Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/0W5ZJ9CFltqMqtq_OajSR5UvklA.roa
File: 0W5ZJ9CFltqMqtq_OajSR5UvklA.roa (raw, json)
Hash identifier: PWB4WFaLr+InpVMvRDCdWqhwAoCCXHG+G/BMkqy0BKQ=
Subject key identifier: D1:6E:59:27:D0:85:96:DA:8C:AA:DA:BF:39:A8:D2:47:95:2F:92:50
Certificate issuer: /CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Certificate serial: 0194BEA3B198E6FCCA3C9FEF8655DEF06AB8
Authority key identifier: 19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/0W5ZJ9CFltqMqtq_OajSR5UvklA.roa
Signing time: Fri 31 Jan 2025 23:13:06 +0000
ROA not before: Fri 31 Jan 2025 23:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207992
IP address blocks: 185.152.52.0/22 maxlen: 22
2a07:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 01 Feb 2025 18:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:be:a3:b1:98:e6:fc:ca:3c:9f:ef:86:55:de:f0:6a:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Validity
Not Before: Jan 31 23:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d16e5927d08596da8caadabf39a8d247952f9250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:54:dd:6e:d5:31:c2:0e:e0:25:72:0d:74:a9:
81:dd:c2:7d:86:9a:2d:a6:ce:54:2a:18:91:90:6f:
ec:4e:10:e0:69:22:3b:c6:c1:7c:c6:53:2a:44:a6:
2c:36:20:63:24:68:28:f6:60:f6:4c:70:a9:0e:a4:
16:57:cb:f5:f1:df:a9:b6:72:4a:a9:00:31:eb:8d:
93:26:47:de:9a:47:a0:f1:74:95:02:35:63:83:c9:
f8:d5:63:96:dc:73:e2:15:5a:50:f0:ed:af:56:94:
13:5a:b0:c8:1f:f8:f3:e6:eb:81:55:3b:0e:52:2b:
b0:06:02:d0:95:df:a1:aa:e7:76:c6:3d:40:84:8a:
a2:a3:06:a5:e1:77:6c:59:71:96:82:60:d4:a0:50:
8e:14:6d:f9:7e:65:e2:53:69:f3:7c:81:07:c2:12:
3c:ee:cb:b3:4a:cc:85:a0:91:0e:b7:77:06:38:a0:
b9:96:38:63:5f:c3:e3:4e:7f:62:b7:40:8c:f4:bb:
a6:71:76:3a:77:05:e8:92:6d:cc:2f:d1:30:8f:01:
63:e5:07:1a:98:37:0c:99:8c:73:c3:20:44:46:84:
76:5d:38:97:da:17:23:a8:be:33:dc:53:0b:eb:1a:
a6:90:90:fa:0d:bf:da:19:57:a0:53:15:db:47:4b:
95:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:6E:59:27:D0:85:96:DA:8C:AA:DA:BF:39:A8:D2:47:95:2F:92:50
X509v3 Authority Key Identifier:
keyid:19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/0W5ZJ9CFltqMqtq_OajSR5UvklA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/GVmXqL_GmLjrnoco7K8SpSezV98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.52.0/22
IPv6:
2a07:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
d0:fe:f1:37:9d:14:98:95:60:43:77:eb:52:61:2e:7f:75:76:
33:27:71:e5:1f:e8:1b:da:2a:2a:a9:11:82:95:f9:da:41:73:
6f:d1:f6:9f:48:e2:9c:a4:33:47:56:dc:3a:57:83:d8:3a:7f:
99:76:1e:1d:dc:a0:4f:6b:61:9b:0f:26:91:37:12:86:02:b5:
92:65:d5:a3:c5:de:cc:7f:d2:49:90:ae:be:87:66:15:91:81:
d8:45:7d:84:2b:15:5f:e9:4a:96:32:40:5d:68:a1:06:89:e3:
3c:33:ed:a5:ad:df:de:87:c8:99:45:be:8a:51:03:80:39:34:
93:a2:1b:0f:39:67:48:cc:6e:03:0c:60:4e:3d:4d:c7:c1:c6:
b6:5e:df:b0:ff:15:bc:2c:8f:f5:b3:4d:39:b3:9d:55:23:52:
74:c3:49:fd:3c:e9:32:39:38:49:13:b7:46:22:3a:75:eb:d8:
69:73:d6:5d:d2:2e:f7:0f:3c:4b:20:8c:a0:f5:87:57:38:03:
63:55:02:17:cc:6e:0a:72:28:46:b2:9b:6f:52:54:3b:83:9d:
a7:06:b2:c3:b1:e2:34:33:17:1e:f6:fd:67:8a:2b:e9:00:fc:
88:52:2f:49:70:9c:2c:ff:72:b1:b9:28:31:f8:57:f2:b0:f0:
6f:9b:e0:5d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZS+o7GY5vzKPJ/vhlXe8Gq4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTk5N2E4YmZjNjk4YjhlYjllODcyOGVjYWYxMmE1Mjdi
MzU3ZGYwHhcNMjUwMTMxMjMxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTZlNTkyN2QwODU5NmRhOGNhYWRhYmYzOWE4ZDI0Nzk1MmY5MjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslTdbtUxwg7gJXINdKmB3cJ9hpot
ps5UKhiRkG/sThDgaSI7xsF8xlMqRKYsNiBjJGgo9mD2THCpDqQWV8v18d+ptnJK
qQAx642TJkfemkeg8XSVAjVjg8n41WOW3HPiFVpQ8O2vVpQTWrDIH/jz5uuBVTsO
UiuwBgLQld+hqud2xj1AhIqiowal4XdsWXGWgmDUoFCOFG35fmXiU2nzfIEHwhI8
7suzSsyFoJEOt3cGOKC5ljhjX8PjTn9it0CM9LumcXY6dwXokm3ML9EwjwFj5Qca
mDcMmYxzwyBERoR2XTiX2hcjqL4z3FML6xqmkJD6Db/aGVegUxXbR0uVqwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNFuWSfQhZbajKravzmo0keVL5JQMB8GA1UdIwQY
MBaAFBlZl6i/xpi4656HKOyvEqUns1ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2Ut
MDkyMTAyMTI3MTRjLzEvMFc1Wko5Q0ZsdHFNcXRxX09halNSNVV2a2xBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2UtMDkyMTAyMTI3MTRj
LzEvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZg0MA0E
AgACMAcDBQMqB38AMA0GCSqGSIb3DQEBCwUAA4IBAQDQ/vE3nRSYlWBDd+tSYS5/
dXYzJ3HlH+gb2ioqqRGClfnaQXNv0fafSOKcpDNHVtw6V4PYOn+Zdh4d3KBPa2Gb
DyaRNxKGArWSZdWjxd7Mf9JJkK6+h2YVkYHYRX2EKxVf6UqWMkBdaKEGieM8M+2l
rd/eh8iZRb6KUQOAOTSTohsPOWdIzG4DDGBOPU3Hwca2Xt+w/xW8LI/1s005s51V
I1J0w0n9POkyOThJE7dGIjp169hpc9Zd0i73DzxLIIyg9YdXOANjVQIXzG4KcihG
sptvUlQ7g52nBrLDseI0Mxce9v1niivpAPyIUi9JcJws/3KxuSgx+FfysPBvm+Bd
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:10:24 2025 by rpki-client