Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/_zSqqEAQYlNfoHj1nT8ljDe1QaI.roa
File: _zSqqEAQYlNfoHj1nT8ljDe1QaI.roa (raw, json)
Hash identifier: K1v+x+Q3qVcczC/0OuAj+54mVh483v+MwynK7v4w+GA=
Subject key identifier: FF:34:AA:A8:40:10:62:53:5F:A0:78:F5:9D:3F:25:8C:37:B5:41:A2
Certificate issuer: /CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Certificate serial: 018D5424459ACC048D10B7C057E9BA8B561D
Authority key identifier: BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/_zSqqEAQYlNfoHj1nT8ljDe1QaI.roa
Signing time: Mon 29 Jan 2024 07:34:39 +0000
ROA not before: Mon 29 Jan 2024 07:34:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49223
IP address blocks: 45.14.24.0/22 maxlen: 22
109.108.224.0/19 maxlen: 19
141.138.96.0/19 maxlen: 19
178.74.192.0/18 maxlen: 18
185.16.124.0/22 maxlen: 22
185.181.36.0/22 maxlen: 22
193.106.20.0/22 maxlen: 22
193.148.88.0/22 maxlen: 22
213.226.92.0/22 maxlen: 22
217.30.192.0/20 maxlen: 20
2a04:100::/29 maxlen: 29
2a04:100::/36 maxlen: 36
2a04:100:1000::/36 maxlen: 36
2a04:100:2000::/36 maxlen: 36
Validation: Failed, certificate revoked on Mon 29 Jan 2024 21:03:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:24:45:9a:cc:04:8d:10:b7:c0:57:e9:ba:8b:56:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb7ccb1a6e3bcab6319d317f62c74bf1e1f41473
Validity
Not Before: Jan 29 07:34:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff34aaa8401062535fa078f59d3f258c37b541a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:4f:83:8b:75:77:48:07:98:d8:5d:26:0d:ed:
6a:ec:b1:b2:9c:6d:f9:af:1b:a2:2d:31:23:44:a2:
ac:09:ea:5e:6b:25:3a:fa:c8:9a:e5:f9:a3:2b:61:
be:db:5d:bb:16:e9:e0:97:67:0a:92:cf:1d:45:25:
9c:5a:33:28:e6:ed:5a:af:b9:a6:c8:0a:79:04:09:
bc:3a:e4:41:63:7e:ca:c5:f6:40:3a:0e:1c:43:f5:
3c:00:2b:6a:3c:1f:c4:e2:91:5e:e4:bf:dc:6a:92:
f2:84:c0:3a:f7:5f:09:74:65:88:2c:f6:8a:75:29:
d4:ab:6f:d3:d7:b2:8d:1c:93:8a:9b:de:21:54:b6:
30:db:cc:23:56:c0:e6:1a:c7:2e:79:bf:a4:af:c1:
e6:24:99:bd:81:f7:b6:85:51:6a:9f:bf:34:97:f0:
db:22:dc:b9:bb:e2:b9:75:28:f9:d7:c3:4f:b9:23:
ba:38:fb:bc:a7:46:1b:6e:52:81:14:1b:34:f7:76:
68:7a:e3:fc:c1:55:f0:54:69:b3:cf:5e:4c:45:e2:
32:1a:c7:7a:74:8e:36:e5:8e:d7:1a:6a:55:ee:49:
df:d0:cf:8a:83:1c:b9:21:a4:c2:8b:2f:4e:64:cd:
26:1d:b2:71:92:3a:8a:47:3b:0c:b6:39:10:ae:a3:
a8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:34:AA:A8:40:10:62:53:5F:A0:78:F5:9D:3F:25:8C:37:B5:41:A2
X509v3 Authority Key Identifier:
keyid:BB:7C:CB:1A:6E:3B:CA:B6:31:9D:31:7F:62:C7:4B:F1:E1:F4:14:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u3zLGm47yrYxnTF_YsdL8eH0FHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/_zSqqEAQYlNfoHj1nT8ljDe1QaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1bf7b0-4518-4141-bd6c-64b0e614d004/1/u3zLGm47yrYxnTF_YsdL8eH0FHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.24.0/22
