Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Z0vmWqD5Gp_uqOcsK8VcYfjJF8g.roa
File: Z0vmWqD5Gp_uqOcsK8VcYfjJF8g.roa (raw, json)
Hash identifier: 0cbUti+LT5aI54bGFj45zAlSMDoJLZdD1HxIhy44ZLQ=
Subject key identifier: 67:4B:E6:5A:A0:F9:1A:9F:EE:A8:E7:2C:2B:C5:5C:61:F8:C9:17:C8
Certificate issuer: /CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Certificate serial: 0191E22B8648DEEB7C2C381FCD55B9666813
Authority key identifier: DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Z0vmWqD5Gp_uqOcsK8VcYfjJF8g.roa
Signing time: Wed 11 Sep 2024 17:39:48 +0000
ROA not before: Wed 11 Sep 2024 17:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59613
IP address blocks: 185.158.208.0/22 maxlen: 24
185.158.208.0/24 maxlen: 24
185.158.209.0/24 maxlen: 24
185.158.210.0/24 maxlen: 24
185.158.211.0/24 maxlen: 24
195.234.112.0/24 maxlen: 24
195.234.113.0/24 maxlen: 24
195.234.114.0/24 maxlen: 24
195.234.115.0/24 maxlen: 24
2a02:2278:ff00::/40 maxlen: 56
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e2:2b:86:48:de:eb:7c:2c:38:1f:cd:55:b9:66:68:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd1daecd30aeb74652bbdda5dad9676ce488aa49
Validity
Not Before: Sep 11 17:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=674be65aa0f91a9feea8e72c2bc55c61f8c917c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:13:51:f9:8f:81:cc:ca:5a:95:ce:42:7f:32:
37:51:39:df:5b:30:0e:db:06:19:f6:b3:41:5b:1c:
d7:aa:f7:2a:20:63:97:4e:7b:7d:5f:e2:ae:0c:46:
26:2f:04:a0:8e:ac:78:46:0c:3a:55:63:7c:0e:a8:
62:fd:bd:e1:d0:79:0d:ce:f8:24:69:c4:82:14:d5:
da:fb:e1:c5:e2:4e:b5:66:2f:36:8b:c5:2b:74:10:
52:ad:23:71:6a:b7:76:4b:bb:f7:28:b1:fc:b4:30:
42:01:43:e9:12:91:18:16:b7:71:fb:3d:0d:51:7f:
7d:3b:ba:4d:ab:c2:6e:a5:0d:f7:6c:d5:d8:85:0b:
e1:95:fd:bc:14:17:14:62:77:a8:54:59:ec:ba:d8:
0c:5a:04:98:7b:4e:ae:e2:ed:6b:2d:53:9b:b3:25:
86:ff:b3:52:d6:f4:ca:66:ab:40:9e:98:21:4b:a4:
cf:85:14:2c:bf:80:0d:e3:0b:b0:59:aa:91:7b:99:
08:a1:63:ea:0e:25:f5:ef:36:7d:3c:65:11:4c:77:
02:91:c0:81:e0:98:05:83:bc:34:84:bb:3a:38:04:
40:bb:1a:d1:c5:93:9a:34:c6:3d:c7:41:9a:98:04:
7f:c0:23:d2:16:bf:92:21:3b:e1:cb:70:77:53:a0:
c6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:4B:E6:5A:A0:F9:1A:9F:EE:A8:E7:2C:2B:C5:5C:61:F8:C9:17:C8
X509v3 Authority Key Identifier:
keyid:DD:1D:AE:CD:30:AE:B7:46:52:BB:DD:A5:DA:D9:67:6C:E4:88:AA:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3R2uzTCut0ZSu92l2tlnbOSIqkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/Z0vmWqD5Gp_uqOcsK8VcYfjJF8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/4a7539-b149-48e9-88e7-060ac0890966/1/3R2uzTCut0ZSu92l2tlnbOSIqkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.208.0/22
