Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mZYRwxHYqpuJoGgFIZZZQBDfW6Q.roa
File: mZYRwxHYqpuJoGgFIZZZQBDfW6Q.roa (raw, json)
Hash identifier: jbBCRm7TQ7QaVCzlmsEAPR0XSiCHkzSi9yuauqFaxxA=
Subject key identifier: 99:96:11:C3:11:D8:AA:9B:89:A0:68:05:21:96:59:40:10:DF:5B:A4
Certificate issuer: /CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Certificate serial: 018F3941114E9BCD2BC04DD69C71AEAB0C50
Authority key identifier: 1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mZYRwxHYqpuJoGgFIZZZQBDfW6Q.roa
Signing time: Thu 02 May 2024 12:21:56 +0000
ROA not before: Thu 02 May 2024 12:21:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 2.248.0.0/14 maxlen: 14
2.252.0.0/15 maxlen: 15
2.254.0.0/16 maxlen: 16
2.255.0.0/17 maxlen: 17
2.255.128.0/18 maxlen: 18
2.255.190.0/24 maxlen: 24
2.255.191.0/24 maxlen: 24
62.20.0.0/16 maxlen: 16
78.64.0.0/12 maxlen: 12
81.224.0.0/12 maxlen: 12
81.228.4.0/23 maxlen: 23
81.228.4.0/24 maxlen: 24
81.228.5.0/24 maxlen: 24
90.224.0.0/12 maxlen: 12
95.109.0.0/17 maxlen: 17
95.192.0.0/12 maxlen: 12
192.16.152.0/23 maxlen: 23
192.16.153.0/24 maxlen: 24
192.150.58.0/23 maxlen: 23
192.150.60.0/22 maxlen: 22
192.150.64.0/22 maxlen: 22
192.150.68.0/23 maxlen: 23
192.150.78.0/23 maxlen: 23
192.150.80.0/23 maxlen: 23
193.44.0.0/15 maxlen: 15
194.16.0.0/15 maxlen: 15
194.18.0.0/16 maxlen: 16
194.22.0.0/15 maxlen: 15
194.218.0.0/16 maxlen: 16
194.236.0.0/15 maxlen: 15
195.67.0.0/16 maxlen: 16
195.198.0.0/16 maxlen: 16
195.252.32.0/19 maxlen: 19
212.28.192.0/19 maxlen: 19
212.181.0.0/16 maxlen: 16
213.64.0.0/14 maxlen: 14
217.208.0.0/13 maxlen: 13
Validation: Failed, certificate revoked on Wed 15 May 2024 12:59:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:39:41:11:4e:9b:cd:2b:c0:4d:d6:9c:71:ae:ab:0c:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f68138d4ec2ea51cacef09ff1058a370a5be190
Validity
Not Before: May 2 12:21:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=999611c311d8aa9b89a068052196594010df5ba4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4c:10:b8:e2:f2:c8:b2:75:ee:c1:25:ce:31:
b7:0d:20:c1:55:1c:17:ac:0a:46:a0:34:3c:39:df:
66:40:4d:52:17:d5:06:bb:2f:af:b0:d2:64:e0:0e:
34:2f:f9:1b:25:da:3a:6f:5f:ce:2a:61:64:ba:ab:
08:df:e3:49:0b:ad:8a:bd:4b:05:cc:39:71:8a:06:
94:c6:23:cd:86:a1:08:ff:16:f5:21:a9:75:e5:99:
5f:f7:3a:c3:73:1d:56:dc:3c:8a:c9:ee:e0:09:bd:
69:f8:63:23:bc:a5:c1:08:b9:d6:60:00:35:8b:c3:
00:38:e6:5c:85:d5:d9:12:8d:e8:ce:b6:26:9a:8b:
09:3a:f0:6c:05:6d:16:f8:7f:a3:ab:98:c0:71:cc:
1e:cf:24:e3:0f:1f:11:c5:b6:c7:54:21:fa:c1:41:
0d:36:b4:5a:f2:da:5d:5e:86:9b:25:24:61:b7:14:
00:0f:bb:90:6c:f8:df:2f:4b:e9:99:2c:87:b2:35:
73:c1:70:77:1b:b4:44:9c:80:54:69:7c:b3:8d:54:
c2:39:2f:5b:ca:19:17:91:30:2f:8c:e3:8d:35:60:
75:b7:97:34:0e:40:f4:a0:9f:6f:ef:5c:ff:34:8e:
ce:a0:4f:8d:10:a1:e4:80:1e:cb:52:47:0e:10:66:
e1:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:96:11:C3:11:D8:AA:9B:89:A0:68:05:21:96:59:40:10:DF:5B:A4
X509v3 Authority Key Identifier:
keyid:1F:68:13:8D:4E:C2:EA:51:CA:CE:F0:9F:F1:05:8A:37:0A:5B:E1:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/mZYRwxHYqpuJoGgFIZZZQBDfW6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/b9adf4-f910-4355-bfc8-608564839fd0/1/H2gTjU7C6lHKzvCf8QWKNwpb4ZA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.248.0.0-2.255.191.255
62.20.0.0/16
78.64.0.0/12
81.224.0.0/12
90.224.0.0/12
95.109.0.0/17
95.192.0.0/12
192.16.152.0/23
192.150.58.0-192.150.69.255
192.150.78.0-192.150.81.255
193.44.0.0/15
194.16.0.0-194.18.255.255
194.22.0.0/15
194.218.0.0/16
194.236.0.0/15
195.67.0.0/16
195.198.0.0/16
195.252.32.0/19
212.28.192.0/19
212.181.0.0/16
213.64.0.0/14
217.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
6c:95:6a:7c:b0:8b:13:cc:9b:b9:a9:2f:fa:60:89:34:61:26:
80:0d:d6:12:19:dc:54:fa:28:ba:d0:8a:bb:7d:71:5e:68:bd:
6c:a4:82:07:84:0b:39:83:af:e7:8a:12:fa:62:2f:68:6f:08:
85:f1:cf:7b:85:25:f9:d8:38:f5:28:cb:23:c3:6d:7f:06:24:
fe:90:35:5d:d9:40:0e:b2:c9:53:77:94:78:c3:8d:af:45:0a:
4b:8b:d8:26:79:a3:26:58:b1:d4:a7:17:05:06:f7:6d:b1:d4:
e1:dc:b9:70:75:40:94:fa:23:d2:fb:28:97:38:c9:2d:40:02:
ee:50:c5:eb:44:1e:a6:9a:2b:fe:7b:d2:41:fc:19:4e:0a:cf:
5f:03:1b:1b:8b:bc:03:56:fa:1a:b8:b4:68:c4:d4:64:50:b5:
06:b5:4e:39:7c:9e:d8:ff:4a:d0:70:e9:05:6c:d8:0e:4e:92:
78:25:c1:66:3c:43:17:e6:ac:09:0c:32:c7:78:b2:42:51:6f:
79:e5:65:b7:18:6b:7d:82:95:ce:13:3f:25:d4:46:12:a3:6d:
41:d9:34:2a:a4:1e:32:81:83:44:60:59:0e:03:1f:2e:33:60:
5c:f8:91:d7:a2:d9:4f:99:fe:74:3e:e8:3d:b8:c0:3d:83:24:
31:5b:46:8c
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAY85QRFOm80rwE3WnHGuqwxQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNjgxMzhkNGVjMmVhNTFjYWNlZjA5ZmYxMDU4YTM3MGE1
YmUxOTAwHhcNMjQwNTAyMTIyMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OTk2MTFjMzExZDhhYTliODlhMDY4MDUyMTk2NTk0MDEwZGY1YmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0wQuOLyyLJ17sElzjG3DSDBVRwX
rApGoDQ8Od9mQE1SF9UGuy+vsNJk4A40L/kbJdo6b1/OKmFkuqsI3+NJC62KvUsF
zDlxigaUxiPNhqEI/xb1Ial15Zlf9zrDcx1W3DyKye7gCb1p+GMjvKXBCLnWYAA1
i8MAOOZchdXZEo3ozrYmmosJOvBsBW0W+H+jq5jAccwezyTjDx8RxbbHVCH6wUEN
NrRa8tpdXoabJSRhtxQAD7uQbPjfL0vpmSyHsjVzwXB3G7REnIBUaXyzjVTCOS9b
yhkXkTAvjOONNWB1t5c0DkD0oJ9v71z/NI7OoE+NEKHkgB7LUkcOEGbh/wIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFJmWEcMR2KqbiaBoBSGWWUAQ31ukMB8GA1UdIwQY
MBaAFB9oE41OwupRys7wn/EFijcKW+GQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgt
NjA4NTY0ODM5ZmQwLzEvbVpZUnd4SFlxcHVKb0dnRklaWlpRQkRmVzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9iOWFkZjQtZjkxMC00MzU1LWJmYzgtNjA4NTY0ODM5ZmQw
LzEvSDJnVGpVN0M2bEhLenZDZjhRV0tOd3BiNFpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBmgQCAAEwgZMwCwMD
AwL4AwQGAv+AAwMAPhQDAwROQAMDBFHgAwMEWuADBAdfbQADAwRfwAMEAcAQmDAM
AwQBwJY6AwQBwJZEMAwDBAHAlk4DBAHAllADAwHBLDAKAwMEwhADAwDCEgMDAcIW
AwMAwtoDAwHC7AMDAMNDAwMAw8YDBAXD/CADBAXUHMADAwDUtQMDAtVAAwMD2dAw
DQYJKoZIhvcNAQELBQADggEBAGyVanywixPMm7mpL/pgiTRhJoAN1hIZ3FT6KLrQ
irt9cV5ovWykggeECzmDr+eKEvpiL2hvCIXxz3uFJfnYOPUoyyPDbX8GJP6QNV3Z
QA6yyVN3lHjDja9FCkuL2CZ5oyZYsdSnFwUG922x1OHcuXB1QJT6I9L7KJc4yS1A
Au5QxetEHqaaK/570kH8GU4Kz18DGxuLvANW+hq4tGjE1GRQtQa1Tjl8ntj/StBw
6QVs2A5OknglwWY8QxfmrAkMMsd4skJRb3nlZbcYa32Clc4TPyXURhKjbUHZNCqk
HjKBg0RgWQ4DHy4zYFz4kdei2U+Z/nQ+6D24wD2DJDFbRow=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:40 2025 by rpki-client