Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/Zip342rOSgJ5ATIwMh0UE6rznNE.roa
File: Zip342rOSgJ5ATIwMh0UE6rznNE.roa (raw, json)
Hash identifier: bB4rvEdnMtH/ncEuwB3AGN3wda9EV0mSAzEQ6WJRUNc=
Subject key identifier: 66:2A:77:E3:6A:CE:4A:02:79:01:32:30:32:1D:14:13:AA:F3:9C:D1
Certificate issuer: /CN=8b054485ee62c6f1939613cba20669eef4504f79
Certificate serial: 01942067BB76D3BB901C98D84DB7B4DD2868
Authority key identifier: 8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/Zip342rOSgJ5ATIwMh0UE6rznNE.roa
Signing time: Wed 01 Jan 2025 05:47:36 +0000
ROA not before: Wed 01 Jan 2025 05:47:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59908
IP address blocks: 141.170.208.0/21 maxlen: 24
141.170.214.0/24 maxlen: 24
185.67.112.0/24 maxlen: 24
185.67.114.0/24 maxlen: 24
185.67.115.0/24 maxlen: 24
2a00:a3a0::/32 maxlen: 96
2a03:2460::/32 maxlen: 96
Validation: Failed, certificate revoked on Tue 14 Jan 2025 12:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:bb:76:d3:bb:90:1c:98:d8:4d:b7:b4:dd:28:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b054485ee62c6f1939613cba20669eef4504f79
Validity
Not Before: Jan 1 05:47:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=662a77e36ace4a0279013230321d1413aaf39cd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:00:00:85:55:d7:02:0d:eb:db:51:39:96:7a:
94:22:c0:a1:01:34:03:ae:df:8e:4f:68:5b:cf:9d:
2f:bc:31:99:e0:0a:0c:0e:cc:13:e4:69:cf:e0:2e:
57:9e:42:8d:ae:7f:ac:ee:66:00:7d:ad:3a:10:f5:
f5:99:9e:8f:76:fb:1c:61:8c:71:ba:25:f0:6f:3f:
39:0a:de:e4:d8:9a:7c:d6:1b:1e:c3:3d:4e:4f:a6:
03:21:d5:4e:38:2c:1d:13:f7:96:1e:40:a1:de:9b:
5d:94:da:0f:96:12:1f:7b:1d:98:f6:13:39:06:11:
39:2e:85:c2:0b:a8:a1:33:d6:f8:59:f5:5b:52:8a:
c5:c0:dd:19:e8:8e:6e:95:79:a5:41:dc:08:63:60:
13:b4:8d:50:78:4a:8b:4d:79:79:e4:90:a1:e9:e8:
05:8f:9f:cd:f1:76:4a:ed:54:46:45:0a:da:1c:e0:
b8:d9:8b:d1:b0:bf:3e:af:af:82:81:fc:27:c6:cb:
eb:cd:a0:6d:32:a9:06:e2:72:a9:4d:57:ba:a2:76:
03:f3:04:fa:62:cd:7d:eb:97:98:9f:19:82:6f:44:
fd:52:1c:c3:5a:07:00:6d:e0:73:59:7d:33:ea:04:
bf:c9:70:9c:96:64:c1:76:6c:c9:5c:55:28:2b:0e:
17:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2A:77:E3:6A:CE:4A:02:79:01:32:30:32:1D:14:13:AA:F3:9C:D1
X509v3 Authority Key Identifier:
keyid:8B:05:44:85:EE:62:C6:F1:93:96:13:CB:A2:06:69:EE:F4:50:4F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iwVEhe5ixvGTlhPLogZp7vRQT3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/Zip342rOSgJ5ATIwMh0UE6rznNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/779c09-f49a-4b38-a778-6bc390995cab/1/iwVEhe5ixvGTlhPLogZp7vRQT3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.170.208.0/21
