Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ziEH2k0l8fd9vQOiyCP8xMcZEIs.roa
File: ziEH2k0l8fd9vQOiyCP8xMcZEIs.roa (raw, json)
Hash identifier: oZYtanppNPstPNYFOJpJgVuZzHLpPcr/ZOUhbUu1bzU=
Subject key identifier: CE:21:07:DA:4D:25:F1:F7:7D:BD:03:A2:C8:23:FC:C4:C7:19:10:8B
Certificate issuer: /CN=e50c44ae981e7492d3ba21e28472080180398d64
Certificate serial: 018CC4245720DDEC897D1DA85531D9B19E9B
Authority key identifier: E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ziEH2k0l8fd9vQOiyCP8xMcZEIs.roa
Signing time: Mon 01 Jan 2024 08:29:25 +0000
ROA not before: Mon 01 Jan 2024 08:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20932
IP address blocks: 217.169.128.0/20 maxlen: 20
217.169.144.0/20 maxlen: 20
194.11.221.0/24 maxlen: 24
185.68.204.0/22 maxlen: 22
2001:41e0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:57:20:dd:ec:89:7d:1d:a8:55:31:d9:b1:9e:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c44ae981e7492d3ba21e28472080180398d64
Validity
Not Before: Jan 1 08:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce2107da4d25f1f77dbd03a2c823fcc4c719108b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:bd:af:39:e3:df:c0:1e:67:a0:47:12:b2:c5:
80:dd:60:ef:5c:22:17:7c:5b:53:e9:f9:eb:0f:2c:
db:c6:a0:ce:9b:42:80:63:b4:fd:1a:90:9a:58:1a:
5a:b4:41:b8:81:8d:84:8e:6a:66:b7:24:58:74:53:
12:cf:67:77:ab:cd:98:54:06:8d:af:db:a2:c0:6d:
df:a6:2d:ae:70:60:8a:2f:8f:03:85:a7:b1:cd:e5:
5f:93:a4:3e:72:a1:20:75:b1:40:6a:bd:88:7b:51:
45:5e:38:55:a1:d7:62:27:16:85:ab:8a:07:c2:db:
d7:ea:80:73:78:ca:fb:23:5e:f2:a9:98:8e:cc:69:
ab:86:87:f4:46:c8:d5:8f:02:fd:57:df:e1:6e:db:
9c:89:77:9c:9a:9f:b4:25:b8:f1:16:a5:c5:4c:35:
13:92:9f:b2:de:22:1d:b3:76:15:d9:f9:0e:81:bf:
6d:b7:a1:16:46:15:00:b0:14:08:74:79:4f:4f:7d:
78:c7:3c:8e:8e:e8:4b:a9:3d:95:c7:9d:44:47:fe:
e4:51:86:c3:ed:a5:0b:fd:54:4e:d9:aa:df:13:ec:
71:47:9b:6d:12:08:2f:a3:08:ff:87:78:d5:3a:b8:
f1:db:f2:0f:31:76:ab:29:de:79:75:84:67:12:60:
56:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:21:07:DA:4D:25:F1:F7:7D:BD:03:A2:C8:23:FC:C4:C7:19:10:8B
X509v3 Authority Key Identifier:
keyid:E5:0C:44:AE:98:1E:74:92:D3:BA:21:E2:84:72:08:01:80:39:8D:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QxErpgedJLTuiHihHIIAYA5jWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/ziEH2k0l8fd9vQOiyCP8xMcZEIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/226018-0e06-435e-abfd-f5ffee1720c1/1/5QxErpgedJLTuiHihHIIAYA5jWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.204.0/22
194.11.221.0/24
217.169.128.0/19
IPv6:
2001:41e0::/32
