d:e5:84:6e:18:1d:ec:33:06:b1:a7:2a:10:d2:e2:43:e8:31:
10:03:e0:50:c9:4c:4f:f7:1e:4c:65:46:96:41:b4:b5:21:92:
0c:2e:e9:72:f2:d2:4a:15:33:0c:c5:b0:d4:2a:cb:50:9f:70:
b1:04:21:91:a1:8b:5a:35:84:25:ba:1e:95:ac:2c:80:33:29:
36:1d:b2:0e:a1:43:8c:33:35:ad:d7:d6:5f:95:b5:bd:0b:e8:
27:5a:b8:a8:ff:e4:ec:8d:62:86:e8:2b:04:01:71:f9:10:17:
ef:25:15:11:2e:a1:8d:f5:17:d1:40:4e:22:ab:30:0f:8c:0c:
97:a2:7c:cb:82:9c:01:63:bc:58:48:55:1e:68:86:7d:a6:c3:
d0:d0:fb:ca:43:7c:e6:e3:e3:f3:81:ad:51:89:95:56:31:c6:
21:87:94:37:dc:cc:e8:01:4c:cf:9f:0e:66:0b:53:c9:1d:ab:
f3:dd:e1:f8:c3:25:c5:c1:cb:6b:7c:a1:bd:5a:22:da:25:c7:
b9:7d:08:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQks77V86/NRCFSgLLBuadnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzgxZDI0YzQ1ZGRhYTM0NWY5MDY0ZGUyOWZiY2E3YjEy
OWE1MmMwHhcNMjUwMTAyMDE0OTA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDcyMjYxN2UwNzk0YjNlM2UxMDdkZDNiZmQzZWVlMWEyMmRkOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMPfS5OAv8yVPkfxFv7tjUttD9ub
jeQg89iYFKJM5tp8pPOe8WHiygUNi4Z0cTfuskvYM1Ps2hFXtzA8OrD/1BmOFNcK
dL26RvZWBEFlliEALUh3vSp2DkHEqi37zMkD2ukNLORpmTweCqNa/pvQOKXrsYoH
6l+uPbIYTDt7IVpAEum8CZ+j8qd3vPBF6gookroYBgZGVj0WYQZqRcFlcsS76tL6
iaFwleHjMwgJFbS7j3Y6fQx1955yfWaMqxQO1gx9Azc/GI8FI2Vw1WU6oEBScdCk
SeZk8R2FkVZbr/eoaFmxcBf9uhH+y/8Q31HziLNbC6bNZQtHYdzPnxg/3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRyJhfgeUs+PhB907/T7uGiLdi1MB8GA1UdIwQY
MBaAFC3IHSTEXdqjRfkGTeKfvKexKaUsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDkt
MmZjYzBiNzQ5YjMyLzEvWkhJbUYtQjVTejQtRUgzVHY5UHU0YUl0MkxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iZjNkYjUtYTMzZi00MzExLWFjZDktMmZjYzBiNzQ5YjMy
LzEvTGNnZEpNUmQycU5GLVFaTjRwLThwN0VwcFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuQ7sMA0G
CSqGSIb3DQEBCwUAA4IBAQAWnXpcqtDJpemualC8k1IVbAtP0xTBuzviZ7gWQxwk
w/ygEXW7jrPQGweMSl3EyFarCaIB6sGd5YRuGB3sMwaxpyoQ0uJD6DEQA+BQyUxP
9x5MZUaWQbS1IZIMLuly8tJKFTMMxbDUKstQn3CxBCGRoYtaNYQluh6VrCyAMyk2
HbIOoUOMMzWt19ZflbW9C+gnWrio/+TsjWKG6CsEAXH5EBfvJRURLqGN9RfRQE4i
qzAPjAyXonzLgpwBY7xYSFUeaIZ9psPQ0PvKQ3zm4+Pzga1RiZVWMcYhh5Q33Mzo
AUzPnw5mC1PJHavz3eH4wyXFwctrfKG9WiLaJce5fQjF
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:52:21 2025 by rpki-client