Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/pzskpcrnoJktrPjhN_GlPyx1wKc.roa
File: pzskpcrnoJktrPjhN_GlPyx1wKc.roa (raw, json)
Hash identifier: 36bh1Z9ENvQPVYedvey/2cagpf7YPIgKf+MHwevAFeI=
Subject key identifier: A7:3B:24:A5:CA:E7:A0:99:2D:AC:F8:E1:37:F1:A5:3F:2C:75:C0:A7
Certificate issuer: /CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Certificate serial: 019427B66332FB31F511951CCF3515EF581A
Authority key identifier: 54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/pzskpcrnoJktrPjhN_GlPyx1wKc.roa
Signing time: Thu 02 Jan 2025 15:50:51 +0000
ROA not before: Thu 02 Jan 2025 15:50:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215224
IP address blocks: 185.101.168.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 13:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:63:32:fb:31:f5:11:95:1c:cf:35:15:ef:58:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fdc7a2f11a5766d3ad7bdf625ce5e119a8fdf
Validity
Not Before: Jan 2 15:50:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a73b24a5cae7a0992dacf8e137f1a53f2c75c0a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:78:da:2b:4c:e5:f5:e8:ca:79:b2:cb:f2:45:
f0:0f:ec:c0:83:e8:97:1e:c6:bf:9f:91:4c:1d:04:
12:98:49:2e:66:b6:a5:0a:13:7d:a5:3f:4e:5f:73:
74:2f:15:41:cc:96:0a:26:61:05:31:e5:f6:e8:18:
c6:fd:42:44:37:ed:03:f4:3c:ef:98:fc:7b:72:d9:
d7:e7:5d:e8:75:d8:fd:70:8a:2b:da:0f:c4:b7:a1:
f7:40:60:28:eb:b6:f2:ee:92:74:e8:ac:af:dc:82:
cd:ba:52:49:ea:dd:3f:90:e0:89:58:0e:65:d1:f0:
4d:b5:09:fa:1e:a2:3e:f6:0f:d7:93:20:b7:a9:b8:
7d:3b:84:ed:b6:7e:84:e2:fd:74:72:25:5a:04:92:
c3:05:25:62:c1:ce:9b:33:bf:2b:22:97:a9:bd:21:
ad:64:d6:0e:62:d9:b0:94:bd:fc:20:8e:0c:5c:bf:
97:ba:e8:0a:05:fc:e7:52:48:0a:1c:c6:52:87:d0:
80:51:3f:e4:f6:78:27:46:5b:d8:95:8b:b0:a5:e2:
e0:04:8d:5d:84:f1:ab:37:78:d1:e1:32:5a:c2:50:
a6:61:ed:4c:bd:18:aa:4b:b7:7b:80:62:cd:99:26:
ca:9f:b8:8a:46:4e:bc:c3:6d:11:67:e6:29:b3:67:
9f:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:3B:24:A5:CA:E7:A0:99:2D:AC:F8:E1:37:F1:A5:3F:2C:75:C0:A7
X509v3 Authority Key Identifier:
keyid:54:1F:DC:7A:2F:11:A5:76:6D:3A:D7:BD:F6:25:CE:5E:11:9A:8F:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_cei8RpXZtOte99iXOXhGaj98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/pzskpcrnoJktrPjhN_GlPyx1wKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8fad67-bb6b-4773-b81e-c900a89f20f1/1/VB_cei8RpXZtOte99iXOXhGaj98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.168.0/23
