Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/nZvZwSn5iFyaC8Yp3FAjjusnblc.roa
File: nZvZwSn5iFyaC8Yp3FAjjusnblc.roa (raw, json)
Hash identifier: u/4S40KQdpZS6v0v8C7Ngo2Y3BfFpYAApd1jpIHWq/U=
Subject key identifier: 9D:9B:D9:C1:29:F9:88:5C:9A:0B:C6:29:DC:50:23:8E:EB:27:6E:57
Certificate issuer: /CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Certificate serial: 018CC4247C44883395F74A5F6790CE141BAF
Authority key identifier: 19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/nZvZwSn5iFyaC8Yp3FAjjusnblc.roa
Signing time: Mon 01 Jan 2024 08:29:34 +0000
ROA not before: Mon 01 Jan 2024 08:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202869
IP address blocks: 185.152.52.0/22 maxlen: 22
2a07:7f00::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:7c:44:88:33:95:f7:4a:5f:67:90:ce:14:1b:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=195997a8bfc698b8eb9e8728ecaf12a527b357df
Validity
Not Before: Jan 1 08:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d9bd9c129f9885c9a0bc629dc50238eeb276e57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:88:0e:57:99:ed:3b:18:58:3d:d1:bb:db:a1:
1e:54:1b:b1:3a:c4:d7:e2:40:5e:4e:b8:83:7f:ed:
f2:b8:d9:19:d3:bd:93:3d:af:c1:a3:8e:f7:ab:87:
aa:fd:a9:81:97:8c:8a:99:d7:4b:e6:17:13:1d:5f:
39:0f:09:ad:b5:90:57:74:bf:3e:b9:f8:92:d2:c8:
9a:53:0d:1e:ab:ca:63:81:87:74:24:50:a5:b8:8e:
06:18:8b:b7:51:d5:9c:b2:f1:15:d6:ad:05:56:0c:
23:c8:b5:84:c6:aa:4c:5f:9b:98:8c:36:98:6c:d4:
6b:da:ae:91:9f:30:f7:67:f0:7a:86:23:13:8e:2a:
06:1b:5f:07:88:1e:31:f8:45:f8:49:31:b9:94:dd:
a2:d7:9b:65:7b:74:00:39:e5:7a:af:7c:26:36:f8:
29:7a:b2:af:53:2d:2f:32:6a:22:ea:d2:b9:66:ef:
32:d6:6c:c7:18:bd:9a:c1:69:75:7a:32:c1:6a:5f:
33:52:7e:51:99:03:ae:93:95:87:15:69:b9:e0:7f:
cc:10:a7:5e:8c:07:42:2b:31:11:f5:12:17:f1:2c:
d1:fe:b6:86:91:ff:30:7b:40:e5:da:ff:38:5a:d8:
27:fa:42:f0:57:a0:f3:10:81:88:ea:e0:6a:38:0b:
8b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9B:D9:C1:29:F9:88:5C:9A:0B:C6:29:DC:50:23:8E:EB:27:6E:57
X509v3 Authority Key Identifier:
keyid:19:59:97:A8:BF:C6:98:B8:EB:9E:87:28:EC:AF:12:A5:27:B3:57:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GVmXqL_GmLjrnoco7K8SpSezV98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/nZvZwSn5iFyaC8Yp3FAjjusnblc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/6cdb63-9cfd-4984-877e-09210212714c/1/GVmXqL_GmLjrnoco7K8SpSezV98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.52.0/22
IPv6:
2a07:7f00::/29
