Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/2z5JKjVIs7MQqY4rzxpryvOJDXs.roa
File: 2z5JKjVIs7MQqY4rzxpryvOJDXs.roa (raw, json)
Hash identifier: l3SzRx/NIwODNRgr6IkSurEnzm9qAab6mVKXqxDr/v8=
Subject key identifier: DB:3E:49:2A:35:48:B3:B3:10:A9:8E:2B:CF:1A:6B:CA:F3:89:0D:7B
Certificate issuer: /CN=9d8ada352982a319b54d5e483d34426346733ea4
Certificate serial: 018CC94E2967EEAFAD328278DCB800DC4ECB
Authority key identifier: 9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/2z5JKjVIs7MQqY4rzxpryvOJDXs.roa
Signing time: Tue 02 Jan 2024 08:33:12 +0000
ROA not before: Tue 02 Jan 2024 08:33:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202862
IP address blocks: 194.146.90.0/23 maxlen: 23
194.146.88.0/22 maxlen: 22
194.146.88.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:29:67:ee:af:ad:32:82:78:dc:b8:00:dc:4e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d8ada352982a319b54d5e483d34426346733ea4
Validity
Not Before: Jan 2 08:33:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db3e492a3548b3b310a98e2bcf1a6bcaf3890d7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:72:6e:30:db:40:35:d2:ad:1d:da:2f:9a:aa:
77:c1:a8:92:52:bd:3a:27:96:54:19:ee:7b:f4:da:
d1:0d:8b:c1:ef:75:ff:3f:df:54:7e:7f:2c:54:ea:
de:bf:ea:7e:fb:f4:4b:f1:1b:42:65:8f:06:3e:18:
7e:73:0c:d9:64:40:02:25:f9:96:fc:bc:62:df:f6:
ba:1b:ae:dd:9b:a8:64:46:0c:28:14:ba:f1:c4:97:
21:dd:18:da:b7:69:cd:ea:a6:3b:94:48:b6:cf:41:
2f:2d:ba:87:b2:bf:12:f4:cb:26:bd:fc:89:6e:17:
55:cf:32:fe:33:3a:9d:75:d7:d2:26:d1:f2:4b:37:
d4:fb:7a:b2:b4:c0:9c:c2:f9:44:84:92:2c:cc:96:
57:53:22:7a:f0:6b:0b:2f:d9:7a:80:de:bd:13:88:
04:14:8e:7e:3b:1e:28:4d:f0:3a:fe:78:25:9d:0f:
22:12:5f:05:8d:cb:ab:13:df:4a:b2:95:6e:22:64:
d6:db:6c:43:c6:be:4d:65:96:14:fc:7c:95:db:16:
d9:30:e8:86:85:5c:90:2d:0e:4a:43:93:52:4e:f0:
c0:bd:2e:21:77:a4:b8:ba:cb:f4:ca:66:52:9c:67:
fc:d7:d5:50:26:dd:f9:b5:2f:dd:44:a6:03:c2:41:
f8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3E:49:2A:35:48:B3:B3:10:A9:8E:2B:CF:1A:6B:CA:F3:89:0D:7B
X509v3 Authority Key Identifier:
keyid:9D:8A:DA:35:29:82:A3:19:B5:4D:5E:48:3D:34:42:63:46:73:3E:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/2z5JKjVIs7MQqY4rzxpryvOJDXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/f4863a-aeae-42f7-ba14-ed4a138c4113/1/nYraNSmCoxm1TV5IPTRCY0ZzPqQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.88.0/22
Signature Algorithm: sha256WithRSAEncryption
bb:bb:1b:cb:7a:c7:7f:8b:c9:e3:5b:4b:ea:d5:67:3c:d1:eb:
