Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/Z1Sa2BR0tfDEj0pJAEx6o7pW9mY.roa
File: Z1Sa2BR0tfDEj0pJAEx6o7pW9mY.roa (raw, json)
Hash identifier: a29rxOHKUnHAT8hy53JDVeUMz3Jh7agP54F6MFGgpds=
Subject key identifier: 67:54:9A:D8:14:74:B5:F0:C4:8F:4A:49:00:4C:7A:A3:BA:56:F6:66
Certificate issuer: /CN=2457027e3a087b65f968b535e415f67432695876
Certificate serial: 018CC5001028B907373F89506D5A08154265
Authority key identifier: 24:57:02:7E:3A:08:7B:65:F9:68:B5:35:E4:15:F6:74:32:69:58:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFcCfjoIe2X5aLU15BX2dDJpWHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/Z1Sa2BR0tfDEj0pJAEx6o7pW9mY.roa
Signing time: Mon 01 Jan 2024 12:29:24 +0000
ROA not before: Mon 01 Jan 2024 12:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20792
IP address blocks: 213.216.0.0/19 maxlen: 19
185.95.192.0/22 maxlen: 22
2a02:13c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:10:28:b9:07:37:3f:89:50:6d:5a:08:15:42:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2457027e3a087b65f968b535e415f67432695876
Validity
Not Before: Jan 1 12:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=67549ad81474b5f0c48f4a49004c7aa3ba56f666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:0d:05:14:16:cd:04:a4:67:52:6f:61:5c:86:
ab:0c:76:3d:50:9d:31:5f:c5:8d:44:ef:59:87:95:
11:ec:5f:a6:79:3b:41:f9:11:c9:e6:fe:9e:ad:13:
63:7f:29:64:b4:bc:60:d7:2e:4a:fa:ae:48:50:f7:
24:c3:34:55:f6:69:b4:72:93:e9:b3:2e:60:63:9c:
4e:f9:b3:bc:11:e8:6e:14:d4:01:3f:ec:38:8a:e3:
5e:88:95:78:2e:86:4e:42:39:c6:79:f7:34:2d:5d:
17:4a:e7:b5:1d:e0:fe:7d:d4:77:0b:05:4a:2f:c8:
41:6f:01:7d:d6:9d:7d:78:d9:e5:81:43:e8:bc:fb:
7c:73:7e:b7:f7:b2:7d:88:7b:7b:99:9f:3d:97:37:
9c:f8:b9:1b:ea:f8:a2:df:c0:11:da:16:dc:8f:9e:
dc:3e:47:6e:38:2e:c0:85:c7:78:23:a9:67:9e:94:
9b:85:77:27:7e:24:9d:04:67:02:3b:44:a0:11:e7:
d4:a8:21:9a:fb:21:04:ad:e9:c9:f2:79:11:bf:e7:
15:08:e1:a7:3b:ca:63:74:d9:3f:24:28:8a:b5:22:
0d:75:ea:d7:8b:00:e7:71:2f:45:2d:9c:84:2e:67:
46:55:d3:18:fc:ee:c4:dd:9d:0c:de:ad:41:3e:61:
ca:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:54:9A:D8:14:74:B5:F0:C4:8F:4A:49:00:4C:7A:A3:BA:56:F6:66
X509v3 Authority Key Identifier:
keyid:24:57:02:7E:3A:08:7B:65:F9:68:B5:35:E4:15:F6:74:32:69:58:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFcCfjoIe2X5aLU15BX2dDJpWHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/Z1Sa2BR0tfDEj0pJAEx6o7pW9mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/95f320-c7d3-41dd-b125-b79d08fa1747/1/JFcCfjoIe2X5aLU15BX2dDJpWHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.192.0/22
213.216.0.0/19
