Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/ZvimsC0wvOX3aR035EsL5PaVJt0.roa
File: ZvimsC0wvOX3aR035EsL5PaVJt0.roa (raw, json)
Hash identifier: dUpK+9o7WdLLYl8GCDenxsLf5182pBG/ZAzZx4fd1bI=
Subject key identifier: 66:F8:A6:B0:2D:30:BC:E5:F7:69:1D:37:E4:4B:0B:E4:F6:95:26:DD
Certificate issuer: /CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Certificate serial: 018D1C189DB63C2251E6DF599EF0BB068B1F
Authority key identifier: FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/ZvimsC0wvOX3aR035EsL5PaVJt0.roa
Signing time: Thu 18 Jan 2024 10:23:11 +0000
ROA not before: Thu 18 Jan 2024 10:23:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203214
IP address blocks: 78.109.236.0/24 maxlen: 24
78.109.237.0/24 maxlen: 24
78.109.238.0/24 maxlen: 24
185.52.100.0/24 maxlen: 24
185.52.101.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 10:50:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:18:9d:b6:3c:22:51:e6:df:59:9e:f0:bb:06:8b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb061a39f0a037923113d6b8bb9b5bdab5b2f466
Validity
Not Before: Jan 18 10:23:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=66f8a6b02d30bce5f7691d37e44b0be4f69526dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:37:1b:42:f5:05:f0:31:5e:1d:5e:d9:3a:ee:
7d:7f:ef:3c:0f:4a:d3:5b:6d:f2:08:93:36:d4:5f:
61:17:9f:45:08:6b:9a:29:2d:b4:1b:8e:2a:a6:a1:
90:52:e7:73:ed:84:34:62:2b:02:7b:bf:3d:18:e6:
36:3c:a7:49:06:bc:66:38:30:44:e7:c0:84:7c:4f:
42:50:ad:9b:e8:7b:ec:32:2f:c3:c9:6e:3b:86:e8:
4c:80:20:fb:41:21:4a:b2:1a:ed:4d:6f:f8:20:d3:
ac:a3:5a:ba:a4:08:2b:79:8c:8e:8a:fb:c2:93:97:
21:6b:7a:94:7b:f2:90:01:70:4c:03:b0:c6:ca:aa:
1c:1b:f8:8d:21:11:bf:1d:2a:15:48:bc:82:08:91:
b6:7f:99:24:f0:b9:29:02:94:ec:d8:ca:b3:13:ed:
65:3e:8f:d2:29:5d:12:43:f2:f4:99:f8:32:d4:e2:
fb:e4:d7:1b:10:99:a8:8d:2b:79:1f:10:29:42:66:
5a:e3:9a:0f:55:49:b3:1a:94:39:6a:f4:ea:29:d5:
27:c6:47:e8:bc:c6:a4:95:a7:13:39:3e:5a:c3:6d:
fe:ab:81:d0:27:79:7f:7a:0c:a4:f4:89:27:37:4e:
33:03:df:7c:26:21:8e:84:61:21:f2:57:e8:fd:9d:
ff:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F8:A6:B0:2D:30:BC:E5:F7:69:1D:37:E4:4B:0B:E4:F6:95:26:DD
X509v3 Authority Key Identifier:
keyid:FB:06:1A:39:F0:A0:37:92:31:13:D6:B8:BB:9B:5B:DA:B5:B2:F4:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/ZvimsC0wvOX3aR035EsL5PaVJt0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/a3294b-d478-4dbd-aae5-fd167ad92a9d/1/1-wYaOfCgN5IxE9a4u5tb2rWy9GY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.109.236.0-78.109.238.255
185.52.100.0/23
Signature Algorithm: sha256WithRSAEncryption
