Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/ZeCDjMZXEYQQsrDsYd9x4OiAZTo.roa
File: ZeCDjMZXEYQQsrDsYd9x4OiAZTo.roa (raw, json)
Hash identifier: 05KSaSywoacUG1psVrISdmCvcyHYcLPq7ZIkM5ZikpU=
Subject key identifier: 65:E0:83:8C:C6:57:11:84:10:B2:B0:EC:61:DF:71:E0:E8:80:65:3A
Certificate issuer: /CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Certificate serial: 018CC3B6F44A86323A3E33B8E393D40E9A95
Authority key identifier: E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/ZeCDjMZXEYQQsrDsYd9x4OiAZTo.roa
Signing time: Mon 01 Jan 2024 06:29:56 +0000
ROA not before: Mon 01 Jan 2024 06:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1921
IP address blocks: 185.80.190.0/24 maxlen: 24
185.80.191.0/24 maxlen: 24
185.80.188.0/24 maxlen: 24
185.80.189.0/24 maxlen: 24
2a05:7f00:188::/48 maxlen: 48
2a05:7f00:190::/48 maxlen: 48
2a05:7f00:189::/48 maxlen: 48
2a05:7f00:191::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f4:4a:86:32:3a:3e:33:b8:e3:93:d4:0e:9a:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5cf78f5f339ee777da749210a96eced96b7f2e7
Validity
Not Before: Jan 1 06:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=65e0838cc657118410b2b0ec61df71e0e880653a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:20:70:94:15:e7:d3:30:0d:d1:23:fd:f8:37:
7b:05:64:6e:cb:f6:bb:24:10:67:a8:fd:f5:29:40:
8a:46:7f:1f:14:40:55:34:03:af:74:03:25:df:1c:
7a:88:8a:6d:25:79:32:8c:d8:15:e6:e0:75:62:a9:
2a:be:ef:3f:24:62:9f:4b:ce:12:6f:67:d3:97:58:
6e:a4:db:91:5d:35:70:f7:f8:a9:b5:50:04:7e:ec:
47:bf:8e:ee:64:3b:4b:a9:bd:76:0d:30:da:ef:b2:
47:77:4e:08:76:83:90:60:f4:6c:90:bc:a1:0c:f2:
6d:1a:46:76:71:ed:b2:a1:fe:03:fc:c1:86:4d:49:
93:7a:2d:08:a7:0c:45:8c:f8:81:22:39:21:7b:19:
dc:2b:43:14:5b:43:ce:50:e8:4c:ee:75:c2:0b:ad:
50:1d:c5:9e:ce:33:2e:64:fe:db:fd:31:e1:1d:27:
76:5d:5b:d2:c1:8f:d9:21:a2:9d:d3:0a:3e:b2:14:
01:ef:66:da:60:2a:b7:4b:68:84:d0:36:39:ea:9e:
9f:0a:29:fc:05:ba:cc:03:bc:dd:d7:ab:df:96:6f:
e1:a2:43:bb:2d:3c:3b:b7:5c:57:c6:ba:7d:60:b1:
c6:39:4d:e0:c6:95:d3:af:8f:a3:c0:11:36:78:46:
e7:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E0:83:8C:C6:57:11:84:10:B2:B0:EC:61:DF:71:E0:E8:80:65:3A
X509v3 Authority Key Identifier:
keyid:E5:CF:78:F5:F3:39:EE:77:7D:A7:49:21:0A:96:EC:ED:96:B7:F2:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c949fM57nd9p0khCpbs7Za38uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/ZeCDjMZXEYQQsrDsYd9x4OiAZTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/c4bd95-c670-490d-8cc0-b7dc83706a2a/1/5c949fM57nd9p0khCpbs7Za38uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.188.0/22
