Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/ZsQBrd2EZ9AFV_kCcFAQK4zzM8M.roa
File: ZsQBrd2EZ9AFV_kCcFAQK4zzM8M.roa (raw, json)
Hash identifier: Xmyp7tA55yWTMqJEZxCeNOEtfY1CIZOS5I2ZQMh7bkw=
Subject key identifier: 66:C4:01:AD:DD:84:67:D0:05:57:F9:02:70:50:10:2B:8C:F3:33:C3
Certificate issuer: /CN=912f169fc744cbe895a9f85edab796d4ac700029
Certificate serial: 01931B664F952412092098E493F2548CD69F
Authority key identifier: 91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/ZsQBrd2EZ9AFV_kCcFAQK4zzM8M.roa
Signing time: Mon 11 Nov 2024 13:25:10 +0000
ROA not before: Mon 11 Nov 2024 13:25:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43594
IP address blocks: 95.215.124.0/22 maxlen: 22
95.215.124.0/24 maxlen: 24
95.215.125.0/24 maxlen: 24
95.215.126.0/24 maxlen: 24
95.215.127.0/24 maxlen: 24
185.184.232.0/22 maxlen: 22
185.184.232.0/24 maxlen: 24
185.184.233.0/24 maxlen: 24
185.184.234.0/24 maxlen: 24
185.184.235.0/24 maxlen: 24
2a0b:4380::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:66:4f:95:24:12:09:20:98:e4:93:f2:54:8c:d6:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=912f169fc744cbe895a9f85edab796d4ac700029
Validity
Not Before: Nov 11 13:25:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66c401addd8467d00557f9027050102b8cf333c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:3c:42:46:34:b4:3f:56:75:a8:75:32:35:7f:
93:65:9a:1c:76:90:64:ee:8b:5b:71:2f:d8:c3:8a:
e2:96:6b:21:01:11:a6:a9:48:a7:5b:6b:a6:c6:4a:
c8:af:be:b6:6a:75:7b:82:c3:71:13:e6:1f:4d:52:
0b:60:9a:b2:1a:30:dd:96:38:25:9c:67:71:3d:77:
5b:e4:ba:cc:ab:e5:ea:ea:f5:7b:f2:34:79:2c:68:
2e:71:80:99:6f:f1:dd:5c:60:c4:62:36:3b:ea:6e:
41:46:af:fd:a0:f5:3d:dc:aa:4b:62:61:d8:d6:ed:
e5:dd:e6:a6:eb:4f:94:f2:40:22:7c:9b:75:74:ef:
01:12:7f:dd:59:ce:cf:7f:0d:f1:ea:7d:d1:83:26:
b2:15:80:2d:a7:41:00:76:4e:91:c2:2f:0e:70:13:
5a:9a:64:a4:97:01:45:55:16:32:b7:cb:a6:7f:6f:
e6:a6:d4:f0:75:b1:c1:89:83:79:6b:fb:e1:dc:6f:
e7:d4:a5:69:90:78:76:31:b5:e6:16:b5:0f:dc:d2:
30:56:ad:2d:63:78:db:c5:f8:6c:3e:d5:40:87:ef:
27:4e:0c:2b:a0:44:c8:7b:c9:25:ec:bf:fc:d3:c0:
39:ee:5e:9a:5e:ae:1d:04:42:9b:e2:2a:16:77:ef:
5f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C4:01:AD:DD:84:67:D0:05:57:F9:02:70:50:10:2B:8C:F3:33:C3
X509v3 Authority Key Identifier:
keyid:91:2F:16:9F:C7:44:CB:E8:95:A9:F8:5E:DA:B7:96:D4:AC:70:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kS8Wn8dEy-iVqfhe2reW1KxwACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/ZsQBrd2EZ9AFV_kCcFAQK4zzM8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9d54cb-7ceb-458f-bd77-b2283c9a536f/1/kS8Wn8dEy-iVqfhe2reW1KxwACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.124.0/22
