Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/znBX_WNFW2yqEHmQoun5ihnfj6A.roa
File: znBX_WNFW2yqEHmQoun5ihnfj6A.roa (raw, json)
Hash identifier: YSetvMM3f27WPxchxXaiQcQ5siXic+a68F4wPQJCy4U=
Subject key identifier: CE:70:57:FD:63:45:5B:6C:AA:10:79:90:A2:E9:F9:8A:19:DF:8F:A0
Certificate issuer: /CN=5ad9f5beb6933484541ce56282c989ed6e8bdba3
Certificate serial: 0193B5034C440D9D1963395C65E5D809E598
Authority key identifier: 5A:D9:F5:BE:B6:93:34:84:54:1C:E5:62:82:C9:89:ED:6E:8B:DB:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wtn1vraTNIRUHOVigsmJ7W6L26M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/znBX_WNFW2yqEHmQoun5ihnfj6A.roa
Signing time: Wed 11 Dec 2024 09:18:32 +0000
ROA not before: Wed 11 Dec 2024 09:18:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39217
IP address blocks: 185.53.148.0/22 maxlen: 22
185.53.148.0/24 maxlen: 24
185.132.168.0/22 maxlen: 22
185.173.244.0/22 maxlen: 22
185.173.244.0/24 maxlen: 24
194.79.56.0/22 maxlen: 22
2a00:4760::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 12 Dec 2024 13:38:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b5:03:4c:44:0d:9d:19:63:39:5c:65:e5:d8:09:e5:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ad9f5beb6933484541ce56282c989ed6e8bdba3
Validity
Not Before: Dec 11 09:18:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ce7057fd63455b6caa107990a2e9f98a19df8fa0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:38:62:80:73:1a:3e:b7:74:83:34:95:b4:9f:
d3:37:ae:c8:bb:4a:92:87:1d:65:a7:45:2e:08:b0:
fd:af:89:12:67:5a:44:f1:d1:32:a3:60:45:fc:bf:
b0:46:17:20:55:7a:c9:90:34:ec:70:2e:8c:1d:78:
33:a9:71:eb:fc:57:37:12:36:84:c2:88:3a:31:a3:
64:f9:42:a4:e3:03:02:13:85:c8:48:91:ea:3a:ae:
a6:d0:4e:1a:b6:3e:44:67:61:87:f0:1c:76:9b:66:
9f:61:fc:3a:b2:5f:65:95:50:2a:7b:c4:4b:61:14:
c5:97:c2:57:c3:4e:a3:bb:58:e1:60:8a:4e:2f:da:
7a:83:f5:a4:56:21:f7:f0:f4:d3:f7:9b:83:1a:51:
82:eb:e9:72:b5:c7:49:a7:b7:82:fe:1e:e4:a6:3b:
55:fb:91:fd:dc:71:09:fa:71:55:c6:6f:0d:37:00:
31:2f:90:c1:3e:f4:2d:d1:c5:11:db:b6:f7:56:7e:
ba:cf:6b:16:67:b3:99:7e:3c:d2:bf:f2:5f:1a:bb:
36:0c:e9:ee:c9:b9:7e:95:a7:64:fe:0a:69:88:3f:
ef:fb:50:ce:ca:ad:f0:bd:bf:c4:76:e4:10:ce:b6:
51:23:d7:0b:15:0e:32:2e:93:75:1e:89:9d:08:9b:
73:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:70:57:FD:63:45:5B:6C:AA:10:79:90:A2:E9:F9:8A:19:DF:8F:A0
X509v3 Authority Key Identifier:
keyid:5A:D9:F5:BE:B6:93:34:84:54:1C:E5:62:82:C9:89:ED:6E:8B:DB:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wtn1vraTNIRUHOVigsmJ7W6L26M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/znBX_WNFW2yqEHmQoun5ihnfj6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/dac70f-f172-44ce-9be5-5af89e6cd055/1/Wtn1vraTNIRUHOVigsmJ7W6L26M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.148.0/22
