Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zEDqL49boGBmioqylP1QE9BPOWU.roa
File: zEDqL49boGBmioqylP1QE9BPOWU.roa (raw, json)
Hash identifier: 5esJSmLrLD72a2O4BOQpttPfWQ3cIf/oO0ECMItP95I=
Subject key identifier: CC:40:EA:2F:8F:5B:A0:60:66:8A:8A:B2:94:FD:50:13:D0:4F:39:65
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0191FED9244A222C4B8E71E720207FA39BC4
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zEDqL49boGBmioqylP1QE9BPOWU.roa
Signing time: Tue 17 Sep 2024 07:18:49 +0000
ROA not before: Tue 17 Sep 2024 07:18:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214238
IP address blocks: 188.190.3.0/24 maxlen: 24
188.190.4.0/24 maxlen: 24
188.190.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 08:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fe:d9:24:4a:22:2c:4b:8e:71:e7:20:20:7f:a3:9b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Sep 17 07:18:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cc40ea2f8f5ba060668a8ab294fd5013d04f3965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9e:40:b8:6e:14:c4:84:12:71:c4:d0:be:8f:
bd:2d:09:2b:61:92:d1:83:e2:f6:b4:7a:cf:45:65:
cc:af:27:64:18:12:b9:d0:37:d9:20:c7:db:44:63:
cf:67:96:4e:ac:86:34:0a:af:dd:5d:11:51:da:5a:
ce:23:e9:0e:43:e2:f2:d6:d5:86:6d:0b:00:c0:8d:
a7:a9:e3:b4:bd:97:fc:d6:9e:47:79:56:31:d1:89:
f0:31:81:e9:a0:8f:50:90:a6:e2:d1:a6:b1:24:b1:
15:ab:74:0e:5c:dc:f4:af:fc:69:a9:81:0d:19:00:
b1:92:35:f4:14:3a:30:0d:8f:42:19:b6:07:ba:74:
0e:7d:11:5e:64:28:e6:49:b5:c3:05:5d:ab:b0:29:
ef:36:ef:45:4f:5e:f6:b6:53:06:31:aa:ac:c3:ee:
ed:f8:4c:44:3f:76:ed:93:18:e9:34:a0:8b:f4:7d:
0e:e2:f6:70:24:18:6b:77:fc:90:4c:46:37:bd:ae:
7a:25:ae:87:7b:61:ab:99:ed:d5:cd:c1:9c:92:5a:
aa:1f:e0:aa:a2:c2:5f:17:98:e7:d3:1d:40:ff:a1:
3b:8e:73:ad:c1:e9:3a:ed:b4:53:74:c8:a5:c7:c1:
dd:de:90:e2:f8:96:3d:b8:58:00:73:31:a9:d0:59:
02:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:40:EA:2F:8F:5B:A0:60:66:8A:8A:B2:94:FD:50:13:D0:4F:39:65
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/zEDqL49boGBmioqylP1QE9BPOWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.3.0-188.190.5.255
Signature Algorithm: sha256WithRSAEncryption
60:74:77:89:3a:ac:25:dc:99:26:de:69:b6:78:a7:7b:a2:75:
be:d2:94:68:9c:ab:ed:52:36:5b:55:cf:92:fa:58:92:ba:c7:
30:8c:25:91:58:27:46:74:00:cd:f6:71:e0:0e:2b:1d:17:5b:
b9:f6:59:81:d1:93:96:1c:3f:ef:90:ea:3b:11:77:2c:d3:31:
53:88:73:8b:3c:02:22:7f:24:85:22:f8:03:20:84:50:11:ae:
a9:7d:f6:57:6e:8a:a5:6c:80:b0:a4:07:35:cb:76:c4:15:0f:
3e:a8:88:6e:7d:70:3e:85:06:78:90:f9:4f:0d:4d:fb:e3:10:
40:4e:d5:35:22:2e:6a:4a:c6:68:5d:23:2d:18:fc:02:64:80:
de:d9:31:7c:bb:fe:62:3a:6c:47:87:ae:46:3f:25:09:63:fd:
2c:6a:99:97:3a:64:da:91:25:e2:04:93:ab:5b:50:d0:d1:bf:
b9:20:33:99:c0:75:76:6d:2b:d8:36:07:4f:0a:d8:39:fb:4f:
07:c7:37:a6:99:3f:6e:21:1e:92:4d:51:44:1a:2a:f2:06:19:
3c:4f:7c:02:9c:04:bd:71:b3:f8:7d:a4:ec:5a:ef:61:58:a8:
33:9c:78:99:b3:d0:22:a4:a1:44:3b:62:c5:76:33:e6:b3:31:
a4:bd:72:32
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZH+2SRKIixLjnHnICB/o5vEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQwOTE3MDcxODQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQwZWEyZjhmNWJhMDYwNjY4YThhYjI5NGZkNTAxM2QwNGYzOTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA255AuG4UxIQSccTQvo+9LQkrYZLR
g+L2tHrPRWXMrydkGBK50DfZIMfbRGPPZ5ZOrIY0Cq/dXRFR2lrOI+kOQ+Ly1tWG
bQsAwI2nqeO0vZf81p5HeVYx0YnwMYHpoI9QkKbi0aaxJLEVq3QOXNz0r/xpqYEN
GQCxkjX0FDowDY9CGbYHunQOfRFeZCjmSbXDBV2rsCnvNu9FT172tlMGMaqsw+7t
+ExEP3btkxjpNKCL9H0O4vZwJBhrd/yQTEY3va56Ja6He2Grme3VzcGcklqqH+Cq
osJfF5jn0x1A/6E7jnOtwek67bRTdMilx8Hd3pDi+JY9uFgAczGp0FkC+wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFMxA6i+PW6BgZoqKspT9UBPQTzllMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvekVEcUw0OWJvR0JtaW9xeWxQMVFFOUJQT1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC8vgMD
BAG8vgQwDQYJKoZIhvcNAQELBQADggEBAGB0d4k6rCXcmSbeabZ4p3uidb7SlGic
q+1SNltVz5L6WJK6xzCMJZFYJ0Z0AM32ceAOKx0XW7n2WYHRk5YcP++Q6jsRdyzT
MVOIc4s8AiJ/JIUi+AMghFARrql99lduiqVsgLCkBzXLdsQVDz6oiG59cD6FBniQ
+U8NTfvjEEBO1TUiLmpKxmhdIy0Y/AJkgN7ZMXy7/mI6bEeHrkY/JQlj/SxqmZc6
ZNqRJeIEk6tbUNDRv7kgM5nAdXZtK9g2B08K2Dn7TwfHN6aZP24hHpJNUUQaKvIG
GTxPfAKcBL1xs/h9pOxa72FYqDOceJmz0CKkoUQ7YsV2M+azMaS9cjI=
-----END CERTIFICATE-----
Generated at Tue May 13 05:56:04 2025 by rpki-client