Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/3ZSvYpe9dGvaaEAXN0NlgKu55bY.roa
File: 3ZSvYpe9dGvaaEAXN0NlgKu55bY.roa (raw, json)
Hash identifier: 44Bu3F6QQQwti8ZTiPvqBFrH4gbAGzy1mNVQPqhuxrQ=
Subject key identifier: DD:94:AF:62:97:BD:74:6B:DA:68:40:17:37:43:65:80:AB:B9:E5:B6
Certificate issuer: /CN=4020199044c54c237903f656f83b2640c2d1df45
Certificate serial: 018CC5001A54FB992E73A3478191A0F5D0D9
Authority key identifier: 40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/3ZSvYpe9dGvaaEAXN0NlgKu55bY.roa
Signing time: Mon 01 Jan 2024 12:29:27 +0000
ROA not before: Mon 01 Jan 2024 12:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49175
IP address blocks: 185.138.85.0/24 maxlen: 24
185.138.84.0/24 maxlen: 24
185.138.87.0/24 maxlen: 24
185.138.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1a:54:fb:99:2e:73:a3:47:81:91:a0:f5:d0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4020199044c54c237903f656f83b2640c2d1df45
Validity
Not Before: Jan 1 12:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dd94af6297bd746bda68401737436580abb9e5b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c7:11:cb:8c:c5:44:6c:18:14:19:b9:7e:48:
3d:ad:e2:f4:25:38:e1:fc:25:04:6f:09:db:91:be:
89:b0:5d:0a:14:6d:90:4d:0f:02:f6:ff:7e:de:a2:
58:62:ea:68:b5:8a:5f:2c:36:f2:3a:4f:c4:d6:17:
7f:c4:3a:b2:f5:34:71:3d:f6:ce:56:4b:e2:56:e6:
99:90:75:7c:0c:05:bd:50:dd:02:86:a2:51:7b:db:
2c:2d:bf:29:13:db:5f:b9:f7:48:72:eb:1a:28:f6:
33:22:3e:67:59:44:c1:ef:dd:1a:8f:7f:35:7a:20:
cd:94:d7:ee:78:d4:b5:bc:cf:58:e1:15:f8:da:5f:
57:d6:f9:94:08:53:54:a1:1c:78:77:b0:7c:f2:1d:
06:74:68:39:58:96:3c:49:3f:4d:fe:cc:e3:76:0f:
3a:40:61:14:82:95:dd:a7:b7:96:8d:30:7e:be:2b:
f4:c8:c0:fa:0b:8b:c0:b3:15:61:70:fa:de:dc:3d:
19:30:b3:1e:a5:1f:f0:e4:57:8b:b0:d6:15:9d:27:
03:e6:66:0d:a0:ed:0d:0a:53:8b:4f:39:f4:d5:68:
fb:e2:3e:74:07:75:d8:f4:73:c0:42:a1:3f:f6:6b:
e4:17:66:7a:44:52:6d:56:16:21:0c:fe:8c:78:b9:
a2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:94:AF:62:97:BD:74:6B:DA:68:40:17:37:43:65:80:AB:B9:E5:B6
X509v3 Authority Key Identifier:
keyid:40:20:19:90:44:C5:4C:23:79:03:F6:56:F8:3B:26:40:C2:D1:DF:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QCAZkETFTCN5A_ZW-DsmQMLR30U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/3ZSvYpe9dGvaaEAXN0NlgKu55bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/4ba0dc-4702-47c1-ba9e-4b750bbc6167/1/QCAZkETFTCN5A_ZW-DsmQMLR30U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.138.84.0/22
