Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/0ZmhfBoM_G3NoQJ5hIYgdFdsbSU.roa
File: 0ZmhfBoM_G3NoQJ5hIYgdFdsbSU.roa (raw, json)
Hash identifier: bcr+w3E06quiZLwubiKJ0cQs04qYDWaoGwgsM5q6AXY=
Subject key identifier: D1:99:A1:7C:1A:0C:FC:6D:CD:A1:02:79:84:86:20:74:57:6C:6D:25
Certificate issuer: /CN=da0047dac8eef8944d78c1b7a26868c03e2ce466
Certificate serial: 018CC56EC5629E2DB75A3BAAA8DB1EC95E4B
Authority key identifier: DA:00:47:DA:C8:EE:F8:94:4D:78:C1:B7:A2:68:68:C0:3E:2C:E4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2gBH2sju-JRNeMG3omhowD4s5GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/0ZmhfBoM_G3NoQJ5hIYgdFdsbSU.roa
Signing time: Mon 01 Jan 2024 14:30:20 +0000
ROA not before: Mon 01 Jan 2024 14:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60451
IP address blocks: 185.135.93.0/24 maxlen: 24
185.135.94.0/24 maxlen: 24
185.135.92.0/24 maxlen: 24
185.135.92.0/22 maxlen: 22
185.135.95.0/24 maxlen: 24
185.30.182.0/24 maxlen: 24
185.30.180.0/24 maxlen: 24
185.30.183.0/24 maxlen: 24
185.30.180.0/22 maxlen: 22
185.30.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c5:62:9e:2d:b7:5a:3b:aa:a8:db:1e:c9:5e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da0047dac8eef8944d78c1b7a26868c03e2ce466
Validity
Not Before: Jan 1 14:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d199a17c1a0cfc6dcda1027984862074576c6d25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6e:05:a0:58:a1:d8:67:b1:dd:56:3b:cd:c2:
af:95:42:4c:31:16:5d:4c:d1:02:62:14:73:cb:6c:
54:75:4b:6c:03:a4:ed:1b:54:3f:4c:7a:66:e7:ac:
94:b8:5b:9c:e5:dd:41:e7:08:0a:79:fc:25:f8:9f:
51:4e:2c:68:54:ec:f8:1f:47:cc:79:1b:e9:d7:3e:
48:d0:9a:20:77:e3:88:55:61:19:10:ab:b8:f2:f2:
87:f2:e0:a6:6f:17:e0:d2:e4:79:13:fc:6a:51:10:
ee:31:60:9b:64:17:a6:33:c0:2d:66:55:2b:8b:ba:
35:8e:26:20:65:52:7a:97:66:f1:7e:ea:46:7e:77:
89:4f:05:5d:89:f5:d6:b7:dc:7d:f4:7f:36:2a:37:
18:12:17:df:17:27:6c:18:5a:fd:ff:cc:8e:2e:11:
ec:82:9e:ed:fd:87:8e:f6:9f:e9:c4:d2:8f:0b:8a:
12:8b:29:19:81:eb:f0:ec:c6:1e:54:53:1e:8f:ea:
ae:11:59:60:33:dd:a0:a0:67:a2:4c:a4:40:23:f0:
1a:da:40:1e:9c:33:22:b8:e1:0c:59:44:50:07:44:
80:45:90:72:a8:00:6e:15:e4:7f:04:b2:cb:cc:80:
e8:8e:9b:5c:e9:cd:3e:87:15:3b:8a:57:53:d3:c2:
1d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:99:A1:7C:1A:0C:FC:6D:CD:A1:02:79:84:86:20:74:57:6C:6D:25
X509v3 Authority Key Identifier:
keyid:DA:00:47:DA:C8:EE:F8:94:4D:78:C1:B7:A2:68:68:C0:3E:2C:E4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2gBH2sju-JRNeMG3omhowD4s5GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/0ZmhfBoM_G3NoQJ5hIYgdFdsbSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/77959a-41de-46be-a5f1-ac9c8a50f24e/1/2gBH2sju-JRNeMG3omhowD4s5GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.180.0/22
