Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SzDZ3i8AnWbVcqmdIpmFCVmo6Es.roa
File: SzDZ3i8AnWbVcqmdIpmFCVmo6Es.roa (raw, json)
Hash identifier: ouSo+JHlQVknBFlwTMEYRl0FmbuqgDQmaQJtHWNPue0=
Subject key identifier: 4B:30:D9:DE:2F:00:9D:66:D5:72:A9:9D:22:99:85:09:59:A8:E8:4B
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0192441300970B407236E32ABDCD3EA0894A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SzDZ3i8AnWbVcqmdIpmFCVmo6Es.roa
Signing time: Mon 30 Sep 2024 17:55:48 +0000
ROA not before: Mon 30 Sep 2024 17:55:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11798
IP address blocks: 150.241.64.0/18 maxlen: 18
185.216.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 11 Oct 2024 21:12:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:44:13:00:97:0b:40:72:36:e3:2a:bd:cd:3e:a0:89:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Sep 30 17:55:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4b30d9de2f009d66d572a99d2299850959a8e84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a5:3e:49:8a:2e:57:ef:4f:f3:28:78:50:35:
ab:ef:80:52:43:45:05:cd:a6:bb:ca:63:fa:17:c1:
6b:3b:b1:37:38:40:78:26:83:b3:f3:3e:25:e8:61:
e8:15:4d:6f:85:29:e1:91:93:aa:6f:d4:f8:40:d7:
53:bb:2f:d3:5d:bd:44:da:8d:72:d3:ad:4d:ce:1a:
1f:9e:84:83:bd:e1:c5:f0:20:a8:5e:4c:aa:63:41:
7e:4a:a5:2a:72:ef:df:65:5d:29:19:f7:e9:ad:8e:
3e:f5:ef:d7:7e:48:2b:c2:62:91:fd:a1:65:96:df:
6b:06:40:ee:a7:19:c0:29:17:ab:22:73:1b:9d:48:
a4:2b:58:d7:86:ae:22:5c:55:82:8b:4e:94:5a:66:
eb:b7:6c:c0:ef:5f:a4:e4:f5:19:77:27:43:b2:32:
37:f7:1d:a9:45:05:2d:d8:86:1b:3b:ef:95:cb:c0:
e4:7b:6b:40:c6:08:60:e2:69:7d:cf:db:bf:5e:2b:
1e:43:2f:81:07:16:d9:97:e6:d4:25:4c:99:57:f4:
cf:9b:fd:db:1b:e3:3e:8a:f4:f6:e8:16:88:32:cf:
b7:be:1c:ef:42:1d:f2:36:60:d9:43:0c:36:f5:3e:
8d:5a:5f:d1:e4:7f:ff:1d:fb:cc:e9:92:d2:c4:5a:
a5:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:30:D9:DE:2F:00:9D:66:D5:72:A9:9D:22:99:85:09:59:A8:E8:4B
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/SzDZ3i8AnWbVcqmdIpmFCVmo6Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.64.0/18
185.216.104.0/22
Signature Algorithm: sha256WithRSAEncryption
59:34:03:81:96:ed:9e:96:95:93:a4:a5:6a:69:8e:ae:cf:3b:
dd:ff:95:35:5f:43:b5:ee:40:70:40:15:af:40:0b:7b:e1:b3:
b9:36:f6:0a:a0:d7:63:3e:94:51:6b:64:f9:42:ce:0e:4a:5a:
c6:96:00:72:4c:ef:f4:71:aa:3b:67:eb:02:f0:a9:b7:fb:0e:
31:cf:e5:fa:97:42:35:71:ff:59:dc:ee:0f:e3:29:0c:15:60:
9f:16:69:c4:0c:d2:f9:30:9b:0a:eb:8a:22:a7:09:e4:cb:34:
57:fb:4c:70:e1:e4:20:ed:7f:86:d1:6b:ba:11:4f:df:41:9c:
8a:d3:95:fe:b7:7a:8b:f5:8f:b9:ae:c0:2e:68:63:d3:4b:ef:
99:00:f5:8c:76:36:ad:87:81:88:38:e4:d4:8b:0b:1f:d6:e2:
41:17:d0:6e:6b:83:47:30:c9:75:39:8d:2c:6c:a9:42:90:17:
74:1d:43:97:59:c2:fe:8c:2a:69:e5:6e:8b:35:7a:06:36:7b:
c2:59:5a:56:7c:aa:17:b8:d0:08:40:c7:51:b1:6c:32:09:da:
07:39:28:f8:fc:74:5c:dc:b2:33:a6:05:cf:f9:58:9c:2c:22:
54:0e:b0:2a:97:a7:ff:0d:fb:3c:e7:65:7f:01:ef:f1:d6:0f:
f6:71:1a:02
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJEEwCXC0ByNuMqvc0+oIlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQwOTMwMTc1NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjMwZDlkZTJmMDA5ZDY2ZDU3MmE5OWQyMjk5ODUwOTU5YThlODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6U+SYouV+9P8yh4UDWr74BSQ0UF
zaa7ymP6F8FrO7E3OEB4JoOz8z4l6GHoFU1vhSnhkZOqb9T4QNdTuy/TXb1E2o1y
061NzhofnoSDveHF8CCoXkyqY0F+SqUqcu/fZV0pGffprY4+9e/XfkgrwmKR/aFl
lt9rBkDupxnAKRerInMbnUikK1jXhq4iXFWCi06UWmbrt2zA71+k5PUZdydDsjI3
9x2pRQUt2IYbO++Vy8Dke2tAxghg4ml9z9u/XiseQy+BBxbZl+bUJUyZV/TPm/3b
G+M+ivT26BaIMs+3vhzvQh3yNmDZQww29T6NWl/R5H//HfvM6ZLSxFqlFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEsw2d4vAJ1m1XKpnSKZhQlZqOhLMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvU3pEWjNpOEFuV2JWY3FtZElwbUZDVm1vNkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGlvFAAwQC
udhoMA0GCSqGSIb3DQEBCwUAA4IBAQBZNAOBlu2elpWTpKVqaY6uzzvd/5U1X0O1
7kBwQBWvQAt74bO5NvYKoNdjPpRRa2T5Qs4OSlrGlgByTO/0cao7Z+sC8Km3+w4x
z+X6l0I1cf9Z3O4P4ykMFWCfFmnEDNL5MJsK64oipwnkyzRX+0xw4eQg7X+G0Wu6
EU/fQZyK05X+t3qL9Y+5rsAuaGPTS++ZAPWMdjath4GIOOTUiwsf1uJBF9Bua4NH
MMl1OY0sbKlCkBd0HUOXWcL+jCpp5W6LNXoGNnvCWVpWfKoXuNAIQMdRsWwyCdoH
OSj4/HRc3LIzpgXP+VicLCJUDrAql6f/Dfs852V/Ae/x1g/2cRoC
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:09 2025 by rpki-client