Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZJgc4R4UWqAhoQf6FWBDdKHEgSI.roa
File: ZJgc4R4UWqAhoQf6FWBDdKHEgSI.roa (raw, json)
Hash identifier: VbHdXo7jBcy/8u93i+qhRe1+V8BWFqOV8CPxxf5fWPA=
Subject key identifier: 64:98:1C:E1:1E:14:5A:A0:21:A1:07:FA:15:60:43:74:A1:C4:81:22
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01964962BFA7E9926EDDD624AFAABF13585A
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZJgc4R4UWqAhoQf6FWBDdKHEgSI.roa
Signing time: Fri 18 Apr 2025 14:52:10 +0000
ROA not before: Fri 18 Apr 2025 14:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 45.139.6.0/23 maxlen: 24
46.249.110.0/24 maxlen: 24
82.115.9.0/24 maxlen: 24
82.115.28.0/23 maxlen: 24
89.251.10.0/24 maxlen: 24
159.255.32.0/22 maxlen: 22
159.255.36.0/22 maxlen: 22
178.173.232.0/21 maxlen: 24
185.231.172.0/22 maxlen: 24
188.253.8.0/21 maxlen: 24
202.133.90.0/23 maxlen: 24
213.173.32.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Apr 2025 14:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:62:bf:a7:e9:92:6e:dd:d6:24:af:aa:bf:13:58:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Apr 18 14:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64981ce11e145aa021a107fa15604374a1c48122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5b:28:50:99:dd:02:38:a0:f1:6d:75:c8:3f:
8d:12:e6:48:37:93:3d:8b:5d:99:c2:2d:36:29:9f:
a2:a1:09:74:0c:d3:49:f2:39:db:d6:d0:39:6d:45:
1b:a0:72:9d:46:a1:a6:85:3a:a9:ed:3a:51:49:f2:
0f:b4:cb:2b:bd:f1:82:ec:ce:1b:b0:82:19:ec:8a:
9f:8f:b7:25:ef:bf:37:c9:ec:46:1b:25:72:65:17:
9c:b6:84:28:c1:3e:89:5f:54:5a:4b:7c:4a:11:74:
94:62:bd:c4:5a:b4:46:4f:97:9d:6c:4b:2e:55:c6:
0e:af:59:d2:99:54:66:9e:b6:82:30:a3:04:af:61:
04:9f:3f:47:ba:67:f5:b1:40:44:c0:d4:e7:5b:0e:
2e:89:7d:f3:0e:84:6c:28:de:09:0e:e2:6b:b3:aa:
ea:d1:c4:71:61:11:97:c7:ff:13:9e:d9:81:d2:0d:
d2:b0:a1:19:1d:5b:39:1b:12:e5:b0:6a:c6:e8:c5:
f8:82:17:be:a2:6f:ee:8e:8a:49:aa:10:e6:c7:1e:
43:87:a4:b8:42:2f:7a:b1:ac:52:93:49:87:78:ab:
07:5f:52:d4:04:54:15:be:5e:93:90:6d:5a:f6:72:
12:c2:16:6b:51:f7:83:1f:f8:0b:35:f2:92:ae:40:
1f:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:98:1C:E1:1E:14:5A:A0:21:A1:07:FA:15:60:43:74:A1:C4:81:22
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/ZJgc4R4UWqAhoQf6FWBDdKHEgSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.6.0/23
46.249.110.0/24
82.115.9.0/24
82.115.28.0/23