185.184.232.0/22
IPv6:
2a0b:4380::/32
Signature Algorithm: sha256WithRSAEncryption
0d:bb:ca:b7:f5:cb:3f:3b:93:e0:6b:ab:7a:f8:c0:d0:12:57:
ad:7c:17:7b:91:27:ba:75:e1:d3:f4:cc:17:6d:cb:a4:25:24:
55:50:f1:db:7f:b4:f9:3e:b5:19:21:50:16:76:0c:85:b8:e3:
5b:c3:17:d9:21:f7:89:4d:05:c4:f5:26:37:e2:9f:f3:c6:b4:
92:4b:9f:ca:87:90:f2:a7:1c:10:79:1f:cf:ce:44:ab:71:f4:
af:fe:3d:1a:54:bd:fd:11:cb:11:84:e3:3e:6a:ec:67:5b:8f:
db:82:16:26:8f:2f:27:34:ca:c2:3c:c5:fd:35:65:9d:f8:47:
fd:f1:20:95:f7:b2:ea:8c:d6:e4:8a:5f:c5:e4:c7:8a:72:dc:
76:d2:eb:6c:49:af:4d:48:3f:56:29:dc:b2:4b:7d:5d:9b:36:
4b:6f:db:57:1d:9a:ce:4a:7c:2d:91:52:33:0a:18:d6:58:f7:
ae:51:c1:e3:e3:a9:05:14:d4:22:3b:8e:99:f5:ea:64:7e:e9:
49:d5:8b:c6:d8:27:9d:db:de:2c:3e:40:ee:71:b1:e3:b2:89:
cd:45:61:3c:c6:44:e4:51:bb:f7:73:58:fe:24:96:2a:1c:11:
2b:82:ae:c6:43:cd:f0:f4:c4:e1:22:0e:49:9f:b4:48:f9:11:
05:0c:c8:62
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZMbZk+VJBIJIJjkk/JUjNafMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxMmYxNjlmYzc0NGNiZTg5NWE5Zjg1ZWRhYjc5NmQ0YWM3
MDAwMjkwHhcNMjQxMTExMTMyNTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmM0MDFhZGRkODQ2N2QwMDU1N2Y5MDI3MDUwMTAyYjhjZjMzM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TxCRjS0P1Z1qHUyNX+TZZocdpBk
7otbcS/Yw4rilmshARGmqUinW2umxkrIr762anV7gsNxE+YfTVILYJqyGjDdljgl
nGdxPXdb5LrMq+Xq6vV78jR5LGgucYCZb/HdXGDEYjY76m5BRq/9oPU93KpLYmHY
1u3l3eam60+U8kAifJt1dO8BEn/dWc7Pfw3x6n3RgyayFYAtp0EAdk6Rwi8OcBNa
mmSklwFFVRYyt8umf2/mptTwdbHBiYN5a/vh3G/n1KVpkHh2MbXmFrUP3NIwVq0t
Y3jbxfhsPtVAh+8nTgwroETIe8kl7L/808A57l6aXq4dBEKb4ioWd+9fRQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGbEAa3dhGfQBVf5AnBQECuM8zPDMB8GA1UdIwQY
MBaAFJEvFp/HRMvolan4Xtq3ltSscAApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzct
YjIyODNjOWE1MzZmLzEvWnNRQnJkMkVaOUFGVl9rQ2NGQVFLNHp6TThNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85ZDU0Y2ItN2NlYi00NThmLWJkNzctYjIyODNjOWE1MzZm
LzEva1M4V244ZEV5LWlWcWZoZTJyZVcxS3h3QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCX9d8AwQC
ubjoMA0EAgACMAcDBQAqC0OAMA0GCSqGSIb3DQEBCwUAA4IBAQANu8q39cs/O5Pg
a6t6+MDQEletfBd7kSe6deHT9MwXbcukJSRVUPHbf7T5PrUZIVAWdgyFuONbwxfZ
IfeJTQXE9SY34p/zxrSSS5/Kh5DypxwQeR/PzkSrcfSv/j0aVL39EcsRhOM+auxn
W4/bghYmjy8nNMrCPMX9NWWd+Ef98SCV97LqjNbkil/F5MeKctx20utsSa9NSD9W
KdyyS31dmzZLb9tXHZrOSnwtkVIzChjWWPeuUcHj46kFFNQiO46Z9epkfulJ1YvG
2Ced294sPkDucbHjsonNRWE8xkTkUbv3c1j+JJYqHBErgq7GQ83w9MThIg5Jn7RI
+REFDMhi
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:06 2025 by rpki-client