Signature Algorithm: sha256WithRSAEncryption
00:5d:38:76:8b:3d:b1:ba:85:fc:a1:ae:fc:c0:b8:c9:92:0a:
98:54:45:db:04:55:7c:b3:ff:06:c2:e8:95:5a:d9:43:61:0b:
e0:65:65:af:11:18:a7:2d:78:17:d9:df:00:7e:95:2d:2e:40:
43:8a:20:24:95:12:de:ab:92:c3:5f:88:55:dc:42:c6:dc:e1:
2f:d0:a9:db:7c:36:0a:c0:1c:10:06:7d:e6:aa:74:50:88:a2:
47:ef:cb:cb:31:fa:10:52:77:fc:1d:c7:b1:c0:be:5e:87:59:
6c:f1:94:ff:9a:4c:c6:61:57:43:2f:7f:0e:a4:a5:7d:ba:b3:
3e:8f:54:0a:45:23:b6:28:b5:c8:f5:57:b6:fa:59:72:d3:f7:
42:a2:f7:2c:b5:d9:8d:01:10:e2:46:00:d3:0b:9c:0d:ed:63:
28:e5:32:ea:33:27:c3:fa:4f:0d:61:f2:c8:06:b4:52:66:7b:
f2:4d:12:16:85:1a:da:5b:bd:ee:59:66:59:f1:50:08:5f:26:
17:c6:e7:85:32:45:e0:98:9b:21:4f:aa:5a:6b:34:96:17:95:
b8:ba:23:e7:94:54:94:63:b5:32:20:88:d2:3c:85:a2:69:57:
15:7e:e6:b1:7f:2b:4f:2c:ae:6f:1d:ec:c1:65:c3:9b:b3:ff:
36:d1:d9:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntmMy+zH1EZUczzUV71gaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZkYzdhMmYxMWE1NzY2ZDNhZDdiZGY2MjVjZTVlMTE5
YThmZGYwHhcNMjUwMTAyMTU1MDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzNiMjRhNWNhZTdhMDk5MmRhY2Y4ZTEzN2YxYTUzZjJjNzVjMGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAunjaK0zl9ejKebLL8kXwD+zAg+iX
Hsa/n5FMHQQSmEkuZralChN9pT9OX3N0LxVBzJYKJmEFMeX26BjG/UJEN+0D9Dzv
mPx7ctnX513oddj9cIor2g/Et6H3QGAo67by7pJ06Kyv3ILNulJJ6t0/kOCJWA5l
0fBNtQn6HqI+9g/XkyC3qbh9O4Tttn6E4v10ciVaBJLDBSViwc6bM78rIpepvSGt
ZNYOYtmwlL38II4MXL+XuugKBfznUkgKHMZSh9CAUT/k9ngnRlvYlYuwpeLgBI1d
hPGrN3jR4TJawlCmYe1MvRiqS7d7gGLNmSbKn7iKRk68w20RZ+Yps2efMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKc7JKXK56CZLaz44TfxpT8sdcCnMB8GA1UdIwQY
MBaAFFQf3HovEaV2bTrXvfYlzl4Rmo/fMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUt
YzkwMGE4OWYyMGYxLzEvcHpza3Bjcm5vSmt0clBqaE5fR2xQeXgxd0tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84ZmFkNjctYmI2Yi00NzczLWI4MWUtYzkwMGE4OWYyMGYx
LzEvVkJfY2VpOFJwWFp0T3RlOTlpWE9YaEdhajk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuWWoMA0G
CSqGSIb3DQEBCwUAA4IBAQAAXTh2iz2xuoX8oa78wLjJkgqYVEXbBFV8s/8GwuiV
WtlDYQvgZWWvERinLXgX2d8AfpUtLkBDiiAklRLeq5LDX4hV3ELG3OEv0KnbfDYK
wBwQBn3mqnRQiKJH78vLMfoQUnf8HcexwL5eh1ls8ZT/mkzGYVdDL38OpKV9urM+
j1QKRSO2KLXI9Ve2+lly0/dCovcstdmNARDiRgDTC5wN7WMo5TLqMyfD+k8NYfLI
BrRSZnvyTRIWhRraW73uWWZZ8VAIXyYXxueFMkXgmJshT6paazSWF5W4uiPnlFSU
Y7UyIIjSPIWiaVcVfuaxfytPLK5vHezBZcObs/820dmq
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:33:41 2025 by rpki-client