89.251.10.0/24
159.255.32.0/21
178.173.232.0/21
185.231.172.0/22
188.253.8.0/21
202.133.90.0/23
213.173.32.0/22
Signature Algorithm: sha256WithRSAEncryption
68:39:45:19:09:33:e4:61:e4:5a:51:44:d9:c1:f4:5c:34:1c:
b3:1a:5c:dd:2d:d6:9b:05:b2:1f:9f:60:23:65:cf:0b:9d:59:
c4:41:12:38:53:d1:58:0c:68:08:bc:69:dd:fc:cf:95:a8:3f:
68:f8:0e:ec:13:e9:c6:1f:16:ef:bd:fb:e9:7a:ab:38:db:5d:
01:e8:8a:79:c3:a2:2e:a7:7a:7f:ca:36:62:f1:6a:39:21:7d:
8c:18:b2:b8:6a:83:7c:27:31:9d:7d:44:4a:4e:a2:c5:3f:c0:
26:24:f7:7d:8e:d5:29:fd:b7:45:1c:6b:6d:2a:35:36:95:67:
a1:a7:55:62:0f:27:08:33:14:1d:4c:a7:ef:a2:01:52:f0:54:
35:ea:55:33:15:46:d7:ce:8a:b0:04:ca:84:67:98:73:77:4f:
6c:d2:4f:92:74:85:40:e1:c9:80:e9:0e:e9:89:65:3d:3c:49:
9d:f5:07:60:fb:22:dc:d3:05:b7:bb:ae:1d:cd:c6:0f:ff:a6:
a7:46:11:99:cb:db:b3:9d:4d:2c:d0:83:b7:6a:f9:cb:5f:04:
b5:5b:49:e9:5c:8a:8b:37:2d:1f:da:a0:0d:ea:f9:e2:2b:8f:
0b:1d:09:00:cc:b4:b5:a0:7d:17:cd:f2:b8:20:62:9b:8b:cd:
d9:fe:47:61
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZZJYr+n6ZJu3dYkr6q/E1haMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwNDE4MTQ1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDk4MWNlMTFlMTQ1YWEwMjFhMTA3ZmExNTYwNDM3NGExYzQ4MTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVsoUJndAjig8W11yD+NEuZIN5M9
i12Zwi02KZ+ioQl0DNNJ8jnb1tA5bUUboHKdRqGmhTqp7TpRSfIPtMsrvfGC7M4b
sIIZ7Iqfj7cl7783yexGGyVyZRectoQowT6JX1RaS3xKEXSUYr3EWrRGT5edbEsu
VcYOr1nSmVRmnraCMKMEr2EEnz9Humf1sUBEwNTnWw4uiX3zDoRsKN4JDuJrs6rq
0cRxYRGXx/8TntmB0g3SsKEZHVs5GxLlsGrG6MX4ghe+om/ujopJqhDmxx5Dh6S4
Qi96saxSk0mHeKsHX1LUBFQVvl6TkG1a9nISwhZrUfeDH/gLNfKSrkAf5wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFGSYHOEeFFqgIaEH+hVgQ3ShxIEiMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvWkpnYzRSNFVXcUFob1FmNkZXQkRkS0hFZ1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQBLYsGAwQA
LvluAwQAUnMJAwQBUnMcAwQAWfsKAwQDn/8gAwQDsq3oAwQCueesAwQDvP0IAwQB
yoVaAwQC1a0gMA0GCSqGSIb3DQEBCwUAA4IBAQBoOUUZCTPkYeRaUUTZwfRcNByz
GlzdLdabBbIfn2AjZc8LnVnEQRI4U9FYDGgIvGnd/M+VqD9o+A7sE+nGHxbvvfvp
eqs4210B6Ip5w6Iup3p/yjZi8Wo5IX2MGLK4aoN8JzGdfURKTqLFP8AmJPd9jtUp
/bdFHGttKjU2lWehp1ViDycIMxQdTKfvogFS8FQ16lUzFUbXzoqwBMqEZ5hzd09s
0k+SdIVA4cmA6Q7piWU9PEmd9Qdg+yLc0wW3u64dzcYP/6anRhGZy9uznU0s0IO3
avnLXwS1W0npXIqLNy0f2qAN6vniK48LHQkAzLS1oH0XzfK4IGKbi83Z/kdh
-----END CERTIFICATE-----
Generated at Sun May 4 06:17:48 2025 by rpki-client