51:6c:47:2f:76:da:1a:4d:c2:07:c3:fd:9d:b0:05:35:86:7a:
34:16:f7:80:2a:e1:54:65:ed:9d:bd:fe:bf:52:a6:e3:5f:88:
39:91:39:3b:f2:38:a3:e5:78:f8:c8:69:fc:5f:6f:e4:d1:fa:
db:23:ad:2b:be:c2:ba:d2:e0:ae:56:5c:d3:5a:ce:84:ef:2b:
0c:08:ca:85:9c:a6:c7:d4:87:20:ac:ab:3d:a2:b2:b6:f0:64:
ff:e6:4a:44:7d:2f:dc:97:54:e6:1e:ff:55:4a:cb:93:72:d2:
36:03:63:5e:88:3b:ae:c9:52:a6:8b:5a:d8:fb:a2:78:ce:ca:
5e:4f:70:07:91:53:4a:c2:5b:4a:ed:df:d3:87:56:30:2e:b1:
79:97:ca:15:58:e6:68:6f:ea:5b:21:c6:9d:45:f0:eb:04:c7:
d4:a1:44:da:95:da:b5:e5:54:40:28:ce:e0:d3:89:bc:24:97:
12:22:63:4f:44:c8:c9:e3:34:68:69:49:4f:91:17:89:84:a0:
b7:a1:33:9f:62:93:d0:2b:6d:72:d1:0e:93:f9:d4:9c:f2:0d:
b4:35:c8:68:db:6e:94:d6:68:5b:cd:84:96:3e:b5:e2:5e:5d:
44:f8:49:fd:2b:24:d6:d2:ea:9a:2b:95:22:48:73:f7:a6:a1:
19:7a:9f:c7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY0cGJ22PCJR5t9ZnvC7BosfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMDYxYTM5ZjBhMDM3OTIzMTEzZDZiOGJiOWI1YmRhYjVi
MmY0NjYwHhcNMjQwMTE4MTAyMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmY4YTZiMDJkMzBiY2U1Zjc2OTFkMzdlNDRiMGJlNGY2OTUyNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwzcbQvUF8DFeHV7ZOu59f+88D0rT
W23yCJM21F9hF59FCGuaKS20G44qpqGQUudz7YQ0YisCe789GOY2PKdJBrxmODBE
58CEfE9CUK2b6HvsMi/DyW47huhMgCD7QSFKshrtTW/4INOso1q6pAgreYyOivvC
k5cha3qUe/KQAXBMA7DGyqocG/iNIRG/HSoVSLyCCJG2f5kk8LkpApTs2MqzE+1l
Po/SKV0SQ/L0mfgy1OL75NcbEJmojSt5HxApQmZa45oPVUmzGpQ5avTqKdUnxkfo
vMaklacTOT5aw23+q4HQJ3l/egyk9IknN04zA998JiGOhGEh8lfo/Z3/LwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFGb4prAtMLzl92kdN+RLC+T2lSbdMB8GA1UdIwQY
MBaAFPsGGjnwoDeSMRPWuLubW9q1svRmMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS13WWFPZkNnTjVJeEU5YTR1NXRiMnJXeTlHWS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1
LWZkMTY3YWQ5MmE5ZC8xL1p2aW1zQzB3dk9YM2FSMDM1RXNMNVBhVkp0MC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjMvYTMyOTRiLWQ0NzgtNGRiZC1hYWU1LWZkMTY3YWQ5MmE5
ZC8xLzEtd1lhT2ZDZ041SXhFOWE0dTV0YjJyV3k5R1kuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLQYIKwYBBQUHAQcBAf8EHjAcMBoEAgABMBQwDAMEAk5t
7AMEAE5t7gMEAbk0ZDANBgkqhkiG9w0BAQsFAAOCAQEAUWxHL3baGk3CB8P9nbAF
NYZ6NBb3gCrhVGXtnb3+v1Km41+IOZE5O/I4o+V4+Mhp/F9v5NH62yOtK77CutLg
rlZc01rOhO8rDAjKhZymx9SHIKyrPaKytvBk/+ZKRH0v3JdU5h7/VUrLk3LSNgNj
Xog7rslSpota2PuieM7KXk9wB5FTSsJbSu3f04dWMC6xeZfKFVjmaG/qWyHGnUXw
6wTH1KFE2pXateVUQCjO4NOJvCSXEiJjT0TIyeM0aGlJT5EXiYSgt6Ezn2KT0Ctt
ctEOk/nUnPINtDXIaNtulNZoW82Elj614l5dRPhJ/Ssk1tLqmiuVIkhz96ahGXqf
xw==
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:33:32 2025 by rpki-client