Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/z5f2Oq4rTCs79_ZLI8GqqzWxFWk.roa
File: z5f2Oq4rTCs79_ZLI8GqqzWxFWk.roa (raw, json)
Hash identifier: 0qGxfu6DalVOT8p5XxfLVXSEIPqE73IdU44yoJfXDPg=
Subject key identifier: CF:97:F6:3A:AE:2B:4C:2B:3B:F7:F6:4B:23:C1:AA:AB:35:B1:15:69
Certificate issuer: /CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Certificate serial: 019435D637A4B890893C4B9FAF6227ADFF43
Authority key identifier: 58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/z5f2Oq4rTCs79_ZLI8GqqzWxFWk.roa
Signing time: Sun 05 Jan 2025 09:40:18 +0000
ROA not before: Sun 05 Jan 2025 09:40:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201119
IP address blocks: 185.195.145.0/24 maxlen: 24
185.195.146.0/24 maxlen: 24
185.195.147.0/24 maxlen: 24
2a0a:5bc0::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 15:09:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:35:d6:37:a4:b8:90:89:3c:4b:9f:af:62:27:ad:ff:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=580dddb511603e41c2b7abba3d249d5ef5ed4d11
Validity
Not Before: Jan 5 09:40:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf97f63aae2b4c2b3bf7f64b23c1aaab35b11569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:f4:4d:d8:17:a0:f3:7a:80:e1:91:99:09:c3:
86:4f:17:0b:3e:b8:5c:71:0a:39:2c:bb:4c:ba:90:
8d:79:85:96:80:cd:50:a9:b3:69:7b:52:9e:ef:18:
75:bd:d0:3e:de:50:51:30:92:30:29:0b:d2:c9:f6:
4d:de:b7:b3:75:17:a7:64:69:86:33:e9:14:57:0d:
d9:cf:76:78:9d:e0:51:aa:6a:0d:db:62:84:e4:ee:
7d:0a:9d:cd:12:ee:42:09:58:c7:99:38:fe:53:9a:
6f:b0:13:d7:67:67:ef:b6:7b:0f:16:2e:b1:b5:97:
ef:c4:34:23:d9:92:3d:76:c3:8a:c6:f8:b5:13:34:
b3:94:ac:0b:37:ab:be:c8:f8:8d:05:c7:40:5b:8f:
26:22:6f:1d:3b:a8:4b:99:ae:d0:5c:83:af:92:1e:
61:96:07:44:8e:3e:8f:f3:18:72:66:da:11:8b:0e:
a8:44:81:f5:9e:b6:da:7c:ef:5b:e9:96:32:6c:f6:
58:9d:2c:bd:0b:17:f3:2f:a2:ae:4d:85:4e:a2:57:
0d:13:5f:7b:5f:64:61:fe:41:8b:34:ff:2a:3f:5e:
c1:60:c7:6d:4b:52:77:8a:87:0e:52:b0:52:80:88:
20:3a:f4:81:9f:36:2b:97:ed:76:89:9d:19:eb:2a:
9a:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:97:F6:3A:AE:2B:4C:2B:3B:F7:F6:4B:23:C1:AA:AB:35:B1:15:69
X509v3 Authority Key Identifier:
keyid:58:0D:DD:B5:11:60:3E:41:C2:B7:AB:BA:3D:24:9D:5E:F5:ED:4D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WA3dtRFgPkHCt6u6PSSdXvXtTRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/z5f2Oq4rTCs79_ZLI8GqqzWxFWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/fc96a4-36d1-4c3d-850b-3cd417aee9ce/1/WA3dtRFgPkHCt6u6PSSdXvXtTRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.145.0-185.195.147.255