Signature Algorithm: sha256WithRSAEncryption
60:a3:00:45:cb:b7:e3:2a:ca:53:db:21:95:c0:c3:b2:6a:7a:
62:2d:e8:62:4f:58:8d:c4:d3:2f:be:cb:fc:20:35:15:6d:5e:
dc:53:1e:f9:01:12:97:d6:72:aa:d8:6c:ab:5e:51:1d:58:d7:
22:a5:e2:ad:06:1a:32:ab:7d:de:9a:9e:b4:91:e4:18:d3:5c:
7f:6d:d3:47:08:a5:30:2d:b7:2f:93:4f:d3:1c:f7:43:de:55:
a8:91:38:5d:c0:c7:48:e4:af:68:59:d9:b9:c4:eb:dc:ea:49:
2e:08:5d:cf:4b:ba:a3:32:50:12:d3:53:62:ec:7f:bb:97:10:
4d:4b:71:20:21:11:1c:fd:fd:2c:fd:0f:2c:ce:13:c6:f4:3e:
30:80:4b:58:bf:f8:35:44:3a:f4:ac:fa:3a:3f:87:30:c7:ca:
c4:62:a1:7f:3f:1e:51:44:d7:da:51:6b:16:8b:9e:fb:67:e2:
7d:5a:23:90:15:77:55:b6:72:1d:30:54:2c:b0:55:18:21:1f:
b9:29:76:96:4e:e2:be:c2:32:b8:65:c9:54:fe:25:92:14:fb:
07:50:0a:5c:ea:cf:d4:17:74:fe:20:a7:94:1c:5f:83:7c:96:
0c:60:b0:e4:d0:d4:79:35:21:59:f5:87:69:e6:d1:aa:f1:81:
72:19:3e:95
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEJFcg3eyJfR2oVTHZsZ6bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MGM0NGFlOTgxZTc0OTJkM2JhMjFlMjg0NzIwODAxODAz
OThkNjQwHhcNMjQwMTAxMDgyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTIxMDdkYTRkMjVmMWY3N2RiZDAzYTJjODIzZmNjNGM3MTkxMDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjL2vOePfwB5noEcSssWA3WDvXCIX
fFtT6fnrDyzbxqDOm0KAY7T9GpCaWBpatEG4gY2EjmpmtyRYdFMSz2d3q82YVAaN
r9uiwG3fpi2ucGCKL48DhaexzeVfk6Q+cqEgdbFAar2Ie1FFXjhVoddiJxaFq4oH
wtvX6oBzeMr7I17yqZiOzGmrhof0RsjVjwL9V9/hbtuciXecmp+0JbjxFqXFTDUT
kp+y3iIds3YV2fkOgb9tt6EWRhUAsBQIdHlPT314xzyOjuhLqT2Vx51ER/7kUYbD
7aUL/VRO2arfE+xxR5ttEggvowj/h3jVOrjx2/IPMXarKd55dYRnEmBWwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM4hB9pNJfH3fb0Dosgj/MTHGRCLMB8GA1UdIwQY
MBaAFOUMRK6YHnSS07oh4oRyCAGAOY1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVF4RXJwZ2VkSkxUdWlIaWhISUlBWUE1aldRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yMjYwMTgtMGUwNi00MzVlLWFiZmQt
ZjVmZmVlMTcyMGMxLzEvemlFSDJrMGw4ZmQ5dlFPaXlDUDh4TWNaRUlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yMjYwMTgtMGUwNi00MzVlLWFiZmQtZjVmZmVlMTcyMGMx
LzEvNVF4RXJwZ2VkSkxUdWlIaWhISUlBWUE1aldRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuUTMAwQA
wgvdAwQF2amAMA0EAgACMAcDBQAgAUHgMA0GCSqGSIb3DQEBCwUAA4IBAQBgowBF
y7fjKspT2yGVwMOyanpiLehiT1iNxNMvvsv8IDUVbV7cUx75ARKX1nKq2GyrXlEd
WNcipeKtBhoyq33emp60keQY01x/bdNHCKUwLbcvk0/THPdD3lWokThdwMdI5K9o
Wdm5xOvc6kkuCF3PS7qjMlAS01Ni7H+7lxBNS3EgIREc/f0s/Q8szhPG9D4wgEtY
v/g1RDr0rPo6P4cwx8rEYqF/Px5RRNfaUWsWi577Z+J9WiOQFXdVtnIdMFQssFUY
IR+5KXaWTuK+wjK4ZclU/iWSFPsHUApc6s/UF3T+IKeUHF+DfJYMYLDk0NR5NSFZ
9Ydp5tGq8YFyGT6V
-----END CERTIFICATE-----
Generated at Mon Apr 21 05:36:34 2025 by rpki-client