Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/ZHLCKF9VgdSxZZFhcjvmLswF5ns.roa
File: ZHLCKF9VgdSxZZFhcjvmLswF5ns.roa (raw, json)
Hash identifier: ds8Aq+4ILO4dWaggbC+SxI2Hdsveg4iGIVoqFLU2ABc=
Subject key identifier: 64:72:C2:28:5F:55:81:D4:B1:65:91:61:72:3B:E6:2E:CC:05:E6:7B
Certificate issuer: /CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Certificate serial: 01942521EDF8D70EE194E512E275F726ACC9
Authority key identifier: 2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/ZHLCKF9VgdSxZZFhcjvmLswF5ns.roa
Signing time: Thu 02 Jan 2025 03:49:28 +0000
ROA not before: Thu 02 Jan 2025 03:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40627
IP address blocks: 80.81.128.0/20 maxlen: 32
185.23.248.0/22 maxlen: 32
Validation: Failed, certificate revoked on Thu 06 Mar 2025 15:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:ed:f8:d7:0e:e1:94:e5:12:e2:75:f7:26:ac:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2acd8d1682e6622c1c09237bc41aa516669672b7
Validity
Not Before: Jan 2 03:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6472c2285f5581d4b1659161723be62ecc05e67b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:10:b7:ab:35:08:b0:99:0c:9e:49:a9:be:e1:
f7:77:e1:94:5d:47:1d:4d:d8:16:85:07:03:45:0a:
9f:f7:bf:a5:ca:90:eb:d9:77:20:3f:9a:a3:e3:3e:
c8:5a:6a:24:44:e3:0e:05:5e:d8:ed:e3:d2:d5:28:
ca:b3:31:a7:47:45:0d:60:23:2f:f3:92:c5:43:fc:
43:4a:60:da:89:45:35:54:82:a1:23:31:1d:bd:ee:
2f:34:6e:6d:33:9e:4a:de:63:7d:1f:62:0c:91:a3:
28:d6:d4:17:c0:d1:4f:4c:7f:6b:9a:57:dd:09:e6:
d9:f1:ec:64:76:71:84:f2:d4:cf:4f:89:a0:f4:6b:
f3:55:e3:6f:df:36:35:63:e1:6b:b3:25:15:72:2f:
7d:72:97:10:c0:dd:f7:fb:d9:05:25:4e:00:71:74:
88:81:74:8c:e9:40:ad:34:f4:1c:20:3d:e2:7d:5b:
2d:ac:9b:0f:6a:62:81:23:a5:62:60:cb:af:ab:13:
86:20:0b:f0:3b:20:94:2a:09:f1:04:00:f9:ae:a4:
78:90:aa:9c:3e:da:93:07:07:0c:4d:8a:9e:87:6f:
c5:27:eb:ae:7f:27:22:5a:ff:26:c6:26:77:93:63:
f8:6f:38:82:0a:e0:4d:b1:3b:39:31:b6:d4:c4:32:
d2:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:72:C2:28:5F:55:81:D4:B1:65:91:61:72:3B:E6:2E:CC:05:E6:7B
X509v3 Authority Key Identifier:
keyid:2A:CD:8D:16:82:E6:62:2C:1C:09:23:7B:C4:1A:A5:16:66:96:72:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/ZHLCKF9VgdSxZZFhcjvmLswF5ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/95dbce-d4e9-41f1-82dc-e84cb1da21bd/1/Ks2NFoLmYiwcCSN7xBqlFmaWcrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.128.0/20