Signature Algorithm: sha256WithRSAEncryption
c3:9a:55:f4:d6:aa:42:13:e3:f5:81:5d:2b:80:88:7e:44:1c:
14:51:ee:3e:23:9b:e7:b4:0e:b1:ba:79:9e:60:aa:fe:fe:35:
5a:0c:3c:5d:47:f8:7b:15:14:e5:ef:e9:9b:b9:9b:d3:8d:c0:
8c:d9:58:4e:6c:2d:5f:22:91:2e:45:9d:c0:38:99:5b:2d:3f:
01:de:1d:00:70:a4:82:13:43:d8:f8:3d:3c:ef:62:e8:75:4b:
d7:f1:47:76:90:8a:62:28:67:53:83:67:45:d7:6a:10:b9:0d:
f6:86:e0:65:26:be:64:90:24:07:03:de:86:9b:b7:52:03:58:
3a:44:53:53:9c:aa:fb:fd:50:0d:b2:ac:2b:b1:cd:e5:93:2f:
69:e4:f5:93:d4:bf:4d:ea:f1:ca:b1:db:3a:56:c7:b6:7b:9a:
ba:4e:0d:e5:d5:d2:dd:17:dc:a6:d9:27:cc:96:86:82:f6:c7:
57:71:d0:23:1f:e9:33:af:31:fe:ad:1d:63:55:58:ce:07:9c:
e7:6d:1a:fd:46:27:ef:07:7a:65:c9:29:c2:24:b9:3b:5a:2f:
13:89:1f:ee:58:9f:8e:e1:14:df:d2:f9:20:e6:26:9e:71:07:
c5:1c:bf:e8:25:90:91:4f:45:d0:14:e4:25:cd:98:31:e0:8d:
dc:f2:2e:0d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJHxEiDOV90pfZ5DOFBuvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5NTk5N2E4YmZjNjk4YjhlYjllODcyOGVjYWYxMmE1Mjdi
MzU3ZGYwHhcNMjQwMTAxMDgyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDliZDljMTI5Zjk4ODVjOWEwYmM2MjlkYzUwMjM4ZWViMjc2ZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmYgOV5ntOxhYPdG726EeVBuxOsTX
4kBeTriDf+3yuNkZ072TPa/Bo473q4eq/amBl4yKmddL5hcTHV85DwmttZBXdL8+
ufiS0siaUw0eq8pjgYd0JFCluI4GGIu3UdWcsvEV1q0FVgwjyLWExqpMX5uYjDaY
bNRr2q6RnzD3Z/B6hiMTjioGG18HiB4x+EX4STG5lN2i15tle3QAOeV6r3wmNvgp
erKvUy0vMmoi6tK5Zu8y1mzHGL2awWl1ejLBal8zUn5RmQOuk5WHFWm54H/MEKde
jAdCKzER9RIX8SzR/raGkf8we0Dl2v84Wtgn+kLwV6DzEIGI6uBqOAuLqQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ2b2cEp+YhcmgvGKdxQI47rJ25XMB8GA1UdIwQY
MBaAFBlZl6i/xpi4656HKOyvEqUns1ffMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2Ut
MDkyMTAyMTI3MTRjLzEvblp2WndTbjVpRnlhQzhZcDNGQWpqdXNuYmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi82Y2RiNjMtOWNmZC00OTg0LTg3N2UtMDkyMTAyMTI3MTRj
LzEvR1ZtWHFMX0dtTGpybm9jbzdLOFNwU2V6Vjk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZg0MA0E
AgACMAcDBQMqB38AMA0GCSqGSIb3DQEBCwUAA4IBAQDDmlX01qpCE+P1gV0rgIh+
RBwUUe4+I5vntA6xunmeYKr+/jVaDDxdR/h7FRTl7+mbuZvTjcCM2VhObC1fIpEu
RZ3AOJlbLT8B3h0AcKSCE0PY+D0872LodUvX8Ud2kIpiKGdTg2dF12oQuQ32huBl
Jr5kkCQHA96Gm7dSA1g6RFNTnKr7/VANsqwrsc3lky9p5PWT1L9N6vHKsds6Vse2
e5q6Tg3l1dLdF9ym2SfMloaC9sdXcdAjH+kzrzH+rR1jVVjOB5znbRr9RifvB3pl
ySnCJLk7Wi8TiR/uWJ+O4RTf0vkg5iaecQfFHL/oJZCRT0XQFOQlzZgx4I3c8i4N
-----END CERTIFICATE-----
Generated at Thu Apr 17 14:08:30 2025 by rpki-client