IPv6:
2a05:7f00:188::/47
2a05:7f00:190::/47
Signature Algorithm: sha256WithRSAEncryption
43:ae:54:e0:93:64:d8:45:2f:7a:51:6a:69:44:a0:c1:57:c3:
29:04:3c:70:4d:93:d8:c0:61:0b:28:d4:73:06:e7:2f:40:f5:
48:55:65:00:67:24:d7:fa:ed:11:a7:2d:1f:61:ae:2e:6d:22:
14:eb:fa:9b:67:96:24:3e:d2:86:fd:17:0f:11:6f:d3:fd:92:
76:b2:60:c2:d4:a4:86:14:85:4c:43:3b:eb:5f:4a:42:43:69:
a4:62:6c:93:60:cb:a1:8b:69:63:01:05:85:91:f8:70:1f:79:
87:91:1b:10:5e:92:d3:d5:b5:fa:4a:39:d6:90:b8:89:fa:30:
68:9a:09:a0:aa:3c:36:9f:50:69:19:3c:14:a1:4f:15:29:b1:
cd:77:91:50:53:f3:39:da:7b:c7:33:67:fb:78:23:55:74:ae:
b0:ef:0c:f4:93:4f:a3:f1:87:a4:e1:3d:05:23:a9:26:b9:49:
95:df:d8:b2:24:64:5c:cf:e5:0c:82:71:2f:dc:b4:92:68:37:
8b:57:76:ad:13:db:1b:cc:a1:0d:9a:d2:3f:29:49:f0:79:29:
38:e3:57:5d:fe:ae:45:54:c6:bf:3f:ba:c9:8d:54:c9:a6:65:
13:83:78:91:a5:6f:ac:6f:b7:d0:5f:67:fa:fd:1e:fb:84:6d:
2b:58:d1:f5
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzDtvRKhjI6PjO445PUDpqVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1Y2Y3OGY1ZjMzOWVlNzc3ZGE3NDkyMTBhOTZlY2VkOTZi
N2YyZTcwHhcNMjQwMTAxMDYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWUwODM4Y2M2NTcxMTg0MTBiMmIwZWM2MWRmNzFlMGU4ODA2NTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCBwlBXn0zAN0SP9+Dd7BWRuy/a7
JBBnqP31KUCKRn8fFEBVNAOvdAMl3xx6iIptJXkyjNgV5uB1Yqkqvu8/JGKfS84S
b2fTl1hupNuRXTVw9/iptVAEfuxHv47uZDtLqb12DTDa77JHd04IdoOQYPRskLyh
DPJtGkZ2ce2yof4D/MGGTUmTei0IpwxFjPiBIjkhexncK0MUW0POUOhM7nXCC61Q
HcWezjMuZP7b/THhHSd2XVvSwY/ZIaKd0wo+shQB72baYCq3S2iE0DY56p6fCin8
BbrMA7zd16vflm/hokO7LTw7t1xXxrp9YLHGOU3gxpXTr4+jwBE2eEbn+QIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGXgg4zGVxGEELKw7GHfceDogGU6MB8GA1UdIwQY
MBaAFOXPePXzOe53fadJIQqW7O2Wt/LnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAt
YjdkYzgzNzA2YTJhLzEvWmVDRGpNWlhFWVFRc3JEc1lkOXg0T2lBWlRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9jNGJkOTUtYzY3MC00OTBkLThjYzAtYjdkYzgzNzA2YTJh
LzEvNWM5NDlmTTU3bmQ5cDBraENwYnM3WmEzOHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCuVC8MBgE
AgACMBIDBwEqBX8AAYgDBwEqBX8AAZAwDQYJKoZIhvcNAQELBQADggEBAEOuVOCT
ZNhFL3pRamlEoMFXwykEPHBNk9jAYQso1HMG5y9A9UhVZQBnJNf67RGnLR9hri5t
IhTr+ptnliQ+0ob9Fw8Rb9P9knayYMLUpIYUhUxDO+tfSkJDaaRibJNgy6GLaWMB
BYWR+HAfeYeRGxBektPVtfpKOdaQuIn6MGiaCaCqPDafUGkZPBShTxUpsc13kVBT
8znae8czZ/t4I1V0rrDvDPSTT6Pxh6ThPQUjqSa5SZXf2LIkZFzP5QyCcS/ctJJo
N4tXdq0T2xvMoQ2a0j8pSfB5KTjjV13+rkVUxr8/usmNVMmmZRODeJGlb6xvt9Bf
Z/r9HvuEbStY0fU=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:12 2025 by rpki-client