Signature Algorithm: sha256WithRSAEncryption
20:27:4f:9e:76:9f:0f:03:5c:3c:32:ba:60:9a:0e:a1:5d:21:
7d:e3:5e:ad:d5:3d:bb:ee:7f:03:f0:c9:07:3c:fc:4f:9a:13:
ce:6e:a1:7f:b6:17:21:89:ec:63:3b:61:a3:8f:37:02:05:c5:
03:08:07:ec:b9:dc:dc:ba:96:aa:e0:1e:9f:f1:94:ae:63:f9:
72:db:0b:8a:42:13:4b:76:ca:11:81:de:3f:1c:55:fb:17:29:
fa:95:26:22:29:5d:e1:9a:35:46:36:72:06:14:8e:c4:1b:2d:
f3:43:d9:dc:d2:ab:47:dc:f3:c6:0d:bd:6c:7b:00:96:d3:87:
7f:1c:41:30:87:6e:5d:de:a6:73:8c:1e:f0:b7:c5:93:33:b9:
30:b4:a2:b7:1b:a2:84:39:05:d8:f0:f6:7c:c8:3e:b6:78:4f:
ad:cd:a1:9f:4b:ac:98:37:95:5e:47:e3:0c:99:5b:8e:1f:79:
16:75:b7:d2:0a:e3:42:40:11:5f:c5:e7:5f:11:c7:40:10:ea:
25:42:9a:84:7e:2f:f3:dc:74:22:ef:26:69:0a:c5:43:49:38:
8a:f0:21:7b:21:a7:67:91:69:0d:d2:90:8d:ca:c9:d0:3a:c8:
77:13:9b:2c:07:ee:60:c1:63:6d:7b:6b:f9:ad:bc:cf:78:36:
5e:aa:e9:19
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFABpU+5kuc6NHgZGg9dDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwMjAxOTkwNDRjNTRjMjM3OTAzZjY1NmY4M2IyNjQwYzJk
MWRmNDUwHhcNMjQwMTAxMTIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDk0YWY2Mjk3YmQ3NDZiZGE2ODQwMTczNzQzNjU4MGFiYjllNWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMcRy4zFRGwYFBm5fkg9reL0JTjh
/CUEbwnbkb6JsF0KFG2QTQ8C9v9+3qJYYupotYpfLDbyOk/E1hd/xDqy9TRxPfbO
VkviVuaZkHV8DAW9UN0ChqJRe9ssLb8pE9tfufdIcusaKPYzIj5nWUTB790aj381
eiDNlNfueNS1vM9Y4RX42l9X1vmUCFNUoRx4d7B88h0GdGg5WJY8ST9N/szjdg86
QGEUgpXdp7eWjTB+viv0yMD6C4vAsxVhcPre3D0ZMLMepR/w5FeLsNYVnScD5mYN
oO0NClOLTzn01Wj74j50B3XY9HPAQqE/9mvkF2Z6RFJtVhYhDP6MeLmisQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN2Ur2KXvXRr2mhAFzdDZYCrueW2MB8GA1UdIwQY
MBaAFEAgGZBExUwjeQP2Vvg7JkDC0d9FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUt
NGI3NTBiYmM2MTY3LzEvM1pTdllwZTlkR3ZhYUVBWE4wTmxnS3U1NWJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80YmEwZGMtNDcwMi00N2MxLWJhOWUtNGI3NTBiYmM2MTY3
LzEvUUNBWmtFVEZUQ041QV9aVy1Ec21RTUxSMzBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYpUMA0G
CSqGSIb3DQEBCwUAA4IBAQAgJ0+edp8PA1w8Mrpgmg6hXSF9416t1T277n8D8MkH
PPxPmhPObqF/thchiexjO2GjjzcCBcUDCAfsudzcupaq4B6f8ZSuY/ly2wuKQhNL
dsoRgd4/HFX7Fyn6lSYiKV3hmjVGNnIGFI7EGy3zQ9nc0qtH3PPGDb1sewCW04d/
HEEwh25d3qZzjB7wt8WTM7kwtKK3G6KEOQXY8PZ8yD62eE+tzaGfS6yYN5VeR+MM
mVuOH3kWdbfSCuNCQBFfxedfEcdAEOolQpqEfi/z3HQi7yZpCsVDSTiK8CF7Iadn
kWkN0pCNysnQOsh3E5ssB+5gwWNte2v5rbzPeDZequkZ
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:38:30 2025 by rpki-client