Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_ZMzfvwbbold-Z6AAT5dp7ytfEk.roa
File: _ZMzfvwbbold-Z6AAT5dp7ytfEk.roa (raw, json)
Hash identifier: AAyG+V10V5vZZ37XV+GpRqC94bza4fJ+yEXtKFfgCko=
Subject key identifier: FD:93:33:7E:FC:1B:6E:89:5D:F9:9E:80:01:3E:5D:A7:BC:AD:7C:49
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 019421B1C3BBC0D2B9F3E266785E92CA7BD0
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_ZMzfvwbbold-Z6AAT5dp7ytfEk.roa
Signing time: Wed 01 Jan 2025 11:48:05 +0000
ROA not before: Wed 01 Jan 2025 11:48:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8674
IP address blocks: 77.72.224.0/21 maxlen: 21
185.42.136.0/23 maxlen: 23
194.58.192.0/22 maxlen: 22
194.58.192.0/24 maxlen: 24
194.58.193.0/24 maxlen: 24
194.58.194.0/23 maxlen: 23
194.58.194.0/24 maxlen: 24
194.58.195.0/24 maxlen: 24
194.58.196.0/24 maxlen: 24
194.58.197.0/24 maxlen: 24
194.58.198.0/24 maxlen: 24
194.58.199.0/24 maxlen: 24
194.146.105.0/24 maxlen: 24
194.146.106.0/23 maxlen: 24
194.146.106.0/24 maxlen: 24
194.146.107.0/24 maxlen: 24
212.237.194.0/24 maxlen: 24
212.237.195.0/24 maxlen: 24
212.237.196.0/22 maxlen: 22
213.32.232.0/21 maxlen: 21
2001:67c:1010::/47 maxlen: 47
2001:67c:1010::/48 maxlen: 48
2001:67c:1011::/48 maxlen: 48
2a01:3f0::/32 maxlen: 32
2a01:3f1::/32 maxlen: 32
2a01:3f1::/38 maxlen: 38
2a01:3f1:400::/38 maxlen: 38
2a01:3f1:800::/38 maxlen: 38
2a01:3f1:3000::/38 maxlen: 38
2a01:3f1:5000::/38 maxlen: 38
2a01:3f1:8000::/38 maxlen: 38
2a01:3f1:a000::/38 maxlen: 38
2a01:3f1:c000::/38 maxlen: 38
2a01:3f1:f000::/36 maxlen: 48
2a01:3f2::/32 maxlen: 48
2a01:3f3::/32 maxlen: 48
2a01:3f4::/32 maxlen: 48
2a01:3f5::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 17 Jan 2025 09:42:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:c3:bb:c0:d2:b9:f3:e2:66:78:5e:92:ca:7b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 1 11:48:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd93337efc1b6e895df99e80013e5da7bcad7c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6e:81:a7:4a:32:98:8b:18:31:15:3c:a7:99:
94:8a:1c:88:95:8c:82:c5:07:79:d0:48:96:79:b1:
65:af:3c:d8:5f:c9:b0:f1:62:5e:38:8d:90:4f:1c:
b5:5b:25:61:8a:6d:23:ad:69:39:f9:64:9b:ef:f5:
55:a7:85:0b:80:65:d5:b4:19:54:f6:c6:ca:d6:17:
f5:e4:48:4e:2f:3b:37:b2:a5:da:34:ec:16:2b:09:
e7:72:93:94:3c:59:8d:8c:23:95:5e:b7:66:37:7d:
1c:e1:4c:24:e6:78:8a:c5:47:30:c6:4e:e3:f3:eb:
17:15:db:49:fc:85:2a:be:11:cd:ad:a4:27:3d:d7:
ef:61:1d:a0:a5:97:71:68:30:ec:39:d2:7a:5c:f4:
a4:51:57:95:17:1c:5e:d5:7c:7e:4f:29:3e:bd:a6:
61:97:9e:d6:e3:a0:69:f9:c9:bc:c6:c8:d2:61:bf:
e1:76:c7:cb:b1:55:f5:87:8b:04:54:90:39:42:b1:
62:e6:fa:0c:65:f0:ed:32:45:a8:74:06:07:b2:aa:
54:2e:21:df:07:69:cb:c1:62:b4:2d:cb:e0:fc:eb:
88:f4:1e:a6:f3:cc:37:60:5f:c7:fd:ab:b8:28:ed:
a6:ab:4a:91:89:b6:40:e5:45:bb:cb:39:c8:7d:95:
d2:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:93:33:7E:FC:1B:6E:89:5D:F9:9E:80:01:3E:5D:A7:BC:AD:7C:49
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/_ZMzfvwbbold-Z6AAT5dp7ytfEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.224.0/21
185.42.136.0/23
194.58.192.0/21
194.146.105.0-194.146.107.255
212.237.194.0-212.237.199.255
213.32.232.0/21
IPv6:
2001:67c:1010::/47
2a01:3f0::-2a01:3f5:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:34:9f:d7:e7:45:c5:13:47:2c:1e:21:ef:6b:b1:02:2a:f7:
e8:a9:dc:94:c0:6e:23:ed:63:6f:d7:dd:ee:3e:41:f9:72:7a:
65:aa:7a:52:25:0b:ee:ae:f6:d1:33:58:44:13:86:d0:9c:46:
fa:31:78:96:67:b9:79:99:c0:a4:91:6b:48:b0:11:5e:2a:6f:
13:67:30:02:7c:bd:de:a3:f3:ce:00:98:2f:17:94:d5:3e:df:
fe:7d:76:b4:b1:1a:e5:71:0f:0f:4b:bc:40:07:6b:bb:82:28:
32:fd:24:44:69:78:af:ea:c5:b0:be:92:f5:78:88:c6:99:da:
f7:01:13:a6:ec:46:06:91:f7:49:60:8f:91:64:07:55:dd:bc:
b7:f0:93:14:cf:b1:e6:02:51:b9:13:c7:4d:32:3d:20:b9:68:
ec:28:46:c6:ad:17:74:16:6f:dc:f3:ae:6c:da:17:45:a6:55:
99:b8:0b:87:ce:2c:3f:e4:bd:da:4d:a4:16:d4:cd:9b:2c:8a:
9e:ec:bd:65:ca:b7:0b:11:3d:05:d5:f2:69:8d:32:5b:5d:f2:
80:9c:ba:1a:22:f5:6f:10:c8:de:47:72:75:e6:d1:b5:98:a4:
02:43:f0:ee:1c:a7:05:d8:aa:49:ab:72:1f:10:a9:f9:b2:e2:
13:2b:27:0a
-----BEGIN CERTIFICATE-----
MIIFTDCCBDSgAwIBAgISAZQhscO7wNK58+JmeF6SynvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjUwMTAxMTE0ODA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkzMzM3ZWZjMWI2ZTg5NWRmOTllODAwMTNlNWRhN2JjYWQ3YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW6Bp0oymIsYMRU8p5mUihyIlYyC
xQd50EiWebFlrzzYX8mw8WJeOI2QTxy1WyVhim0jrWk5+WSb7/VVp4ULgGXVtBlU
9sbK1hf15EhOLzs3sqXaNOwWKwnncpOUPFmNjCOVXrdmN30c4Uwk5niKxUcwxk7j
8+sXFdtJ/IUqvhHNraQnPdfvYR2gpZdxaDDsOdJ6XPSkUVeVFxxe1Xx+Tyk+vaZh
l57W46Bp+cm8xsjSYb/hdsfLsVX1h4sEVJA5QrFi5voMZfDtMkWodAYHsqpULiHf
B2nLwWK0Lcvg/OuI9B6m88w3YF/H/au4KO2mq0qRibZA5UW7yznIfZXSqwIDAQAB
o4ICWDCCAlQwHQYDVR0OBBYEFP2TM378G26JXfmegAE+Xae8rXxJMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvX1pNemZ2d2Jib2xkLVo2QUFUNWRwN3l0ZkVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG4GCCsGAQUFBwEHAQH/BF8wXTA6BAIAATA0AwQDTUjgAwQB
uSqIAwQDwjrAMAwDBADCkmkDBALCkmgwDAMEAdTtwgMEA9TtwAMEA9Ug6DAfBAIA
AjAZAwcBIAEGfBAQMA4DBQQqAQPwAwUBKgED9DANBgkqhkiG9w0BAQsFAAOCAQEA
ATSf1+dFxRNHLB4h72uxAir36KnclMBuI+1jb9fd7j5B+XJ6Zap6UiUL7q720TNY
RBOG0JxG+jF4lme5eZnApJFrSLARXipvE2cwAny93qPzzgCYLxeU1T7f/n12tLEa
5XEPD0u8QAdru4IoMv0kRGl4r+rFsL6S9XiIxpna9wETpuxGBpH3SWCPkWQHVd28
t/CTFM+x5gJRuRPHTTI9ILlo7ChGxq0XdBZv3POubNoXRaZVmbgLh84sP+S92k2k
FtTNmyyKnuy9Zcq3CxE9BdXyaY0yW13ygJy6GiL1bxDI3kdydebRtZikAkPw7hyn
BdiqSatyHxCp+bLiEysnCg==
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:56:52 2025 by rpki-client