Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/RVzlv3r2AY27KFwgmargIcmnMaw.roa
File: RVzlv3r2AY27KFwgmargIcmnMaw.roa (raw, json)
Hash identifier: 52DBkEP4/jy9PC8dqCptPOVHdWIaMGkAb/AbMAXxQnQ=
Subject key identifier: 45:5C:E5:BF:7A:F6:01:8D:BB:28:5C:20:99:AA:E0:21:C9:A7:31:AC
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 019631AAD0D123AFA5C39385D1A1FA428157
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/RVzlv3r2AY27KFwgmargIcmnMaw.roa
Signing time: Mon 14 Apr 2025 00:20:00 +0000
ROA not before: Mon 14 Apr 2025 00:20:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 15 Apr 2025 10:59:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:31:aa:d0:d1:23:af:a5:c3:93:85:d1:a1:fa:42:81:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Apr 14 00:20:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=455ce5bf7af6018dbb285c2099aae021c9a731ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2a:e5:74:d5:43:d9:99:fd:77:be:b2:fe:95:
15:11:51:63:9e:09:69:19:9b:e9:f9:09:79:50:0c:
de:d5:40:c6:70:6e:88:f0:6a:a4:54:f6:53:e8:46:
7c:6f:e1:55:54:ab:f2:c3:3e:3e:7f:d8:3b:a3:69:
d2:c6:f2:19:80:5c:a7:dc:a9:f1:26:32:8a:78:38:
ec:71:85:eb:1a:77:89:fc:a0:5a:d0:f1:d7:04:92:
f1:bd:37:3e:15:c5:98:d6:78:31:3d:42:ab:f6:32:
64:85:8d:96:4c:39:0a:fd:f3:b8:67:44:e9:fb:66:
e1:74:40:5a:29:39:56:fd:fa:b4:66:82:f1:57:d3:
c0:bc:57:f1:03:99:17:a8:7b:54:6f:fd:4a:fe:54:
b9:83:50:9f:55:cf:27:35:71:2b:f5:6c:cc:9c:5c:
8c:a8:ed:b9:81:cd:1c:4c:48:26:c5:74:51:97:f3:
99:d7:d9:10:8a:da:d2:6a:12:fc:45:53:74:0b:91:
19:e3:98:3c:88:a4:b9:e4:e1:89:f2:21:7e:db:1d:
90:ae:f7:7a:e9:ff:16:61:e8:9d:3b:95:ce:a6:36:
4f:37:14:0e:13:5c:a1:42:75:d0:2e:13:37:1f:74:
78:d3:23:3a:a8:d5:83:ca:eb:e8:2e:ec:ce:91:dc:
2d:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:5C:E5:BF:7A:F6:01:8D:BB:28:5C:20:99:AA:E0:21:C9:A7:31:AC
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/RVzlv3r2AY27KFwgmargIcmnMaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.58.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:21:c2:64:61:5a:c5:1b:a6:24:a1:61:c8:a7:dc:a5:fd:26:
42:85:1b:a4:63:0b:83:ee:ab:3c:f2:82:a5:64:b0:06:c5:3e:
52:4d:85:63:89:df:b4:42:71:82:df:4e:c5:21:69:12:9a:94:
23:51:2e:b9:a7:8b:b4:c5:1a:8c:5f:a8:c3:ec:00:47:df:c3:
f0:58:db:c2:1b:35:06:8a:ab:9f:f2:07:c3:7f:bf:07:ae:f8:
f0:5e:3c:1c:7a:ae:bf:1e:b9:e7:a6:b6:74:ab:d7:a7:ad:7e:
94:07:bc:80:58:49:d9:3a:7a:30:1c:61:a5:42:3f:67:56:e1:
a9:e4:75:bf:dc:cc:6d:72:75:3a:78:50:f4:00:ec:a4:56:96:
bc:c1:7d:8c:12:6b:ad:f6:c9:a5:ad:5b:0c:eb:3c:a4:4a:a0:
ff:9b:47:a4:c4:0d:e5:ff:09:fe:97:16:1d:65:6d:a3:f3:09:
15:84:5a:9f:61:10:77:cd:00:ca:0e:b3:35:2e:9f:bd:22:99:
dd:dd:b8:25:9f:5b:1d:c7:0b:fc:a6:ad:c3:7c:b5:ec:05:cc:
29:6d:e6:e3:dd:49:5f:21:1e:4e:43:6b:a8:f4:60:28:26:62:
ed:3a:2b:9c:eb:64:49:13:1c:94:f7:9c:90:76:07:ff:a1:66:
43:51:9e:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYxqtDRI6+lw5OF0aH6QoFXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzUxODY1Yjc2N2RkN2I5YzIyMzE0YmZjODA1NWJkNTdk
YjAwNjUwHhcNMjUwNDE0MDAyMDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTVjZTViZjdhZjYwMThkYmIyODVjMjA5OWFhZTAyMWM5YTczMWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvirldNVD2Zn9d76y/pUVEVFjnglp
GZvp+Ql5UAze1UDGcG6I8GqkVPZT6EZ8b+FVVKvywz4+f9g7o2nSxvIZgFyn3Knx
JjKKeDjscYXrGneJ/KBa0PHXBJLxvTc+FcWY1ngxPUKr9jJkhY2WTDkK/fO4Z0Tp
+2bhdEBaKTlW/fq0ZoLxV9PAvFfxA5kXqHtUb/1K/lS5g1CfVc8nNXEr9WzMnFyM
qO25gc0cTEgmxXRRl/OZ19kQitrSahL8RVN0C5EZ45g8iKS55OGJ8iF+2x2Qrvd6
6f8WYeidO5XOpjZPNxQOE1yhQnXQLhM3H3R40yM6qNWDyuvoLuzOkdwt6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEVc5b969gGNuyhcIJmq4CHJpzGsMB8GA1UdIwQY
MBaAFCE1GGW3Z917nCIxS/yAVb1X2wBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAt
MWU0ZTA0MDA4NDRiLzEvUlZ6bHYzcjJBWTI3S0Z3Z21hcmdJY21uTWF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lNTJiMDctZjJhNC00N2MxLTk0NjAtMWU0ZTA0MDA4NDRi
LzEvSVRVWVpiZG4zWHVjSWpGTF9JQlZ2VmZiQUdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudw6MA0G
CSqGSIb3DQEBCwUAA4IBAQAbIcJkYVrFG6YkoWHIp9yl/SZChRukYwuD7qs88oKl
ZLAGxT5STYVjid+0QnGC307FIWkSmpQjUS65p4u0xRqMX6jD7ABH38PwWNvCGzUG
iquf8gfDf78HrvjwXjwceq6/HrnnprZ0q9enrX6UB7yAWEnZOnowHGGlQj9nVuGp
5HW/3MxtcnU6eFD0AOykVpa8wX2MEmut9smlrVsM6zykSqD/m0ekxA3l/wn+lxYd
ZW2j8wkVhFqfYRB3zQDKDrM1Lp+9Ipnd3bgln1sdxwv8pq3DfLXsBcwpbebj3Ulf
IR5OQ2uo9GAoJmLtOiuc62RJExyU95yQdgf/oWZDUZ4G
-----END CERTIFICATE-----
Generated at Sat Apr 19 08:13:54 2025 by rpki-client