Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Z2OAORnB1YLrTVKNgrqzb8VWgE0.roa
File: Z2OAORnB1YLrTVKNgrqzb8VWgE0.roa (raw, json)
Hash identifier: 0TxJTqnkjaQI9jYd1LC3EIVRKwP1cCxSKM2kdKhp5Y4=
Subject key identifier: 67:63:80:39:19:C1:D5:82:EB:4D:52:8D:82:BA:B3:6F:C5:56:80:4D
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 019421B19B68D4BB6BA63276FAEC3C20E757
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Z2OAORnB1YLrTVKNgrqzb8VWgE0.roa
Signing time: Wed 01 Jan 2025 11:47:55 +0000
ROA not before: Wed 01 Jan 2025 11:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 45.133.38.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.169.183.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 22:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9b:68:d4:bb:6b:a6:32:76:fa:ec:3c:20:e7:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Jan 1 11:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6763803919c1d582eb4d528d82bab36fc556804d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:ce:d8:74:ad:44:61:0b:d4:8d:ec:79:fc:a1:
f5:67:10:1d:18:36:2e:1b:bb:f7:6d:05:16:b7:67:
6f:28:63:0e:47:2a:ff:85:e0:4d:b0:01:21:3b:c9:
d9:c4:d4:13:7d:8f:33:80:a5:65:01:fc:d0:11:50:
28:62:00:b1:85:ad:74:fc:da:19:60:47:32:a6:2e:
43:fb:e4:f7:20:9d:7a:6f:aa:43:b4:b1:ae:14:67:
bd:49:75:fe:29:45:f3:40:f9:a5:eb:de:12:95:4c:
f6:1c:c5:73:73:87:7b:fc:08:f3:33:28:2a:3a:a0:
31:8e:a4:01:6a:f0:db:2a:6b:95:36:9a:e5:af:fb:
c3:60:c0:43:9b:cd:9d:e3:c2:05:6f:26:5c:d2:d2:
df:44:51:bb:f7:54:19:61:e4:b2:c3:a4:01:e2:1f:
1c:4b:00:c8:73:21:d8:34:12:97:70:01:5c:02:4d:
38:e0:43:0e:ee:e9:e4:76:ec:ad:d3:8f:62:0a:98:
6d:65:15:4c:59:4b:60:3b:13:37:ff:b9:5c:27:c5:
27:9f:84:3b:f4:ea:4a:43:93:29:36:aa:56:3d:ae:
51:8d:65:f3:34:d9:cd:03:de:06:a5:85:34:de:8f:
89:7b:6d:81:ad:46:05:85:8f:cd:9e:04:0a:38:27:
35:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:63:80:39:19:C1:D5:82:EB:4D:52:8D:82:BA:B3:6F:C5:56:80:4D
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/Z2OAORnB1YLrTVKNgrqzb8VWgE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.38.0/24
185.148.243.0/24
185.169.183.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b2:d1:cc:ed:03:78:c6:4e:c3:7d:82:89:96:b2:ab:09:f4:
20:7e:99:88:90:42:ad:ce:3d:d8:6e:49:57:3e:91:bc:22:ef:
3c:ca:80:46:d7:ab:6c:c3:f7:8b:ec:a8:a9:f1:5b:da:3e:a5:
98:a4:00:25:3f:1e:1a:08:36:09:44:c8:f1:a8:b4:bc:83:a7:
48:02:b1:4a:fd:32:56:41:ef:e7:a2:0a:84:78:fa:2a:ce:53:
bf:0a:2c:73:f3:ec:c9:76:cc:40:fb:56:d6:c8:a0:43:c5:49:
49:b0:91:83:f2:55:c1:39:e7:2f:b4:5d:f1:c6:4d:2a:74:b6:
e2:61:83:ce:57:85:7b:28:60:34:fa:b6:34:4e:d6:d2:6f:52:
8b:1c:81:86:23:7f:08:17:98:bd:bb:4e:0c:3c:5c:33:01:61:
25:fe:24:92:2f:40:f1:72:f5:b8:e1:a1:18:1c:4b:6d:44:da:
8c:62:ec:ba:51:13:65:65:1a:ab:1d:cd:12:c3:53:68:a4:61:
f6:00:6f:84:ac:78:6b:9e:ab:03:8f:d7:5d:2f:e3:2c:34:36:
66:c3:b7:8f:8c:cb:8f:f1:d4:e7:1e:2b:73:7f:47:3d:2c:4f:
d4:52:17:ce:3f:7b:73:ce:44:2c:b2:90:7e:84:16:df:9e:0f:
c0:2f:da:1f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQhsZto1LtrpjJ2+uw8IOdXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwMTAxMTE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzYzODAzOTE5YzFkNTgyZWI0ZDUyOGQ4MmJhYjM2ZmM1NTY4MDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjc7YdK1EYQvUjex5/KH1ZxAdGDYu
G7v3bQUWt2dvKGMORyr/heBNsAEhO8nZxNQTfY8zgKVlAfzQEVAoYgCxha10/NoZ
YEcypi5D++T3IJ16b6pDtLGuFGe9SXX+KUXzQPml694SlUz2HMVzc4d7/AjzMygq
OqAxjqQBavDbKmuVNprlr/vDYMBDm82d48IFbyZc0tLfRFG791QZYeSyw6QB4h8c
SwDIcyHYNBKXcAFcAk044EMO7unkduyt049iCphtZRVMWUtgOxM3/7lcJ8Unn4Q7
9OpKQ5MpNqpWPa5RjWXzNNnNA94GpYU03o+Je22BrUYFhY/NngQKOCc1jQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGdjgDkZwdWC601SjYK6s2/FVoBNMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvWjJPQU9SbkIxWUxyVFZLTmdycXpiOFZXZ0UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALYUmAwQA
uZTzAwQAuam3AwQAua4UMA0GCSqGSIb3DQEBCwUAA4IBAQBrstHM7QN4xk7DfYKJ
lrKrCfQgfpmIkEKtzj3YbklXPpG8Iu88yoBG16tsw/eL7Kip8VvaPqWYpAAlPx4a
CDYJRMjxqLS8g6dIArFK/TJWQe/nogqEePoqzlO/Cixz8+zJdsxA+1bWyKBDxUlJ
sJGD8lXBOecvtF3xxk0qdLbiYYPOV4V7KGA0+rY0TtbSb1KLHIGGI38IF5i9u04M
PFwzAWEl/iSSL0DxcvW44aEYHEttRNqMYuy6URNlZRqrHc0Sw1NopGH2AG+ErHhr
nqsDj9ddL+MsNDZmw7ePjMuP8dTnHitzf0c9LE/UUhfOP3tzzkQsspB+hBbfng/A
L9of
-----END CERTIFICATE-----
Generated at Mon Apr 14 18:34:00 2025 by rpki-client