Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/8ZD32fvozjTMKXD0qbBJwREqVRs.roa
File: 8ZD32fvozjTMKXD0qbBJwREqVRs.roa (raw, json)
Hash identifier: MN1vkPX13MQYduNHzhnymOeGAx5CC+2fGFZynkvWQsM=
Subject key identifier: F1:90:F7:D9:FB:E8:CE:34:CC:29:70:F4:A9:B0:49:C1:11:2A:55:1B
Certificate issuer: /CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Certificate serial: 01952BE06BD22BEB07F68FD6973F7608169A
Authority key identifier: EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/8ZD32fvozjTMKXD0qbBJwREqVRs.roa
Signing time: Sat 22 Feb 2025 04:18:02 +0000
ROA not before: Sat 22 Feb 2025 04:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 194.39.128.0/24 maxlen: 24
194.39.129.0/24 maxlen: 24
194.39.134.0/24 maxlen: 24
194.39.135.0/24 maxlen: 24
194.55.89.0/24 maxlen: 24
194.55.91.0/24 maxlen: 24
2a00:fe00::/32 maxlen: 48
Validation: Failed, certificate revoked on Sat 22 Feb 2025 07:56:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:2b:e0:6b:d2:2b:eb:07:f6:8f:d6:97:3f:76:08:16:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ea46963cc479dadbe3c52234ab9fabaa8122d25b
Validity
Not Before: Feb 22 04:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f190f7d9fbe8ce34cc2970f4a9b049c1112a551b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:b1:b0:bf:38:a9:f1:41:0d:99:8e:c0:4c:ae:
6e:b7:0b:6d:1d:df:6e:29:62:86:4e:e1:96:61:c4:
da:dd:92:e2:40:34:f9:bf:5a:70:2f:bf:2a:22:7a:
ad:f5:3d:f3:c5:46:c3:48:33:0a:36:f8:86:d6:e5:
f7:3f:0d:40:ed:13:12:72:9b:98:9d:b4:23:ed:d9:
57:35:f0:3d:c8:47:70:54:ba:f2:2a:df:6f:06:2d:
55:46:04:a4:46:c1:d0:f4:3a:a6:21:68:ef:e9:81:
92:d0:16:dc:41:7c:92:a9:b1:f6:11:e2:7d:1a:da:
83:1b:c5:e0:03:fa:de:96:06:93:94:de:29:05:9b:
30:15:33:23:28:6f:e4:3f:57:6b:0d:39:9c:d8:5f:
d5:24:f4:8c:24:2e:05:7e:a4:6e:e6:fb:53:8e:f2:
be:cd:4a:f5:6e:b3:86:0b:9b:0a:5c:2a:bc:a4:f9:
f2:7a:a0:37:6c:ff:ff:1c:86:7a:0c:b6:3d:d3:43:
c0:cb:4c:66:f3:e7:f6:a2:33:62:1c:2e:aa:0d:7c:
58:e8:2e:46:fc:b6:97:bf:d8:11:cc:35:db:1c:84:
30:4e:d4:7a:e2:33:98:27:99:6e:e9:d4:13:df:13:
a4:94:97:ff:36:c7:60:bc:30:ea:26:8e:fa:a6:a8:
c4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:90:F7:D9:FB:E8:CE:34:CC:29:70:F4:A9:B0:49:C1:11:2A:55:1B
X509v3 Authority Key Identifier:
keyid:EA:46:96:3C:C4:79:DA:DB:E3:C5:22:34:AB:9F:AB:AA:81:22:D2:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6kaWPMR52tvjxSI0q5-rqoEi0ls.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/8ZD32fvozjTMKXD0qbBJwREqVRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/e862de-c46c-4f21-b38e-eb5bc7d97aa0/1/6kaWPMR52tvjxSI0q5-rqoEi0ls.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.128.0/23