109.108.224.0/19
141.138.96.0/19
178.74.192.0/18
185.16.124.0/22
185.181.36.0/22
193.106.20.0/22
193.148.88.0/22
213.226.92.0/22
217.30.192.0/20
IPv6:
2a04:100::/29
Signature Algorithm: sha256WithRSAEncryption
b5:51:c3:59:6d:e6:26:81:51:29:9e:f6:d3:95:8a:a4:93:98:
f6:e3:71:e7:10:9d:0b:9c:7a:51:05:7b:03:0f:19:fe:1c:f3:
76:dc:ca:d0:3d:76:f0:f1:06:7f:88:33:ab:52:26:9e:07:2f:
cf:0b:94:16:18:6b:d1:94:32:17:bc:3f:74:b3:1e:1f:d3:f2:
90:9b:3e:5b:b0:ae:a8:29:25:44:40:a2:09:48:bb:53:b9:76:
b7:51:4b:f5:66:b6:62:26:5a:d5:3d:38:4a:e4:e2:76:19:98:
37:c9:d0:9c:92:41:2e:a9:59:7c:0b:15:86:7d:c3:87:2a:aa:
9d:24:6e:ae:e1:d6:07:a6:95:76:61:09:a6:9a:2f:60:8b:7f:
d9:37:35:0b:9e:30:ab:05:33:51:1f:82:1f:51:1b:08:a1:c6:
e6:6e:d5:a4:5b:ea:32:48:59:53:93:cd:70:e4:6a:1a:6b:b4:
7b:9e:5f:04:84:5e:3b:c2:0f:83:fd:23:6b:a4:61:80:8c:c3:
c3:49:b4:39:16:07:4b:0e:b8:81:20:fb:0d:57:d3:7f:93:53:
09:97:ea:ec:f6:15:0e:7d:c7:0c:4c:2a:9d:ed:0e:4b:38:6e:
a9:10:9c:13:06:f9:4b:a7:aa:52:7b:08:92:a2:a8:79:a6:0b:
2f:8c:aa:15
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAY1UJEWazASNELfAV+m6i1YdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiN2NjYjFhNmUzYmNhYjYzMTlkMzE3ZjYyYzc0YmYxZTFm
NDE0NzMwHhcNMjQwMTI5MDczNDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjM0YWFhODQwMTA2MjUzNWZhMDc4ZjU5ZDNmMjU4YzM3YjU0MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlU+Di3V3SAeY2F0mDe1q7LGynG35
rxuiLTEjRKKsCepeayU6+sia5fmjK2G+2127Fungl2cKks8dRSWcWjMo5u1ar7mm
yAp5BAm8OuRBY37KxfZAOg4cQ/U8ACtqPB/E4pFe5L/capLyhMA6918JdGWILPaK
dSnUq2/T17KNHJOKm94hVLYw28wjVsDmGscueb+kr8HmJJm9gfe2hVFqn780l/Db
Ity5u+K5dSj518NPuSO6OPu8p0YbblKBFBs093ZoeuP8wVXwVGmzz15MReIyGsd6
dI425Y7XGmpV7knf0M+Kgxy5IaTCiy9OZM0mHbJxkjqKRzsMtjkQrqOoNwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFP80qqhAEGJTX6B49Z0/JYw3tUGiMB8GA1UdIwQY
MBaAFLt8yxpuO8q2MZ0xf2LHS/Hh9BRzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMt
NjRiMGU2MTRkMDA0LzEvX3pTcXFFQVFZbE5mb0hqMW5UOGxqRGUxUWFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYmY3YjAtNDUxOC00MTQxLWJkNmMtNjRiMGU2MTRkMDA0
LzEvdTN6TEdtNDd5cll4blRGX1lzZEw4ZUgwRkhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCLQ4YAwQF
bWzgAwQFjYpgAwQGskrAAwQCuRB8AwQCubUkAwQCwWoUAwQCwZRYAwQC1eJcAwQE
2R7AMA0EAgACMAcDBQMqBAEAMA0GCSqGSIb3DQEBCwUAA4IBAQC1UcNZbeYmgVEp
nvbTlYqkk5j243HnEJ0LnHpRBXsDDxn+HPN23MrQPXbw8QZ/iDOrUiaeBy/PC5QW
GGvRlDIXvD90sx4f0/KQmz5bsK6oKSVEQKIJSLtTuXa3UUv1ZrZiJlrVPThK5OJ2
GZg3ydCckkEuqVl8CxWGfcOHKqqdJG6u4dYHppV2YQmmmi9gi3/ZNzULnjCrBTNR
H4IfURsIocbmbtWkW+oySFlTk81w5Goaa7R7nl8EhF47wg+D/SNrpGGAjMPDSbQ5
FgdLDriBIPsNV9N/k1MJl+rs9hUOfccMTCqd7Q5LOG6pEJwTBvlLp6pSewiSoqh5
pgsvjKoV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:05 2025 by rpki-client