Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/dZWOEBG13itlrObAMhQhVPmeKUU.roa
File: dZWOEBG13itlrObAMhQhVPmeKUU.roa (raw, json)
Hash identifier: /kxMH8WMdUlOr9QPKrVFrkn4pPW7frvl942xM4BRWD8=
Subject key identifier: 75:95:8E:10:11:B5:DE:2B:65:AC:E6:C0:32:14:21:54:F9:9E:29:45
Certificate issuer: /CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Certificate serial: 018CC56DE02800550EB1D77E1A7291F7B40C
Authority key identifier: 72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/dZWOEBG13itlrObAMhQhVPmeKUU.roa
Signing time: Mon 01 Jan 2024 14:29:21 +0000
ROA not before: Mon 01 Jan 2024 14:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2593
IP address blocks: 95.140.128.0/21 maxlen: 21
185.213.112.0/24 maxlen: 24
185.213.114.0/24 maxlen: 24
185.213.113.0/24 maxlen: 24
2a09:8d00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 25 Sep 2024 09:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e0:28:00:55:0e:b1:d7:7e:1a:72:91:f7:b4:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72098efaae8063cacecc4f1c1a0b64483bb69503
Validity
Not Before: Jan 1 14:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=75958e1011b5de2b65ace6c032142154f99e2945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:43:c0:f6:25:8b:ab:d0:5a:61:f4:13:9e:94:
4a:68:2d:0e:53:0b:d7:d9:2b:4b:66:ef:c4:7e:9f:
f1:32:64:5d:b9:93:b2:ba:42:84:4a:bc:99:fd:a1:
0b:59:b0:3d:c7:cc:d3:ae:37:34:f9:39:ef:40:4f:
38:d0:dc:8b:79:10:27:c3:e8:6f:b7:df:b3:af:03:
bd:65:b3:13:a1:9b:7b:e3:c6:60:12:f8:7b:4b:79:
79:6c:1e:b9:9e:74:97:9f:83:83:f4:2c:05:1f:53:
63:0b:73:d6:e3:ab:08:b2:5c:b2:21:78:fd:db:f2:
64:14:44:cf:14:4e:7b:89:e5:2a:54:37:cf:6e:64:
76:4a:01:bd:ac:5b:2c:69:16:e2:9e:25:59:9f:19:
41:d9:10:53:f0:c3:f8:33:3f:4f:27:54:3f:95:29:
51:1b:70:26:ea:a1:f9:e4:98:6b:3e:ba:60:55:19:
9d:3b:0b:f4:88:fe:f2:32:85:8c:56:c5:65:e1:74:
5b:39:70:44:a9:fc:50:a8:31:ae:13:ff:c9:a5:dd:
58:e6:6b:c8:47:cd:cf:70:79:ff:c3:be:cd:5b:08:
ac:c3:ca:07:14:20:f2:81:4b:ab:2a:6a:f5:d1:b4:
21:4e:9b:cd:5c:c8:e8:b3:1f:cf:5a:a1:1b:ee:1b:
09:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:95:8E:10:11:B5:DE:2B:65:AC:E6:C0:32:14:21:54:F9:9E:29:45
X509v3 Authority Key Identifier:
keyid:72:09:8E:FA:AE:80:63:CA:CE:CC:4F:1C:1A:0B:64:48:3B:B6:95:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cgmO-q6AY8rOzE8cGgtkSDu2lQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/dZWOEBG13itlrObAMhQhVPmeKUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/b4daf6-448d-4f3e-944a-573ca5a609c0/1/cgmO-q6AY8rOzE8cGgtkSDu2lQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.140.128.0/21