IPv6:
2a02:13c0::/32
Signature Algorithm: sha256WithRSAEncryption
12:bb:1d:ef:f9:0c:c5:b2:ec:c6:72:37:c2:d4:12:38:ed:10:
9a:e3:30:f8:0c:75:3f:25:d4:9c:b3:96:4c:bc:ca:c6:6a:15:
98:c4:f3:1e:6e:38:2a:46:13:87:ea:08:5f:2c:cb:17:5c:97:
a3:bf:31:3a:61:a9:21:5c:b1:0b:8f:49:e9:12:97:57:bc:c9:
6e:e7:fd:cd:3d:99:25:63:9e:dd:82:c2:f8:80:ca:d9:6e:32:
c6:b5:17:b3:ef:b6:22:99:1d:3b:c9:72:9a:02:c3:d1:41:c3:
bb:b2:15:ad:0b:c9:83:5a:de:b2:81:dd:24:da:bf:54:25:58:
0d:b3:39:f3:0c:e7:35:6b:1b:42:59:a7:b5:04:20:1b:4c:9b:
4e:39:82:43:d0:22:a5:88:b6:05:fb:af:18:4f:3f:40:c4:1e:
b9:c2:19:78:28:5b:63:33:87:fb:d6:5f:a5:ac:96:a1:fb:bd:
1d:de:9e:3d:19:00:e2:04:de:9b:3d:1c:eb:64:5f:de:06:28:
7a:8b:6f:78:d8:b2:2e:7c:b8:57:53:d5:36:0a:9d:fe:12:a8:
4b:2e:fd:2e:b6:27:f3:45:77:20:bb:7d:c6:1a:6c:6b:d1:f6:
40:94:b5:94:ff:15:2b:dc:6c:d4:7a:e3:20:a6:19:db:c7:33:
c4:b9:25:48
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFABAouQc3P4lQbVoIFUJlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTcwMjdlM2EwODdiNjVmOTY4YjUzNWU0MTVmNjc0MzI2
OTU4NzYwHhcNMjQwMTAxMTIyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU0OWFkODE0NzRiNWYwYzQ4ZjRhNDkwMDRjN2FhM2JhNTZmNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhg0FFBbNBKRnUm9hXIarDHY9UJ0x
X8WNRO9Zh5UR7F+meTtB+RHJ5v6erRNjfylktLxg1y5K+q5IUPckwzRV9mm0cpPp
sy5gY5xO+bO8EehuFNQBP+w4iuNeiJV4LoZOQjnGefc0LV0XSue1HeD+fdR3CwVK
L8hBbwF91p19eNnlgUPovPt8c36397J9iHt7mZ89lzec+Lkb6vii38AR2hbcj57c
PkduOC7Ahcd4I6lnnpSbhXcnfiSdBGcCO0SgEefUqCGa+yEErenJ8nkRv+cVCOGn
O8pjdNk/JCiKtSINderXiwDncS9FLZyELmdGVdMY/O7E3Z0M3q1BPmHKuQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGdUmtgUdLXwxI9KSQBMeqO6VvZmMB8GA1UdIwQY
MBaAFCRXAn46CHtl+Wi1NeQV9nQyaVh2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZjQ2Zqb0llMlg1YUxVMTVCWDJkREpwV0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy85NWYzMjAtYzdkMy00MWRkLWIxMjUt
Yjc5ZDA4ZmExNzQ3LzEvWjFTYTJCUjB0ZkRFajBwSkFFeDZvN3BXOW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy85NWYzMjAtYzdkMy00MWRkLWIxMjUtYjc5ZDA4ZmExNzQ3
LzEvSkZjQ2Zqb0llMlg1YUxVMTVCWDJkREpwV0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuV/AAwQF
1dgAMA0EAgACMAcDBQAqAhPAMA0GCSqGSIb3DQEBCwUAA4IBAQASux3v+QzFsuzG
cjfC1BI47RCa4zD4DHU/JdScs5ZMvMrGahWYxPMebjgqRhOH6ghfLMsXXJejvzE6
YakhXLELj0npEpdXvMlu5/3NPZklY57dgsL4gMrZbjLGtRez77YimR07yXKaAsPR
QcO7shWtC8mDWt6ygd0k2r9UJVgNsznzDOc1axtCWae1BCAbTJtOOYJD0CKliLYF
+68YTz9AxB65whl4KFtjM4f71l+lrJah+70d3p49GQDiBN6bPRzrZF/eBih6i294
2LIufLhXU9U2Cp3+EqhLLv0utifzRXcgu33GGmxr0fZAlLWU/xUr3GzUeuMgphnb
xzPEuSVI
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:36 2025 by rpki-client