Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/p5ZKt31adocY25_NWNv5Hi6RDLI.roa
File: p5ZKt31adocY25_NWNv5Hi6RDLI.roa (raw, json)
Hash identifier: 3hlmPeV+F0BbOxpQWlbrlZKEAYHbHlvxD6osQZZ889w=
Subject key identifier: A7:96:4A:B7:7D:5A:76:87:18:DB:9F:CD:58:DB:F9:1E:2E:91:0C:B2
Certificate issuer: /CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Certificate serial: 018CC424D63391085A24E75CCAE86D5DCA63
Authority key identifier: C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/p5ZKt31adocY25_NWNv5Hi6RDLI.roa
Signing time: Mon 01 Jan 2024 08:29:57 +0000
ROA not before: Mon 01 Jan 2024 08:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51491
IP address blocks: 185.33.184.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d6:33:91:08:5a:24:e7:5c:ca:e8:6d:5d:ca:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c84d61cd17ed92e54bb3397f1e5a6b3904ac6f05
Validity
Not Before: Jan 1 08:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a7964ab77d5a768718db9fcd58dbf91e2e910cb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:83:21:67:4b:40:64:6f:73:5b:06:0c:b5:3f:
84:a8:e2:31:20:e4:d4:4c:fa:26:c5:7c:cc:c5:03:
3e:0a:3b:45:92:b2:37:93:02:90:9d:94:a5:19:5a:
61:1b:84:30:eb:56:3b:3f:c2:cc:99:ec:4b:ee:a4:
f3:b1:92:24:91:cb:26:3a:9f:13:58:00:63:86:bf:
a8:da:65:49:bd:2c:20:bf:e9:4a:50:7d:a5:dd:df:
ff:76:29:5e:ae:b8:4d:a9:54:e3:f7:19:4f:57:9a:
d1:1c:22:74:77:b9:5c:16:a6:94:1d:37:1b:5a:3f:
6a:a2:62:5e:83:54:90:8a:0f:62:55:21:88:c6:93:
3a:61:1b:04:17:04:6a:3c:17:74:c9:3e:2f:a8:53:
1c:29:90:3e:bd:98:70:b7:c9:95:1e:b5:3e:37:09:
5a:db:6e:d4:76:37:96:71:47:ff:a6:ba:d1:c1:4f:
9f:21:2f:8c:0a:fa:e7:fd:83:96:76:78:38:a2:e3:
cd:e2:99:87:9c:04:6e:5c:a2:71:2d:c0:30:c3:48:
2c:b5:e1:c7:b3:ca:ff:d9:ea:ac:98:1d:5a:be:9d:
ee:05:6d:76:ae:8c:70:30:4a:7e:ff:dd:e2:4e:e2:
2a:cd:0a:b2:ce:23:9d:ed:c0:45:f8:3f:70:90:e0:
ae:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:96:4A:B7:7D:5A:76:87:18:DB:9F:CD:58:DB:F9:1E:2E:91:0C:B2
X509v3 Authority Key Identifier:
keyid:C8:4D:61:CD:17:ED:92:E5:4B:B3:39:7F:1E:5A:6B:39:04:AC:6F:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yE1hzRftkuVLszl_HlprOQSsbwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/p5ZKt31adocY25_NWNv5Hi6RDLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/88eae8-4b86-4389-aadb-c257792dadc4/1/yE1hzRftkuVLszl_HlprOQSsbwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.33.184.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:45:22:8b:fb:c8:e6:9a:9b:d5:50:a0:fa:ff:a6:b9:68:1e:
17:d7:fa:1c:c8:d2:f5:2b:f6:8d:ec:0c:da:5c:b4:03:4d:aa:
dc:0f:17:ed:e9:3c:5c:83:f2:61:ab:0d:26:6d:c1:89:a1:82:
8e:68:d9:5a:61:5a:c8:b0:56:92:e5:5a:41:a4:f3:a4:e4:5b:
46:30:29:22:79:aa:93:d8:80:5c:c6:fe:c5:9f:f3:44:93:f2:
5e:26:1d:d7:4b:e9:d4:b6:da:48:d2:0d:21:60:a4:67:a6:c2:
34:fe:73:55:7c:26:d9:52:7b:bf:74:5b:91:8c:75:e9:ab:3a:
d4:bf:a4:32:92:36:83:30:12:42:bf:f4:a7:9b:9d:3e:9e:3c:
31:05:6a:43:dc:2f:f1:3d:ca:df:70:66:8b:c9:64:49:7a:dc:
cb:fc:45:54:f0:d0:d7:55:af:a5:d4:76:66:8e:07:ec:23:55:
c7:37:a1:ee:6f:97:ff:19:b4:53:ea:c4:ab:fc:a3:79:41:5a:
05:2f:8e:24:cb:91:ad:d2:7f:05:8a:d1:96:15:12:d9:b0:a1:
e7:25:7b:18:cd:d2:c6:6b:2b:ce:c2:17:5b:28:f1:c2:29:ed:
11:62:44:96:33:0f:d8:19:a5:e0:d8:c5:b7:61:a5:67:57:aa:
46:07:13:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJNYzkQhaJOdcyuhtXcpjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4NGQ2MWNkMTdlZDkyZTU0YmIzMzk3ZjFlNWE2YjM5MDRh
YzZmMDUwHhcNMjQwMTAxMDgyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzk2NGFiNzdkNWE3Njg3MThkYjlmY2Q1OGRiZjkxZTJlOTEwY2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzYMhZ0tAZG9zWwYMtT+EqOIxIOTU
TPomxXzMxQM+CjtFkrI3kwKQnZSlGVphG4Qw61Y7P8LMmexL7qTzsZIkkcsmOp8T
WABjhr+o2mVJvSwgv+lKUH2l3d//dilerrhNqVTj9xlPV5rRHCJ0d7lcFqaUHTcb
Wj9qomJeg1SQig9iVSGIxpM6YRsEFwRqPBd0yT4vqFMcKZA+vZhwt8mVHrU+Nwla
227UdjeWcUf/prrRwU+fIS+MCvrn/YOWdng4ouPN4pmHnARuXKJxLcAww0gsteHH
s8r/2eqsmB1avp3uBW12roxwMEp+/93iTuIqzQqyziOd7cBF+D9wkOCuFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKeWSrd9WnaHGNufzVjb+R4ukQyyMB8GA1UdIwQY
MBaAFMhNYc0X7ZLlS7M5fx5aazkErG8FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGIt
YzI1Nzc5MmRhZGM0LzEvcDVaS3QzMWFkb2NZMjVfTldOdjVIaTZSRExJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS84OGVhZTgtNGI4Ni00Mzg5LWFhZGItYzI1Nzc5MmRhZGM0
LzEveUUxaHpSZnRrdVZMc3psX0hscHJPUVNzYndVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSG4MA0G
CSqGSIb3DQEBCwUAA4IBAQCMRSKL+8jmmpvVUKD6/6a5aB4X1/ocyNL1K/aN7Aza
XLQDTarcDxft6Txcg/Jhqw0mbcGJoYKOaNlaYVrIsFaS5VpBpPOk5FtGMCkieaqT
2IBcxv7Fn/NEk/JeJh3XS+nUttpI0g0hYKRnpsI0/nNVfCbZUnu/dFuRjHXpqzrU
v6QykjaDMBJCv/Snm50+njwxBWpD3C/xPcrfcGaLyWRJetzL/EVU8NDXVa+l1HZm
jgfsI1XHN6Hub5f/GbRT6sSr/KN5QVoFL44ky5Gt0n8FitGWFRLZsKHnJXsYzdLG
ayvOwhdbKPHCKe0RYkSWMw/YGaXg2MW3YaVnV6pGBxNg
-----END CERTIFICATE-----
Generated at Fri Apr 18 05:01:08 2025 by rpki-client