185.132.168.0/22
185.173.244.0/22
194.79.56.0/22
IPv6:
2a00:4760::/32
Signature Algorithm: sha256WithRSAEncryption
73:70:2c:0b:88:2b:9b:b7:08:c0:ef:d6:fb:d9:22:9c:ac:b4:
a9:8d:43:41:44:4e:2d:68:7c:7b:43:07:1c:0c:d0:61:7e:8e:
68:9b:c2:2d:c7:ce:15:7f:9b:9f:14:81:5c:2b:87:67:9c:60:
ca:90:8e:58:28:26:cf:a4:89:a4:81:6a:3b:cc:dc:95:08:49:
bc:d5:52:b0:0b:c8:11:6a:29:e2:ef:55:bf:b4:9a:5c:39:2d:
4e:f2:f5:d0:34:57:0a:d0:5b:f8:17:9f:92:30:26:05:17:4d:
d4:fb:4a:77:66:f4:8b:65:4f:ab:05:b0:fb:4b:97:a8:df:9a:
86:f8:61:80:3f:90:bf:9c:b4:9a:31:34:b4:28:5b:c8:55:57:
1c:76:42:c6:84:a7:be:a2:06:be:08:ee:6e:ef:15:1f:72:ee:
58:63:16:0f:08:ae:8e:54:85:a8:23:f1:ec:4c:53:b1:1c:47:
10:7e:05:6e:b2:31:58:6a:7b:d5:e1:3f:5a:96:4b:33:c1:eb:
0e:7e:98:af:9b:03:6b:b3:63:1b:f2:15:9e:98:f1:c9:b5:ee:
4f:cb:f2:b7:3e:6d:28:c6:9e:27:28:cb:6c:c7:8b:78:be:47:
46:d0:a0:af:38:b3:4c:e9:96:a9:98:3e:d2:26:a9:74:8d:3e:
de:27:b0:eb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZO1A0xEDZ0ZYzlcZeXYCeWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhZDlmNWJlYjY5MzM0ODQ1NDFjZTU2MjgyYzk4OWVkNmU4
YmRiYTMwHhcNMjQxMjExMDkxODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcwNTdmZDYzNDU1YjZjYWExMDc5OTBhMmU5Zjk4YTE5ZGY4ZmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1zhigHMaPrd0gzSVtJ/TN67Iu0qS
hx1lp0UuCLD9r4kSZ1pE8dEyo2BF/L+wRhcgVXrJkDTscC6MHXgzqXHr/Fc3EjaE
wog6MaNk+UKk4wMCE4XISJHqOq6m0E4atj5EZ2GH8Bx2m2afYfw6sl9llVAqe8RL
YRTFl8JXw06ju1jhYIpOL9p6g/WkViH38PTT95uDGlGC6+lytcdJp7eC/h7kpjtV
+5H93HEJ+nFVxm8NNwAxL5DBPvQt0cUR27b3Vn66z2sWZ7OZfjzSv/JfGrs2DOnu
ybl+ladk/gppiD/v+1DOyq3wvb/EduQQzrZRI9cLFQ4yLpN1HomdCJtziQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM5wV/1jRVtsqhB5kKLp+YoZ34+gMB8GA1UdIwQY
MBaAFFrZ9b62kzSEVBzlYoLJie1ui9ujMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3RuMXZyYVROSVJVSE9WaWdzbUo3VzZMMjZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9kYWM3MGYtZjE3Mi00NGNlLTliZTUt
NWFmODllNmNkMDU1LzEvem5CWF9XTkZXMnlxRUhtUW91bjVpaG5majZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9kYWM3MGYtZjE3Mi00NGNlLTliZTUtNWFmODllNmNkMDU1
LzEvV3RuMXZyYVROSVJVSE9WaWdzbUo3VzZMMjZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCuTWUAwQC
uYSoAwQCua30AwQCwk84MA0EAgACMAcDBQAqAEdgMA0GCSqGSIb3DQEBCwUAA4IB
AQBzcCwLiCubtwjA79b72SKcrLSpjUNBRE4taHx7QwccDNBhfo5om8Itx84Vf5uf
FIFcK4dnnGDKkI5YKCbPpImkgWo7zNyVCEm81VKwC8gRaini71W/tJpcOS1O8vXQ
NFcK0Fv4F5+SMCYFF03U+0p3ZvSLZU+rBbD7S5eo35qG+GGAP5C/nLSaMTS0KFvI
VVccdkLGhKe+oga+CO5u7xUfcu5YYxYPCK6OVIWoI/HsTFOxHEcQfgVusjFYanvV
4T9alkszwesOfpivmwNrs2Mb8hWemPHJte5Py/K3Pm0oxp4nKMtsx4t4vkdG0KCv
OLNM6ZapmD7SJql0jT7eJ7Dr
-----END CERTIFICATE-----
Generated at Thu May 15 22:28:06 2025 by rpki-client