194.39.134.0/23
194.55.89.0/24
194.55.91.0/24
IPv6:
2a00:fe00::/32
Signature Algorithm: sha256WithRSAEncryption
09:4c:17:8e:3c:c1:0e:84:9c:a5:78:1b:92:14:6b:87:09:20:
f9:0f:eb:d6:3b:b3:f7:f6:84:9a:ca:e1:a6:a4:bc:cb:46:d0:
98:fa:21:47:8e:a5:86:d9:ce:ca:f5:96:e8:5c:69:26:eb:ed:
ee:b7:24:a1:57:7b:83:93:f1:0c:a7:c8:47:62:0b:c3:a0:98:
48:0a:ff:ab:2c:f1:89:f0:ab:3c:55:d4:73:92:05:fa:2e:ba:
e9:00:31:bc:d4:d8:c1:be:9a:5d:3a:a8:ee:ff:0b:7d:44:ba:
b2:ba:a3:ce:b7:5c:a3:b7:60:e3:ae:05:62:cb:41:a6:5b:6c:
e8:6a:56:23:ae:ed:5f:72:66:72:c3:d3:1d:b0:77:bb:7a:af:
22:0c:7d:34:ea:f1:f0:3f:44:24:7e:08:86:f8:76:a2:f6:17:
36:52:a6:b9:b7:49:23:4f:7b:ad:8a:bf:86:3c:10:11:97:7c:
13:e0:51:c6:9d:0c:f5:1b:75:f7:54:8e:e7:8b:bc:76:e4:fe:
5f:d7:52:89:a5:50:2d:fb:ad:19:1a:26:a7:2b:b1:0b:91:ad:
17:28:c0:8a:26:4c:d4:3d:9f:22:ea:cf:e9:c4:8e:4b:95:eb:
c8:bc:7e:1c:09:ab:af:4c:40:e7:c1:7c:1e:01:bb:7b:08:38:
2b:6f:0e:99
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZUr4GvSK+sH9o/Wlz92CBaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhNDY5NjNjYzQ3OWRhZGJlM2M1MjIzNGFiOWZhYmFhODEy
MmQyNWIwHhcNMjUwMjIyMDQxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTkwZjdkOWZiZThjZTM0Y2MyOTcwZjRhOWIwNDljMTExMmE1NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvbGwvzip8UENmY7ATK5utwttHd9u
KWKGTuGWYcTa3ZLiQDT5v1pwL78qInqt9T3zxUbDSDMKNviG1uX3Pw1A7RMScpuY
nbQj7dlXNfA9yEdwVLryKt9vBi1VRgSkRsHQ9DqmIWjv6YGS0BbcQXySqbH2EeJ9
GtqDG8XgA/relgaTlN4pBZswFTMjKG/kP1drDTmc2F/VJPSMJC4FfqRu5vtTjvK+
zUr1brOGC5sKXCq8pPnyeqA3bP//HIZ6DLY900PAy0xm8+f2ojNiHC6qDXxY6C5G
/LaXv9gRzDXbHIQwTtR64jOYJ5lu6dQT3xOklJf/NsdgvDDqJo76pqjE4QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFPGQ99n76M40zClw9KmwScERKlUbMB8GA1UdIwQY
MBaAFOpGljzEedrb48UiNKufq6qBItJbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUt
ZWI1YmM3ZDk3YWEwLzEvOFpEMzJmdm96alRNS1hEMHFiQkp3UkVxVlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi9lODYyZGUtYzQ2Yy00ZjIxLWIzOGUtZWI1YmM3ZDk3YWEw
LzEvNmthV1BNUjUydHZqeFNJMHE1LXJxb0VpMGxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBwieAAwQB
wieGAwQAwjdZAwQAwjdbMA0EAgACMAcDBQAqAP4AMA0GCSqGSIb3DQEBCwUAA4IB
AQAJTBeOPMEOhJyleBuSFGuHCSD5D+vWO7P39oSayuGmpLzLRtCY+iFHjqWG2c7K
9ZboXGkm6+3utyShV3uDk/EMp8hHYgvDoJhICv+rLPGJ8Ks8VdRzkgX6LrrpADG8
1NjBvppdOqju/wt9RLqyuqPOt1yjt2DjrgViy0GmW2zoalYjru1fcmZyw9MdsHe7
eq8iDH006vHwP0QkfgiG+Hai9hc2Uqa5t0kjT3utir+GPBARl3wT4FHGnQz1G3X3
VI7ni7x25P5f11KJpVAt+60ZGianK7ELka0XKMCKJkzUPZ8i6s/pxI5LlevIvH4c
CauvTEDnwXweAbt7CDgrbw6Z
-----END CERTIFICATE-----
Generated at Thu May 8 01:12:57 2025 by rpki-client