Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/zcqBFGWQ6lTa1ViG9LQrlQo6BXc.roa
File: zcqBFGWQ6lTa1ViG9LQrlQo6BXc.roa (raw, json)
Hash identifier: lmcLF6PJzvW2Xp8767MSJ7SBAjzlj4AVd2yHoaoUj1Q=
Subject key identifier: CD:CA:81:14:65:90:EA:54:DA:D5:58:86:F4:B4:2B:95:0A:3A:05:77
Certificate issuer: /CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Certificate serial: 018FFFE856B388F039564E61B3FD8DE7A579
Authority key identifier: 95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/zcqBFGWQ6lTa1ViG9LQrlQo6BXc.roa
Signing time: Mon 10 Jun 2024 02:09:27 +0000
ROA not before: Mon 10 Jun 2024 02:09:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204180
IP address blocks: 185.111.248.0/22 maxlen: 22
185.111.248.0/24 maxlen: 24
185.111.249.0/24 maxlen: 24
185.111.250.0/24 maxlen: 24
185.111.251.0/24 maxlen: 24
2a06:6080::/29 maxlen: 29
2a06:6080::/40 maxlen: 40
2a06:6080::/48 maxlen: 48
2a06:6080:1::/48 maxlen: 48
2a06:6080:2::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 10 Jun 2024 02:40:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ff:e8:56:b3:88:f0:39:56:4e:61:b3:fd:8d:e7:a5:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=951d493b1bc0a8c852dd11cfc937891dac3f07c2
Validity
Not Before: Jun 10 02:09:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdca81146590ea54dad55886f4b42b950a3a0577
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a8:af:01:5a:6a:ff:28:8a:06:11:46:9f:d9:
54:93:d7:05:c3:cc:2a:29:6d:e5:ab:33:48:3f:bf:
77:54:38:e6:1f:f0:7d:c0:13:9d:c8:80:5b:05:fd:
77:dd:97:1b:74:45:3a:fe:1b:5a:1f:91:33:ef:6d:
8c:c4:20:3f:3e:4b:c1:e6:ef:8c:67:d4:31:bf:cf:
47:e7:72:5c:49:ad:59:07:6b:52:da:39:3b:ca:6d:
a4:4e:11:d7:2c:5e:cc:3b:58:6b:32:6d:d1:eb:5b:
95:5f:93:76:18:9a:4b:02:c1:0e:fc:67:e0:1c:db:
30:14:b7:03:2c:5b:64:60:72:50:fa:2e:ab:aa:8f:
ed:59:a9:42:25:08:31:f3:86:82:02:b2:c2:12:c0:
40:b5:fc:00:2c:7b:84:a6:cc:4b:89:f4:a5:be:4b:
f8:b1:c1:b5:fa:23:7c:84:99:b4:f8:56:97:9f:6a:
18:69:2b:7c:60:24:bb:fb:a6:a6:a7:df:bc:8c:75:
32:45:53:1d:e8:6f:ba:d5:a2:84:3a:8a:e8:d6:cf:
07:a2:21:b7:49:d6:ff:1a:5b:fe:c2:3a:fa:fe:ce:
a8:a5:cc:d4:46:33:df:46:c5:8f:6e:32:25:c3:97:
ee:95:22:10:3f:d2:15:9e:80:e9:22:25:93:1c:6b:
2e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:CA:81:14:65:90:EA:54:DA:D5:58:86:F4:B4:2B:95:0A:3A:05:77
X509v3 Authority Key Identifier:
keyid:95:1D:49:3B:1B:C0:A8:C8:52:DD:11:CF:C9:37:89:1D:AC:3F:07:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lR1JOxvAqMhS3RHPyTeJHaw_B8I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/zcqBFGWQ6lTa1ViG9LQrlQo6BXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/89bf3a-bf90-467a-a90b-22e248ed2014/1/lR1JOxvAqMhS3RHPyTeJHaw_B8I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.248.0/22
