Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/4-ZnZFoANKd0VJjxHWVepT-hRqc.roa
File: 4-ZnZFoANKd0VJjxHWVepT-hRqc.roa (raw, json)
Hash identifier: AW/KbrghNw3EvPQUTwLSZ4x5vt6FIrFRqA/6vlR4zXk=
Subject key identifier: E3:E6:67:64:5A:00:34:A7:74:54:98:F1:1D:65:5E:A5:3F:A1:46:A7
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 018CC9BBD4C8FEF1247F83A87127A2AAC1C6
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/4-ZnZFoANKd0VJjxHWVepT-hRqc.roa
Signing time: Tue 02 Jan 2024 10:32:59 +0000
ROA not before: Tue 02 Jan 2024 10:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203583
IP address blocks: 195.228.29.0/24 maxlen: 24
84.1.158.0/24 maxlen: 24
195.228.180.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d4:c8:fe:f1:24:7f:83:a8:71:27:a2:aa:c1:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 2 10:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3e667645a0034a7745498f11d655ea53fa146a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ab:db:2a:3d:67:02:84:d8:03:c6:38:28:b2:
db:a2:35:f5:fe:80:4a:ec:1d:f2:c6:04:84:09:54:
10:4c:04:7b:1e:66:d7:fb:b5:a6:ab:cc:4a:30:7f:
b6:40:72:9e:26:7e:ea:08:73:7e:49:d2:b1:83:19:
bb:9b:22:ad:c7:4f:fd:0e:f3:21:2e:50:0f:c6:b9:
78:ba:0d:02:01:ae:77:cb:ee:98:d3:36:9b:97:2d:
fd:f8:65:80:11:97:0f:2d:a9:dc:9e:9a:de:0e:9b:
89:cc:e5:44:e6:45:e1:a1:a6:84:27:18:3c:82:4b:
b4:02:86:87:28:a6:45:ee:00:b5:dd:06:12:40:ca:
ec:63:df:05:c5:ef:b6:9e:b1:ed:74:93:dc:a3:5f:
a1:43:48:22:cc:48:64:0d:d5:4c:2b:65:38:7a:90:
da:52:a2:62:87:54:9d:23:5c:3b:4e:61:57:9a:88:
13:9b:a0:6d:d9:66:f8:db:e2:c0:3e:30:01:df:db:
c6:c9:3f:e2:3a:70:96:86:ee:e5:7f:25:6d:e0:f3:
aa:c7:d0:ef:6b:89:e0:fa:08:6d:d2:78:12:b8:4d:
9a:ce:e0:28:28:9f:cc:0a:e1:8a:4e:b4:00:02:a2:
68:5a:9d:35:2d:4b:c9:16:49:e9:16:02:de:dd:52:
bd:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E6:67:64:5A:00:34:A7:74:54:98:F1:1D:65:5E:A5:3F:A1:46:A7
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/4-ZnZFoANKd0VJjxHWVepT-hRqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.1.158.0/24
195.228.29.0/24
195.228.180.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:97:ea:ab:26:fd:7f:fa:69:2a:c3:21:74:87:cd:5e:11:f9:
a4:84:36:8e:9f:99:95:f5:12:53:dc:65:90:b5:1c:73:ca:86:
28:35:73:28:5d:45:86:47:8c:c2:d1:82:8d:e5:61:e7:d4:9b:
83:5e:28:41:63:e1:c8:25:6e:00:f4:e7:7e:a4:c1:71:61:2c:
37:5a:0d:a5:cd:15:47:b2:f0:c7:11:f7:ad:cf:5c:6b:08:62:
8c:e9:b9:c4:62:4d:1d:c1:63:0f:46:9e:a4:7d:bc:92:fc:a9:
29:8e:88:0a:ba:0b:3b:2f:d3:c6:53:89:c5:a0:fd:f9:8e:8c:
76:b2:5c:46:30:4e:0c:9f:91:c9:8d:d2:49:34:10:0c:2a:90:
fe:45:70:c4:37:7e:be:00:68:14:8f:17:ff:d4:b9:e9:dd:b9:
c8:33:3c:78:e2:2f:db:06:40:40:e7:9f:b3:97:59:42:a3:8e:
ad:ae:7a:94:08:1d:22:fa:32:ed:6d:38:75:15:d9:2f:21:07:
ba:86:56:5e:b6:34:69:fa:fe:09:da:d0:a0:2e:65:db:ca:87:
99:ce:1a:1f:52:bd:b2:8b:36:ad:eb:3f:4f:47:ea:39:f2:0d:
88:1f:33:ea:ae:56:a0:5a:bc:e6:7a:fe:ed:18:59:a5:a5:bd:
9f:c8:be:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzJu9TI/vEkf4OocSeiqsHGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjQwMTAyMTAzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2U2Njc2NDVhMDAzNGE3NzQ1NDk4ZjExZDY1NWVhNTNmYTE0NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqvbKj1nAoTYA8Y4KLLbojX1/oBK
7B3yxgSECVQQTAR7HmbX+7Wmq8xKMH+2QHKeJn7qCHN+SdKxgxm7myKtx0/9DvMh
LlAPxrl4ug0CAa53y+6Y0zably39+GWAEZcPLancnpreDpuJzOVE5kXhoaaEJxg8
gku0AoaHKKZF7gC13QYSQMrsY98Fxe+2nrHtdJPco1+hQ0gizEhkDdVMK2U4epDa
UqJih1SdI1w7TmFXmogTm6Bt2Wb42+LAPjAB39vGyT/iOnCWhu7lfyVt4POqx9Dv
a4ng+ght0ngSuE2azuAoKJ/MCuGKTrQAAqJoWp01LUvJFknpFgLe3VK9TQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOPmZ2RaADSndFSY8R1lXqU/oUanMB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvNC1ablpGb0FOS2QwVkpqeEhXVmVwVC1oUnFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVAGeAwQA
w+QdAwQAw+S0MA0GCSqGSIb3DQEBCwUAA4IBAQBMl+qrJv1/+mkqwyF0h81eEfmk
hDaOn5mV9RJT3GWQtRxzyoYoNXMoXUWGR4zC0YKN5WHn1JuDXihBY+HIJW4A9Od+
pMFxYSw3Wg2lzRVHsvDHEfetz1xrCGKM6bnEYk0dwWMPRp6kfbyS/KkpjogKugs7
L9PGU4nFoP35jox2slxGME4Mn5HJjdJJNBAMKpD+RXDEN36+AGgUjxf/1Lnp3bnI
Mzx44i/bBkBA55+zl1lCo46trnqUCB0i+jLtbTh1FdkvIQe6hlZetjRp+v4J2tCg
LmXbyoeZzhofUr2yizat6z9PR+o58g2IHzPqrlagWrzmev7tGFmlpb2fyL5w
-----END CERTIFICATE-----
Generated at Mon Apr 28 20:01:54 2025 by rpki-client