185.67.112.0/24
185.67.114.0/23
IPv6:
2a00:a3a0::/32
2a03:2460::/32
Signature Algorithm: sha256WithRSAEncryption
91:57:ce:a3:53:d2:75:16:7e:23:d6:a3:d9:1c:bf:2c:9a:ee:
0c:16:47:95:17:3a:e2:be:3a:7b:55:83:25:a3:4b:f1:fb:de:
c9:f7:f2:9e:c5:82:28:ad:e3:27:ff:88:15:14:7c:e9:30:3e:
eb:77:b1:00:75:a7:ab:80:3e:61:13:22:7f:11:61:d1:86:3c:
32:4a:85:d5:02:b2:0c:17:4e:23:d3:fa:ec:fe:ed:7e:dc:d3:
ef:ac:4e:36:89:ed:52:61:cf:ec:4f:61:f3:42:fb:e6:25:03:
f3:99:55:d8:e7:29:d4:89:28:b6:cd:63:9b:04:55:7c:24:49:
1c:d5:fa:b8:cf:d5:c3:67:ed:86:15:e2:87:6d:13:1f:4a:ad:
6c:0c:18:dd:37:75:cf:e3:b4:50:0a:c6:6e:02:a1:a0:41:9f:
d3:f1:db:8e:8e:18:4b:3d:82:e0:39:d4:f3:e9:fc:85:d5:fe:
5f:cf:b9:e6:6e:19:cd:29:ee:39:85:45:a0:a7:86:48:86:35:
24:02:ea:76:ca:69:3f:aa:d9:98:15:a9:93:6a:ab:0c:b6:1e:
72:ee:6c:c9:1d:d1:5e:aa:4a:65:c9:80:19:c1:ea:6e:66:a9:
b0:d2:7c:d4:08:b5:5e:02:21:08:b8:ae:24:90:0d:df:07:a7:
98:32:9a:11
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQgZ7t207uQHJjYTbe03ShoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMDU0NDg1ZWU2MmM2ZjE5Mzk2MTNjYmEyMDY2OWVlZjQ1
MDRmNzkwHhcNMjUwMTAxMDU0NzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJhNzdlMzZhY2U0YTAyNzkwMTMyMzAzMjFkMTQxM2FhZjM5Y2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlAAAhVXXAg3r21E5lnqUIsChATQD
rt+OT2hbz50vvDGZ4AoMDswT5GnP4C5XnkKNrn+s7mYAfa06EPX1mZ6PdvscYYxx
uiXwbz85Ct7k2Jp81hsewz1OT6YDIdVOOCwdE/eWHkCh3ptdlNoPlhIfex2Y9hM5
BhE5LoXCC6ihM9b4WfVbUorFwN0Z6I5ulXmlQdwIY2ATtI1QeEqLTXl55JCh6egF
j5/N8XZK7VRGRQraHOC42YvRsL8+r6+CgfwnxsvrzaBtMqkG4nKpTVe6onYD8wT6
Ys1965eYnxmCb0T9UhzDWgcAbeBzWX0z6gS/yXCclmTBdmzJXFUoKw4X/QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGYqd+NqzkoCeQEyMDIdFBOq85zRMB8GA1UdIwQY
MBaAFIsFRIXuYsbxk5YTy6IGae70UE95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3Nzgt
NmJjMzkwOTk1Y2FiLzEvWmlwMzQyck9TZ0o1QVRJd01oMFVFNnJ6bk5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NzljMDktZjQ5YS00YjM4LWE3NzgtNmJjMzkwOTk1Y2Fi
LzEvaXdWRWhlNWl4dkdUbGhQTG9nWnA3dlJRVDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQDjarQAwQA
uUNwAwQBuUNyMBQEAgACMA4DBQAqAKOgAwUAKgMkYDANBgkqhkiG9w0BAQsFAAOC
AQEAkVfOo1PSdRZ+I9aj2Ry/LJruDBZHlRc64r46e1WDJaNL8fveyffynsWCKK3j
J/+IFRR86TA+63exAHWnq4A+YRMifxFh0YY8MkqF1QKyDBdOI9P67P7tftzT76xO
NontUmHP7E9h80L75iUD85lV2Ocp1Ikots1jmwRVfCRJHNX6uM/Vw2fthhXih20T
H0qtbAwY3Td1z+O0UArGbgKhoEGf0/Hbjo4YSz2C4DnU8+n8hdX+X8+55m4ZzSnu
OYVFoKeGSIY1JALqdsppP6rZmBWpk2qrDLYecu5syR3RXqpKZcmAGcHqbmapsNJ8
1Ai1XgIhCLiuJJAN3wenmDKaEQ==
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:55:06 2025 by rpki-client