IPv6:
2a06:6080::/29
Signature Algorithm: sha256WithRSAEncryption
45:58:44:60:23:2b:4d:31:07:e3:59:d5:30:c4:76:43:28:77:
f7:92:5e:aa:0d:64:ba:07:0b:12:2b:82:ab:8f:68:dc:5b:67:
fa:01:d3:1c:2f:7a:f5:f1:e5:fb:15:4f:10:e0:cd:2e:2f:59:
d8:6b:cd:8c:e7:6f:1f:b8:00:a3:9f:54:b1:44:36:67:6c:cc:
3c:2a:81:86:36:2d:42:a4:43:c1:c0:1d:77:64:e4:fa:f3:0c:
2b:fd:b0:15:ba:57:89:c8:48:91:cb:b1:78:df:60:95:b9:c8:
8a:67:ee:c3:f4:96:06:e9:1e:11:17:6a:d9:61:50:01:8e:db:
56:12:bc:44:15:4c:2d:e9:d1:b2:ff:fb:47:61:79:4c:9c:58:
fa:56:77:94:9d:3c:b3:dc:74:28:80:ea:e1:7b:33:bd:4d:0c:
d1:d1:ba:e1:bd:58:71:3d:12:2a:7f:ca:8a:f9:9f:e6:44:a0:
ff:36:a8:de:64:cd:30:60:a1:61:f4:27:c0:a4:d5:e3:fe:86:
fe:5e:69:bd:54:fd:e3:37:7f:0b:27:1c:d3:df:b1:14:0a:e6:
b7:54:9b:2a:2e:7a:d7:49:cb:20:2d:89:13:47:f8:55:49:67:
b1:5f:fb:dc:1d:2e:c3:3a:f2:e4:27:6e:bf:ce:27:aa:09:8f:
6c:78:62:87
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY//6FaziPA5Vk5hs/2N56V5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MWQ0OTNiMWJjMGE4Yzg1MmRkMTFjZmM5Mzc4OTFkYWMz
ZjA3YzIwHhcNMjQwNjEwMDIwOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGNhODExNDY1OTBlYTU0ZGFkNTU4ODZmNGI0MmI5NTBhM2EwNTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqivAVpq/yiKBhFGn9lUk9cFw8wq
KW3lqzNIP793VDjmH/B9wBOdyIBbBf133ZcbdEU6/htaH5Ez722MxCA/PkvB5u+M
Z9Qxv89H53JcSa1ZB2tS2jk7ym2kThHXLF7MO1hrMm3R61uVX5N2GJpLAsEO/Gfg
HNswFLcDLFtkYHJQ+i6rqo/tWalCJQgx84aCArLCEsBAtfwALHuEpsxLifSlvkv4
scG1+iN8hJm0+FaXn2oYaSt8YCS7+6amp9+8jHUyRVMd6G+61aKEOoro1s8HoiG3
Sdb/Glv+wjr6/s6opczURjPfRsWPbjIlw5fulSIQP9IVnoDpIiWTHGsuAwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM3KgRRlkOpU2tVYhvS0K5UKOgV3MB8GA1UdIwQY
MBaAFJUdSTsbwKjIUt0Rz8k3iR2sPwfCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGIt
MjJlMjQ4ZWQyMDE0LzEvemNxQkZHV1E2bFRhMVZpRzlMUXJsUW82QlhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi84OWJmM2EtYmY5MC00NjdhLWE5MGItMjJlMjQ4ZWQyMDE0
LzEvbFIxSk94dkFxTWhTM1JIUHlUZUpIYXdfQjhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuW/4MA0E
AgACMAcDBQMqBmCAMA0GCSqGSIb3DQEBCwUAA4IBAQBFWERgIytNMQfjWdUwxHZD
KHf3kl6qDWS6BwsSK4Krj2jcW2f6AdMcL3r18eX7FU8Q4M0uL1nYa82M528fuACj
n1SxRDZnbMw8KoGGNi1CpEPBwB13ZOT68wwr/bAVuleJyEiRy7F432CVuciKZ+7D
9JYG6R4RF2rZYVABjttWErxEFUwt6dGy//tHYXlMnFj6VneUnTyz3HQogOrhezO9
TQzR0brhvVhxPRIqf8qK+Z/mRKD/NqjeZM0wYKFh9CfApNXj/ob+Xmm9VP3jN38L
JxzT37EUCua3VJsqLnrXScsgLYkTR/hVSWexX/vcHS7DOvLkJ26/zieqCY9seGKH
-----END CERTIFICATE-----
Generated at Mon Jun 16 10:32:24 2025 by rpki-client