Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/zWs1wQTbd6R2i4jnSpzR9aFPNqQ.roa
File: zWs1wQTbd6R2i4jnSpzR9aFPNqQ.roa (raw, json)
Hash identifier: 2GmSZmLliAZkMjeWqh/KgmOVb/kWYi6Jjzdh/qP+ldI=
Subject key identifier: CD:6B:35:C1:04:DB:77:A4:76:8B:88:E7:4A:9C:D1:F5:A1:4F:36:A4
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DC057471315088FDE044347957CC85537
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/zWs1wQTbd6R2i4jnSpzR9aFPNqQ.roa
Signing time: Mon 19 Feb 2024 07:49:21 +0000
ROA not before: Mon 19 Feb 2024 07:49:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215484
IP address blocks: 188.128.128.0/22 maxlen: 24
2a02:25af:dead::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:47:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c0:57:47:13:15:08:8f:de:04:43:47:95:7c:c8:55:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 19 07:49:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cd6b35c104db77a4768b88e74a9cd1f5a14f36a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:46:84:cf:f2:ce:f2:b1:f7:9e:d8:42:1d:3f:
68:78:4e:0c:fe:ca:a1:75:6f:a2:cc:40:13:07:65:
96:5d:bf:44:f8:be:5a:a1:60:e0:f9:63:8d:53:24:
fb:9c:3d:82:9a:64:34:a2:39:71:e2:a4:5a:9a:2c:
11:85:7a:80:2b:f7:55:c7:e2:9c:e5:f0:b3:92:98:
cf:62:f5:58:91:2e:2c:aa:b4:9e:55:a2:f6:64:7a:
44:4f:d4:9d:bb:c0:f8:22:25:f0:f5:e8:2a:cf:32:
ad:e1:fe:0d:61:d4:60:e7:59:f0:3d:fc:d8:82:1f:
a3:b8:ba:c0:68:28:ce:7a:79:54:30:99:83:12:af:
18:42:6a:ce:68:76:c5:81:b3:a3:93:fa:ef:8b:5e:
c9:a8:03:dd:8a:dd:9c:a8:d8:f1:5b:1e:40:f8:89:
40:78:79:0f:c3:7e:4c:9e:e0:db:77:4a:5b:b3:d9:
4b:8b:bb:99:84:ab:ee:65:e5:9f:e5:c5:bb:a2:6a:
db:78:aa:47:62:5b:70:e9:c9:ed:3f:ba:d1:b3:7e:
54:61:b1:89:20:87:15:b8:30:04:99:fa:e4:6d:fc:
ce:70:67:b0:37:50:3f:b8:55:7b:b1:d4:0e:82:e2:
15:3a:c8:a3:6c:79:fc:43:54:63:41:4b:33:3a:73:
bf:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:6B:35:C1:04:DB:77:A4:76:8B:88:E7:4A:9C:D1:F5:A1:4F:36:A4
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/zWs1wQTbd6R2i4jnSpzR9aFPNqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.128.128.0/22
IPv6:
2a02:25af:dead::/48
Signature Algorithm: sha256WithRSAEncryption
5c:8a:2c:bb:76:18:94:19:8c:d6:0b:20:a3:fe:95:65:9e:f4:
55:2a:cd:1e:c3:4e:74:1c:b8:76:38:86:ec:88:8f:b8:d8:43:
6f:d4:00:40:3c:97:e2:03:43:bf:64:42:d8:94:98:ef:b8:10:
6e:02:f7:52:80:2e:37:e0:7c:84:e3:c6:02:ca:38:a6:d6:a1:
36:6b:bd:12:43:40:12:52:ac:99:43:a1:92:d5:c0:3f:0b:48:
f3:a1:ff:c1:51:23:11:b8:ce:d5:42:00:3a:5b:75:3c:8b:b9:
c5:a2:d1:ff:55:82:eb:0e:c7:63:6c:22:82:34:d5:ee:93:bf:
67:91:c1:a2:00:24:04:9f:c2:b7:54:10:90:6f:c0:d0:46:02:
3e:65:a4:43:7c:f5:e7:92:a4:82:a9:23:0d:7d:2f:25:ba:bf:
78:9b:34:5b:d3:3f:43:50:96:4a:c7:0c:a0:7a:04:31:b2:8e:
64:a2:28:b2:37:a8:be:8c:62:4c:21:0b:a6:5f:6e:04:d1:fb:
03:de:7c:31:3c:8b:fe:64:e3:c8:cf:c8:b2:88:e4:ea:3d:6b:
86:05:3b:d5:19:b0:bc:9b:63:a5:08:4b:b6:e0:36:d8:6f:d7:
75:55:ff:23:f0:01:79:1e:d2:6c:af:fb:e4:e0:f9:62:6e:fa:
e4:6a:6b:af
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY3AV0cTFQiP3gRDR5V8yFU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE5MDc0OTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDZiMzVjMTA0ZGI3N2E0NzY4Yjg4ZTc0YTljZDFmNWExNGYzNmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0aEz/LO8rH3nthCHT9oeE4M/sqh
dW+izEATB2WWXb9E+L5aoWDg+WONUyT7nD2CmmQ0ojlx4qRamiwRhXqAK/dVx+Kc
5fCzkpjPYvVYkS4sqrSeVaL2ZHpET9Sdu8D4IiXw9egqzzKt4f4NYdRg51nwPfzY
gh+juLrAaCjOenlUMJmDEq8YQmrOaHbFgbOjk/rvi17JqAPdit2cqNjxWx5A+IlA
eHkPw35MnuDbd0pbs9lLi7uZhKvuZeWf5cW7omrbeKpHYltw6cntP7rRs35UYbGJ
IIcVuDAEmfrkbfzOcGewN1A/uFV7sdQOguIVOsijbHn8Q1RjQUszOnO/0QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFM1rNcEE23ekdouI50qc0fWhTzakMB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEveldzMXdRVGJkNlIyaTRqblNwelI5YUZQTnFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCvICAMA8E
AgACMAkDBwAqAiWv3q0wDQYJKoZIhvcNAQELBQADggEBAFyKLLt2GJQZjNYLIKP+
lWWe9FUqzR7DTnQcuHY4huyIj7jYQ2/UAEA8l+IDQ79kQtiUmO+4EG4C91KALjfg
fITjxgLKOKbWoTZrvRJDQBJSrJlDoZLVwD8LSPOh/8FRIxG4ztVCADpbdTyLucWi
0f9VgusOx2NsIoI01e6Tv2eRwaIAJASfwrdUEJBvwNBGAj5lpEN89eeSpIKpIw19
LyW6v3ibNFvTP0NQlkrHDKB6BDGyjmSiKLI3qL6MYkwhC6ZfbgTR+wPefDE8i/5k
48jPyLKI5Oo9a4YFO9UZsLybY6UIS7bgNthv13VV/yPwAXke0myv++Tg+WJu+uRq
a68=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:27:59 2025 by rpki-client