IPv6:
2a0a:5bc0::/48
Signature Algorithm: sha256WithRSAEncryption
03:57:8a:27:27:dc:fc:94:ff:54:67:20:b7:1d:ba:5c:0c:9f:
6d:fe:b7:8a:a3:af:05:d5:1d:ce:88:36:96:d6:15:9c:35:3d:
9f:db:e8:ed:65:65:20:d8:0f:0c:be:58:a7:25:97:b7:2c:fd:
dd:9a:42:fe:45:41:b7:23:5a:3f:99:67:14:fd:30:2c:7f:32:
37:f2:e8:84:a4:7d:9e:77:50:cf:5b:31:23:89:29:10:b4:c1:
64:f3:fc:a6:88:ff:ec:c3:b2:8e:60:47:0d:1f:03:7e:49:5a:
3b:e3:80:a8:41:e4:0a:41:1d:4a:e7:b7:6b:2a:12:21:15:84:
4f:d1:cb:ee:e5:ef:62:8c:9d:24:44:07:47:c7:c9:f3:db:e7:
44:27:36:95:d6:4f:1b:9b:20:34:b0:88:3a:81:db:66:8a:59:
ed:34:63:a0:0f:c9:da:33:aa:bf:a0:11:a2:02:16:f7:48:bb:
2c:04:19:56:4b:59:eb:95:7b:ae:24:c1:08:c9:82:0c:df:d3:
7e:54:91:26:e2:9c:c8:27:02:6a:d7:96:1d:97:00:e4:2a:05:
cb:a9:83:2b:f1:bc:49:6b:4d:8a:57:de:db:b1:1f:a5:1b:36:
f1:4b:53:81:d9:79:76:ec:1c:ba:01:44:b0:34:bf:e3:39:44:
09:9a:41:0b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQ11jekuJCJPEufr2Inrf9DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MGRkZGI1MTE2MDNlNDFjMmI3YWJiYTNkMjQ5ZDVlZjVl
ZDRkMTEwHhcNMjUwMTA1MDk0MDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjk3ZjYzYWFlMmI0YzJiM2JmN2Y2NGIyM2MxYWFhYjM1YjExNTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqvRN2Beg83qA4ZGZCcOGTxcLPrhc
cQo5LLtMupCNeYWWgM1QqbNpe1Ke7xh1vdA+3lBRMJIwKQvSyfZN3rezdRenZGmG
M+kUVw3Zz3Z4neBRqmoN22KE5O59Cp3NEu5CCVjHmTj+U5pvsBPXZ2fvtnsPFi6x
tZfvxDQj2ZI9dsOKxvi1EzSzlKwLN6u+yPiNBcdAW48mIm8dO6hLma7QXIOvkh5h
lgdEjj6P8xhyZtoRiw6oRIH1nrbafO9b6ZYybPZYnSy9CxfzL6KuTYVOolcNE197
X2Rh/kGLNP8qP17BYMdtS1J3iocOUrBSgIggOvSBnzYrl+12iZ0Z6yqaFQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFM+X9jquK0wrO/f2SyPBqqs1sRVpMB8GA1UdIwQY
MBaAFFgN3bURYD5Bwreruj0knV717U0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGIt
M2NkNDE3YWVlOWNlLzEvejVmMk9xNHJUQ3M3OV9aTEk4R3Fxeld4RldrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mYzk2YTQtMzZkMS00YzNkLTg1MGItM2NkNDE3YWVlOWNl
LzEvV0EzZHRSRmdQa0hDdDZ1NlBTU2RYdlh0VFJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBAC5w5ED
BAK5w5AwDwQCAAIwCQMHACoKW8AAADANBgkqhkiG9w0BAQsFAAOCAQEAA1eKJyfc
/JT/VGcgtx26XAyfbf63iqOvBdUdzog2ltYVnDU9n9vo7WVlINgPDL5YpyWXtyz9
3ZpC/kVBtyNaP5lnFP0wLH8yN/LohKR9nndQz1sxI4kpELTBZPP8poj/7MOyjmBH
DR8DfklaO+OAqEHkCkEdSue3ayoSIRWET9HL7uXvYoydJEQHR8fJ89vnRCc2ldZP
G5sgNLCIOoHbZopZ7TRjoA/J2jOqv6ARogIW90i7LAQZVktZ65V7riTBCMmCDN/T
flSRJuKcyCcCateWHZcA5CoFy6mDK/G8SWtNilfe27EfpRs28UtTgdl5duwcugFE
sDS/4zlECZpBCw==
-----END CERTIFICATE-----
Generated at Sat Apr 19 02:06:24 2025 by rpki-client