185.135.92.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:5e:02:8a:c7:44:5e:e4:f9:6b:4c:06:f9:a5:d3:c0:46:30:
e1:5a:12:b6:b8:e0:12:e2:5f:35:a9:c1:e0:df:55:f0:41:9c:
f2:d0:40:e5:37:2d:1a:dd:43:58:47:1d:e1:0e:bf:20:b5:6f:
dd:60:d4:76:81:c9:84:3a:e1:7c:30:28:7a:6a:fe:21:c2:b1:
dd:3f:33:8f:6e:41:22:4a:2b:8e:2e:38:dd:da:47:17:16:b1:
b4:a5:d9:92:73:f5:30:e6:47:c5:67:50:ba:1b:e9:03:e8:ba:
14:a9:79:a4:68:36:b2:a5:11:15:8f:7e:82:34:45:9a:9f:fd:
95:1f:98:4e:23:6a:8d:56:9d:00:b4:fb:c7:e4:a4:c8:75:ff:
8c:d0:d2:6c:40:9c:a2:61:52:db:ae:4a:b8:80:86:1f:f7:53:
79:9b:39:f0:93:33:89:00:45:99:11:cf:e4:e4:fd:2a:a9:00:
cc:d7:62:42:d7:ae:64:36:84:6d:a5:06:7b:8e:2c:36:1e:23:
27:92:18:63:7c:76:2f:03:8c:55:be:c1:80:1d:b7:15:d0:2a:
21:f8:b3:70:cc:05:52:8e:33:0c:cf:b0:db:19:24:61:76:97:
0e:a1:35:9a:82:fe:ca:2b:e9:0f:9b:e5:fc:cf:db:cc:df:40:
a5:69:13:99
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbsVini23WjuqqNseyV5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhMDA0N2RhYzhlZWY4OTQ0ZDc4YzFiN2EyNjg2OGMwM2Uy
Y2U0NjYwHhcNMjQwMTAxMTQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTk5YTE3YzFhMGNmYzZkY2RhMTAyNzk4NDg2MjA3NDU3NmM2ZDI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW4FoFih2Gex3VY7zcKvlUJMMRZd
TNECYhRzy2xUdUtsA6TtG1Q/THpm56yUuFuc5d1B5wgKefwl+J9RTixoVOz4H0fM
eRvp1z5I0Jogd+OIVWEZEKu48vKH8uCmbxfg0uR5E/xqURDuMWCbZBemM8AtZlUr
i7o1jiYgZVJ6l2bxfupGfneJTwVdifXWt9x99H82KjcYEhffFydsGFr9/8yOLhHs
gp7t/YeO9p/pxNKPC4oSiykZgevw7MYeVFMej+quEVlgM92goGeiTKRAI/Aa2kAe
nDMiuOEMWURQB0SARZByqABuFeR/BLLLzIDojptc6c0+hxU7ildT08IdNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNGZoXwaDPxtzaECeYSGIHRXbG0lMB8GA1UdIwQY
MBaAFNoAR9rI7viUTXjBt6JoaMA+LORmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmdCSDJzanUtSlJOZU1HM29taG93RDRzNUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83Nzk1OWEtNDFkZS00NmJlLWE1ZjEt
YWM5YzhhNTBmMjRlLzEvMFptaGZCb01fRzNOb1FKNWhJWWdkRmRzYlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83Nzk1OWEtNDFkZS00NmJlLWE1ZjEtYWM5YzhhNTBmMjRl
LzEvMmdCSDJzanUtSlJOZU1HM29taG93RDRzNUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuR60AwQC
uYdcMA0GCSqGSIb3DQEBCwUAA4IBAQCoXgKKx0Re5PlrTAb5pdPARjDhWhK2uOAS
4l81qcHg31XwQZzy0EDlNy0a3UNYRx3hDr8gtW/dYNR2gcmEOuF8MCh6av4hwrHd
PzOPbkEiSiuOLjjd2kcXFrG0pdmSc/Uw5kfFZ1C6G+kD6LoUqXmkaDaypREVj36C
NEWan/2VH5hOI2qNVp0AtPvH5KTIdf+M0NJsQJyiYVLbrkq4gIYf91N5mznwkzOJ
AEWZEc/k5P0qqQDM12JC165kNoRtpQZ7jiw2HiMnkhhjfHYvA4xVvsGAHbcV0Coh
+LNwzAVSjjMMz7DbGSRhdpcOoTWagv7KK+kPm+X8z9vM30ClaROZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:07:47 2025 by rpki-client