185.213.112.0-185.213.114.255
IPv6:
2a09:8d00::/29
Signature Algorithm: sha256WithRSAEncryption
68:7e:e1:50:19:d2:47:55:a8:51:b0:23:b4:23:c2:e2:f1:2f:
30:4a:85:15:d4:05:73:2a:78:ed:6c:ff:88:86:54:f3:89:c1:
32:e3:01:9a:11:ae:0f:3e:c8:95:ee:ba:3d:0a:02:9e:10:4e:
da:23:d4:7f:3f:46:bb:a4:40:cb:1a:22:a2:1d:c2:59:f4:0e:
e2:0e:1f:e4:7c:51:44:62:5f:2c:2e:27:b9:b2:29:ab:55:5d:
a3:3d:1c:0c:4f:2e:a3:db:cc:8c:5d:54:48:0d:e5:a0:3c:1d:
94:f3:91:9f:6e:28:cd:5e:3d:b2:dd:47:7e:97:f4:89:11:db:
f1:c3:d8:17:b1:81:3f:fa:c3:51:57:fc:11:59:7f:d8:81:1c:
33:74:b4:fe:db:b5:4c:c5:53:e6:f4:0c:e3:40:9c:6a:5d:ce:
5f:b3:69:7b:db:43:07:a5:00:aa:e3:67:6c:65:04:f5:5c:9f:
53:07:58:f9:55:36:98:69:e0:25:7b:c5:64:b1:5e:95:bd:15:
07:5c:3d:98:4b:d5:87:68:f4:2a:b0:40:92:ef:ba:a1:55:0c:
25:a3:38:64:7b:63:cb:22:95:26:d7:df:67:52:6b:94:c3:d9:
4e:8f:da:f1:6f:e0:1f:da:86:3e:30:d4:b1:ee:9e:74:0a:53:
c5:dc:f8:f1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFbeAoAFUOsdd+GnKR97QMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMDk4ZWZhYWU4MDYzY2FjZWNjNGYxYzFhMGI2NDQ4M2Ji
Njk1MDMwHhcNMjQwMTAxMTQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTk1OGUxMDExYjVkZTJiNjVhY2U2YzAzMjE0MjE1NGY5OWUyOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgkPA9iWLq9BaYfQTnpRKaC0OUwvX
2StLZu/Efp/xMmRduZOyukKESryZ/aELWbA9x8zTrjc0+TnvQE840NyLeRAnw+hv
t9+zrwO9ZbMToZt748ZgEvh7S3l5bB65nnSXn4OD9CwFH1NjC3PW46sIslyyIXj9
2/JkFETPFE57ieUqVDfPbmR2SgG9rFssaRbiniVZnxlB2RBT8MP4Mz9PJ1Q/lSlR
G3Am6qH55JhrPrpgVRmdOwv0iP7yMoWMVsVl4XRbOXBEqfxQqDGuE//Jpd1Y5mvI
R83PcHn/w77NWwisw8oHFCDygUurKmr10bQhTpvNXMjosx/PWqEb7hsJ3QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHWVjhARtd4rZazmwDIUIVT5nilFMB8GA1UdIwQY
MBaAFHIJjvqugGPKzsxPHBoLZEg7tpUDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEt
NTczY2E1YTYwOWMwLzEvZFpXT0VCRzEzaXRsck9iQU1oUWhWUG1lS1VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9iNGRhZjYtNDQ4ZC00ZjNlLTk0NGEtNTczY2E1YTYwOWMw
LzEvY2dtTy1xNkFZOHJPekU4Y0dndGtTRHUybFFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDX4yAMAwD
BAS51XADBAC51XIwDQQCAAIwBwMFAyoJjQAwDQYJKoZIhvcNAQELBQADggEBAGh+
4VAZ0kdVqFGwI7QjwuLxLzBKhRXUBXMqeO1s/4iGVPOJwTLjAZoRrg8+yJXuuj0K
Ap4QTtoj1H8/RrukQMsaIqIdwln0DuIOH+R8UURiXywuJ7myKatVXaM9HAxPLqPb
zIxdVEgN5aA8HZTzkZ9uKM1ePbLdR36X9IkR2/HD2BexgT/6w1FX/BFZf9iBHDN0
tP7btUzFU+b0DONAnGpdzl+zaXvbQwelAKrjZ2xlBPVcn1MHWPlVNphp4CV7xWSx
XpW9FQdcPZhL1Ydo9CqwQJLvuqFVDCWjOGR7Y8silSbX32dSa5TD2U6P2vFv4B/a
hj4w1LHunnQKU8Xc+PE=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:50 2025 by rpki-client