96:67:4c:26:61:03:26:bf:01:68:eb:86:4d:3b:e5:18:ea:07:
17:00:ff:3b:25:c7:7c:06:16:7b:f1:24:40:85:87:0e:4c:3b:
0c:f7:58:46:bc:d6:d9:4e:15:84:4c:4a:08:83:be:b2:4b:b2:
ed:ab:1d:0c:ce:5b:1f:b9:f2:b1:82:f2:a5:dc:7e:59:f2:36:
cc:40:7b:0a:d9:7f:3a:d4:d2:d0:51:60:6a:b5:4b:80:55:c2:
e2:84:18:40:f7:92:86:c4:ba:ad:86:ee:3e:05:ac:7c:7e:ad:
66:96:7a:4e:d8:70:a4:4d:ee:19:39:20:d5:f9:f3:ee:f3:41:
75:60:8e:ff:f9:e0:1a:88:fd:2c:7a:ae:64:b4:11:4b:45:61:
74:c3:32:83:07:84:00:2f:da:79:0d:5c:73:33:fd:29:ef:5e:
17:47:bc:7b:cb:2a:5a:a7:bd:0b:18:4d:3a:b5:16:0f:66:d2:
f8:78:96:64:ed:ba:6e:06:88:95:ca:f9:71:7b:45:f1:37:53:
06:8b:8d:27:02:a1:7d:98:b8:09:a2:16:ba:6f:43:dc:4f:88:
30:0d:fb:0d:dd:41:c3:33:0d:56:45:dc:25:51:ba:f7:49:c4:
47:ba:d0:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTiln7q+tMoJ43LgA3E7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkOGFkYTM1Mjk4MmEzMTliNTRkNWU0ODNkMzQ0MjYzNDY3
MzNlYTQwHhcNMjQwMTAyMDgzMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNlNDkyYTM1NDhiM2IzMTBhOThlMmJjZjFhNmJjYWYzODkwZDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvHJuMNtANdKtHdovmqp3waiSUr06
J5ZUGe579NrRDYvB73X/P99Ufn8sVOrev+p++/RL8RtCZY8GPhh+cwzZZEACJfmW
/Lxi3/a6G67dm6hkRgwoFLrxxJch3Rjat2nN6qY7lEi2z0EvLbqHsr8S9MsmvfyJ
bhdVzzL+MzqdddfSJtHySzfU+3qytMCcwvlEhJIszJZXUyJ68GsLL9l6gN69E4gE
FI5+Ox4oTfA6/nglnQ8iEl8FjcurE99KspVuImTW22xDxr5NZZYU/HyV2xbZMOiG
hVyQLQ5KQ5NSTvDAvS4hd6S4usv0ymZSnGf819VQJt35tS/dRKYDwkH4cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNs+SSo1SLOzEKmOK88aa8rziQ17MB8GA1UdIwQY
MBaAFJ2K2jUpgqMZtU1eSD00QmNGcz6kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbllyYU5TbUNveG0xVFY1SVBUUkNZMFp6UHFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi9mNDg2M2EtYWVhZS00MmY3LWJhMTQt
ZWQ0YTEzOGM0MTEzLzEvMno1SktqVklzN01RcVk0cnp4cHJ5dk9KRFhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi9mNDg2M2EtYWVhZS00MmY3LWJhMTQtZWQ0YTEzOGM0MTEz
LzEvbllyYU5TbUNveG0xVFY1SVBUUkNZMFp6UHFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpJYMA0G
CSqGSIb3DQEBCwUAA4IBAQC7uxvLesd/i8njW0vq1Wc80euWZ0wmYQMmvwFo64ZN
O+UY6gcXAP87Jcd8BhZ78SRAhYcOTDsM91hGvNbZThWETEoIg76yS7Ltqx0Mzlsf
ufKxgvKl3H5Z8jbMQHsK2X861NLQUWBqtUuAVcLihBhA95KGxLqthu4+Bax8fq1m
lnpO2HCkTe4ZOSDV+fPu80F1YI7/+eAaiP0seq5ktBFLRWF0wzKDB4QAL9p5DVxz
M/0p714XR7x7yypap70LGE06tRYPZtL4eJZk7bpuBoiVyvlxe0XxN1MGi40nAqF9
mLgJoha6b0PcT4gwDfsN3UHDMw1WRdwlUbr3ScRHutB/
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:21 2025 by rpki-client