Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/ztseDqhXYPiWlzPTnquqPJhxfCk.roa
File: ztseDqhXYPiWlzPTnquqPJhxfCk.roa (raw, json)
Hash identifier: Ap277JHAXxuVz8FZPC4ZHPyYPtcVAh6jQSJZc+YseHY=
Subject key identifier: CE:DB:1E:0E:A8:57:60:F8:96:97:33:D3:9E:AB:AA:3C:98:71:7C:29
Certificate issuer: /CN=8a7b85c316586b199d26bfc48fe2598939cb6fde
Certificate serial: 019425FD34784EB657A96B5B7BBB258F6ADE
Authority key identifier: 8A:7B:85:C3:16:58:6B:19:9D:26:BF:C4:8F:E2:59:89:39:CB:6F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/inuFwxZYaxmdJr_Ej-JZiTnLb94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/ztseDqhXYPiWlzPTnquqPJhxfCk.roa
Signing time: Thu 02 Jan 2025 07:48:58 +0000
ROA not before: Thu 02 Jan 2025 07:48:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22612
IP address blocks: 185.61.152.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 15:24:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:34:78:4e:b6:57:a9:6b:5b:7b:bb:25:8f:6a:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a7b85c316586b199d26bfc48fe2598939cb6fde
Validity
Not Before: Jan 2 07:48:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cedb1e0ea85760f8969733d39eabaa3c98717c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:38:e5:27:3d:9a:43:2a:88:1d:4d:d1:21:a6:
82:aa:d5:b1:49:64:2f:70:70:83:be:c2:ba:3b:a3:
a1:e8:29:67:a1:11:a8:84:b5:80:98:1b:b2:ac:2e:
b8:6b:ce:f9:63:23:32:72:62:82:bb:c9:30:9d:58:
aa:67:d6:15:71:d4:fe:49:20:97:cc:46:63:5d:94:
c4:f1:79:c5:e9:59:23:c3:4f:ea:44:19:e1:e4:61:
bc:b9:88:24:00:8c:d2:48:b9:4a:e9:71:41:f0:2f:
e0:7c:a3:01:e4:d7:df:b5:34:d9:8b:96:02:04:f4:
06:d9:67:7e:c1:42:ba:70:df:b4:ca:f2:90:19:27:
bf:99:8c:ec:67:e6:e4:1a:40:e1:22:59:d3:04:4d:
2c:5d:35:c9:c4:fd:01:59:da:b7:07:69:c2:5c:d1:
ea:fc:75:82:e6:b8:47:bb:b8:75:0c:db:aa:fa:51:
d9:c3:1f:72:0b:2a:bb:fe:42:ad:cb:cc:de:a3:23:
f1:fd:50:a7:31:58:55:d4:7a:89:af:db:57:7b:f4:
7e:fb:3d:82:52:e9:fc:dc:45:76:7a:7a:5b:9a:b5:
a7:c8:c5:fc:ad:ca:80:69:f8:be:48:a6:c4:23:dc:
8d:2d:b1:4d:ef:96:60:05:7c:2b:de:1e:f3:fa:b7:
ee:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:DB:1E:0E:A8:57:60:F8:96:97:33:D3:9E:AB:AA:3C:98:71:7C:29
X509v3 Authority Key Identifier:
keyid:8A:7B:85:C3:16:58:6B:19:9D:26:BF:C4:8F:E2:59:89:39:CB:6F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/inuFwxZYaxmdJr_Ej-JZiTnLb94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/ztseDqhXYPiWlzPTnquqPJhxfCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/0db348-8ca8-40de-82cd-29f20dc8eaf4/1/inuFwxZYaxmdJr_Ej-JZiTnLb94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.152.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:92:22:c9:24:04:d3:a0:2d:8f:08:31:14:55:14:f6:b6:3b:
c0:63:a4:a7:6c:61:5a:d4:fe:8a:ab:83:ef:40:cf:e0:17:f1:
52:ab:a9:28:70:6b:65:70:4b:2b:5c:d1:4f:8b:1d:d5:22:c5:
18:fe:02:45:80:c9:40:81:01:14:a1:34:16:6c:77:0b:45:43:
6d:09:e5:db:ca:97:09:32:4c:47:3e:f9:fe:90:68:04:04:05:
8b:b2:f9:a7:50:0b:24:8a:b9:ac:00:ed:86:6a:7d:87:89:5b:
83:01:7c:97:39:d6:b9:fe:38:cb:c8:f8:5a:6b:76:e9:5c:21:
35:69:65:10:85:6c:1e:c8:65:8d:87:07:ae:62:d9:54:ad:6f:
ba:cc:8b:2b:10:2a:68:f6:30:2f:a2:92:05:22:c7:3f:da:bc:
35:7a:38:e3:fb:ad:18:13:15:76:b0:75:78:04:47:55:b8:7e:
4d:0d:cd:56:87:f2:98:1b:22:14:ae:bb:7d:bf:65:c6:10:77:
34:6c:44:75:08:67:d9:d0:c3:50:29:0e:da:73:b5:20:f6:97:
aa:b6:bd:bf:71:db:78:38:74:b9:90:7b:39:ef:af:f4:73:19:
7d:f1:49:01:71:d6:e6:ad:7d:01:29:60:3e:1a:44:db:14:ed:
72:9a:17:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQl/TR4TrZXqWtbe7slj2reMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhN2I4NWMzMTY1ODZiMTk5ZDI2YmZjNDhmZTI1OTg5Mzlj
YjZmZGUwHhcNMjUwMTAyMDc0ODU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWRiMWUwZWE4NTc2MGY4OTY5NzMzZDM5ZWFiYWEzYzk4NzE3YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTjlJz2aQyqIHU3RIaaCqtWxSWQv
cHCDvsK6O6Oh6ClnoRGohLWAmBuyrC64a875YyMycmKCu8kwnViqZ9YVcdT+SSCX
zEZjXZTE8XnF6Vkjw0/qRBnh5GG8uYgkAIzSSLlK6XFB8C/gfKMB5NfftTTZi5YC
BPQG2Wd+wUK6cN+0yvKQGSe/mYzsZ+bkGkDhIlnTBE0sXTXJxP0BWdq3B2nCXNHq
/HWC5rhHu7h1DNuq+lHZwx9yCyq7/kKty8zeoyPx/VCnMVhV1HqJr9tXe/R++z2C
Uun83EV2enpbmrWnyMX8rcqAafi+SKbEI9yNLbFN75ZgBXwr3h7z+rfu9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM7bHg6oV2D4lpcz056rqjyYcXwpMB8GA1UdIwQY
MBaAFIp7hcMWWGsZnSa/xI/iWYk5y2/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW51Rnd4WllheG1kSnJfRWotSlppVG5MYjk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny8wZGIzNDgtOGNhOC00MGRlLTgyY2Qt
MjlmMjBkYzhlYWY0LzEvenRzZURxaFhZUGlXbHpQVG5xdXFQSmh4ZkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny8wZGIzNDgtOGNhOC00MGRlLTgyY2QtMjlmMjBkYzhlYWY0
LzEvaW51Rnd4WllheG1kSnJfRWotSlppVG5MYjk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuT2YMA0G
CSqGSIb3DQEBCwUAA4IBAQBrkiLJJATToC2PCDEUVRT2tjvAY6SnbGFa1P6Kq4Pv
QM/gF/FSq6kocGtlcEsrXNFPix3VIsUY/gJFgMlAgQEUoTQWbHcLRUNtCeXbypcJ
MkxHPvn+kGgEBAWLsvmnUAskirmsAO2Gan2HiVuDAXyXOda5/jjLyPhaa3bpXCE1
aWUQhWweyGWNhweuYtlUrW+6zIsrECpo9jAvopIFIsc/2rw1ejjj+60YExV2sHV4
BEdVuH5NDc1Wh/KYGyIUrrt9v2XGEHc0bER1CGfZ0MNQKQ7ac7Ug9peqtr2/cdt4
OHS5kHs576/0cxl98UkBcdbmrX0BKWA+GkTbFO1ymhcp
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:40:20 2025 by rpki-client