195.234.112.0/22
IPv6:
2a02:2278:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
d3:9a:ff:52:92:0d:69:85:ef:bf:e2:bf:69:73:1d:74:b6:fd:
08:75:86:cd:36:b2:68:fa:19:2b:d1:55:87:61:9b:3c:9a:bb:
5a:05:0e:d6:38:c3:2e:d4:ba:0f:8b:d4:c9:84:af:64:76:cd:
6d:7a:9c:15:4b:50:5c:ef:53:76:57:68:fa:d6:b2:5d:40:a7:
c1:bf:b0:09:76:d9:46:94:a2:76:c4:cd:ea:a8:e1:57:57:1c:
a2:d7:92:c1:3a:e3:18:ac:ba:1a:d2:58:7e:94:d3:38:a3:10:
90:4a:34:da:3e:98:db:b3:8e:72:6f:17:b7:04:24:8c:56:ca:
77:4c:48:53:28:11:13:67:68:06:ee:65:22:9d:b7:65:a6:ee:
ac:81:e7:8d:f4:8b:75:a3:a6:90:d7:68:37:82:c1:c9:49:b2:
4f:ef:b4:bf:1c:5e:f4:45:85:7f:a2:42:6c:ed:d5:63:87:57:
bf:34:6e:5b:da:10:64:45:ee:39:ba:01:f6:db:6a:e5:7e:73:
28:a2:4f:5b:56:ac:56:c7:01:0e:c8:72:2e:4b:fd:f0:38:71:
67:77:c8:27:e1:d2:fc:67:ef:61:4c:7c:5f:8f:87:3f:81:d8:
2b:1c:3a:f6:32:60:b4:a4:6b:3a:b4:e0:cc:3b:84:28:b2:17:
20:64:22:17
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZHiK4ZI3ut8LDgfzVW5ZmgTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMWRhZWNkMzBhZWI3NDY1MmJiZGRhNWRhZDk2NzZjZTQ4
OGFhNDkwHhcNMjQwOTExMTczOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzRiZTY1YWEwZjkxYTlmZWVhOGU3MmMyYmM1NWM2MWY4YzkxN2M4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RNR+Y+BzMpalc5CfzI3UTnfWzAO
2wYZ9rNBWxzXqvcqIGOXTnt9X+KuDEYmLwSgjqx4Rgw6VWN8Dqhi/b3h0HkNzvgk
acSCFNXa++HF4k61Zi82i8UrdBBSrSNxard2S7v3KLH8tDBCAUPpEpEYFrdx+z0N
UX99O7pNq8JupQ33bNXYhQvhlf28FBcUYneoVFnsutgMWgSYe06u4u1rLVObsyWG
/7NS1vTKZqtAnpghS6TPhRQsv4AN4wuwWaqRe5kIoWPqDiX17zZ9PGURTHcCkcCB
4JgFg7w0hLs6OARAuxrRxZOaNMY9x0GamAR/wCPSFr+SITvhy3B3U6DGTwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGdL5lqg+Rqf7qjnLCvFXGH4yRfIMB8GA1UdIwQY
MBaAFN0drs0wrrdGUrvdpdrZZ2zkiKpJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTct
MDYwYWMwODkwOTY2LzEvWjB2bVdxRDVHcF91cU9jc0s4VmNZZmpKRjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS80YTc1MzktYjE0OS00OGU5LTg4ZTctMDYwYWMwODkwOTY2
LzEvM1IydXpUQ3V0MFpTdTkybDJ0bG5iT1NJcWtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQCuZ7QAwQC
w+pwMA4EAgACMAgDBgAqAiJ4/zANBgkqhkiG9w0BAQsFAAOCAQEA05r/UpINaYXv
v+K/aXMddLb9CHWGzTayaPoZK9FVh2GbPJq7WgUO1jjDLtS6D4vUyYSvZHbNbXqc
FUtQXO9Tdldo+tayXUCnwb+wCXbZRpSidsTN6qjhV1ccoteSwTrjGKy6GtJYfpTT
OKMQkEo02j6Y27OOcm8XtwQkjFbKd0xIUygRE2doBu5lIp23ZaburIHnjfSLdaOm
kNdoN4LByUmyT++0vxxe9EWFf6JCbO3VY4dXvzRuW9oQZEXuOboB9ttq5X5zKKJP
W1asVscBDshyLkv98DhxZ3fIJ+HS/GfvYUx8X4+HP4HYKxw69jJgtKRrOrTgzDuE
KLIXIGQiFw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:07 2025 by rpki-client