185.23.248.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:55:28:bb:29:ce:e6:4c:8b:b2:10:f8:20:11:12:12:38:d6:
90:8d:f6:53:72:35:f0:c3:63:65:bd:27:c2:97:fa:09:71:37:
17:65:1d:03:c4:52:04:3d:72:76:2f:6d:82:11:e8:7d:1d:0e:
8d:31:5b:55:81:ec:5a:a8:2a:c1:58:ec:92:2e:82:33:f1:07:
45:fe:8d:96:d9:83:15:57:20:63:11:03:8c:98:79:35:ac:43:
f8:10:34:09:d2:cd:11:ca:b0:19:cc:ae:33:56:45:c2:8f:c8:
02:f5:ec:66:66:5a:57:71:21:b6:0e:d6:fc:36:3c:a8:aa:f2:
6d:45:bf:11:55:73:21:8b:6b:7e:f3:b7:68:48:23:9c:74:cd:
ad:d5:ad:db:89:0c:1c:d7:ed:da:60:ac:77:91:06:73:8c:89:
84:67:e7:d4:94:e8:1e:58:5d:97:f9:dc:b6:97:ec:07:c1:84:
31:37:68:d2:4f:1f:4b:57:51:b9:4f:da:85:84:72:06:04:bf:
47:d5:99:1d:cc:9c:ce:53:9c:5e:b1:d3:11:4e:6b:87:85:66:
8b:e2:3f:f4:1b:cd:a4:3a:db:1c:8b:c8:2e:c2:f2:26:ea:f9:
6a:2c:cb:3c:55:c8:bd:c8:67:64:32:85:5c:0b:6d:b4:3c:86:
6d:df:43:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlIe341w7hlOUS4nX3JqzJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhY2Q4ZDE2ODJlNjYyMmMxYzA5MjM3YmM0MWFhNTE2NjY5
NjcyYjcwHhcNMjUwMTAyMDM0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDcyYzIyODVmNTU4MWQ0YjE2NTkxNjE3MjNiZTYyZWNjMDVlNjdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhC3qzUIsJkMnkmpvuH3d+GUXUcd
TdgWhQcDRQqf97+lypDr2XcgP5qj4z7IWmokROMOBV7Y7ePS1SjKszGnR0UNYCMv
85LFQ/xDSmDaiUU1VIKhIzEdve4vNG5tM55K3mN9H2IMkaMo1tQXwNFPTH9rmlfd
CebZ8exkdnGE8tTPT4mg9GvzVeNv3zY1Y+FrsyUVci99cpcQwN33+9kFJU4AcXSI
gXSM6UCtNPQcID3ifVstrJsPamKBI6ViYMuvqxOGIAvwOyCUKgnxBAD5rqR4kKqc
PtqTBwcMTYqeh2/FJ+uufyciWv8mxiZ3k2P4bziCCuBNsTs5MbbUxDLSdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRywihfVYHUsWWRYXI75i7MBeZ7MB8GA1UdIwQY
MBaAFCrNjRaC5mIsHAkje8QapRZmlnK3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMt
ZTg0Y2IxZGEyMWJkLzEvWkhMQ0tGOVZnZFN4WlpGaGNqdm1Mc3dGNW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS85NWRiY2UtZDRlOS00MWYxLTgyZGMtZTg0Y2IxZGEyMWJk
LzEvS3MyTkZvTG1ZaXdjQ1NON3hCcWxGbWFXY3JjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUFGAAwQC
uRf4MA0GCSqGSIb3DQEBCwUAA4IBAQAcVSi7Kc7mTIuyEPggERISONaQjfZTcjXw
w2NlvSfCl/oJcTcXZR0DxFIEPXJ2L22CEeh9HQ6NMVtVgexaqCrBWOySLoIz8QdF
/o2W2YMVVyBjEQOMmHk1rEP4EDQJ0s0RyrAZzK4zVkXCj8gC9exmZlpXcSG2Dtb8
NjyoqvJtRb8RVXMhi2t+87doSCOcdM2t1a3biQwc1+3aYKx3kQZzjImEZ+fUlOge
WF2X+dy2l+wHwYQxN2jSTx9LV1G5T9qFhHIGBL9H1ZkdzJzOU5xesdMRTmuHhWaL
4j/0G82kOtsci8guwvIm6vlqLMs8Vci9yGdkMoVcC220PIZt30Pw
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:06:18 2025 by rpki-client