Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/ZO8pplXG1zZ5dzG148SqVut9uXA.roa
File: ZO8pplXG1zZ5dzG148SqVut9uXA.roa (raw, json)
Hash identifier: 4HjCUvpp9MggpYEPlLg9uy3EjmZPAVBKcZnK8s2TPvY=
Subject key identifier: 64:EF:29:A6:55:C6:D7:36:79:77:31:B5:E3:C4:AA:56:EB:7D:B9:70
Certificate issuer: /CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Certificate serial: 0194228E210A97FC23D977FB1DD3F4193694
Authority key identifier: 5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/ZO8pplXG1zZ5dzG148SqVut9uXA.roa
Signing time: Wed 01 Jan 2025 15:48:47 +0000
ROA not before: Wed 01 Jan 2025 15:48:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62173
IP address blocks: 185.75.196.0/23 maxlen: 23
185.75.196.0/24 maxlen: 24
185.75.198.0/23 maxlen: 23
185.75.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 Jan 2025 12:29:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:21:0a:97:fc:23:d9:77:fb:1d:d3:f4:19:36:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Validity
Not Before: Jan 1 15:48:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64ef29a655c6d736797731b5e3c4aa56eb7db970
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:d6:a8:c6:7c:58:16:df:74:3f:aa:c7:43:58:
d8:ba:aa:15:8b:67:a9:f9:52:6f:5c:d1:e9:e7:76:
b8:58:2c:f1:60:4c:78:f5:33:2c:8e:e4:92:bc:9e:
1c:84:6e:d5:6d:ad:63:86:e6:20:98:3d:8f:77:94:
0c:7f:7b:0d:67:39:52:c6:72:b8:98:4e:c5:02:0a:
69:e7:4f:71:9c:9f:de:1a:96:63:74:2b:df:98:d5:
b7:5c:21:35:13:f5:a0:de:6c:e5:45:f4:cc:34:32:
c4:d7:0e:ab:e0:4d:87:99:07:49:ec:5d:66:aa:89:
70:87:40:48:0c:9d:98:54:66:d3:3e:59:c8:30:43:
19:21:c6:e3:ef:5f:93:4f:42:e8:3d:46:a1:d7:30:
65:7c:81:c0:95:5a:9f:c5:d5:46:05:b2:d2:4b:96:
5b:46:fb:c0:9a:41:87:93:91:ec:15:32:48:09:b5:
cc:f2:de:4c:1d:92:a8:47:62:00:c8:56:88:49:08:
0e:46:d5:4c:76:50:f8:20:f6:33:68:b5:35:cc:f1:
79:18:f9:38:58:23:c4:12:88:f4:27:1f:40:67:c5:
7e:88:f0:3d:de:db:b4:41:db:9b:9d:da:0e:62:0e:
56:6e:8c:93:fe:65:11:78:9f:23:de:d0:9d:8e:19:
c8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EF:29:A6:55:C6:D7:36:79:77:31:B5:E3:C4:AA:56:EB:7D:B9:70
X509v3 Authority Key Identifier:
keyid:5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/ZO8pplXG1zZ5dzG148SqVut9uXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.196.0/22
Signature Algorithm: sha256WithRSAEncryption
10:64:f1:5e:e8:84:34:a1:37:62:6a:c9:7b:6e:3f:19:be:ad:
17:11:4f:d4:98:f6:b6:9c:8f:c8:20:a5:36:c4:20:b6:c1:96:
1a:9d:2b:e1:ad:c3:cf:a5:f7:94:22:ec:cc:61:4d:24:f8:14:
88:4f:15:6a:64:64:f0:36:f8:ea:ac:6a:a0:ae:fe:1a:c9:30:
e2:98:fb:a3:73:d7:12:34:6d:bf:38:9a:41:7c:34:7d:bc:48:
d1:8e:ab:dd:fc:a4:88:73:d1:3f:98:ec:e3:38:d2:70:99:ef:
a4:11:01:31:95:4d:5f:69:9d:fa:b1:9f:ba:18:61:a5:c8:56:
a0:30:a8:40:dc:98:23:15:35:34:86:df:b0:60:2f:67:98:24:
77:7f:23:bd:53:61:55:35:b4:83:09:e9:ab:a8:25:6e:2a:71:
8f:83:e3:23:5f:d2:d0:8d:6d:1d:c8:70:7c:c1:58:e7:d5:e5:
51:01:65:fd:7c:d7:35:57:f7:a7:4c:90:b7:59:8a:e7:5d:c3:
b9:dd:50:9a:6b:c9:32:c3:b6:c7:25:b2:42:fb:76:5a:4e:52:
1e:c1:a2:fe:14:df:08:f0:cf:b9:6d:38:42:74:52:08:e1:cf:
c5:b8:72:99:67:83:e9:36:7c:62:f5:95:26:8a:af:6c:fb:2d:
80:52:ff:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijiEKl/wj2Xf7HdP0GTaUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNDVjZWIxOGIxNGE3MzcyODJiNzVhZjBiYTE2Y2ZmZDdh
NmFiYWUwHhcNMjUwMTAxMTU0ODQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGVmMjlhNjU1YzZkNzM2Nzk3NzMxYjVlM2M0YWE1NmViN2RiOTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndaoxnxYFt90P6rHQ1jYuqoVi2ep
+VJvXNHp53a4WCzxYEx49TMsjuSSvJ4chG7Vba1jhuYgmD2Pd5QMf3sNZzlSxnK4
mE7FAgpp509xnJ/eGpZjdCvfmNW3XCE1E/Wg3mzlRfTMNDLE1w6r4E2HmQdJ7F1m
qolwh0BIDJ2YVGbTPlnIMEMZIcbj71+TT0LoPUah1zBlfIHAlVqfxdVGBbLSS5Zb
RvvAmkGHk5HsFTJICbXM8t5MHZKoR2IAyFaISQgORtVMdlD4IPYzaLU1zPF5GPk4
WCPEEoj0Jx9AZ8V+iPA93tu0QdubndoOYg5WboyT/mUReJ8j3tCdjhnIaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGTvKaZVxtc2eXcxtePEqlbrfblwMB8GA1UdIwQY
MBaAFFxFzrGLFKc3KCt1rwuhbP/XpquuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUt
YzYxYmY3NzQ5ZGY1LzEvWk84cHBsWEcxelo1ZHpHMTQ4U3FWdXQ5dVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUtYzYxYmY3NzQ5ZGY1
LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUvEMA0G
CSqGSIb3DQEBCwUAA4IBAQAQZPFe6IQ0oTdiasl7bj8Zvq0XEU/UmPa2nI/IIKU2
xCC2wZYanSvhrcPPpfeUIuzMYU0k+BSITxVqZGTwNvjqrGqgrv4ayTDimPujc9cS
NG2/OJpBfDR9vEjRjqvd/KSIc9E/mOzjONJwme+kEQExlU1faZ36sZ+6GGGlyFag
MKhA3JgjFTU0ht+wYC9nmCR3fyO9U2FVNbSDCemrqCVuKnGPg+MjX9LQjW0dyHB8
wVjn1eVRAWX9fNc1V/enTJC3WYrnXcO53VCaa8kyw7bHJbJC+3ZaTlIewaL+FN8I
8M+5bThCdFII4c/FuHKZZ4PpNnxi9ZUmiq9s+y2AUv98
-----END CERTIFICATE-----
Generated at Wed Apr 23 06:50:02 2025 by rpki-client